Tech

U.S. Needs More Policy Guidance on Cyber Defense, Commander Says

Defence Images/flickr

The head of U.S. Cyber Command on Tuesday painted an at-times stark picture of the need for improvement in the nation’s digital defenses.

Adm. Mike Rogers, while acknowledging budget increases in the latest appropriations cycle, called for a more comprehensive policy approach to confronting cyberattacks.

“It can’t all be about money,” Rogers, who’s also director of the National Security Agency, told the Senate Armed Services Committee during a public hearing.

Rogers said he is stymied by a lack of the appropriate definitions and authorities for his agency. He was responding to pointed questions from committee member Sen. Claire McCaskill (D-Mo.) over his assertion that a major goal of U.S. Cyber Command should be deterrence.

McCaskill countered that it should focus on more direct responses to Russian meddling in the 2016 presidential campaign and other incidents.

“If we define elections systems as critical infrastructure, I can apply those military capabilities,” Rogers responded. “I don’t have a defined mission there.”

Rogers also suggested there’s a limited amount any government agency can do to combat “fake news.” Addressing senators’ questions about “bot farms” – algorithms propagating false or misleading stories – Rogers suggested individual readers need to approach online content skeptically.

“It’s a brave new world out there in the information dynamic for all of us,” he said. “We all have to be more discerning about what we read.”

Committee Chairman John McCain (R-Ariz.) laid out his own concerns about U.S. Cyber Command. The Arizona Republican pointed to its struggles with recruitment and general direction.

“It should be obvious the development of a steady pipeline of new talent and the retention of the ones we have trained already is essential to the success of the Cyber Mission Force,” McCain said, observing that of 127 Air Force officers who completed training, none returned to a cyber-related job.

It’s not that the Air Force is pulling them out of the training and making them mechanics, Rogers said, but that they’re being employed in other areas where they can elevate the cyber mission profile. Only about one-third of trained officers should stay with the Cyber command because, he said, the effort calls for a broader range of knowledge and skills than just technical abilities.

Rogers pointed to his command’s partnership with more than 200 academic institutions around the world that he says should “serve as our future workforce.”

Rogers offered some actionable ideas for improvement in U.S. Cyber Command, saying he wants more access to data and collaboration with private enterprise.

Morning Consult