Channeling the ‘offensive mind-set’ in cybersecurity

By John Grady Nextgov November 28, 2012

To protect critical networks and national security, the House and Senate are weighing cyber defense legislation and the Obama administration is considering regulations requiring information sharing between government agencies and private businesses. But who should be in charge — even inside the Pentagon — remains a big question in all this dithering.

The answer depends on how you look at cybersecurity: in terms of offense or defense, military or law enforcement. Also, how do you look at cyber strategically, tactically and operationally in the Pentagon, at the Homeland Security Department, FBI, Federal Reserve, and in the civilian realm at places like JP Morgan Chase, Dominion Power and Washington Gas?

“You have to have an offensive mind-set to better focus on defense,” retired Marine Corps Gen. James Cartwright said during a recent appearance at the U.S. Naval Institute. “DoD is in the business of offense. [Yet] we’re still trying to protect everyone’s computer.”

Cartwright said when he was vice commander at U.S. Strategic Command in 2004, the emphasis was on cyber, electromagnetic pulse and directed energy weapons rather than creating a unified cyber command, which was established in 2010. The thinking was clear enough. These weapons expanded the tools available to the president if diplomacy failed.


______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More!