A lack of available Red Teams and the inability to adequately defend against sophisticated threats are among the shortcomings identified in the Office of the Director of Operational Test and Evaluation's (DOT&E's) 2016 report on aspects of the US Department of Defense's (DoD's) cyber-security capabilities.
The DOT&E undertakes cyber-security evaluations of DoD acquisition programmes and was also directed by US Congress to assess operational DoD networks and systems during Combatant Command (CCMD) and service exercises.
According to the report, despite improvements in cyber security - such as a demonstrated ability to provide effective defences against Red Team attacks that are emulating threats with limited cyber capabilities - CCMD missions continue to be vulnerable when under attack from emulated advanced threats, such as those possessed by nation-state adversaries.
Furthermore, despite a widespread awareness and acceptance that the cyber domain is part of the modern battlespace and that networks are continuously under attack, too often DoD personnel do not consider cyber defence to be a warfighting function, rather an administrative task, the report states, adding that until this is addressed the DoD will find it difficult to defend against advanced cyber threats.
As recognised in the DOT&E's 2015 report, a pressing concern remains the availability of cyber Red Teams, with the latest report noting that the teams are in high demand and that many requests for the capability they provide cannot be met. Adding to the problems in this area is the difficulty in retaining qualified personnel, with many drawn to more lucrative jobs in the private sector.
In addition to the lack of Red Team resources, the report notes that further investment must be made in enhancing the capabilities and expertise of personnel - as well as the technology they employ - in order to accurately reflect advanced threats.
Staffing challenges are also present in the cyber-defence element, the report states, noting that while some of the Cyber Protection Teams (CPTs) assessed were able to protect DoD networks, many have not received the training or equipment necessary to provide the required level of defence that would enable networks to function and critical missions to be conducted when under cyber attack.
Want to read more? For analysis on this article and access to all our insight content, please enquire about our subscription options: ihs.com/contact