Marines aiming to lessen the cybersecurity burden for forces in the fight
SAN DIEGO, Calif. — As part of ongoing efforts to modernize its network, the Marine Corps wants more centralized monitoring to alleviate the burden for forces on the battlefield.
Commands at the tactical edge don’t always have the resources or the know-how to deal with the sophisticated digital threats facing the network.
“Our adversary is certainly not standing still. They’ve been watching us for quite some time and they’re up to some things and they’re evolving quite a bit … What we know now is that the adversaries will get into the systems and they’ll go dormant and sleep. But we have to have the ability to not only hunt forward, but the persistent presence inside our networks to ensure” security, Lt. Gen. Melvin “Jerry” Carter, deputy commandant for information, said in an interview at the annual WEST conference this week.
To combat these threats, Carter, who took over as DCI about six months ago, stressed the need for persistence on the network to hunt for malicious activity and eradicate it from friendly systems.
“We can’t afford to have [Marine Expeditionary Force] commanders really go after their independent networks and do their own thing. Now we have a responsibility at the headquarters level, under my authority to man, train and equip, to give them the capabilities. But we just can’t afford the commanders to do that,” he said.
While the Corps has sought to build defensive cyber operations-internal defense measures companies (DCO-IDM), which protect networks and search for adversaries on friendly systems at the tactical edge, there aren’t enough of them to go around.
“We just don’t have enough of them. We are thinking about number one, are they in the right place? Do they have the right authorities, many at [Marine Corps Forces Cyberspace Command], as you know, under the authority of [U.S. Cyber Command], but what about the ones that we need on a day to day presence in the [Fleet Marine Force] next to the networks in garrison, so to speak, installation bases and stations?” Carter said. “Every day we find out we’re under attack. That persistent presence is critical and we just don’t have the capacity really to go around.”
Carter suggested a more centralized network where experts can assist those MEF commanders from afar.
“We’re looking at a network that is universal. I mean, it’s one that all the way back across the network, but from headquarters and down at the right place that we can see the threat on the network materialize before a MEF commander even knows about it. That is the sort of network we need to really sense and make sense of what’s going on their networks,” he said, noting that there’s a potential business case for a centralized delivery of services.
As part of ongoing network modernization, the Corps has to evolve past the traditional authority-to-operate paradigm that was good for a period of time.
“We have to have a network that [is] very modern, but the other components of that is the sensing and monitoring of that piece is important,” Carter said.
