USAF Cyber Command (catch all)

[selil]

The Air Force is moving ahead with work on the cyber command (LINK).

Air Force moving ahead with Cyber Command

The Air Force is moving ahead on establishing its new Cyber Command, searching for permanent facilities and planning meetings to establish rules by which it will operate, according to Air Force officials.

In September, the Air Force announced it would establish a Cyber Command to prepare for fighting wars in cyberspace by defending national computer networks running critical operations and to attack adversaries computer networks.

The Air Force now operates a Provisional Cyberspace Command at Barksdale Air Force Base in northwest Louisiana. Its vice commander, Col. Anthony Buntyn, said the provisional command is solely involved with "standing up the permanent command," meaning it is developing a structure, finding a location for the base and hiring and training staff. Buntyn spoke this week at the Armed Forces Communications and Electronics Association's annual Air Force IT Day in Vienna, Va.

Besides the fact they are going to be having a meeting at Maxwell AFB a site of dubious consideration (see other posts in SWC for more on this), the Air Force is standing up this command in a vacuum. We have the NSA, the FBI, the CIA, and a host of other federal agencies and councils that deal with cyber warfare. I'm not suggesting this is a bad idea, but it is a strange idea. I really wish they would drop the word cyber from warfare too.

Besides the obvious overlap and repetition of effort the military is an interesting entity to be attempting the most flexible thinking form of war in repelling a cyber attack. The article refers to suits and ties being more prevalent when Mountain Dew and "Mountain Man Chocolate" would be more appropriate.

Cyber warfare by definition is almost always an asymmetric form of warfare. Cyber warfare draws on all of the thinking of perpetrating and protecting from an insurgent or guerilla form of warfare. The attacker in cyber-warfare uses the enemies strengths and tools to defeat him. The counter insurgent is required to assess the goals and methods of the attacker and close if not disrupt the patterns of attack. Due to the asymmetric nature of this form of warfare doctrinal and normal warfare strategies will fail to stop the insurgent.

In an interesting twist the Westphalian concept of a nation state will come back to haunt those nations when the cyber adversary has the means and will to attack the nation state. The concepts of Westphalian peace specifically set roles for nations that hamper specifying a particular person as an enemy rather than the nation-state sponsor. When there is no nation state sponsor the treaties and agreements fall like a house of cards. (I have a paper pending on this topic).

Cyber warfare as a militarized arm promotes an idea that the nation may be at war (as constitutionally mandated) when instead it is at odds with a variety of assailants some of whom may be totally unaware. Since infrastructures can be taken over and used without the knowledge of the owner (including countries) a huge political issues exists. Here again the concepts of counter insurgency inform us for the future on how to deal with non-state actors operating out of friendly or victimized countries. Diplomacy is a sliding scale of force and persuasion. We have to work with the people who possibly may have harmed us as unwitting dens of insurgent operations.

We as a nation don’t have a good “rules of engagement” in cyber warfare and our understanding of the international relations and climate is severely hampered by our current conflicts. The military does have some good people at the different academies who can inform them on technical aspects of cyber warfare. There are people at the NSA sanction NSF funded Centers of Academic Excellence. Historically though few academics have studies offensive weaponization of cyber space and even fewer understand the military mind set.

It will be interesting to follow the different aspects of this story as it moves forward.

[Stan]

Great catch, Sam !
The Estonians will be working with the 8th Air Force and pointed me to this site for Cyberspace Trust, Careers, Battlespace and Cyberspace

The Air Force is moving ahead with work on the cyber command (LINK).

[Steve Blair]

I knew this was in the works, since one of our NCOs is trying to get back to Barksdale to join the provisional command. Interesting stuff.

[slapout9]

Besides the fact they are going to be having a meeting at Maxwell AFB a site of dubious consideration (see other posts in SWC for more on this), Posted by selil

I keep telling you guys Slapout,Al. is the Cultural Center of The Universe If you think 4GW is something wait till you SBW... Slapout Based Warfare

[selil]

The Air Force is way ahead of everybody else on this. Though I have two army LT's that are being asked if they want to go visit USAF brethern (Their both information security specialists).

[slapout9]

Another article on AF Cyber warfare.

http://www.afa.org/magazine/nov2007/1107edit.asp

[JeffC]

The Air Force is way ahead of everybody else on this. Though I have two army LT's that are being asked if they want to go visit USAF brethern (Their both information security specialists).

"New Cyber Command to be Huge Business Opportunity"

"There's going to be a huge contracting requirement," said Maj. Gen. Charles Ickes II, Air National Guard special assistant to the deputy chief of staff for operations, plans and requirements.

"I don't think anyone can tell you how big," he told the Northern Virginia chapter of the Armed Forces Communications and Electronics Association's Air Force information technology conference Dec. 5."

"Ickes, Santee and Col. Anthony Buntyn, the cyber command vice chief who is expecting his first star, said the Air Force will look to industry to provide "tools" for "real-time" processing and dissemination of attack information."

[selil]

Trying to create a catch all thread.

[selil]

The ramp up and media blitz to justifying the Air Force Cyber command has began.

March 4, 2008 LINK TO STORY

(Media-Newswire.com) - 3/4/2008 - WASHINGTON ( AFPN ) -- Deputy Defense Secretary Gordon England is the latest government official to express concern about the United States' cyberspace vulnerabilities.

"Cyber warfare is already here," said Mr. England. "It's one of our major challenges."

Describing the new battlefront, the deputy secretary said, "I think cyber attacks are probably analogous to the first time, way back when people had bows and arrows and spears, and somebody showed up with gunpowder and everybody said, 'Wow. What was that?'"

Mr. England, speaking to an audience Mar. 3 gathered here for a Veterans of Foreign Wars conference, noted that President Bush addressed the threat by establishing a task force to coordinate U.S. government efforts to safeguard computers against cyber attacks.

In addition, the United States and other NATO allies are expected to address the issue of cyber defense when the 20th NATO summit convenes in Bucharest, Romania, in early April.

Estonia, a NATO member, was victimized by a series of data-flooding attacks last year that brought down the Web sites of several daily newspapers and forced Estonia's largest bank to shut down its online banking network.

"Estonia happens to be very advanced, in terms of networks in their country," Mr. England said. "So a strength was turned into a vulnerability."

Last week, the Pentagon's top intelligence official today told a Senate committee that cyber threats are contributing to the "unusually complex" security environment the United States faces.

"A global military trend of concern is ... the sophisticated ability of select nations and non-state groups to exploit and perhaps target for attack our computer networks," Army Lt. Gen. Michael D. Maples, director of the Defense Intelligence Agency, told the Senate Armed Services Committee on Feb. 27.

Joining the Pentagon's top intelligence official at the hearing on current and future threats facing the United States was the director of national intelligence, retired Navy Vice Adm. John M. "Mike" McConnell. Asked by senators about cyber threats, Admiral McConnell said, "We're not prepared to deal with it."

"The United States information infrastructure, including telecommunications and computer networks and systems, and most importantly the data that reside on these systems is critical to virtually every aspect of our modern life," he continued. "Threats to our intelligence infrastructure are an important focus of this community."

Admiral McConnell said China, Russia and possibly other nation-states have been assessed as being capable of collecting or exploiting data held on U.S. information systems.


More at the LINK

[selil]

This is an interesting take on propaganda and information warfare though titled cyber warfare. It is interesting to note the intersection of free speech and the Internet which has been becoming much more frequent.

Link to full story

Last week, a Chinese court sent Chen Shuqing, a dissident internet writer, to jail for four years on charges of subversion. Meanwhile, in the northern Russian city of Syktyvkar, 21-year-old blogger Savva Terentyev is looking at two years in prison for making a derogatory comment about the police in an online diary.

Two disparate cases, thousands of miles apart, that send a very clear message about how ruthlessly China and Russia are patrolling their internet borders. This vigilance could serve as useful preparation for cyber war, an increasingly important battlefield where the West risks being overwhelmed.
The internet is a conduit of free speech but also a weapons delivery system. Authoritarian regimes have had to develop defences against the internet to stem the flow of independent thought.

And having learnt how to defend themselves, these states are well- versed in techniques that can be deployed against other nations.

In China any politically sensitive material is blocked by a complex firewall called jindun gongcheng, the Golden Shield. It prevents Chinese citizens in internet cafes from logging onto anything potentially subversive, like a blog supporting independence in Tibet or Taiwan. Vietnam, Saudi Arabia and Tunisia use similar shields. China's shield is so sophisticated at blocking inbound traffic it could one day be used to block incoming cyber-attacks.

Link to full story

[selil]

It is interesting to note the kind of fear mongering and reliance on service disruption to describe cyber warfare. Few if any are looking at the other elements such as confidentiality being exploited. Imagine if all the politicos in Washington had their medical records exposed? Considering the security services any asymmetric attack against a nation using computers is going to have to be through more than one vector.

Link to full story

March 6, 2008

Australia will join global counter-terrorism war games to test the security of vital resources including dams, power stations, telephone exchanges and banks.

Attorney-General Robert McClelland will announce the federal government's involvement in Cyberstorm II.

"Governments that take national security seriously can't turn a blind eye to the threat of cyber-terrorism," Mr McClelland said.

Cyberstorm II will run from March 10 for five days and will also involve security officials and businesses from the US, UK, Canada and New Zealand.

"The exercise will be useful in identifying areas in Australia's national security architecture that may require further development," Mr McClelland said.

Confirmation of Australia's involvement in Cyberstorm II comes as the US Department of Defence ratchets up its concerns about cyber-terrorism.

"Cyber warfare is already here," Deputy Defence Secretary Gordon England said earlier this week.

"It's one of our major challenges."

"I think cyber attacks are probably analogous to the first time, way back when people had bows and arrows and spears, and somebody showed up with gunpowder and everybody said, 'Wow. What was that?'"

The first Cyberstorm drill in 2006 forced a host of international intelligence agencies to face multiple fictitious attacks at one time.

Washington's subway trains shut down. Seaport computers in New York went dark and a mysterious liquid was found on London's Tube.

The laundry list of fictional catastrophes, which included hundreds of people on "No Fly" lists arriving suddenly at US airport ticket counters, is significant because it suggests what kind of real-world trouble keeps allied security forces awake at night.

The $US3 million ($A3.22 million), invitation-only war game simulated what the US described as plausible attacks over five days in February 2006 against the technology industry, transportation lines and energy utilities by anti-globalisation hacker


Link to full story

[selil]

A good over view of Cyber Storm II and good read out on Cyber Storm 1. But ,unfortunately it will be primarily a table top exercise with limited real world problems (only a few systems according to the article will actually be attacked). The illuminates the issues of training in this type of environment. Few if any people would suggest soldiers should be sent into combat having never fired real bullets, never ran around the range, done a confidence course, or otherwise simulate combat environments. Yet when it comes to computers we do exactly that in the training and evaluation.




More at the LINK

WASHINGTON, March 10 (UPI) -- Officials from 18 federal agencies, nine states, four foreign governments and more than three dozen private companies will take part in a cyberwar exercise staged by the U.S. Department of Homeland Security this week.

The war game, codenamed Cyber Storm II, will run Monday to Thursday, based at U.S. Secret Service headquarters in Washington. It is the second DHS biannual cyber-exercise, designed to test the ability of federal agencies and their partners in state, local and foreign governments and the private sector to respond to and recover from cyberattacks on their computer networks.

"The goal of Cyber Storm II is to examine the processes, procedures, tools, and organizational response to a multi-sector coordinated attack through, and on, the global cyber infrastructure," says a fact sheet from the department.

Details of the planning for the event are closely held, in part to avoid tipping off participants. The fact sheet says only that the exercise -- the culmination of more than 18 months of planning led by DHS' National Cyber Security Division -- will simulate a series of coordinated physical and cyberattacks on IT and communications systems and chemical, rail and pipeline infrastructure.

The attacker is not identified, but has "a specific political and economic agenda," says the fact sheet. In the last Cyber Storm exercise in 2006, the enemy was an anarchistic coalition of "hacktivists" -- politically motivated hackers -- called the Worldwide Anti-Globalization Alliance, joined by a number of "independent actors."

In the scenario, the attackers penetrated state health records' databases, attacked Federal Aviation Administration systems and defaced newspaper sites.

"Key elements of the hacker attack plan were to strike at trusted cyber systems that were used to control both physical infrastructures and digital commerce and services," says the DHS' after-action report, released in September 2006. "The attackers focused on maximizing economic harm and fomenting general distrust of big business and government by disrupting services and misleading news media and other information outlets."

The choice of adversary -- which the report stressed "was neither a forecast of any particular threats … currently existing nor an expression of any specific concerns" -- raised some eyebrows. Among U.S. military planners, nation states, and in particular China, are considered the actually existing adversaries with the most significant capabilities to launch attacks on, or through, the Internet.

One report, by Washington Post blogger Brian Krebs, said Cyber Storm II will feature a nation-state attacker, but a DHS official familiar with the planning said only that this was "a possibility."

The official added that the adversary was "more sophisticated" than in 2006. The scenario was "designed to examine the response to some of the threats that are out there in the real world," he said.

Having a nation-state adversary would make sense, former DHS preparedness chief George Foresman told UPI.

"The top candidates for adversaries would be states, terrorist groups and criminal enterprises" as they were in the real world, said Foresman, who was only involved in the very early stages of planning the event.

As in 2006, the attacks this week will be simulated on special systems set up for the exercise "and will not impact any live networks," says the fact sheet.

Participants in the exercise, which consists of a series of detailed scenarios unfolding according to a strict timetable, will learn of developments via more than 1,700 pre-scripted "injects" in the form of phone calls or e-mails from exercise managers, or through a mock TV news channel set up for the event.

But some of what players will learn from the channel will be bogus, former DHS official Jerry Dixon told Krebs' Security Fix blog.

"They'll inject some red herring attacks and information to throw intelligence analysts and companies off the trail of the real attackers," said Dixon, who helped plan the exercise.

The $6 million event will involve thousands of participants across the world, including from departments of the Australian, British, Canadian and New Zealand governments, and from U.S. agencies including the Department of Defense, CIA, National Security Agency and FBI.

More at the LINK

[selil]

The hyperbole continues and will likely increase further as we get closer to October 1, 2008. This article (short as it is), starts to link kinetic damage to cyber damage, and brings in the transnational aspects of cyber warfare. Still nobody seems to really be getting the doctrinal issues and that that fighting cyber warfare isn't like dropping bombs, or other stand off weapons. Cyber warfare in my opinion is like counter insurgency.


From the following page

If you don’t think cyber warfare could be a major problem in the future, then NATO would like to change your mind.

At a conference in London last week, Suleyman Anil, the man charged with guarding NATO from cyber attacks, told the Guardian,
"Cyber defense is now mentioned at the highest level along with missile defence and energy security. We have seen more of these attacks and we don't think this problem will disappear soon. Unless globally supported measures are taken, it can become a global problem."

Anil told the E-Crime congress that it was costing less for hackers to mount attacks, while the amount of damage they could inflict was increasing. The biggest trend of recent years is cyber terrorism, as shown by the attacks on Estonian government sites last year.

But there have been many attacks, including those on government sites in Australian and Britain and on the Pentagon. American officials believe they’re the work of a Chinese-sponsored group which they’ve dubbed Titan Rain.
Of course, identifying the shadowy people behind the attacks is almost impossible. But people in power do understand how real the threat is – the US government has allocated $6 billion to strengthen systems against attack.

[Stan]

Michael Chertoff, homeland security chief has made a heartfelt plea to Silicon Valley workers to stand up and be counted in the fight to secure the cyber highway. He invoked the attacks of 9/11 as he sought to galvanise IT professionals and security experts.

'Desire to serve'

... "the best thing you can do for your country"

Mr Chertoff pointed out that securing the nation's internet highways and byways was a job the federal government could not do alone.

Appealing to the private sector, the homeland security boss reached out and simply said: "Please send some of your brightest and best to do service in the government."

[Stan]

From Wired's blog... "Chertoff's talk shed precious little light on the details of the Bush administration's cyber security plans...Its contents are classified, but the U.S. Director of National Intelligence has said he wants the NSA to monitor America's internet traffic and Google searches for signs of cyber attack."

-- The federal government has launched a cyber security "Manhattan Project"... because online attacks can be a form of "devastating warfare", and equivalent in damage to "physical destruction of the worst kind." Chertoff cited last year's denial-of-service attacks against Estonia, and hypothetical hack attacks on financial networks and air traffic control systems, as proof that a federal strategy was needed.

"Imagine, if you will, a sophisticated attack on our financial systems that caused them to be paralyzed," Chertoff said. "It would shake the foundation of trust on which our financial system works."

[selil]

From Wired's blog... "Chertoff's talk shed precious little light on the details of the Bush administration's cyber security plans...Its contents are classified, but the U.S. Director of National Intelligence has said he wants the NSA to monitor America's internet traffic and Google searches for signs of cyber attack."

His comments were like scragly finger nails on a chalkboard. It showed a complete non-understanding of the issues of cyber-warfare. He's using the hyped up term of "cyber-warfare" to suggest more domestic surveillance when the aren't necessarily related. Google searches have nothing to do with availability and integrity attacks against systems.

[Stan]

Sorry Sam, looks like the Army is moving in on USAF territory

The battle for a population's state of mind demands a sophisticated information operations campaign that responds more rapidly than terrorists and insurgent groups to exploit the virtual battlefield. "There was a day when we were operating at foot speed," said Army Col. Wayne Parks, who directs the service's Computer Network Operations and Electronic Warfare at Fort Leavenworth, Kan. "Now we're moving at cyber speed."

Recent surveys conducted by the Center for Army Lessons Learned at Fort Leavenworth on operations in Iraq and Afghanistan found that the service's training and officers' past combat experience left them "ill-prepared" for the "interactive complexity" of information operations.

The service now must find a way to "maneuver around" a potential enemy's information campaign..., the military also hacks into jihadi Web sites to try to stop the spread of enemy propaganda.

[BobKing]

In Cyber Command - Why Stop There? I pose for discussion the creation of a new force. A "CyberSpace Force", created from the other services for space and cyberspace operations, just as the Air Force was created in 1947.

The full article is too long to post here. An abridged excerpt is listed below - I encourage anyone interested in the topic to visit the Joint Chatter blog and offer your comments.

---------------------

The Pentagon is likely to take the rare action of adding a new combatant commander, this one for cyber warfare.

Why stop there?

Why create just a cyber combatant command? Why not step back and consider whether a more substantial reorganization is needed?

Last year the term cyberspace was officially defined and last fall elevated to a new domain.

cyberspace - A global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers. (CJCS CM-0363-08)

To further the discussion, it is also necessary to present the definition of another domain medium from the same publication:

space - A medium like the land, sea, and air within which military activities shall be conducted to achieve US national security objectives. (JP 3-14)

With all of the redundancies across the various services, why not consolidate them into a new service? Analogous to the National Security Act of 1947, which created the Air Force from the Army Air Force, a 21st century reorganization could create a CyberSpace Force. (The exact name is not significant, using CyberSpace Force as a generic moniker.) This new force, formed from components in all of the services, would concentrate the existing disparate and duplicative efforts into one organization. No service would lose capabilities, because we fight as a Joint team now. Personnel from the newly created force would join operations and command structures as dictated by mission requirements.

As it exists right now, each the services are devoting significant resources and efforts into solving the cyber challenges "in their own lane."

(Full blog article includes examples of redundancy)

In September 2001, a day prior to the terrorist attacks, Secretary Rumsfeld pointed out "Each service branch has its own surgeon general and medical operation. At the department level, four different agencies claim some degree of control over the delivery of military health care." in his Bureaucracy to Battlefield speech of 10 Sep 2001.

Similarly, why should each service recruit, organize, train and equip information assurance professionals and other related specialties?

Each of the services would resist this reorganization, just as the Army did over 60 years ago. Looking back, are there many today that would question the wisdom of having the Air Force as a separate service? (Funding issues and differences in MWR services aside...) In addition to eliminating redundancy, all the services would benefit in that they could each put more focus on their core mission.

I first asked this reorganization question seven years ago, while on a field trip staff ride to Colorado Springs, CO as part of a Space Operations elective. The general officer speaking to us answered along the lines of "it may happen eventually, but we're not there yet." That time it was more about a space reorganization. Last week, while in DC to attend Phoenix Challenge 2009, I asked a similar question regarding creating of a cyberspace force. Generally the response was "good idea, probably the right thing to do, but we can't afford it" and "maybe in 20 years." Others suggested that it should be an agency - incorporated into, or similar to, the National Security Agency.

If it's the right thing to do, why wait? The cumulative cost of duplicated efforts, followed by an eventual reorganization, surely exceeds the startup cost of doing the right thing now.

Additional Advantages

This new CyberSpace Force, if done right, could expand the pool of available personnel. Numerous reports over the last several years lament the shrinking percentage of high school graduates physically qualified for military service. Why does a programmer need to run 3 miles? We have an entire generation growing up comfortable using the complex controllers associated with Halo 3 and Guitar Hero, just to name a couple popular titles. Does it make sense to say to them, "Sorry, we can't use you to monitor and adjust the orbit of a satellite if you can't do 40 push-ups in two minutes?"

Consider the stereotypical images conjured up of "uber geeks", college IT support staff or attendees at a hackers convention (e.g. DEF CON): long (sometimes different colored) hair, may not pass a uniform inspection, may not even fit in a uniform. But does that mean we should keep them out of the cyber fight if they are willing to serve?

(Blog article includes links to images of DEFCON attendees)

Many Americans may choose to serve that otherwise would not consider traditional military service. As Noah Shachtman (Editor, Danger Room) said last week in his keynote speech at Phoenix Challenge: (paraphrasing) the military is not a popular option in Manhattan, but there a lot of people that want to feel like they are part of something.

This should be a service and not an agency. In our nation's defense we need the ability to send people where and when we need them - we can't afford to face the same challenges other departments have faced when necessary to send their personnel "down range."

Questions

What are the advantages and disadvantages of creating CYBERCOM as a new combatant command?

Is it time to perform a new reorganization of the Defense Department, creating a force focused on the Space and Cyberspace domains? What challenges would be faced in a large-scale reorganization? What opportunity costs do we continue to pay by a failure to address the root problems?

Further Reading

Additional references available in the full article

[selil]

Interesting concept, I guess from your comment about going to your blog you aren't interested in comments here, but I'll take a swing. I'm not very well versed in this cyber stuff, but you know what the heck.

First, I guess I'd ask the question of who this combatant command is going to fight? As a military force what are the targets it will engage? If from Krzygistan, Georgia, and Estonia we can ascertain the non-state actors were in fact non-uniformed adversaries, are you going to use a military force to attack these non-state actors? Under what purview of just-war or law-of-war will this occur? I'm just curious after all it is likely nothing but an academic excercise.

Second, if what General Lord (Cyber command provisional) said about 70 percent of all attacks being generated from inside the United States (backed up by CSI/FBI stats) will this combatant command be attacking United States companies and citizens? What effect will that have on posse commitatus or should we simply dispense with that as trivial in these trying times? I wonder where you are going to find a force that can act as an international military, a state militia, a federal crime buster, a disaster response agent, and can be found in all territories and states?

Third, this CYBERCOM combatant command will use what tools as a method of waging war? I don't want to bring up mutually assured destruction, but there it is.... My gosh I wonder what nation in a battle of the bits and bytes has the most to lose in a cyber engagement? In fact if you think about small wars, insurgencies and guerilla actions (there is really great website that looks at all that stuff) you might find the concept of an adversary using their opponents tools against them. Some guy named Nagl talked about eating soup with a knife of something like that.

Fourth, since cyber space I guess defined, as ill and mistaken as only the department of defense can butcher a well understood concept, made up by a science fiction writer (in 1984), who unfortunately is still living to laugh about it, exists. I guess since cyber space exists and is part of that woefully misunderstood information world we might think about those hundred year old treaties that talk about neutrality of the telephone system. The long standing tradition of spying but not using the telephone system of friendly neighbors to wage war. The various telecommunication acts and laws that are currently on the books protecting citizens and friendly allies should just be tossed out as well. I mean, all is fair in love and war, right?

Fifth, when you dig down past the world wide web, and burrow into the Internet heading towards the gold, you end up looking at the world bottom up. There floating below the Internet you have the kinetic aspects of military action available to your digital fingers (redundant?) and wallowing in the morass of the data stream all telemetry is accessible. Think about that wonderful global information grid "GIG" (beer barrel) model the whimsical military throws up on power point slides from times to time. As an aside does the military have some perverse relationship with power point? I like that GIG concept. All the people, procedures, transmissions, telemetry, command and control floating around in more than a bit/byte internet protocol world.

What could I do with all those command and control circuits in air bag controller systems you find in cars programmed in foreign countries? What might I do with the phase controller circuits on generators and power transmission equipment attached to a variety of networks? How could I operationalize kinetic stored power thousands of times more powerful than a nuclear weapon stored behind a major dam that is remotely controlled by the lowest bid contractor? What legal resources do you have to fight attacks against targets with minimal evidence of attribution when we can't even find paperwork for foreclosed houses?

When you operate at the C2 layer and no longer see the Internet as some be all/end all those pesky effects based outcomes (oops some general will be angry using that little phrase) become easier to operationalize. I know what we should do! Let's have a 60 day cyber investigation because 30+ years of research, literature, and recommendations just isn't enough to make a relevant decision. We need 60 days more.

I'm not sure creating a strictly hierarchical organization (likely top heavy with officers because that is the Air Force way), so an entrenched bureaucracy can slow response time, and erode effectiveness as only large organization can do, is going to be a good idea. Of course, you could make it really really really big as a large highly hierarchical organization is exactly how you should fight an insurgency that is likely following a swarm networked model of attack by intention rather than direction. It is always highly effective to have a strict chain of control in those situations where flexibility is incredibly important.

If that isn't your cup-of-tea let the National Security Administration do it along with the rest of the intelligence community. They will refuse to tell us what they are doing but they will spend buckets of money doing it. I'm not sure how the intelligence community would interact with the corporate world except to refuse to talk to them. The corporate world being the largest target of opportunity.

I'm a bit of contrarian.

[Ron Humphrey]

I'm a bit of contrarian.

But that little contrarian outburst of yours carries a couple of gems which better be looked at very carefully