Security Challenges of Netcentricity
Mr. Robert Lentz
Director of Information Assurance,
Office of the U.S. Assistant Secretary of Defense for Networks and Information Integration
"By 2010.... Unimaginable computer power will challenge some of our best encryption technology"
At the 2003 workshop we initiated serious discussion regarding the security challenges to achieving netcentricity. I am very honored to address this prestigious group again on this critical subject. To begin, I would like to discuss the security trends that are likely by 2010:
- One cyberbug will hit the Internet every five minutes, every hour of every day; the number of security incidents will swell to 400,000 a year, or 8,000 per week.
- Windows will approach 100 million lines of code.
- The average PC will cost only $99 but contain nearly 200 million lines of code; within that code there will be two million bugs.
- Unimaginable computer power will challenge some of our best encryption technology.
- Sophisticated hacker tools will be widely available.
- There will be another half billion Internet users.
As these trends indicate, netcentricity is a dual-edged sword. We have heard the tremendous operational advantages. But the security realities are leaving us at a critical crossroads.
ISSUES SURROUNDING NETCENTRICITY
One of the continuing realities from the 2003 workshop is the economic advantage of pursuing netcentricity: The force-multiplying effect and the awesome operational opportunities cannot be ignored. But none of this will have meaning if security issues are not addressed upfront, aggressively, not on the cheap, and globally.
However, we cannot assume that this will happen. The costs of adding security are significant if it is done after the architecture is locked in, the code is written, the weapons platform has been acquired, evaluation has begun, or, worse, a satellite system has been launched. Costs and operational damage are other facts of life of degraded infrastructure elements, of which we have only seen a glimpse.
Software is the only modern technology that ignores quality until it is tested. Therefore the norm is one defect per every seven to ten lines of code. However, 99 percent of successful cyberattacks are against known vulnerabilities, and 77 percent of these are the result of design defects. Though cyberevents are preventable, we react to them rather than anticipate them, and each patching of the system costs from one million to four million dollars.
In addition, speed is everything in this business, not only for conducting network-centric operations but for defending the networks. Implementing layers of defense will do no good without establishing horizontal relationships both domestically and internationally.
THE NEED FOR NETCENTRIC CAPABILITIES
As we transform our information-assurance capabilities to enable netcentricity, we need to provide several key services. First, we must ensure authenticity by developing reliable cyber-identification credentials that will ensure a persons or a computers identity without worrying that an adversary is trying to masquerade as someone legitimate. In addition, we must develop interoperable standards that bridge all sectors, including international partners.
Another key IA service will be automation of privilege management. This service will easily provide end-users with access to necessary information resources regardless of where they are located on the network; conversely, it will help the owners of the information sources manage the increased demand for access that netcentricity will bring.
Cyberattacks happen often and often with great stealth. Critical operational processes must therefore continue to function effectively while under cyberattack. Our information-assurance strategy is based on the idea that appropriate defenses will stop most attacks. These protective mechanisms include physical, electronic, and procedural components as well as capabilities to alert and warn us of attacks. Because of their importance, such defenses must be kept current during rapid evolutions of technology, varying attack strategies, and organizational changes, but it will take significant technical and operational efforts to make this happen. If an adversary breaches our protections, we must have the capability to detect, contain, and then respond to the attack.
IA entails high levels of situational awareness, significant analytical capabilities to characterize the nature and extent of an attack, the formulation and coordination of effective courses of action, and the ability to rapidly execute approved courses of action across a global infrastructure. The tools and procedures required to protect against and react to attacks in a highly technical, complex, multi-organizational environment are correspondingly sophisticated.
But we can not afford to let the wireless revolution sneak up on us again. However, right now, our confidence in the security of wireless systems is not great. In addition, the cost to address wireless trust in a user-friendly way is very high.
It is certainly a challenging time for the information-assurance community. The pace of real-world operations remains high, and we have forces in harms way fighting terrorism in many places throughout the world. But this is an international team fight. And not only do our military operations depend on our success, but in a broader sense the computer infrastructures that drive our economies and service our people also depend on our collective success. We must become organizationally agile and operationally adaptive.
Therefore we must focus more on the processes and capabilities that provide products and services. I agree that cultural change is our biggest hurdle. We must re-think and re-implement our accountability because of the paradigm shift to network-centric operations. Law enforcement must also prosecute cyberattackers. And we need vigorous IA discoveries and inventions, both scientific and technical, to complement and keep pace with IT innovations. Finally, we must do this work together for the greatest effectiveness and affordability. All of us must trust the network and the software; a security expert said recently that software assurance is the next Manhattan Project, at a global level.
It is critical for us to know that information cannot be exploited or modified, and that the wrong people do not have access to our systems. We also need to know that the net will be available when a decision-maker needs it. Lastly, when we look the commander, the CEO, or the policy-maker in the eye, and tell them to trust the network, we need to know what we are talking about.