Russia’s invasion of Ukraine has given defense communities around the world the first real taste of what modern state-on-state warfare looks like, and everyone is looking for lessons learned — including US Cyber Command, according to its director of operations.
Speaking at the AFCEA TechNet Cyber 2022 conference, Maj. Gen. Kevin Kennedy said that as a result of what they’ve seen over the last two months, CYBERCOM is looking at vulnerabilities in its intelligence collecting activities.
Major General Kevin Kennedy
“This is one of the lessons, as we looked at the Ukraine crisis and we’ve seen the open source reporting and understanding, having frank conversations about whether our SICR [specific intelligence collection requirement] is and the level of defenses that we have on it and the potential vulnerabilities that exist,” Kennedy said.
Although he didn’t tie it directly into the Ukraine situation, Kennedy also said that over the next year CYBERCOM wants to expand partnerships with allies, which he sees as its “fundamental advantage.”
“Our partnerships in the Pacific are more robust, more varied than anything that the [People’s Republic of China] has,” he said. “Our partnerships in Europe are much more varied, more solid than I think Russia is. Our partnerships in the Middle East are more robust, more varied, more strong than anything Iran has. That is the advantage that we have as we’re looking forward to taking on the adversaries that we see.”
CYBERCOM has also had a pivot in the last year when it comes to thinking about ransomware, Kennedy said.
“I think about a year and a half ago if you had asked me what the…responsibility of the Department of Defense in ransomware was, [it] was purely in support of [the Department of Justice] and that activity is primarily a [law enforcement] activity,” Kennedy said. “What we’re finding, though, in recent times is that ransomware is a national security imperative as well.”
When it comes to intelligence collecting, Kennedy said partnerships with the FBI and CISA have been “critical” to sharing information with the industrial base and “maybe being some level of deterrence” when it comes to making the operating environment risky for adversaries.
From The Shadows Emerges Knowledge