United States Transportation Command’s leader says domestic cyber networks need more security to uphold the defense of the nation.
TRANSCOM is responsible for coordinating transportation for the military services around the globe. In order to do that, TRANSCOM capitalizes on a large number of civilian transport assets.
But the difference in cyber standards between the military and the civilian world is causing a headache for TRANSCOM Commander Gen. Darren McDew.
“I don’t believe we protect the rest of the federal government the same way we protect inside of DoD,” McDew told a joint hearing of the House Armed Services Readiness Subcommittee and Seapower and Projection Forces Subcommittee March 30. “The seam that exists between [the Defense Department] and [the Department of Homeland Security] is a real seam for us because 90 percent of my activity on a daily basis runs through the commercial networks. We are becoming more and more vulnerable because those commercial assets are part of national security.”
McDew said about a year ago TRANSCOM went down a “path of discovery” on cyber. The command held three roundtables over 18 months with academia, business leaders and hackers to learn more about cyber threats.
The command realized its commercial partners, who carry equipment by train, plane, ship and other modes of transportation, were not held to the same standards cybersecurity-wise as DoD assets.
“The Department of Homeland Security has responsibility for the commercial networks of the country, the Department of Defense defends the Department of Defense networks,” McDew told Federal News Radio after the interview. “Both do a very good job. The problem is I bridge both. The folks I work with and the folks I rely on are both in the dot-com and the dot-mil domains. There’s sometimes a difference in how those things are viewed. If DHS doesn’t fully share the fact that some of this commercial infrastructure is part of national security … then maybe they resource it slightly differently. So I’ve got to start to convince particularly on the dot-com side that some of the CEOs that I work with that that’s not an IT issue, that’s a CEO issue because on my side it’s a commander issue.”
McDew brought up the example of a mom and pop trucking company that does not have the same cyber defenses that the military can use. While that company doesn’t need everything the military uses, there needs to be a solution for improving business cybersecurity.
Within TRANSCOM itself McDew said his network is well defended. U.S. Cyber Command heads a Cyber Mission Force made of 133 teams to protect DoD’s networks.
“Our mission … is to ensure that we are prepared if there are disruptive and destructive attacks against the nation that we can operate,” said Maj. Gen. Paul Nakasone, former commander of the Cyber National Mission Force in 2015.
McDew said if Congress is unable to pass a defense appropriations bill for 2017 and stretches the continuing resolution it could create a “direct impact” on the cyber protection force.
“The training and resourcing of that team would slow down,” McDew said.