Reaction to Air Force Cyber Command Announcement

I've been writing about the proposed Air Force Cyber Command since the Spring of 2007. Since Bob Brewin broke the story that "the Air Force on Monday suspended all efforts related to development of a program to become the dominant service in cyberspace," I've been getting emails and phone calls asking if I had seen the story and what was my reaction. I provided a quote for Noah Shachtman's story Air Force Suspends Controversial Cyber Command.

A story published today in the Air Force Times said:

[New Air Force Chief of Staff Gen. Norton] Schwartz appeared to backtrack on the Air Force’s plan to stand up its new Cyber Command by Oct. 1. He said the mission will go forward, but that the organizational structure of the mission and how it will integrate with the Defense Department and U.S. Strategic Command are still being considered.

I would not be surprised if Gen Schwartz was told to play nicely with the other services. I don't expect to see any more commercials promoting Air Force cyber defense!


Anonymous said…
reminicient of "decommisioned" bio-facilities which simply move and are renamed.
in light of previous releases by military operators there is no reason to believe that any part of this announcemant is the truth
who was it said
that in time of war (america is in several) the first casualty is the truth?
Anonymous said…
This comment has been removed by a blog administrator.
Anonymous said…
AFCYBER remains, but is insignificant compared to NETCOM or NETWARCOM, whose focus is more on CNA and CNE (Computer Network Attack and Exploitation). CNA, CNE, and the age-old CND (Defense, as in DiD from NSA IATF days) are now scoped under CNO (Operations).

CNO is really a subset of what NETWARCOM spells out as the pillars of Information Operations (10 or IO) -- with PSYOP, Military Deception, EW, and next-gen OPSEC also included. I think it makes a lot of sense to combine CNO with EW, and in turn, PSYOP and Military Deception with EW. What I don't understand is why the Navy all of a sudden owns OPSEC, since the Air Force maintains the only set of instructions around OPSEC outside of an older joint publication.

What I still see formally lacking is anything related to software assurance. There are some recent application security STIGs available from IASED, which means that it's on their radar. The DoD is too focused on the network, again partially due to the NSA IATF reliance on DiD. As DIACAP and NIACAP come into the spotlight, I think you're right about controls not being the solution to our problem.

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics