DOD officials push back on civil cyber support

DOD officials push back on civil cyber support critiques

Pentagon officials pushed back Friday against criticisms levied against the Defense Department for the lack of clarity in its chain of command for domestic cyberattacks.  “We know how to do it; we’re making sure that in the event that it happens we’re ready to execute,” Deputy Commander of Cyber Command Lt. Gen. James “Kevin” McLaughlin said.

In April the Government Accountability Office reported that DOD had not defined how it will support civilian authorities in the event of cyberattacks, identified roles or responsibilities that could be called upon during an incident or identified the role of the dual-status commander who has authority over both federal military and National Guard forces. 

Senior staff from the  Northern Command and the Cyber Command recently met in Colorado Springs “where we were actually putting meat on the bones” of a cybersecurity support framework, McLaughlin said at the April 22 AFCEA Defensive Cyber Operations Symposium.  “We know how to do that as a department in the defense support to civil authorities framework.  What’s being added to that is the cyber element.” He added that Cyber Command will be working in lockstep with civilian agencies such as Department of Homeland Security during emergencies.     

McLaughlin also highlighted exercises the Cyber Command has orchestrated to plan for distinct cyber problems.  Cyber Guard, the annual exercise aimed at building a whole-of-nation approach to defending networks, protecting infrastructure and sharing information, is one example of  “a broad interagency exercise that’s usually the non-DOD scenario,” he said. 

Any cybersecurity support coming from the Northern Command would have to be coordinated with DHS or the Federal Emergency Management Agency and the states that are affected, Rear Adm. Dwight Shepherd, director of cyberspace operations at Northern Command and North American Aerospace Defense Command (NORAD), said during the same panel.  

However, Shepherd said, the Northern Command may not be best positioned to as the cyber component in national incidents.  “I can tell you from a NORAD/NORTHCOM perspective, we’re really good at [responding to] hurricanes, tornadoes, but we’re not capable, truthfully, to tackle a cyber event,” he said.  In addition to coordinating with DHS, FEMA and the states, the Northern Command would be supporting the cyber expertise of the Cyber Command and the Joint Force Headquarters-Department of Defense Information Networks, which is responsible for maintaining and defending the DOD information network. 

“We still have got a little more work at defining authorities…We’re still trying to play catch up on some of the legislation piece,” Shepherd said, noting they’re still working through the authorities piece through Cyber Command.  “I think we’ve got the right folks in and the right direction [to] help define that challenge.”

About the Author

Mark Pomerleau is a former editorial fellow with GCN and Defense Systems.

inside gcn

  • When cybersecurity capabilities are paid for, but untapped

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group