Army Cyber Command tackles network security challenge
Lt. Gen. Rhett Hernandez on defending-the-network exercises at NIE and developing an offensive Red Team cyber infiltration unit.
Lt. Gen. Rhett Hernandez is the commanding general of the Army Cyber Command and the Second Army at Fort Belvoir, Va. He took command just over a year ago, and the commanding general position was elevated to three-star level in March 2011.
Hernandez spoke with Defense Systems Editor-in-Chief Barry Rosenberg about defending-the-network exercises at this fall’s Network Integration Evaluation (NIE) 12.1 at Ft. Bliss, Texas, and White Sands Missile Range, N.M., and developing an offensive red team for cyber.
DS: Sometimes I find myself thinking that cyber defense is mainly about defending networks at the Pentagon and the combatant commands, as well as at defense contractors, but as you’ve been telling me it’s also about smart phones, Joint Tactical Radio Sytstem (JTRS) radios and mission command-on-the-move systems. How are you testing those elements all together on a network at NIE 12.1?
Hernandez: It’s all cyber, and it is more than those things because everything is on the network. So we have a team that’s out there at the NIE that’s assessing everything that’s getting put on the network to ensure that they bring no vulnerabilities to the network, or if they bring vulnerabilities, the risk can be mitigated or it is acceptable risk. That’s an exciting capability because now you have industry partners who can meet our requirements, bring something out there [to the NIE], we put in the hands of the soldiers, then put it on a network. Then we look at it to make sure that in the cyber domain we can not only allow this to be on the network, but that it also brings the capability that that would help commanders in the field.
So I think that allows us to do a lot of things at the brigade combat team level that too often we think only about at the global or theater or core level. And now we are really talking about what to take to operate, defend your networks at a Brigade Combat Team level in a way that the threat is going to require.
DS: What have you learned really so far in the first two spring and fall NIEs about how the network is doing, and how soldiers are working within the network and protecting it?
Hernandez: We are learning with each one. The last go-around we got a great [set of recommendations]. I am visualizing about a three-inch manual of recommendations across the entire DOTMLPF [doctrine, organization, training, materiel, leadership and education, personnel and facilities] range that talked about changes to doctrine, as well as organizational changes that might help you. I think one of the key pieces is that we’ve got to work harder on a couple of things.
One is to make this word “common” really become common. So when we talk about common controller or common operating picture — and I think you probably saw it out there at the NIE yourself — everybody has one, and they are not necessarily integrated. That’s both ineffective and inefficient.
The other thing is that we have got to work faster to bring mobility to the battlefield. It brings tremendous capabilities, and our soldiers and commanders are going to demand it. We’ve got to work our way through how it is that we bring that capability to soldiers and commanders at the tactical edge sooner. And by that, we are talking about smart phones, mobile devices, the power of applications and the power of that in the hands of soldiers.
Some say that mobility will trump security. I say that we’ve got to figure out how it is that we get the right balance because we’re going to need mobility with security, but it is all in terms of operational impact and risk, and what risk you are willing to accept in a network over time.
DS: You’re establishing a Red Team cyber infiltration unit to train your forces in cyber. Tell me about that.
Hernandez: One thing that I think is extremely exciting for the future about how it is that we support deploying units, and also how we support training for home station and combat training, is that we have stood up a world class cyber opposing forces.
The purpose of that organization is to be able to think, act and replicate threats that we might need to encounter, and in a mission type way where their mission is to figure out how to get in that guy’s friendly network. And the friendly network’s mission is: we are operating and we’ve got to maintain the ability to operate, so we’ve got to keep them out.
So our cyber opposing force is intended for two things, and that’s training and leader development. Training of organizations to help us identify weaknesses and ensuring we can defend. [And then there’s] also leader development so leaders understand the risks that their network might have and what actions they might need to take to mitigate those risks.
DS: And this cyber Red Team is at Ft. Belvoir, Va.?
Hernandez: Yes, we are creating them from our 1st Information Operations Command [Land], which is the element there that has been responsible for computer network defense. They will operate from Fort Belvoir, but we are still working our way through what elements they need to put where to support home station training and maneuver center training. And a key piece of that is some of the work we are already doing at Fort Bliss with the NIE.
DS: Training seems to be a key element of Army Cyber.
Hernandez: I think probably most significant, though, is what you are probably already familiar with. In concert with what the CIO-G6 has the army moving towards, NETCOM is really working our LandWarNet in a way that enables commanders to operate on their network while they are at home station. So we really brought the network to them, they are connected to portions of the Afghan mission network, for example, at 40 different CONUS sites now. It allows them to train at home station. It allows them to train the way they are going to fight and we get great feedback from deploying commanders that are really every day lashed into the operation that’s going on, and understand what the networks look like, and the soldiers who are going to have to operate off of those networks. The training and leader development piece [is one way] that we support the warfighter.