IWS - The Information Warfare Site
News Watch Make a donation to IWS - The Information Warfare Site Use it for navigation in case java scripts are disabled


STATEMENT BY

BRIGADIER GENERAL DALE W. MEYERROSE, USAF
DIRECTOR, COMMAND AND CONTROL SYSTEMS
UNITED STATES SPACE COMMAND

17 MAY 2001

Mr. Chairman and members of the Subcommittee:

     I am honored and pleased to have this opportunity to discuss with you the subject of Information Assurance as it relates to the United States Space Command's (USSPACECOM's) responsibilities in defending DoD's Computer Networks. 

The President's 1999 Unified Command Plan (UCP) assigns the Commander in Chief of United States Space Command (USCINCSPACE) the responsibility to be the military lead for Computer Network Defense (CND) and Computer Network Attack (CNA).  USCINCSPACE also has the responsibility and authority to support all other Commanders in Chief (CINCs), Services, and agencies to plan, develop and advocate national requirements for defending the Defense Information Infrastructure.

Information Assurance provides the critical foundation and technical means essential to protect and defend our networks, while CND provides the overarching operational integration necessary to coordinate defensive activities. The basic elements of Information Assurance are:

·       Create and sustain networks and cyberspace

·       Assure connectivity and information accuracy

·       Protect the systems and information supporting the mission

    The architectures, processes, and standards built into our networks predetermine our ability to defend them.  The many facets of daily network management, network design, system interoperability, security policy, personnel discipline, and systems administrator proficiency create the cyber environment, complete with inherent advantages and vulnerabilities, which is the potential CND battlefield.

    Network management functions are, at the same time, the tools to manipulate and repair networks and the sensors that highlight enemy activity.  It's important to remember that network malfunctions and attacks have the same symptoms and effects.  However, the corrective action for a malfunction may differ greatly from a defensive action when the source of the problem is an enemy, and the intent is to harm or disable DoD networks.  The create, sustain, assured connectivity, and information accuracy functions of Information Assurance lay beyond USSPACECOM's currently assigned responsibilities.  However, our CND capability is directly linked to the CINCs, Services, and agencies charged and resourced for these tasks.

As you know, DoD information, information systems, and information infrastructures face a broad range of threats that can directly affect our ability to achieve Information Dominance.  The DoD is not immune from network attack.  As a result, our concern lies with a determined adversary possessing the capability to exploit information, and the systems used to distribute this information, as a means of jeopardizing our National Security.  This potential for cyber aggression, and the United States' readiness to confront the emerging threat to DoD networks, is a timely topic for today's discussion and highlights the importance of Information Assurance.

USSPACECOM has a global responsibility for CND that directly relates to our national Information Assurance efforts.  As military lead for CND, USSPACECOM plays a key role in providing the operational leadership necessary to coordinate a worldwide defense of DoD networks supporting Joint Force Commanders and our National Command Authorities.  Current initiatives, such as the Defense-wide Information Assurance Program (DIAP), are critical, in our view, to providing the capabilities necessary to defend DoD networks and maintain Information Dominance. 

To accomplish our mission, we must rely on effective  partnerships that cross civil and governmental boundaries,  enabling a consolidated and coordinated sharing of vital technical and operational information.  But even more than this, we must develop a network security baseline from which we can identify our most critical information resources and the Information Assurance measures necessary to protect them.  This baseline forms a foundation from which we can build a global comprehension of networks and their impact on the US and DoD.  We see USSPACECOM as a leader in maturing these constructs.

To enhance our ability to defend against computer network attacks, we also need to develop a capability for near-real-time awareness and analysis.  Working in conjunction with the Defense Information Systems Agency, USSPACECOM advocates developing a Global Sensor Grid and a Common Operational Cyber Picture.  These capabilities will provide the necessary eyes and ears for USSPACECOM to recognize, assess, and coordinate effective responses.  A critical component of this effort centers on developing a global Computer Network Indications and Warning (I&W) capability.  This capability would give DoD the ability to accomplish predictive threat analysis, enabling dynamic application of computer network defenses to avoid, deflect, or minimize adversarial impact.  The efforts currently being undertaken by the National Security Agency to achieve this capability are especially noteworthy and necessary.   

Just as important as the ability to discern when, where, and how an attack on our systems takes place is the ability to test and improve our defenses before the attack occurs.  USSPACECOM is working closely with the other CINCs, Services, and agencies to advocate for "live force" training (similar to that of the National Training Center and the Joint Readiness Training Center) that gives our personnel the requisite knowledge and skills necessary to implement rapid, coordinated, and effective responses to network attacks.  Development of Joint exercises and the effective use of modeling and simulation techniques would enhance lessons learned, validate procedures and policies, and significantly shorten response times.  However, USSPACECOM also strongly advocates training and education in all facets of network operations (as a part of current Information Assurance efforts) as the most cost effective means to ensure DoD information, information systems, and information infrastructures remain protected.

     In summary, I would first like to commend the efforts of this subcommittee for its strong support of Information Assurance initiatives--this is vital to our current efforts to provide global CND for the DoD.  By the same token, global CND is essential for effective Information Assurance.  Awareness remains the key that enables USSPACECOM to effectively coordinate an in-depth defense of DoD networks.  These networks are at their strongest when we regularly test, improve, and defend them with DoD users who are CND trained and educated.  I'm confident that together we will continue to rapidly improve our ability to combat any would-be cyber aggressors.

House Armed Services Committee
2120 Rayburn House Office Building
Washington, D.C. 20515