WASHINGTON D.C. ? Teresa M. Takai, Acting Assistant Secretary of Defense for Networks and Information Integration, the Department of Defense’s Chief Information Officer, said in an interview that cyber defense is a major part of the DOD’s technology agenda. But she declined to characterize the current climate of often state-sponsored cyber attacks as cyber war.
?The whole question of advanced persistent threats and the kinds of threat we face at the Department is something we?re very focused on,? Takai told MITechNews.Com Editor Mike Brennan. ?Cyber is a domain much like air, sea and space that we have to be prepared to defend.?
Takai, the former state CIO for Michigan and then California, was recruited 18 months ago to serve as the principal advisor to the Secretary of Defense for Information Management, Information Technology and Information Assurance as well as non-intelligence Space systems, critical satellite communications, navigation, and timing programs, spectrum and telecommunications. She provides strategy, leadership, and guidance to create a unified information management and technology vision for the Department and to ensure the delivery of information technology based capabilities required to support the broad set of Department missions, including technology delivered to the battlefield for war fighters.
?I advise Defense Secretary Leon Panetta as well as senior staff on how we should be spending $37 billion a year on IT,? she said. ?In the simplest form, those duties, if we compare and contrast, in Michigan on an annual basis we were spending $500 million on IT. The biggest difference on what we do at the state level and now at the DOD is the kinds of systems we use are not traditional business support systems. Instead, we?re responsible for oversight of the military version of a police radio system. We?re responsible for everything up to where the information is shared. We manage the Department?s use of the spectrum. We are responsible for technologies that read out to the battlefield and for those individuals dealing with technology in the theater. So my responsibilities are more operational.?
But in this digitally connected world where state and local governments reach out online to their respective constitutes, trying to reach back into their networks are hackers, organized crime, and state-driven cyber spies. These bad guys want to tap the treasure trove of rich intellectual data and financial information inside. Among her many former duties, Takai is the Past-President of the National Association of State Chief Information Officers so she knows first-hand the cyber threats state and local CIOs and CISOs deal with.
?I think the states are concerned around privacy protection,? she said. ?At the DOD, we deal with all aspects of cyber security. How to defend all our information. We have a lot of R&D to protect. There are those who want to get in and maliciously disable or damage or change information. We?re so heavily dependent on our network for a national security role.?
As such, she works closely with Gen. Keith B. Alexander, who runs United States Cyber Command (USCyberCom), an armed forces sub-unified command subordinate to U.S. Strategic Command. Alexander also runs the National Security Agency, a crypto logic intelligence agency at the Pentagon. While CyberCom is developing cyber defense strategies, NSA collects and analyzes foreign ? and some say domestic ? communications. Both also try to protect their respective computer networks from cyber intrusion, an increasingly difficult problem.
Lately, Cyber Command has been in the headlines as the government tries to redefine its role and transform the roughly 1,400 person command into a cyber war fighting unit, on par with the armed services. This week, there were reports U.S. Cyber Command has been using special, classified briefings with private sector CEOs to scare them into greater vigilance about the threat of cyber attacks. The briefings are part of a three year-old program dubbed the “Enduring Security Framework” that was designed to foster closer coordination between private sector executives and Washington, so they predate Takai?s arrival at the Defense Department.
?One way to describe cyber command is we have regional combatant commands, such as the Pacific Region, who understands the Pacific region,? Takai said. ?When you compare that to CyberCom, they have the unique understanding of cyber space and they have the responsibility to take actions, and advise the Defense Secretary on all cyber activities. CyberCom protects the Department and is responsible for directing activities as they relate to cyber security.?
Takai also confirmed published reports that the Pentagon has carved out a new secret spy group that press reports called the Defense Covert Intelligence unit. She, however, clarified those reports by calling the new unit, a function, instead.
?One of the things we do is to look at the challenges and threats and organize to address them,? Takai said. ?There wasn?t the establishment of a new agency or department at the Pentagon, but organizing around a new function they thought was important. It was the establishment of a specific group that focused on a problem we anticipate happening in the future. One example is looking at a specific time for draw-down in Afghanistan. It also performs future planning activities – how to do intelligence – and then restructures how to use these new resources. ?
Other duties include interfacing with the North Atlantic Treaty Organization (NATO) on their cyber preparedness. She will fly to Brussels, Belgium, later this month for the semiannual NATO board meeting to talk directly with her NATO counterparts.
?I?m the U.S. rep to the NATO board that oversees all the technology that NATO develops,? she said. ?If we think we move slowly at the Defense Department, try getting multiple nations together on technology. It is a challenging job.?
Another challenging job is making the Defense Department?s IT management more centralized, she said. Right now DOD is very decentralized. When she was CIO in Michigan, IT management was just the opposite, very centralized. While In California, she said, she had to deal with 130 CIOs all with different agendas.
?I think the challenge here is because the Department is so much bigger, that going to a completely centralized strategy does not make sense,? she said. ?But we do want a level of centralization. War fighters want to operate across the Navy, Marines, Air Force and Army using the same technology base. The way we?re structured now is each service has the money to put out technology. We have to figure out a way to do it so when there is a joint operation. We have to figure out how to provide the right services so a war fighter has what he needs??
Another big difference is at the state level, the interaction is with citizens. At the Defense Department, the bulk of the interaction is internal. But one thing remains the same in both worlds: Information silos.
?It?s just different silos,? she said. ?Each individual service has its own CIO. They don?t report to me, but they are required to follow the direction and policy I put out.?
Also at the federal level, politicians are much more involved in IT policy than in the states, she said.
?Politicians here like to know how we are spending their money,? Takai said. ?And sometimes they want to get into the middle of it, but usually just for doing good accountability. The military folks are skilled technologists. It?s a little different with staff people and political appointees, whose philosophy is more, ?Just go make it run and call me if you need me.? ?
She declined to say much about the Cyber Intelligence Sharing and Protection Act (CISPA), which would allow for the sharing of internet traffic information between the U.S. government and certain tech
