Proceedings magazine is a communication tool for the Coast Guard's Marine Safety & Security Council. Each quarterly magazine focuses on a specific theme of interest to the marine industry.
Issue link: http://uscgproceedings.epubxp.com/i/436751
68 Proceedings Winter 2014 – 2015 www.uscg.mil/proceedings ➤ At the operational level, the focus is on enabling and sustaining an organization's day-to-day operations and output, including logistics. The decision makers are managers who plan and implement network opera- tions and defense, based upon the strategic resourcing guidance. So operational cyber intelligence informs planning efforts that make for more effective resource positioning and policy development. ➤ At the tactical level, the focus is on the specifc steps and actions taken to enact a strategic operations plan. This is where cyber threat actors and network defend- ers maneuver against each other. Tactical decisions and activity focus on day-to-day, on-the-network opera- tions and defense. These are often executed in the net- work operations or security operations center and may include security system alerts and signature or behav- ior-detection efforts. In today's environment, cybersecurity requires a proactive, dynamic defense posture. Cyber intelligence is the founda- tion for this type of defense. Effective cyber defense plans are based on continuous internal and external assessments. Internally, an organization should assess and prioritize its assets and analyze key risks, vulnerabilities, and exposure. Externally, it should continuously assess and characterize its adversaries and competitors (including their intentions, objectives, methodologies, opportunities) and maintain high operating environment situational awareness. Cyber intelligence can be leveraged to reduce uncertainty for decision makers and to prevent surprise events such as disruptions or attacks. Cyber defense decisions are not just made in the network operations center, but through- out the organization. The challenge now is to enable all decision makers to fully understand what information is needed and how to work with a cyber intelligence ser- vice or team to collect it, integrate it, and make it acces- sible and actionable to those who must act on it to deter, thwart, or limit malicious network activity. By operating this way, the Coast Guard can successfully complete its wide array of missions and be assured that its systems are protected from cyber threat actors or, at a minimum, have procedures in place that facilitate continuity of operations through a cyber intrusion. About the authors: Randy Borum, Ph.D., is a professor and coordinator for strategy and intelligence studies in the School of Information at the University of South Florida. He previously served on the DNI's Intelligence Science Board (ISB), and has studied behavioral dynamics in violent extremism and coun terintelligence. He has authored/coauthored more than 150 professional publications and currently serves as senior editor for the Journal of Strategic Security. Capt. John Felker is director of cyber intelligence strategy at HewlettPack ard Enterprise Services. His primary focus is developing business strategies for the Department of Homeland Security, Department of Defense, and the intelligence community. In his 30year Coast Guard career, he commanded several vessels, served as a program analyst, led the Coast Guard's interna tional training team, and stood up the Coast Guard Cryptologic Group as the frst commander, and Coast Guard Cyber Command, as the frst deputy commander. Lieutenant Colonel Sean Kern is on the faculty at the National Defense University's Information Resources Management College, where he teaches cybersecurity, national intelligence, cyber policy, and terrorist and criminal use of cyberspace. He has commanded a space ground relay station and an expeditionary communications squadron, served at various organizational levels and deployed in support of Operation Iraqi Freedom and Operation Enduring Freedom. Bibliography: Dennesen, Kristen, Felker, John, Feyes, Tonya, and Kern, Sean. Strategic Cyber Intel ligence. Cyber Intelligence Task Force, Intelligence and National Security Alliance (INSA) White Paper, 2014. Bamford, George, John Felker, and Troy Mattern. Operational Levels of Cyber Intel ligence. Cyber Intelligence Task Force, Intelligence and National Security Alliance (INSA) White Paper, 2013. Ludwick , Melissa, Jay McAllister, Andrew D. Mellinger, Kathryn Ambrose Sereno, and Troy Townsend. "Cyber Intelligence Tradecraft Project: Summary of Key Find- ings." Software Engineering Institute, Carnegie Mellon University, 2013. Web. www. sei.cmu.edu/library/assets/whitepapers/citp-summary-key-fndings.pdf. Coast Guard Publication 2-0;(CG Pub 2-0), Intelligence. Available at: www.uscg.mil/ doctrine/CGPub/CG_Pub_2_0.pdf. Named after co-founders Ron Rivest, Adi Shamir and Len Adleman. RSA. Getting Ahead of Advanced Threats. Jan. 2012. Web. www.emc.com/collateral/ industry-overview/ciso-rpt-2.pdf. Aids to navigation placement has become highly dependent upon electronic navi- gation and management systems that are vulnerable to hacking. U.S. Coast Guard photo by Petty Offcer Ayla Kelley.