Proceedings Of The Marine

WIN 2015

Proceedings magazine is a communication tool for the Coast Guard's Marine Safety & Security Council. Each quarterly magazine focuses on a specific theme of interest to the marine industry.

Issue link: https://uscgproceedings.epubxp.com/i/436751

Contents of this Issue

Navigation

Page 21 of 94

19 Winter 2014 – 2015 Proceedings www.uscg.mil/proceedings No longer does the maritime industry rely on mule carts and manual intervention to move ships and cargo through waterways, but instead maritime workers manage all aspects through the EM/cyber domain, from monitoring vessel traffc movement to opening and closing food gates. It's all done via the network. Recognizing the Coast Guard's responsibility to protect and defend its own networks, the need to leverage cyberspace to maximize mission execution, and to facilitate the safety, security, and resiliency of the maritime transportation sys- tem, we must develop cyberspace capability and capacity, leveraging with a whole-of-government approach wherever possible. To that end, Coast Guard cyber priorities must be focused on: • defending Coast Guard networks, • protecting maritime critical infrastructure and key resources, • developing cyberspace capability and capacity to enable mission execution. While each of these priorities is challenging in its own right, the U.S. Navy's construct (know the environment, be agile, change our paradigm, the future is now) presents us with a relevant lens through which to consider when addressing the Coast Guard's own priorities. Defending Coast Guard Networks Know the Environment To defend our own networks we must recognize the nature of the cyber environment and build better tools to sense the EM/cyber realm. For example, sharing sensor information relevant to geo- locations for a search and rescue case clearly enables Coast Guard missions. At the same time, spear phishing (person- ally targeted cyber attacks) and similar scams have proven to be powerful threats and weapons against our systems, considering the criticality of the information environment and the potential harm to networks we depend upon. on all information technology users to act in a responsible manner. This requires developing a culture of security in cyberspace. Be Agile High-tech radars and sensory tools currently employed on Coast Guard cutters and aviation assets are highly detect- able and easy to classify. This is another example of how successful tools aid our missions, yet can become vulner- abilities. When working through the acquisitions process, we need to be mindful of the risks and vulnerabilities asso- ciated with new systems and capabilities we plan to bring into the Coast Guard inventory. This also requires develop- ing an effective concept of operations and doctrine for those systems. "Just as the United States dominates the mari- time domain, we must do the same in the infor- mation realm, which includes cyberspace and the electromagnetic spectrum… ." — U.S. Navy Admiral Michael Rogers NSA director Future weapons, sensors, and information technology sys- tems will need to employ various techniques to remain secure, including shifting frequencies, using shorter burst transmission, and employing small directional beams. Because, if we don't defend Coast Guard networks, we can't assure appropriate command and control. Change our Paradigm While the Coast Guard may not be considered a traditional "war-fghting" service, if we have learned anything from the last decade of cyber crime, terrorist activity, intrusions, and other nefarious activity, it is that we are all vulnerable. We should not fool ourselves into thinking that our "noble" missions exempt or shield us from tremendously damaging exploitations and actions. A disgruntled person, criminal organizations, a hostile nation, or the 15-year-old who wants to make a statement will each have their own justifcations for breaching Coast Guard systems and causing harm. Coast Guard networks and systems hold the keys to its most protected and integral possessions as a service, including operational plans, strategy, or personally identifable infor- mation. These may be the domains where any adversary can most readily and effectively strike with the greatest conse- quences. It's time to start thinking in these terms and devel- oping a culture that protects and defends our networks. This effort should also include establishing more stringent criteria for those allowed special access, including system administrators, than we have authorized in the past. As such, the network is no longer a neutral space, but must be viewed as an operational domain where CG cyber per- sonnel combat persistent threats and attacks. CG Cyber Command is at the front line of this defense, but depends "Future wars will not be won simply by effec- tively using the EM spectrum and cyber- space: They will be won within the EM/cyber domain." — U.S. Navy Admiral Jonathan Greenert

Articles in this issue

Links on this page

Archives of this issue

view archives of Proceedings Of The Marine - WIN 2015