Truman National Security Project

Who Is In Charge of Our Nation’s Cyber Defense?

By Gail Harris | 6.20.12

There’s been a lot of debate in Congress lately over the issue of how do we protect our critical infrastructure from cyber attack and would this involve the government regulating how companies set up their cyber security?

I thought a quick history might be helpful.  The issue of critical infrastructure protection from cyber attacks was first addressed comprehensively in 1998 when the Clinton administration released Presidential Decision Directive 63.  Critical infrastructure was defined as follows:

“…those physical and cyber-based systems essential to the minimum operations of the economy and government. They include, but are not limited to, telecommunications, energy, banking and finance, transportation, water systems and emergency services, both governmental and private. Many of the nation’s critical infrastructures have historically been physically and logically separate systems that had little interdependence. As a result of advances in information technology and the necessity of improved efficiency, however, these infrastructures have become increasingly automated and interlinked. These same advances have created new vulnerabilities to equipment failure, human error, weather and other natural causes, and physical and cyber attacks.”

As a direct result of this directive, the Department of Defense (DoD) initially assigned United States Space Command the Cyber lead for all of DoD.  Eventually the lead was transferred to United States Strategic Command and in 2009, that organization was directed to establish United States Cyber Command.  It’s headed up by General Keith Alexander who is also in command of the National Security Agency.  During recent congressional testimony, General Alexander explained how the nation’s cyber defense is set up.

“Defending the nation in cyberspace requires a coordinated response among several key players from throughout the government.  It takes a cross-government team to mature and implement an effective cyber strategy for the nation.  From my perspective, there are three key players that make up this team:

  • Department of Homeland Security – lead for coordinating the overall national effort to enhance the cybersecurity of U.S. critical infrastructure, and ensuring protection of the civilian federal government (.gov) networks and systems.
  • Federal Bureau of Investigation (FBI) – responsible for detection, investigation, prevention, and response within the domestic arena under their authorities for law enforcement, domestic intelligence, counterintelligence, and counterterrorism.  Importantly, when malicious cyber activity is detected in domestic space, the FBI takes the lead to prevent, investigate, and mitigate it.
  • Department of Defense / Intelligence Community / NSA / Cyber Command – responsible for detection, prevention, and defense in foreign space, foreign cyber threat intelligence and attribution, security of national security and military systems; and, in extremis, defense of the homeland if the Nation comes under cyber attack from a full scope actor.”

I have a unique interest in this topic; I was the initial lead for DoD for developing the intelligence architecture.  In laymen’s terms, that meant determining the role the intelligence community would play in cyber defense and involved coordinating with over 30 DoD commands.  It will be interesting to see what happens next.

Gail Harris is a Truman Security Fellow.