Alison King, Annie Fixler &RADM (Ret.) Mark Montgomery
The Trump administration begins under the shadow of a series of consequential Chinese cyber hacks targeting U.S. critical infrastructure. While incoming officials grapple with long-standing failures to deter China and other adversaries from launching cyberattacks on the U.S. homeland, the Department of Defense (DOD) faces a startling capability gap: The civilian and military professionals responsible for protecting the same type of assets that China compromised receive inadequate training in recognizing, defending against, and recovering from malicious state-sponsored cyber activity. There is no institutional home for this vital training.
The U.S. military maintains an extensive global footprint, with 800 installations spanning more than 70 countries and territories. Public and private utilities own and operate the power lines, water pipes, and fiber optic cables that supply these bases. Yet once those systems cross the fence line onto military facilities, the U.S. military is responsible for ensuring their safe and reliable operation and restoration during an attack.
The problem is many of the professionals tasked with maintaining these critical systems might not recognize a cyberattack for what it is because they’ve received no specified training. They often see an operational disruption, assume it is just a system malfunction, and move quickly to restore systems, potentially wiping out the forensics data that cyber professionals need to discern how an attacker got in and disrupted the system.
No comments:
Post a Comment