DOD database would sift all network traffic for signs of attack
Participation would be voluntary, but will provide a clearer view of cyber threats, DOD official says
In its ongoing effort to keep and hold the high ground in cyberspace, the Defense Department is considering developing a database to monitor government and private-sector network traffic. According to U.S. Cyber Command officials, participating in the database is voluntary, but the collected information will provide the government with a better view of cyber threats.
Speaking last week at a seminar on cybersecurity regulation hosted by the Potomac Institute, Marine Lt. Gen. Robert E. Schmidle Jr., deputy commander of Cyber Command, said that the shared database will provide the DOD with a common operational picture. The database will collect information from all of the services’ networks, the Homeland Security Department and other federal agencies.
But putting all of these various data feeds into a single coherent database “will be an ugly challenge,” Schmidle said. Cooperating organizations who contribute data will have access to the database. This shared approach is important because it allows the government to respond in a unified fashion during an incident, he said.
The attack that awakened the Pentagon
New threats compel DOD to rethink cyber strategy
However, Schmidle said that he did not expect the database to be set up immediately, as there are potential policy and privacy issues to be ironed out first.
Those issues include concerns about how deeply the DOD should be involved in commercial and civilian government networks. Nextgov reported that legislators and federal officials continue to debate the best strategy to defend government networks and critical infrastructure while maintaining individual and corporate privacy.
Schmidle contended that his organization only overlooks and defends sites in the .mil domain and only conducts operations on the Internet when ordered to by civilian officials. But he noted that defensive cyberspace operations cannot be effective without offensive operations on other networks.
Defense and industry experts have recently noted that while the DOD has established cyberspace commands and missions, what is still lacking is an overarching strategy to coordinate activities and responses to attacks at the national level.