In less than a week apart, the U.S. Department of Defense released the Defense Industrial Base Cybersecurity Strategy and the Commercial Space Integration Strategy that focus on close cooperation with the private business sector to cater to the Pentagon’s needs. Although the documents are not key ones in the areas in question, they are still aimed at optimizing workflow and changing existing approaches to a certain extent.
The Defense Industrial Base Cybersecurity Strategy has the following goals.
Strengthen the DoD governance structure for DIB cybersecurity:
1.1: Strengthen interagency collaboration for cross-cutting cybersecurity issues.
1.2: Expediting the development of statutory instruments to regulate the cybersecurity responsibilities of defense industry contractors and subcontractors.
Enhancing the level of the Defense Industrial Base Cybersecurity Strategy:
2.1: Assessing the defense industrial base’s consistency with DoD’s cybersecurity requirements.
2.2: Improve the sharing of threat, vulnerability, and cyberrelated intelligence with the defense industrial base.
2.3. Identify vulnerabilities in DIB information technology (IT) cybersecurity ecosystems.
2.4. Recover from malicious cyber activity.
2.5. Evaluate the effectiveness of cybersecurity regulations, policies, and requirements
Preserve the resiliency of critical DIB capabilities in a cybercontested environment:
3.1: Prioritize the cyber resiliency of critical DIB production capabilities.
3.2: Establish in policy the priority focus on cybersecurity for critical suppliers and facilities.
Improve cybersecurity collaboration with the DIB:
4.1. Leverage collaboration with commercial Internet, cloud, and cybersecurity service providers to enhance DIB cyber threat awareness.
4.2. Work with the DIB SCC to improve communication and collaboration with the DIB.
4.3. Improve bidirectional communication with the DIB and expand public-private cybersecurity collaboration.
Put it in a nutshell, as stated in the document, “The Department of Defense’s (DoD) Defense Industrial Base Cybersecurity Strategy is an actionable framework for sustaining a more resilient Joint Force and defense ecosystem-one that prevails within and through one of today’s most contested domains: cyberspace.” The rest is a mere formality, which stems from changes in the regulatory framework and greater awareness both within the Pentagon and among potential contractors.
The appendix further says that China poses a certain threat to the United States because it has a monopoly in the production of rare earth metals and also invests within the United States, in particular, in its agricultural sector. Consequently, this stems from global competition and the recognition that China is ahead of the United States in a number of areas. In fact, given numerous publications and statements by U.S. officials that many serious cyber attacks against the United States originate from China, the mention of this country was quite expected. In reality, Washington does not want to lose its monopoly. So, it is trying to reformat existing approaches to handling contractors. Since the cyberspace domain is quite promising, it attracts priority attention.
At a press briefing on the strategy, Pentagon’s Deputy CIO of Cybersecurity & Senior Information Security Officer David McKeown noted that “we were estranged from various stakeholders… Many partners complained that we did not have a single contact point. The goal of this strategy is to chart a path forward so that we have a more centralized and compelling approach with everyone in the department knowing what their role is.”
McKeown also noted that the Department of Defense intended to “reach 50 to 75 small businesses that might participate in that pilot project… If the pilot proves that the cloud concept works, we will need to think about how we can scale it up and offer it to even greater number of small businesses over time.”
Tellingly, concurrently with releasing the Strategy, the U.S. Department of Defense established the position of Assistant Secretary of Defense for Cyber Policy (ASD(CP)) and the Office of the Assistant Secretary of Defense for Cyber Policy (OASD(CP)).
The Assistant Secretary of Defense will be the senior officer responsible for the overall oversight of Department of Defense’s cyber operations policy. They will report to the Under Secretary of Defense for Policy (USD(P)). In addition, they will also serve as Chief Cyber Advisor and, in exercising that role, act as Principal Advisor to the Secretary of Defense on cyber forces and related activities.
This role has been assigned to Ashley Manning so far. Consequently, they decided to address cyberspace/security/politics/troops issues thoroughly.
The Commercial Space Integration Strategy published on April 2 is similar in terms of concept to the previous one. Since the commercial space sector increasingly develops capabilities and services that may potential contribute to national security, the Pentagon wants to seize this opportunity and proposes to integrate commercial space solutions into the U.S. national security architecture relating to space.
This Strategy sets out the following goals.
First, to ensure that commercial solutions are available when needed, DoD will use contracts and other agreements to record requirements.
Second, DoD will achieve the integration of commercial solutions in peacetime, including when planning, training and in its day-to-day operations which will enable commercial space solutions to be used seamlessly during crises and conflicts.
Third, DoD will protect U.S. space interests from national security threats, including in space and on the ground, and from commercial space solutions whenever necessary. DoD will advance the security of commercial solutions via three areas: regulations and standards, threat information sharing and financial protection mechanisms.
Fourth, the strategy emphasizes that the Department will use the full range of available financial, contractual and policy tools to support the development of new commercial space solutions “that may potentially support the joint force.”
Finally, the Department will adhere to four pillars in its strategy: balance, functional compatibility, sustainability, and responsible behavior, to ensure the integration of commercial solutions into the national security space architecture.
Both are consistent with the overall National Defense Strategy but also meet the priorities stated in other documents relating to technology development and the space sector.
Certainly, these two Strategies fit into the decision to set up the Office of Strategic Capital (OSC) in the Pentagon and Investment Strategy published the day before.
If we were to abstract from the ambitious goals and bold statements inherent in such documents, there would be every indication of a clear trend toward the militarization of the private sector and American business thinking in general. Taxpayers are unlikely to be asked how to spend the budget. In fact, there will be enough exaggerated threats to enable lobby groups in the defense-industrial sector to utilize the allocated funds and include small and medium-sized businesses in that chain. We should probably expect the release of similar strategies relating to other areas but connected by the common mission of strengthening and increasing the U.S. global military machine.
Comments