News story

Combating cyber attacks

After last year's SDSR, MOD's contribution to cyber security is progressing apace. Report by Tristan Kelly.

This was published under the 2010 to 2015 Conservative and Liberal Democrat coalition government

As part of last year’s Strategic Defence and Security Review (SDSR) the Prime Minister announced that our ability to detect and defend against cyber attacks would be crucial to our national security, so important in fact that it was elevated to a ‘Tier 1’ threat alongside issues such as terrorism and international military crises.

Since then, work to embed the culture of operating in cyberspace across the defence community has been taking place in earnest with the Defence Cyber Security Programme being set up to drive the necessary changes.

Now, under the leadership of Major General Jonathan Shaw, Assistant Chief of the Defence Staff (Global Issues), work on the programme is moving ahead quickly and the Cyber Security Policy Team was stood up on 1 April 2011 to develop a unified and integrated response to the threat of cyber attack.

The timeliness of the initiative is not lost on David Ferbrache, the senior civil servant heading the policy team:

We were seeing a major increase in the threats to our national security through cyberspace,” he said.

He cited cyber crime, cyber espionage, and growing concerns about broader issues like dependency on information systems, terrorist use or cyber attack downstream as the main drivers for increased focus on the area.

Indeed, in a speech last year Armed Forces Minister Nick Harvey observed that the cyber threat is not only a risk area emanating from traditional state organised forces, but also lends itself perfectly to the ‘asymmetric’ methods of warfare favoured by terrorist groups and insurgencies.

The question of particular resonance to Defence is how would these developments in cyberspace shape the nature of future defence operations - both the opportunities and also potential threats of disruption?

However, countering this relatively new threat also entails new resources and £650m was allocated for the national strategy with some £90m of that earmarked for Defence.

This will be used for the mainstreaming of cyber into Defence business, improved cyber education and awareness in the Department, and the development of aspects of cyber capability for Defence purposes:

What CDS [Chief of the Defence Staff] is driving for is to get cyber into the mainstream of how we do operations and planning for the future,” said Mr Ferbrache. “So in the past you would have had air, land and maritime but what he is trying to get to is a point where commanders actually think about cyberspace as an operating domain in a similar way.

For example, they may say ‘what might people be doing to us through cyberspace as this military action unfolds and what are the opportunities for us to also influence and in some cases disrupt their systems and capabilities as well?’

That is seen as quite a fundamental shift as in the past, for example, contingency planning would be focused mostly around one particular joint operational area and those contingency plans would emphasise the use of physical forces - aircraft, ships etc.

Increasingly commanders must now assume people will do things to us through cyberspace as that operation unfolds.

Of course, the MOD does not have sole responsibility for national security. There is a desire to further link up with other agencies such as GCHQ (Government Communications Headquarters) so their capabilities are fed into military operational planning, both in the defence of our own systems and sometimes to be able to influence external systems through cyberspace in future as well:

The intent is not to grow a large cyber capability inside the MOD, but is to make a defence contribution to the national capability,” Mr Ferbrache explained.

However, the MOD does have a critical part to play and the funding announced in the SDSR will see the creation of a large number of new posts in Defence, drawn from all three Services as well as civilians:

It’s a national effort so what we are not doing is replicating posts with skills we can get elsewhere,” Mr Ferbrache said.

Surprisingly there will be relatively few technical specialists in the total number, rather what recruiters are looking to find are people who can link cyber capabilities to defence systems and problems:

You will find people who are good planners, people who understand military systems and their operation, including the ways in which they can be degraded and what we might do to counter that. You will find people who can act as the translators between technical specialists and operational commanders in Defence.

The locations of these posts will be geographically dispersed, with many of them embedded directly into GCHQ in Cheltenham, while some will be in the Global Operations Security Control Centre in Corsham.

Others will be embedded in the operational headquarters themselves, PJHQ (Permanent Joint Headquarters) and downsteam in deployed headquarters, with individuals here acting as the commander’s cyber expert or adviser on the ground.

Over the next four years it is envisaged that whole new career structures in Defence will be developed to support this work, and to recognise the growing importance of cyberspace to the future of defence and national security.

This article is taken from the May 2011 issue of Defence Focus - the magazine for everyone in Defence.

Published 3 May 2011