Page 32 - index
P. 32
A Weather Service-type Capability For Cybersecurity Is Essential
To National And Economic Security
By Robert B. Dix, Jr.
The challenge and risk presented by cybersecurity today demands that we move beyond politics
and rhetoric and establish a fully functioning national cyber protection and resilience operational
capability through information sharing, analysis, and collaboration. The U.S. has been talking
about this for far too long and has spent a great deal of taxpayer dollars on failed efforts that
even government leadership have determined to be ineffective. The most important
requirement necessary to move the needle in a positive direction is leadership, and a true
willingness to pursue a meaningful and effective partnership model between government and
industry.
The U.S. needs to move forward immediately with the establishment of a cyber operational
capability that not only receives information from stakeholders, but also includes the ability to
conduct meaningful analysis to identify abnormal, anomalous, or even malicious cyber behavior.
The results of the analysis can then prompt timely, reliable, and actionable alerts and warnings,
and even recommended protective measures to improve detection, prevention, mitigation, and
response to cyber events that may become incidents of national or even global consequence.
Without a capability that delivers timely and actionable cyber situational awareness, we will
continue to be caught in response and recovery mode after something bad has happened.
Meanwhile, the adversaries continue to invest time, energy, and resources to becoming even
more proficient at their craft. We can – and must – be better.
Take for example, the capability that has been developed at the National Weather Service or
even the Centers for Disease Control. In both cases, those operational entities are able to
receive and analyze streams of information to identify patterns and trends of concern, and issue
early warnings. We have evolved to being able to improve detection, prevention, and mitigation
of severe weather events such as hurricanes, snow storms, and more.
We have developed a similar capability regarding disease and other health concerns. In both of
these cases, the ability to provide early warning is often the key to saving lives and preventing
injury.
If we are able to create and evolve that type of capability in the area of weather or disease, then
certainly we should be able to achieve a similar result in the cyber domain. In fact, much work
has been done to demonstrate how to deliver such a capability.
However, the Department of Homeland Security (DHS) chose an architecture for the National
Cybersecurity & Communications Integration Center (NCCIC) that is not a joint effort with the
private sector critical infrastructure owners and operators, is not integrated, is not cross sector,
cannot scale to a broad range of stakeholders, does not include a meaningful analytic capability,
32 Cyber Warnings E-Magazine – March 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
