NEWS | April 16, 2010

Cyber Command nominee urges government, private sector cooperation

By Lisa Daniel American Forces Press Service

WASHINGTON (AFNS) -- Officials in the new U.S. Cyber Command need to strike a balance between protecting military assets and personal privacy, the presidential nominee to lead the command told a Senate committee April 16.

Army Lt. Gen. Keith B. Alexander, director of the National Security Agency and chief of Central Security Service at Fort Meade, Md. , said many issues related to Cyber Command's operations are yet to be determined. Cyber Command is to be subordinate to U.S. Strategic Command.

If confirmed by the Senate, General Alexander said, he looks forward to working with Defense Department officials and Senate Armed Services Committee members to define and structure how the command will work.

General Alexander noted that when Defense Secretary Robert M. Gates created the command last year it was an acknowledgement of the growing threats against the department's computer network systems, the corresponding threat to national security and the need for unity of command in addressing the problem.

The general noted that the threat to defense computer systems has grown and will continue to do so.

"We've been alarmed by the increase this year," he said, "and it's growing rapidly. "

If confirmed, General Alexander said, his main focus will be on building capacity and capability to secure the networks and educating the public on the command's intent.

"This command is not about an effort to militarize cyber space," he said. "Rather, it's about safeguarding our military assets. "

The public should understand the rules and how the command will operate, General Alexander said, and that it will be audited.

"We've got to help them understand that by showing them how we're doing it, and that we are following a legal framework," he added.

Privacy is just one of several sticking points to work out, General Alexander said. Others include necessary collaboration with the private sector and neutral nations, and how to determine the perpetrator of an attack.

Command officials, by authorization, will work closely with those in the Department of Homeland Security, the National Security Agency, U.S. Strategic Command and U.S. Northern Command, General Alexander said.

Asked to explain how the command would respond to various hypothetical scenarios, General Alexander replied that the command will respond to cyber attacks under Title 10 of military authority and would operate under standard rules of engagement. If command officials need to work in a foreign country, he added, they would need the authority of the U.S. combatant commander for that region with approval by the president.

But, the general said, those scenarios would become more complicated if the cyber attacks came through a neutral country, or if they came through computers in the United States. In the latter case, Homeland Security officials would have jurisdiction and would have to work with the private sector, but could ask Cyber Command officials to assist, he said.

"One of the things the administration is trying to address with (Homeland Security and the Defense Department) is how we do this with industry," General Alexander said. "That's probably the most difficult issue, and one we will spend the most time working on. "

While Homeland Security officials have oversight of the "dot-gov" Internet domain, Cyber Command officials are responsible for "dot-mil" security, and for giving early warning of cyber threats to the United States and providing people and capabilities to support any homeland threat, the general explained.

Because private entities own and operate most computer infrastructure, General Alexander said, the government needs to work closely with them. "They're on the leading edge," he said. "They have great capabilities and great talent. The government is going to have to leverage that talent. "