CYBERCOM lead touts partnership with DHS


The nation's current cyber strategy is not stovepiped, it's integrated and it's effective, said Gen. Keith Alexander, commander of U.S. Cyber Command and director of the National Security Agency, March 27 before the Senate Armed Services Committee.

Even though most of the major threats are coming from outside the United States, specifically from China, DoD should not lead cybersecurity efforts overall, said Alexander. Sen. John McCain (R-Ariz.), who advocates for a stronger role for DoD in the nation's cyber strategy, dismissed DHS's ability to be an effective cybersecurity partner to DoD.

"Anyone who has been through an airport--as I do regularly as most of us do--has no confidence in the technological capabilities of the Department of Homeland Security," said McCain.

But Alexander did not share his sentiment, saying: "I believe we want DHS working with the rest of government, we do not want to take the people that I have and push them over there."

He later added that DoD is providing DHS with some capabilities and technological expertise. "DHS has been good to work with, they are growing their capabilities, it will take time," he said.

Alexander said DHS should continue to take the lead on setting standards that enable government and critical infrastructure to build more secure networks, and DoD should remain responsible for protecting the nation when it's under attack. Today, the bulk of DoD's CYBERCOM staff is focused on defending DoD networks, and a smaller segment is developing offensive capabilities.

"I think the president and secretary need options that could take it to the next step. These are not options that we would take but these are options that we would propose to the administration," said Alexander.

"If acts exceed certain limits, I think it is our responsibility, jointly with the cocoms, to say 'these are the options you can now take to stop these acts.' And depending on the severity of the act, [we would] propose what's to be done...Those include cyber and other options that are available," said Alexander.

It will take some time for the nation to gain offensive strength in the cyber realm, however. Alexander said CYBERCOM is currently focused on moving to a "prevention role," rather than its current "forensics role." Being able to see the cyber attacks early, not after the fact, is important for changing DoD's posture. Alexander said DoD needs information from industry, in order to do this.

"Industry partners see signatures that government doesn't see and government sees signatures or malicious software--exploitations and attacks into the country that industry doesn't see...[With legislation] we need to make the first step. We need to start that journey. We won't get it perfect but we need that ability for industry to share with us that these attacks and exploits are going on, or we cannot stop them, we cannot help."

For more:
- go to the hearing page (prepared testimony and archived webcast available)

Related Articles:
Alexander: DoD needed to respond to cyber attacks
CYBERCOM, geographic combatant command roles unclear, finds GAO
Schmidle: Cyber ops might require new combatant command structure