Navy Emphasizing Maritime Cybersecurity Investments
The Navy must find innovative ways to defend and protect its assets against cyber attacks, a top service official said.
Like many companies and organizations across the world, the Navy is facing threats from both individual “lone-wolf kind of actors” and attacks from nation-states, said Vice Adm. Jan Tighe, deputy chief of naval operations for information warfare, and director of naval intelligence.
“It’s really the nation-state actors that keep me awake at night and that we have to be most concerned about,” she said at an event at the Center for Strategic and International Studies in Washington, D.C. Potentially nefarious activities from Russia, China and Iran top the list of concerns, she added.
The Navy is leveraging frameworks laid out by the National Institute of Standards and Technology to improve its critical infrastructure cybersecurity, she said. It will help the service evaluate which systems merit hardening and additional capabilities to detect threats, she added.
That needs to happen “at machine speed,” by taking advantage of technologies such as artificial intelligence, human-machine teaming and machine learning, she noted.
The service must fight cyber intrusions without shutting down critical systems, she said. That comes from developing a workforce that can build systems that can anticipate and be resilient to cyber attacks “from the get-go,” and that has the expertise to quickly craft a response to any potential intrusions, she added.
The Navy must make its communication networks and command-and-control mechanisms more hardened to cyber attacks as well, Tighe said, noting that “we have a lot of stove-piped architectures out there.”
Situational awareness in cyber space is a priority for Fleet Cyber Command “to defend the network writ large.” But tactical- and operational-level commanders must also emphasize it, she said.
The Navy has worked to develop situational awareness in its command, control, communications, computers, intelligence, surveillance and reconnaissance systems, but it has to “spread deeper into our mechanical systems” to include engineering, navigation and weapons systems, she added.
“We’ve got to have those sensors built-in,” she said.
Additionally, as the service migrates more and more data into cloud storage, it must protect that information, Tighe said.
The Navy must also work to counter the “cyber fatigue” that is setting in across the public and private sectors, she noted.
“This sense of victimization and helplessness that’s out there, and not really knowing exactly what to do … we kind of have to guard against that,” she said.