The U.S. Coast Guard has a split-identity – it’s a military service, but it falls under the purview of the Homeland Security Department, not the Defense Department. That means its Cyber Command has to balance the competing demands of protecting operational capability in an armed conflict with protecting infrastructure during peacetime.
“The first thing the commandant said was,’ Cyberspace is an operational domain. That means we’re going to operate in cyberspace just like we have in the maritime domain for over 227 years,’” Rear Adm. Kevin Lunday, commander of CG Cyber, said on DHS 15th Anniversary.
So the command has broken down its responsibilities into three strategic priorities:
Operate and defend Coast Guard networks and information systems
Operate in the cyber domain to enable missions in maritime and air domains
Protect maritime transportation from cyber threats.
Operate and defend
“Every cutter, boat or aircraft these days has not only embedded navigation and command and control and communications systems, but even for example, on a Coast Guard cutter, the whole machinery and equipment that operates the main propulsion depends on networked technology that we must harden and protect from cyberspace threats,” Lunday told the Federal Drive with Tom Temin.
But it’s not that simple, as an increasingly important part of warfare is the effort to deny an enemy those very command-and-control functions. So Lunday said CG Cyber is looking at using a combination of radio signals and satellite communications to keep those shipboard networks in contact with shore-based networks.
“We’re taking a very close look at all of our network architecture to make sure that we can operate at the tactical edge on a cutter underway at sea in a denied or degraded cyber environment, something that’s increasingly likely as we go forward,” Lunday said. “So we need to make sure our networks and information systems and communications can operate in that kind of a situation, and don’t always depend on the assumption that we’ll always have connectivity.”
Compounding that problem is the fact that the Coast Guard operates in areas that already have limited connectivity, like the icebreakers that operate in the Arctic. Lunday said he’s currently working with the Navy to develop those requirements, as they’ll rely primarily on satellite communications in a region with limited satellite coverage.
That’s not the only thing Lunday collaborates with the Navy on. Because the Coast Guard is a military service, it’s required to be interoperable with the Navy for greater coordination during times of war.
“So as the Navy looks to keep its warship communications afloat, we’re looking also with them at how they do that and how they’re moving into the future, and we’ll do that as well,” Lunday said.
Lunday said the IT and communications structure is an operational asset of the Coast Guard.
“What we call an enterprise mission platform, we can’t paint a Coast Guard racing stripe and the words ‘U.S. Coast Guard’ on it, but it’s just as important to our operations as our fleet of cutters, boats and aircraft,” he said.
And CG Cyber is working to modernize that enterprise mission platform as one of the elements of its overall cyber strategy. Another is developing its cyber workforce.
Lunday said CG Cyber is exploring how to stay faithful to the models set by DoD and the National Initiative for Cybersecurity Education, while still effectively recruiting, training and retaining. He said Congress appropriated almost $4.5 million for 64 billets in FY 17 to help generate the Coast Guard’s first cyber commands, specifically a protection team modeled on the joint cyber mission force team.
But while the cyber workforce follows the DoD model, and the USCG networks are part of the .mil DoD networks, CG Cyber also has to remember its ties to DHS. So much of the intelligence trafficking on those networks comes from various tiers of law enforcement, siphoned through USCG’s three primary intelligence centers. And in turn, USCG intel filters up through the ranks of DHS.
Protect maritime transportation infrastructure
But military defense isn’t the only role USCG has to play. It also defends U.S. economic interests by protecting its maritime transportation infrastructure.
In this case, while nation-states could certainly pose a threat during open conflicts, CG Cyber also has to deal with the continuously escalating capability of less sophisticated actors to seriously threaten those interests.
“So our concern is how do we work with maritime industry, both ship owners and operators, and also maritime facility owners and operators in our transportation system, to ensure that not only we but they are also able to protect their systems because they own and operate most of the critical infrastructure in the space,” Lunday said.
Toward that end, CG Cyber works with industry to build awareness of the threats, and tries to convince them to implement cyber standards and best practices. USCG has issued a draft navigation and vessel inspection circular, and is collecting comments on guidance for improving cyber across maritime facilities.
And this mission is not confined to the borders of the United States. Coast Guard personnel perform these tasks internationally. USCG leads the U.S. delegation to the maritime organization of the United Nations, and is trying to institute international standards for ships and ports. USCG also has teams that help train officials internationally to maintain these standards.