The more they overthink the plumbing, the easier it is to stop up the drain. — Commander Montgomery Scott, on sabotaging the much-ballyhooed, transwarp-capable USS Excelsior.
Scotty crippled the newer Starfleet vessel so that the renegade Admiral James Kirk and his small band of loyal companions can steal the USS Enterprise out of spacedock. (They had to go search for Spock, if you recall.) His words played to the particular plot point in Star Trek III: The Search for Spock (1984), but they’re true of today’s IT world as well.
Technology is advancing fast, networks are bigger and more complex, objects ranging from household assistants (like Amazon Echo or Google Home) to sophisticated weapons systems are now part of the network, and more is coming every day. Meanwhile, the bad guys are moving just as fast if not faster seeking ways to break into systems to steal sensitive data, or just to cause disruption.
So, it’s noteworthy that with the stroke of a pen earlier this month, President Trump made U.S. Cyber Command a unified combatant command, taking it out from under U.S. Strategic Command.
The elevation of CYBERCOM fulfills a directive contained in the Fiscal Year 2017 National Defense Authorization Act, passed last November.
CYBERCOM had been a subordinate organization to U.S. Strategic Command since CYBERCOM was created in 2009. Raising its status “will strengthen our cyberspace operations and create more opportunities to improve our Nation’s defense,” Trump said in a statement released August 18.
The action is just another sign that the federal government is seriously committed to combating the cyber threat, which has recently been metastasizing into something more ominous than ever before. (Download the Cisco Midyear Cybersecurity Report for a detailed analysis.)
As the report details, attackers have gained the ability to lock systems and destroy data as part of their attacks. This might make the federal government an even more attractive target to some threat actors. These new abilities pose an immediate threat to the government’s sensitive and classified data, and necessary IT operations required to deliver on their missions.
Malicious actors are taking advantage of the ever-expanding attack surface that comes with the proliferation of handheld devices, the Internet of Things and other emerging platforms. The breadth and depth of recent ransomware attacks alone demonstrate how adept adversaries are at exploiting security gaps and vulnerabilities across devices and networks for maximum impact.
Like other organizations, federal and agencies experience lack of visibility into dynamic IT environments, “shadow IT” that complicates cyber defense strategies and a constant barrage of security alerts, all of which make the IT security environment more complex.
The creation of CYBERCOM eight years ago demonstrated that the government saw the potential of cyberattacks as a national security threat; the elevation shows that the perceived risk is even greater now — a correct perception, to be sure.
CYBERCOM Commander Adm. Mike Rogers said the key advantage of elevating the command is speed. “I believe that elevation plugs us more directly into the primary decision-making processes within the department, which is really optimized for combatant commanders. It also makes us faster because now I’ve got one less layer I have to work through,” he said, as quoted in C4ISRNET.
Still unresolved is a push to separate CYBERCOM from the National Security Agency, which Rogers also commands. You can read a good analysis of the pros, cons and complications of such a split at Lawfare.com.
Ultimately, whether CYBERCOM splits from NSA or not, its elevation to a full command marks a new and heightened awareness of the risks of cyber exploits, which will surely be a strong step forward.