Coalition Interoperability and the Cybersecurity Paradigm

Coalition Interoperability and the Cybersecurity Paradigm

By By: U.S. Army Major Jay H. Anson
July 21, 2016

“The single biggest problem in communication is the illusion
that it has taken place.” – George Bernard Shaw Coalition building is a decades-old strategic challenge.
Finding the right mix of interdependence, collaboration and cooperation among
allies is extremely complex. Writing from his Manila headquarters in September
1940, General Douglas MacArthur likewise admonished national leaders regarding
the inherent dangers of coalition failure. The future dual-hatted Supreme
Commander for the Allied Powers and Commander of United Nations Command in
Korea wrote, ”The history of failure in war can be summed up in two words: TOO
LATE; … too late in uniting all possible forces for resistance; too late in
standing with one’s own friends.” Although commonly associated in military
writing and research with the timeliness of logistics operations, General
MacArthur’s quote firmly applies to interoperability between information
sharing systems. The MacArthur Archives contain hundreds more similar messages
sent between General MacArthur and the Joint Chiefs throughout World War II and
the Korean War stressing the importance of interoperability between coalition
forces. General Dwight D. Eisenhower made similar observations in
his own account of World War II, citing that allied effectiveness hinged on the
development and employment of joint control capabilities. General Eisenhower
provided as an information sharing example the timely distribution of Air
Reconnaissance photos across all Allied Forces headquarters within hours of
development. He stated that, “The key to the matter is a readiness, on highest
levels, to adjust all nationalistic differences that affect the strategic
employment of combined resources…” Two
premier U.S. strategists validated information sharing as paramount to
coalition victory. Over several decades, brilliant military minds continuously
tackled the complex joint issue of interoperability and cooperation among
allies. Dominating cyberspace to securely share information with U.S. allies is
both possible and vital to reestablishing American legitimacy as a genuine
coalition leader and international partner. Lessons Learned from a Decade of War The joint staff has well-documented the decline in coalition
interoperability. U.S. innovation yielded incredible collaboration technology
in the seventy years since Eisenhower and MacArthur. Despite these
advancements, outside access to actionable intelligence, fires coordination,
target packages, and common operational pictures is currently limited in contrast
with the level of cooperation with World War II allies. During
Joint-Interagency-Interdepartmental-Multinational (JIIM) operations,
interoperability shortfalls breed divisiveness, add to the friction of war, and
often lead to catastrophe. Interoperability is a JIIM challenge highlighted in
the Defense Department’s Joint Professional Military Education (JPME) policies
as a key area for leader development. Research conducted by the Chairman of the
Joint Chiefs of Staff Directorate for Joint Force Development (J7) reveals
significant interoperability shortfalls and data distribution challenges.
Particularly, the Joint Center for Operational Analysis’ (JCOA) Decade of War
compilation confirms DOD’s deficiencies. Of the eleven strategic themes
depicted in Figure 1, three directly apply to coalition information sharing: Narrative.
The U.S. communicates goals and desired end states with coalition partners,
inconsistently. Allies often feel part of a coalition in name only with no
viable system for interoperability and information sharing. U.S. lead-nation
status in a coalition is synonymous with “only nation” status and is
counterproductive.Adaptation.
Mission command across a multinational coalition requires information sharing
technology supporting a variety of doctrine, cultures, languages, and budgets.
Findings revealed weaknesses in fratricide prevention, deployment planning and
execution, and coalition information sharing.Coalition
Operations. DoD contributions to the whole of government approach requires
refinement. Unity of effort requires policies and processes that support
interoperability during JIIM operations. The Decade of War study identifies interoperability as key
to achieving strategic wartime objectives in a JIIM operational environment.
The DoD recently gained momentum in adapting data networking technology and
posturing the military service to support the whole of government approach. The
ongoing efforts towards interservice collaboration are equally applicable to
multinational coalitions. Unity of effort requires an information sharing
network that supports all coalition partners. The Cyber Security Paradigm Cyberspace and cyber security is fundamentally misunderstood
by the vast majority of DoD and U.S. government leaders. Misguided efforts to
protect the network often obscure the difference between controlling access and
the preventing proliferation by state or non-state adversaries. Many advocate a
virtual “Cyberspace Curtain” around the Department of Defense Information
Network (DoDIN) is the best way to enforce network security policies. Many
leaders remain anchored to these solutions sets based on cyber security
concerns. The U.S. only recently added cyberspace to the national
narrative. In January of 2012, President Barack Obama and Secretary of Defense
Leon Panetta refined strategic guidance directing the joint force “recalibrate
its capabilities and make selective additional investments to succeed,” as
stated in The Committee on National Security Systems (CNSS) Library. After a
thorough cyberspace threat analysis the following year, the U.S. National
Intelligence Director designated cyberattack the number one strategic threat to
the country, surpassing terrorism, according to Joint Publication 2-0,
Intelligence. The national security narrative classified the cyberspace domain
as a national vulnerability under constant threat of catastrophic attack;
prioritized protection, resiliency and survivability; and fostered a climate of
extreme cautiousness to excessive access, limited information sharing and even
complete avoidance. The manner in which unclassified and classified networks
are interconnected at multiple points throughout the internet makes DoDIN
interaction with the global information grid problematic. The cyberspace domain is essentially based on the science of
moving digital images between manmade devices via electromagnetic waves. In
today’s connected world, state and non-state actors seek out vulnerabilities in
data systems to exploit and attack. The enemy’s goal is to destroy, disrupt,
deny, degrade and or steal data for economic, military or political gain. The
security measures inherent with operating between the DoDIN and the global
information grid makes cyberspace operations extremely challenging. Deterrence
and other strategies successful in air, land and sea domains require patience
and experience during implementation, along with a basic knowledge of the
enemy’s capabilities and technology required. It took DoD the entire span of
American history and meticulous development of technology over time to dominate
the four original domains. In contrast, the universal nature of cyberspace
fosters an unrealistic expectation of immediate domination despite the absence
of resident expertise or intelligence on enemy capabilities. The anxiety created
with each reported cyberspace incident and exacerbated by overexposure in the
media results in a corresponding escalation of security concerns and calls for
increased defensive posture. The cyberspace domain is commonly portrayed as a
dangerous and non-permissive operational environment (Figure 2). With little
mention in mainstream media of defensive strategies implemented, one can assume
that a strategy either doesn’t exist or is not possible. In dealing with so
many unknowns, national security experts advocate a virtual “cyberspace
curtain” to close off the DoDIN almost completely. Defense-oriented mindsets
resist adapting new technology in favor of hardening known system architecture
against adversaries and often exclude allies in the process. A virtual cyberspace
curtain would increase the number of network devices, essentially adding
potential points of vulnerability enemies can target. Mitigating risk by
adapting new technology is a sustainable strategy in other domains and
absolutely pertinent to cyberspace. U.S. Navy vessels enter the uncertainty of
international waters, contending with risks and vulnerabilities daily to
protect national interests. The Navy adapts technology and overcomes the sea
domain’s host of threats to keep sailing and dominating international waters.
The concept is similar to DoD users leaving the segregated, monitored, and
defended DoDIN to venture out into the global information grid. The major
difference is that cyberspace is based on precise mathematics compared to
unpredictable oceanic and atmospheric conditions. DoDIN architects and leaders
must stay engaged, embracing new technology to outmaneuver adversaries and
dominate the cyberspace domain. Adapt, Improvise, and Overcome Interoperability deteriorates when coalition leaders
establish barriers and elect not to innovate. DoD adaptation already underway
is critical to cyberspace domain dominance. Adjusting strategy, force
structure, and infrastructure for cyberspace operations required revisiting
DoD’s defensive focus. According to DISA, the Cyber Mission Force (CMF) emerged
as America’s first responder for cyber defense. The CMF found initial cyber
defense measures markedly inadequate and Internet security an afterthought. For
greater force structure, DoD tasked the director of the Defense Information
Systems Agency (DISA) with creating Joint force Headquarters (JFHQ) DoDIN to
direct defensive cyberspace operations as a component of United States Cyber
Command. The agency, according to DISA, provides DoDIN connectivity and enterprise
services globally “to joint warfighters, national-level leaders, and other
mission and coalition partners.” In short, DISA is responsible for network
communications during JIIM operations. The reorganization of DISA into a CMF and JFHQ supports the
process of consolidating and collapsing the DoDIN into a shared enterprise
service infrastructure called Joint Information Environment (JIE). The JIE goal
is a single security structure using global network architecture easier to
monitor and defend (see Figure 3). The JIE framework protects information
systems and enhances the capability to detect and react to security breaches,
according to DoD. Adaptation started in 2011 includes networked operations
centers, cloud-based applications and services, and consolidated data centers.
Nested with U.S. policy on cyberspace interoperability, DISA policy authorizes
coalition partners to authenticate, collaborate and maneuver within the cloud. DoD Instruction 8520.03, “Identity Authentication for
Information Systems,” requires public key infrastructure (PKI) for both
authentication and network encryption management. The sole requirement for
DoDIN eligibility is, “…the trustworthiness or suitability determination
required for an individual to be granted a DoD network account should be in
line with the background investigation requirement for conducting computer
activities.” By design, the policy focuses on credibility and appropriate level
of responsibility and not nationality. The language is clearly meant to facilitate
access and not restrict it. DISA supports the whole of government approach by delivering connectivity and enterprise services to coalition partners, intergovernmental organizations, agencies, and industry. The strategic goal is to collapse today’s multiple networks (NIPRNET, SIPRNET, Coalition, etc.) into a single, interoperable network. Avoiding new technology and restricting access does not support the strategy. A more defensible DoDIN includes adapting PKI and cloud computing technology. DISA policy on interoperability aligns with DoD Chief Information Officer (CIO) guidance on the acquisition and use of commercial cloud computing. DISA and DoD policies drive the development of interoperable networking technologies to improve coalition performance, reliability, adaptability, and security. Recommendations Coalition partners accessing the DoDIN is not unprecedented. National Defense University (NDU) policy authorizes enrollment of international military students into the JPME program. JPME is one of the few areas of the international defense community where the U.S. interoperability narrative is so fully supported. Appendix D-A-1 of the NDU policy addresses administrative issues to include technology support whereby the provisions of DoD’s previously mentioned instructions on “Identity Authentication for Information Systems” apply. Each year hundreds of international students receive a first class education involving tactical, operational, and strategic levels of war. Each one is granted access to the DoDIN and use the same technology and resources as U.S. students. Existing information sharing systems require very little adaptation of technology. PKI adequately controls security and access to the areas of the DoDIN for U.S. and international students alike. NDU appears to organize its databases in a way similar to the mission threads used in Afghanistan. International military students fully access all information required to successfully operate as part of an academic coalition under the Seminar Group construct show in Figure 4 and undergo the same application process for DoDIN accounts. NDU’s structure provides a viable example for others to emulate. The JIE design fully supports interoperability and answers
the question regarding DoD response to cyberspace threats. Adaptation in land,
air, and sea domains means building better tanks, planes, and ships. JIE does
the same for the cyberspace domain. It is the future model for partnerships
between not only the four military services, but interagency, multinational,
and beyond. Of JIE’s three lines of operation: governance, operations, and
technical synchronization, the latter requires the most adaptation. Securing
the cyberspace infrastructure while cutting costs and preparing future
technology is challenging; the change required goes beyond implementing
next-generation capability. Joint leaders, must move past network-centric
information sharing to a data-centric sharing strategy where the information
required is immediately available at the point of need, as stated in the report
“ DoD Joint Information Enterprise report by David D. Vries, Deputy Chief
Information Officer for DoD. As JIE continues to take shape, efficiencies and
cost savings from the consolidation of redundant capabilities is the greatest
benefit. Hardware-based solutions require separate suites of expensive
equipment to separate traffic specific to each network. From a coalition
interoperability standpoint, building separate paths to reach the same
information is counterproductive in a data-centric information environment. Conclusion The U.S. must improve its credibility as a world leader in
coalition building. Sharing information with allies increases efficiency across
domains and geographic boundaries in today’s constrained fiscal environment.
Empowering coalition partners through better interoperability is possible. As
lead nation in a number of ongoing coalitions, U.S. policy correctly remains
focused on applying, aligning and communicating goals and desired end states
with its allies. JIE’s construct is a way to put policy into practice. Emerging
technology such as cloud computing and data-centric networks can satisfy
multinational interoperability requirements.
Share