Shows & Panels
- AFCEA Answers
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Connected Government
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Cyber Imperative
- Cyber Solutions for 2013 and Beyond
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Mission-critical Apps in the Cloud
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- The Real Deal on Digital Government
- The Reality of Continuous Monitoring... Is Your Agency Secure?
- Veterans in Private Sector: Making the Transition
Shows & Panels
Navy activates real-time view of networks
Tuesday - 12/14/2010, 8:07pm EST
Federal News Radio
Starting this week, the Navy will begin using a new 24-hour operations center at its fledgling Fleet Cyber Command -- and begin to fix a problem that its commander said is one of the military's biggest deficiencies in the area of cybersecurity.
None of the armed services currently have adequate real-time situational awareness into their own IT networks, Vice Admiral Barry McCullough, the Navy cyber command's top officer said Tuesday during a breakfast sponsored by Government Executive in Washington.
"I looked at networks, because how the Navy executes command and control is across a network," he said. "This is our most fragile piece of everything I was given."
To help reinforce the Navy's visibility into its networks, McCullough's command will begin standing up a command center lined with monitors displaying real-time data about the health of the service's information pipelines around the globe.
"It's built around the way the Navy does command and control at the operational level of war," McCullough told Federal News Radio in an interview. "So it has various displays and information feeds that our operators can view in real time and make decisions to better operate the network. Right now my maritime operations center is in a six-by-six room. It houses two watchstanders. We call it 'MOC in a box.' So we're moving from 'MOC in a box' to a real maritime operations center."
McCullough said he expects the new center to be 60 percent operational this week, and 85 percent operational by March. But he said that as a practical matter it will never reach 100 percent because the tools and techniques that the Navy will use to develop and improve situational awareness will continue to evolve.
Each of the armed services still is in the very early stages of developing their respective cyber command as components of the Defense Department's U.S. Cyber Command.
The Navy and the Air Force are the furthest along, and they only declared full operational capability in October. But McCullough said creating network visibility and establishing how the various pieces of the cyber command puzzle will work together is a top priority.
"This is something we've got to continue to press, because when this war goes hot we're not going to have two or three months to sort this out," he said. "The bad guys are inside the wire, and the dot-mil networks suffer about 250,000 attack attempts a day."
McCullough said the Navy's deficiencies in network situational awareness are a contrast to most of its other cyber capabilities. He said the EA-18 Growler jet--the Navy's carrier-based electronic warfare aircraft--has proven to be the military's premier offensive platform for cyber warfare. He said the service also has succeeded in developing its surface ship electronic warfare and information operations capabilities.
Along with moving to real-time situational awareness, McCullough said staffing also is a major challenge for the cyber command. McCullough said the command is roughly 1,600 people short to perform the missions that have been delegated to him by U.S. Cyber Command. He added that there is no extra money to fill those positions.
"If you bought those people, that's almost $600 million," he said. "We don't have $600 million, so we've got to find those resources from within. It's a zero-sum game."
Most of those positions need to be filled by uniform or civilian employees who are highly trained in cyber security, and the Navy's competitors for that talent will include not only civilian agencies, but private firms that can offer more attractive pay. Additionally, McCullough said the need to have a cadre of highly-trained cybersecurity specialists is at odds with a Navy culture that demands sea time from each of its service members.
"We started to have this discussion about how much training investment and thus money you put into a young man or woman to qualify them to do what we need them to do," he said. "We usually leave them there for three or four years and then we were sending them to sea. And you have to maintain proficiency in this business or you go back to zero and have to start all the training all over again. If the Navy really wants to operate in this warfare domain, we've got to change the career path to keep the proficiency of the operators."
In the short term, McCullough said he is exploring other possibilities to fill those positions - possibly including direct civilian hires at the GS-15 level or uniformed members of the reserves. He said he and other senior officials have been working on that for the past 10 months and that they are "close to a solution."
(Copyright 2010 by FederalNewsRadio.com. All Rights Reserved.)