The US Department of Defense (DoD) announced on Thursday it’s first-ever cybersecurity plan declaring the Internet a domain of war, delivering on a promise it made earlier this year to deal with information technology threats and vulnerabilities.
Speaking at National Defense University, Deputy Secretary of Defense William J. Lynn, III announced the DoD’s Strategy for Operating in Cyberspace (DSOC) (pdf), noting the cyber environment is “dynamic” and as such, the government must have a strategy which is “dynamic as well.”
The deputy secretary also said the window of opportunity to protect cyber networks from perilous threats is “of uncertain length” and in order to prevent war, Dod’s first goal, the department must prepare for it, even
while acknowledging and protecting the basic freedoms of our citizens.
Lynn further acknowledged it is no surprise the US is prepared to defend itself, to do otherwise would be “irresponsible, and a failure” of DoD. He reiterated this belief when statingAccordingly, the United States reserves the right, under the laws of armed conflict, to respond to serious cyber attacks with a proportional and justified military response at the time and place of our choosing.
In his speech, the deputy secretary said DoD’s primary concern regarding criminal activities in cyberspace are those which threaten the mission of protecting the US. He added the government was unaware of how the cyber world will play into that mission but because of our military’s dependence on IT, there is a virtual guarantee future adversaries will target such dependence and cyber attacks will play a “significant” role in future conflicts, whether it involve “major nations, rogue states, or terrorist groups.”
In a news release, Secretary of Defense Leon Panetta said: “It is critical to strengthen our cyber capabilities to address the cyber threats we’re facing. I view this as an area in which we’re going to confront increasing threats in the future and think we have to be better prepared to deal with the growing cyber challenges that will face the nation.”
DSOC lists five strategic initiatives. Among them, treating cyberspace as operational domain to take full advantage of the potential it offers. Second, begin the employment of new defense operating concepts which will protect government systems and networks.
DoD will also team up with other US governmental agencies and departments, asa well as the private sector to allow a “whole-of-government” cybersecurity plan. The new DSOC will also build powerful partnerships with US allies on the international front to collectiveluy strengthen their cybersecurity.
The last initiative calls for leveraging US ingenuity with an “exceptional cyber workforce” as well as through rapid technological innovation. DSOC notes the Internet has grown from 360 million users globally in 2000 to more than 2 billion people in 2010 and is now woven into the fabric of daily life.
In conclusion, DSOC notes DoD
will capitalize on the opportunities afforded to the Department by cyberspace; defend DoD networks and systems against intrusions and malicious activity; support efforts to strengthen cybersecurity for interagency, international, and critical industry partners; and develop robust cyberspace capabilities and partnerships.