The Road to Cyber Power

Transcription

1 0 Presentation to the Norman Forde Hampton Roads Chapter of the Association of Former Intelligence Officers The Road to Cyber Power Cyber Age, Cyberspace, Cyberpower, Cybersecurity, Commercial/Goverment Action Christopher Newport University October 28, 2009

2 1 Agenda Understanding the Cyber Age Cyberspace Opportunities and Threats Cyberpower Social, Economic, Security Cyber Security Pillars Commercial/Government Action

3 2 Over the last 250 years, waves of creative destruction emerge around the convergence of new technologies and organizational innovations Textiles, Canals and Machinery Steam, Coal, Iron and Rail Steel, Chemicals and Electricity Oil, Auto and Electronics Info and Com. Technology Age of Nano-Bio Tech and Robotics Agricultural Revolution ( ) % of GDP 1771 Canal Mania Railway Mania The Gilded Age Roaring 20s Internet Craze Nano Nonsense FIRST WAVE SECOND WAVE THIRD WAVE FOURTH WAVE FIFTH WAVE SIXTH WAVE ? 58 years 44 years 45 years 53 years 49 years 50 years Adapted from The Economist, Carlota Perez These waves create new industries, transform the underlying social and political-military systems, and create new sources and centers of power

4 3 Agenda Understanding the Cyber Age Cyberspace Opportunities and Threats Cyberpower Social, Economic, Security Cyber Security Pillars Commercial/Government Action

5 4 The number of users and methods used to access cyberspace have grown exponentially in size, scope and complexity Exponential Growth New Technologies Global Adoption Growth in the developed world exploded over the last 20 years and will accelerate as a result of new technologies and reduced prices fueling the adoption of ICT in the developing countries Internet Users in China < 1 million 1.6 billion Internet Users 11 million 3 billion Cell Phones $100 laptops Miniaturized Smart Devices 111m 660m Petabytes 1600 Exobytes Digital Data 300, million Ubiquitous Wireless Networks Internet Hosts IP v6 Internet Users in India 21m 400m By 2020, there will be almost 3 billion internet users, driving massive new investments in infrastructure, technology, and new security architectures

6 ICT has transformed business models and warfighting, improving productivity and driving economic growth Massive Investment Mission Enablement Growing Vulnerabilities Industry and government invest $4t in ICT goods and services every year These investments have transformed business models and military operations while exposing substantial vulnerabilities and risks Computers $400b Finance: $3.2t per day in foreign exchange Hackers steal 40 million credit card numbers Software Servers Network Equipment $360b $60b $100b Health: Electronic Health Records Energy: 300k kilometers of lines carrying 3.8 b kilowatts per year E-Commerce: $200b in on-line sales Air Transportation: 741 million passengers per year Hackers steal 8.3 million Health Records Electricity grid in U.S. penetrated by spies Hackers break into FAA Air Traffic Control Systems Semiconductors $260b Defense: Network-Centric Operations However, greater dependence on ICT creates new vulnerabilities and risks for individuals, industry and government 5

7 6 Agenda Understanding the Cyber Age Cyberspace Opportunities and Threats Cyberpower Social, Economic, Security Cyber Security Pillars Commercial/Government Action

8 7 Both the current and former administrations understood the importance of cyber to the nation, as evidenced by robust policy and budget actions Enable the Economy Empower Society Enhance Security Digital Health Goal: Interoperable Electronic Medical Records Funding: $20-50b (5 years) Agencies: HHS, DoD, and DVA Intelligent Transportation Systems Goal: Smart Highways and Air Traffic Systems (NGATS) Funding: $20-30b (20 years) Agencies: DOT, NASA, DoD Rural Broadband Goal: Expand Broadband Infrastructure Funding: $7.2b Agencies: Commerce/NTIA and Agriculture/Rural Utilities Service Digital Education Goal: Improve Education through better Performance Data Funding:??? Agencies: Dept. of Education, State and Local, Private Mission Enablement Goal: Network-Centric Operations Funding: $20-30b Agencies: DISA, Services, UCC Network Defense Goal: Protect.mil and.gov networks Funding: $20-30b Agencies: DISA, DHS, Services, UCC (Cyber Command) Smart Energy Grid Goal: Improve efficiency through better data Funding: $10b (? Years) Agencies: Dept. of Energy, NERC, Utility Companies Digital Government Goal: Improve Transparency and Accountability Funding: $??b (? Years) Agencies: EOP, OMB, Agencies Network Exploitation Goal: Improve Intelligence Collection Funding: $??b Agencies: Intelligence Community, DoD CNCI Financial Reform Goal: Improve Transparency of Financial Markets and Protect Networks Funding:??? Agencies: Treasury, SEC,CFTC, Federal Reserve Digital Television Goal: Maximize Spectrum Improve TV Services Funding:??? Agencies: FCC, Commerce Network Attack Goal: Create new Military Capabilities Funding: $??b Agencies: Intelligence Community, UCC

9 8 Despite the convergence of interests, an inherent tension exists between all three in regards to the means of securing cyberspace Access and Inclusion Innovation and Growth Security and Safety Understanding and addressing these key tension is key to realizing the full benefits of cyber while managing the risks

10 9 Agenda Understanding the Cyber Age Cyberspace Opportunities and Threats Cyberpower Social, Economic, Security Cyber Security Pillars Commercial/Government Action

11 10 Cybersecurity needs a multidisciplinary approach addressing all levels international, domestic, and organizational - and all sectors civil society, business and government POLICY & GOVERNANCE (legal, regulatory, policy, strategy, authorities) LEADERSHIP & CULTURE (communication, incentives, human capital, training) International PLANNING & OPERATIONS (planning, info. sharing/collab., operations, lessons learned) TECHNOLOGY & STANDARDS (R&D, architecture, standards, solutions) MANAGEMENT & BUDGETING (planning, programming, budgeting, performance) National Organizational/Agency

12 11 Agenda Understanding the Cyber Age Cyberspace Opportunities and Threats Cyberpower Social, Economic, Security Cyber Security Pillars Commercial/Government Action

13 12 Strategy: Cyber University will contain all the learning assets for staff who want to develop their cyber knowledge, skills, and abilities Cyber University is a tool to help develop staff, quickly and cost effectively, who are able to perform high-quality work for Booz Allen cyber clients Cyber University contains lists of all cyber related courses, cyber certifications (including preferred vendors), and universities with top cyber programs Learning roadmaps will be designed for key cyber roles so staff will have a clear path to follow to develop cyber skills Cyber University will track cyber certifications and will allow staff to show skill proficiency to quickly move through the roadmap

14 13 Navy: Is aligning commands, functions and people in an unprecedented manner to meet the mission requirements of Cyber, IO, Intel, Space, and NetOPS IOC after 1 Oct 09 Strategy in progress-governance for program, operations and people is a priority Over 3,000 people involved just at IOC Information Dominance Corps in design No major location migrations besides growth at TENTH Fleet build out at Ft Meade anticipated Navy Staff model will be function focused to break platform centric thinking/programming NAVCENT NAVEUR New Navy Cyber Forces l AIRFOR SUBFOR FLTCOM s NAVAF NAVSOUTH PACFLT NSW USFF TYCOM Embedded SME Support Man, Train, & Equip SURFOR M,T&E CNO NAVSOC N2/N6 DCNO Information Dominance DIRLAUTH NAVY Network Warfare Command OPCON New ADCON Fleet Operational Missions STRATCOM USCYBERCOM OPCON OPCON OPCON OPCON NCTAMS New NCDOC FLTCYBERCOM/ US TENTH FLT NIOCs/CTFs OPERATIONS NSA SCE NIOC SUITLAND (RDT&E) SPAWAR supporting Navy undertaking most wide reaching/and boldest alignment The Navy has taken the additional significant step to integrate the N2 (intelligence) and N6 (communications) staffs on the Navy Staff

15 14 USCYBERCOM Organization DISA Field Office (DFO) Director s s liaison to USCYBERCOM Forward-based at Fort Meade Target: 50% manning NLT 1 Oct 2009 DISA Support Element (DSE) Liaison between Joint Operations Center (JOC) and DISA Operations Shared Situational Awareness Embedded in JOC (24 x 7)

16 15 QUESTIONS? Shift Happens Video