Tuesday, August 16, 2016

Write

"If you would change the world, pick up your pen and write." -Martin Luther

Wednesday, July 6, 2016

Cyber Tight


Not too much longer before we have Cyber Tight Training Teams (CTTT) ala Damage Control Training Teams (DCTT).  Coming to a command near you soon.

Tuesday, July 5, 2016

Chief of Naval Operations Admiral Richardson channeling his inner Admiral Stavridis
















"By reading and writing now, we are improving ourselves and the Navy. We are preparing for when we are called into battle. Read and write professionally with that singular purpose: to confound our enemies and make our Navy more powerful. We must think hard and do better. It is time to break out the books and sharpen our pens." 

Admiral John M. Richardson
Chief of Naval Operations

Sunday, June 26, 2016

VADM Hilarides coins phrase "CYBERTIGHT"


VADM WILLIAM HILARIDES, USN COMMANDER, NAVAL SEA SYSTEMS COMMAND
OCTOBER 21, 2015 


"The way we think to do that is to basically create water-tight compartments, cyber-tight compartments, create enclaves that have defined connection points, just a few connection points between the ship’s LAN and the combat system, maybe only one, between the navigation system and combat, between machinery controls and navigation, those sort of things."

Unlike it's parallel phrase - watertight - all hands can't contribute to the fight during a cyber attack to make your system cyber-tight.  The skills are far too specialized - as is the access to the cyber tools.

Monday, June 20, 2016

Education for Action: Operationalizing Cyberspace at USNA - Captain David Bondura's Article from SHIPMATE Magazine

Published on June 24, 2016

Much has yet to be discovered and learned in the cyber warfighting domain; however, one simple equation has emerged over recent years --- a hacker plus an internet-connected device plus malware now equals a potential cyber weapon that can be used for disruption, destruction, or intimidation.  The hacker can work for either a nation state or a rogue actor; the internet connected device can be a laptop or mobile phone; and the malware is relatively easy to purchase or obtain.

Since 2009, the U.S. Naval Academy has led efforts to develop and commission Naval Officers with the skills and knowledge required to more effectively operate in the cyber warfighting domain.  To date, these efforts have been significant in promoting and fostering an “Education for Action” mindset, recognizing that in the cyber domain, every Midshipman is operational and fully immersed in a Department of Navy network the day they are issued a USNA intranet account.

There can be little doubt that the Department of Navy’s cyber challenges reach across all naval communities (i.e. air, surface, subsurface, special warfare, medical, and human resources).  The challenges traverse all naval networks to include but not limited to C4I, Hull, Mechanical & Engineering, Platform Information Technology, Navigation, Weapons, Research & Engineering as well as education.

In preparing Midshipmen for these cyber challenges, four foundational principles are routinely presented in their curriculum to “operationalize cyberspace.”

I.  The network is a warfighting platform. Operational commanders depend on networks for Command and Control (C2), battlespace awareness, and integrated fires in many phases of conflict and for daily operations. Therefore, and as with any essential warfighting platform, the network must be made available, defended from intrusion or attack; and, when necessary deliver warfighting effects to achieve operational missions. 

Assured C2, reduction of attack surface, and enhanced defense in depth operations are well-understood, critical success factors for carrier strike group operations.  These factors are now also core to the day-to-day conduct of successful Navy network operations in the presence of adversaries, natural emergencies, equipment failures, and human error.

Operational Framework:  Operation ROLLING TIDE (August, 2013 – February, 2014):  Within the Department of Defense, Navy was targeted by a cyber adversary who engaged in a focused and sustained campaign against the Navy Marine Corps Intranet (NMCI).  In network size, NMCI is second only to the internet itself, with more than 770k users and over 120M browser transactions per day.  As the unclassified lifeline network of the Navy, NMCI supports a mix of Navy business, logistics, administrative, and readiness processes necessary to sustain combat operations.

In response to the NMCI intrusion, Commander, Tenth Fleet successfully planned and executed Operation Rolling Tide to counter adversary cyber activity and regain C2 and integrity of the network.   As noted by Secretary of the Navy, Ray Mabus, ROLLING TIDE represented the largest and most sophisticated network maneuver in USN history. 

The success of ROLLING TIDE required extensive coordination with all USN Echelon II commands and a wide array of joint cyber partners to ensure mission impacts were minimized, while network security was enhanced.  As the Navy’s first named cyber operation, ROLLING TIDE represents the new cyber norm in which the Navy must be prepared to simultaneously institute network strategies as well as lead and conduct cyber operations across multiple levels. 

 As a classroom case study, ROLLING TIDE provides multiple lessons-learned on network defense strategies, improved command and control, risk mitigation processes, and most importantly, the “fight-through” mentality required to operate and maneuver a network in the face of a cyber, advanced persistent threat.

II.  Foster a Cyber Warrior Ethos: Warfighting in the Cyber domain requires the ability to maneuver, operate, and defend Navy networks in real-time.  In the traditional warfighting domains, few military members are issued weapons, and even fewer are authorized to load ammo; however, in the cyber warfighting domain, almost every member is given a keyboard.  It is essential to foster a warrior ethos with that keyboard to ensure Midshipmen understand that the keyboard is more than just the interface to “surfing the net” or doing late-night research; the keyboard needs to be recognized as the interface to executing and enabling operations in and from the cyber domain.

The Navy’s cyber warrior must break down the perception that cyber operators are “techies” or “service providers.”  Cyber Warriors must be educated and trained in Navy’s traditional warfighting ethos, planning tools, and mission accountability to ensure they can operate as a unified maneuvering force that can function under the same planning principles and synchronized operational orders as recognized by other warfighting commanders.

Operational Framework:  U.S. Counter-Terrorism (CT) Operations.  Across this enduring mission set, a unique perspective emerges, that helps shape a warrior ethos that is operationally relevant in cyber warfighting on both the offensive and defensive front. 

CT operations include the policy, strategy, tactics, and techniques to combat terrorism often employing direct-action efforts to seize, capture, or destroy a target.  These operations usually require full sharing of all-source intelligence to enable and ensure the speed, agility and precision required to execute the mission and return safely.

As can be seen on a daily basis, cyber warriors must also be trained and skilled to employ varying levels of direct-action efforts to seize, capture, or destroy targets.  These cyber direct-action efforts must also be supported by the rapid dissemination of all-source intelligence to enable the speed, precision, and agility required to enable or support both defensive and offensive operations.
Whether it is the eradication of adversary activity on a Navy network, enabling drone-strikes against high-profile targets, or as part of the recently announced (April, 2016) U.S. cyber offensive against the Islamic state, cyber operators are fully engaged in direct-action efforts to seize, capture, or destroy targets.

In today’s conflicts, the reality is that cyber now plays a part in operational planning and execution that five to 10 years ago was not conceivable.  Cultivating a cyber warrior ethos in our Midshipmen will be critical in guiding all Navy warfare communities through the cyber challenges and opportunities that are now conceivable in their lines of effort and lines of operation.

III.  Cybertight Integrity:   All sailors understand the threatening urgencies associated with a hull breach and the loss of watertight integrity.  Similarly, a network breach and the loss of cybertight integrity must also engender a similar sense of threatening urgency.   Just as Midshipmen are introduced to watertight integrity principles, they are now introduced to key cybertight integrity principles such as resiliency, redundancy, diversity, and trust management required to assure the data, the network, and the mission. Cybertight integrity must become to a network what watertight integrity is to a vessel.

Much like material conditions of readiness, compartmentation, and qualified damage control teams are critical components of a ship’s watertight integrity, they must also become critical components of a network’s cybertight integrity.  A steady and stable network must have a material condition of readiness program that accounts for and inspects firewalls, boundary control points, intrusion detection systems, detection software etc.  Network compartmentation must allow for the rapid isolation of compromised links and nodes so as not to effect the whole network, and a qualified network damage control team must be identified with roles and responsibilities clearly defined. 
Operational Framework:  Loss of USS Thresher (April 10, 1963):  On April 9, 1963, Thresher departed the Portsmouth Naval Shipyard  with 112 crew members and 17 technical observers for deep diving exercises in an area approximately 200 miles East of Cape Cod, MA.  At 0917 on 10 April, Thresher reported “exceeding test depth” and at 0918, Thresher’s escort ship (Skylark) detected a high-energy, low-frequency noise with the characteristics of an implosion.  The Thresher sunk in approximately 8,400 feet of water.

Investigative findings identified that Thresher suffered from a watertight integrity problem that started with a ruptured pipe in the engine room causing flooding and loss of the engine control switchboard.  Per investigative conclusions, deficiencies in design, fabrication practices, quality assurance, and operational procedures resulted in the Thresher crew being unable to secure the flooding, blow the ballast tanks, or drive to the surface.

In response to the Thresher findings, the Navy created the SUBSAFE program that is purposefully designed to ensure maximum reasonable assurance of watertight integrity and recovery capability of a submarine.   SUBSAFE mandates a culture of safety with a set of well-understood and non-negotiable requirements across the design team, the engineering team and the crew. 

 As part of the enduring Thresher legacy, SUBSAFE served as a model for the Navy’s recently implemented CYBERSAFE program.  CYBERSAFE is designed to ensure maximum reasonable assurance of survivability of critical Navy networks and control systems necessary for mission success.  CYBERSAFE’s mission will ensure compliance with policy, establish strategic vision, and synchronize Navy’s cyber approach to inform, align, evaluate, and prioritize requirements for all platforms and networks.

IV.  Cyber will be a Campaign Conflict: Cyberspace as a domain is still relatively new and yet it is completely pervasive.  Computers and telecommunications have been integral in the conduct of warfare from their inception; however, with the emergence of cyber technologies and weapons, joint and USN tactics, techniques and procedures must be developed and learned in order to fight successfully within cyberspace in the virtual domain as well as from cyberspace in the physical domain.

As in any campaign and/or operation, Commanders use the principles of war --- mass, objective, surprise, simplicity, security, maneuver, unity of command, economy of force, and offensive to form and select courses of action and concepts of operation.  In the cyber domain and across these principles, the adversary tends to hold unique and distinct advantages that must be accounted for --- these advantages are quite similar to those seen over the past decade in Iraqi and Afghanistan combat operations when specifically analyzing U.S. physical security and force protection requirements.

 Operational Framework:  Forward Operating Bases (FOBs):  For more than a decade and in support of Operations IRAQI FREEDOM and ENDURING FREEDOM, FOBs have become the mainstay of US presence in Iraq and Afghanistan. FOBs, such as Danger and Falcon in Iraq and Gardez and Salerno in Afghanistan, provide vivid learning examples of a contested environment that is under constant adversary surveillance,  where the threat of harm is real, and the adversary holds a number of principal of war  advantages to include surprise, maneuver, simplicity etc. 

 FOB operations, much like defensive cyber operations, require a secure perimeter, controlled entry points, guarded access lists, intrusion detection systems, hardened defenses, personnel and services accountability, ready response teams, and most importantly, a warrior-like passion to protect each other and get the mission done.

FOBs remain an integral component in the continued Iraqi and Afghanistan campaigns, and the FOB operational framework and mindset provides a real-world example of the framework and mindset required to be successful in the cyber campaign conflict.
Closing:   On 27 May, 2016, 1,000 Midshipmen graduated from the Academy with a solid educational foundation in cyber as well as 27 Midshipmen who received the first Bachelor of Science Degree in Cyber Operations.  This plankowner crew of 27 represents the Navy’s commitment to enhancing cyber readiness across the Fleet as well as the Naval Academy’s role in preparing graduate-leaders with deep foundational cyber knowledge and skills.  The Academy's “education for action – operationalizing cyberspace ” program recognizes that in moving forward, we must learn from the past, understand the present, and prepare for a complex and challenging future in the cyber warfighting domain --- and it will start with one Midshipman at a time.

Resources:  
1.  U.S. Fleet Cyber Command / TENTH Fleet Stratrgic Plan (2015 – 2020)
2.  SUBSAFE – USS Thresher (SSN 593) Lessons:  Learned Available at:  nsc.nasa.gov/SFCS/SystemFailureCaseStudyFile/Download/407
3.  Task Force Cyber Awakening EXCOM (14 August 2015)
4. Thresher Base:  Available at:  http://www.thresherbase.org/the-tragedy.html
5.  War in Cyberspace (A Theory of War in the Cyber Domain): Available at:  https://cyberbelli.com/
6.  ADM Rogers' remarks during the Cyber Lecture series at USNA

 (Note:  The above post was first-published in the May/June 2016 issue of SHIPMATE.)

Friday, June 17, 2016

One of the most popular posts of all time on my blog - From "Navigating a New Course To Command Excellence"

The Significant Role of the Navy Chief Petty Officer (CPO) In Superior Commands 

"The backbone of the Navy" is how one old adage sums up the importance of the chiefs quarters. Superior commands are especially quick to acknowledge the chief petty officer's special role and contribution. The uniqueness of that role is a function both of the position the chief occupies in the organizational structure and of the job qualifications that must be satisfied before the position is attained. Chiefs have considerable managerial and technical expertise and are the linchpin between officers and enlisted.

For there to be a strong chiefs quarters, the chiefs must feel that they are valued and that they have the authority and responsibility to do the job the way they think it ought to be done. In superior commands, the chiefs feel that their special leadership role is sanctioned and appreciated by the rest of the command, especially the CO. In these commands, the chiefs are included in all major activities, particularly planning. Their input is sought and readily given. If they believe that something won't work or that there is a better way to do it, they speak up.

Chiefs in superior commands lead by taking responsibility for their division. They motivate their subordinates, counsel them, defend them when unjustly criticized, monitor and enforce standards, give positive and negative feedback, communicate essential information, solicit input, monitor morale, and take initiative to propose new solutions and to do things before being told. The chiefs play a key role in the enforcement of standards. Because they are out and about, they see for themselves whether job performance and military bearing meet the Navy's and the command's requirements.

When work is done well, they offer recognition and rewards; when it is done poorly, they act to correct it. They also know the importance of modeling the kind of behavior they expect their people to display. If they expect their personnel to work long hours to get something done, they work the same hours right along with them. Their concerns extend beyond their immediate areas, however.

Chiefs in superior commands act for command-wide effectiveness, promoting the success of the unit as a whole. Although they have a strong sense of ownership and take responsibility for their division's activities, they are able to look beyond the job at hand: when other departments or divisions need assistance, chiefs in superior commands are willing to help.

The superior chiefs quarters usually has a strong leader who plays the role of standard-bearer for the command, creates enthusiasm, offers encouragement, and drives others to excel. It is usually someone whom the other chiefs perceive as fair, who stands up for their interests and those of the crew, who listens with an open mind, and who has demonstrated a high degree of technical proficiency.

In superior commands, the chiefs quarters functions as a tight-knit team. The chiefs coordinate well, seek inputs from each other, help with personal problems, identify with the command's philosophy and goals, and treat each other with professional respect.

Finally, this ability to perceive larger goals and to work toward them as a team extends to their relationships with division officers. Chiefs in superior commands are sensitive to the difficulties that arise for division officers, who lack experience and technical know-how but must nevertheless take their place as leaders within the chain of command. A superior chiefs quarters supports and advises these new officers fully and tactfully.

Want to have a superior command?  It's ALMOST IMPOSSIBLE to get there without a superior CPO mess.