SCHOOL THESIS

More documents

Recommendations

Info

2. COA #3 Synopsis COA #3 is the most active NORAD option. Again, assuming the release of classified cyber event information to Canadian personnel (proposed under COA #1) has been successfully accomplished, this COA proposes a major change in current U.S. cyber attack assessment procedures. While USCYBERCOM has strong technical understanding and global visibility of cyberspace activities, they often lack detailed insight into current operations being conducted by global combatant commands. Under this COA, this deficit would be alleviated for North American air defense operations by directing NORAD to jointly participate in all North American-related cyber attack assessments. Commander NORAD would bring an awareness of on-going continental air defense operations, would provide essential operational expertise when adjudicating proposed cyberspace attack assessments, and could evaluate what effects any proposed follow-on cyberspace actions might have on current NORAD operations. Some staffs have argued this COA is not required, as Commander USNORTHCOM (dual-hatted as Commander NORAD) already has the authority to declare a “Domestic Attack Assessment” if he judges the U.S. is under attack. Already having this authority would seem to obviate the need for him to assume an additional cyber attack assessment responsibility. However, his role as Commander USNORTHCOM does not specifically involve cyberspace operations, only involves U.S. military responsibilities, and does not involve notifications to the Canadian government which automatically occur within the binational NORAD structure. Another concern voiced is allowing another commander to participate in the cyber attack assessment process. One could argue if Commander NORAD needs to participate in North American-related cyber events, then should not Commander European Command participate in European-related cyber events, or Commander Pacific Command participate in cyber events occurring in Asia? Once the USCYBERCOM assessment process is opened to other geographic combatant commanders, does not this become a very slippery slope? 70
Under this COA, existing classified cyber event conferences continue as normal. Updated internal NORAD operational checklists would be required to reflect joint CDRCYBERCOM and CDRNORAD participation in all cyber attack assessments. Also, a new training program would have to be built to train NORAD General Officers on their new joint assessment responsibility. Also, if this COA were to be implemented, a new “Command Arrangements Agreement” between NORAD and USCYBERCOM would need to be negotiated to clearly outline the new cyber attack assessment responsibilities of each commander. Further, because this would be a major change to NORAD’s legacy missions and processes, new cyberspace defense and response policies might have to be negotiated between the U.S. and Canada to ensure NORAD has the correct mission authority. Following such binational negotiations, the NORAD Agreement and /or Terms of References would also need updating through international staffing channels. After reviewing the advantages, disadvantages and potential solutions for implementing this COA, a weighted implementation score of “15” would seem to indicate several major roadblocks to overcome, mostly in the need to negotiate international agreements between the U.S. and Canada, and new command agreements between NORAD and USCYBERCOM. Overall, while requiring both “challenging” and “difficult” staff actions both within DOD and internationally with Canada, this COA combines the advantages which both NORAD and USCYBERCOM offer to the cyber attack assessment process. E. COA ANALYSIS COMPARISON Using inputs from cyberspace subject matter experts, each COA proposed implementation solutions which were weighted using an increasing score of either: “1” (Routine; requires normal NORAD internal staff actions.) “2” (Challenging; requires detailed, U.S. government-wide staff actions.) “3” (Difficult; requires politically sensitive binational staff actions.) 71
Page 1 and 2:
NAVAL POSTGRADUATE SCHOOL MONTEREY,
Page 3 and 4:
REPORT DOCUMENTATION PAGE Form Appr
Page 5 and 6:
Approved for public release; distri
Page 7 and 8:
ABSTRACT For more than fifty years,
Page 9 and 10:
TABLE OF CONTENTS I. INTRODUCTION..
Page 11 and 12:
1. Advantages, Disadvantages and We
Page 13 and 14:
LIST OF FIGURES Figure 1. North Ame
Page 15 and 16:
LIST OF TABLES Table 1. Cyberspace
Page 17 and 18:
LIST OF ACRONYMS AND ABBREVIATIONS
Page 19 and 20:
EXECUTIVE SUMMARY Since 1958, North
Page 21 and 22:
ACKNOWLEDGMENTS I feel very fortuna
Page 23 and 24:
I. INTRODUCTION A. PROBLEM STATEMEN
Page 25 and 26:
This thesis then developed three co
Page 27 and 28:
II. OPERATIONAL OVERVIEW A. INTRODU
Page 29 and 30:
Based upon the remarkable success o
Page 31 and 32:
Later, because of growing concerns
Page 33 and 34:
3. Cruise Missile Warning While ICB
Page 35 and 36:
C. NORAD’S NEW MARITIME WARNING M
Page 37 and 38:
When asked about the pending NORAD
Page 39 and 40:
Director Clapper then identified to
Page 41 and 42: Level 2. Software tools that can be
Page 43 and 44: First, the Tallinn group developed
Page 45 and 46: More importantly, the NATO definiti
Page 47 and 48: DODIN Operations. “Operations to
Page 49 and 50: As can be seen, the topic of “cyb
Page 51 and 52: 3. U.S. Northern Command Created in
Page 53 and 54: 5. U.S. Cyber Command Created in 20
Page 55 and 56: Figure 16. DND and SJS Crests. 2. S
Page 57 and 58: 4. Canadian Forces Information Oper
Page 59 and 60: Figure 19. Cyber Event Conferences.
Page 61 and 62: Finally, the NORAD and USNORTHCOM C
Page 63 and 64: III. LITERATURE REVIEW A. INTRODUCT
Page 65 and 66: Maritime warning consists of proces
Page 67 and 68: Initiative #10. Define and develop
Page 69 and 70: of peace and crisis, and develop th
Page 71 and 72: c. National Military Strategy (2011
Page 73 and 74: This publication discusses cyberspa
Page 75 and 76: MINDFUL that in the years since the
Page 77 and 78: IV. COURSES OF ACTION DEVELOPMENT A
Page 79 and 80: 4. Disadvantages and Proposed Solut
Page 81 and 82: Requires negotiating new cyberspace
Page 83 and 84: E. SUMMARY This chapter identified
Page 85 and 86: V. COURSES OF ACTION ANALYSIS A. ME
Page 87 and 88: 2. COA #1 Synopsis COA #1 is a prom
Page 89 and 90: Requires negotiating new cyberspace
Page 91: DISADVANTAGES SOLUTIONS WEIGHT Modi
Page 95 and 96: Change DOD conference procedures to
Page 97 and 98: VI. FINDINGS AND RECOMMENDATIONS A.
Page 99 and 100: Finally, COA #3 proposes a joint NO
Page 101 and 102: LIST OF REFERENCES “2014: Piracy,
Page 103 and 104: Lawson,Sean. “DOD’s ‘First’
Page 105 and 106: ———. Joint Publication 3-12R
Page 107: INITIAL DISTRIBUTION LIST 1. Defens
show all

SCHOOL THESIS

Create successful ePaper yourself

Delete template?

Save as template?