Army CIO adjusts 500-day plan goals
Lt. Gen. Jeffrey Sorenson, the Army's chief information officer, is pushing to sharpen and shift the focus of the Army’s information technology operations. The new emphasis is on building the Army’s enterprisewide information technology capabilities as quickly as possible, he said at the LandWarNet 2008 conference in Fort Lauderdale, Fla., in August.
Although the 500-day plan he inherited from his predecessor, Lt. Gen. Steven Boutelle, remains a foundation for the Army’s IT strategy, Sorenson is channeling energy and increasingly limited resources into:
- Building the Army’s Network Service Centers.
- Putting a new emphasis on cyber operations and preparing for cyber warfare.
- Enhancing knowledge management under the direction of a new data chief.
- Completing elements of the Army’s program objective memo for 2010 to 2015.
“Things like information assurance are still very important, but we’ll never get to the most important [issues] on time if we only adhere to the 500- day plan,” Sorenson said.
In particular, he noted the importance of concentrating on cyber operations and the strategies surrounding cyber warfare, which are more implicit than explicit in the 500-day plan.
“This is not a football game, with an offense and a defense” with distinct strategies, he said. “It’s more like a soccer game — and not with one ball but a dozen balls.”
Air Force delays Cyber Command
The future of the Air Force Cyber Command is uncertain as senior executives reconsider how it fits with other Air Force programs.
Rumors that the Air Force had canceled the new command, which was expected to become official Oct. 1, surfaced in August following leaks of an internal memo that ordered a stop to everything involved with the command until a decision could be made about its size and scope.
However, the command insists the delay is temporary. The Air Force secretary and the chief of staff are delaying plans “to allow ample time for a comprehensive assessment” of command requirements and synchronize its mission with other Air Force initiatives, the command said in a statement.
The Air Force Cyber Command would be the military’s first distributed command, according to current plans, with nine locations. By October 2009, the command was expected to have about 12,000 personnel and serve as the principal supplier of cyber warriors to other commands.
Army's cyber security faces backlog of attack forensics tasks
As the number of potential threats to Defense Department networks continues to escalate, the Army faces a major challenge in conducting forensic and attribution analysis to respond appropriately, Col. Barry Hensley, director of the Army Global Network Operations and Security Center said at the LandWarNet 2008 conference.
“How do you know if it’s a nation that’s doing the attacking?” Hensley asked. “Before you run after some nation, you really need to know where the cyberattack is coming from.”
Another key factor is deciphering the nature of attacks and the growing demand for forensics work.
“People don’t realize the forensics handling process involved with identifying malicious code,” Hensley said, noting the effort can take weeks or months. “In many cases, we have to mail a hard drive to a central facility to begin the forensics process.”
Hensley noted that the Russian military invasion of Georgia in August coincided with an attack on the country’s government Web sites, marking the first time an attack in cyberspace occurred concurrently with physical attacks. That suggests how important it is for U.S. military cyber specialists to be able to quickly identify and respond to such incidents.