“In the Marine Corps, they say that every Marine is a rifleman. I say that everyone in the [Department of Defense] is a cyberwarrior,” Vice Adm. Nancy Norton, director of DISA and commander of Joint Force Headquarters-DoD Information Networks, said during a keynote at CyberCon 2018, hosted by Fifth Domain.
Speaking Nov. 1 in Pentagon City, Virginia, Norton explained that the nature of cybersecurity today means every person is an attack vector, a vulnerability and the best line of defense.
Tactics such as phishing emails remain an issue, with people continuing to fall for them, so the actions of everyone — senior leaders to each and every user across the DoDIN — matter and can cause potential failures," Norton continued. While they may not be catastrophic failures but rather small holes, she said every one of those holes is a potential breach.
Norton also explained that malicious actors try to access DoD networks through partners and industrial base networks.
“We’re relying on those networks for part of our data and part of our operations and yet they’re incredibly vulnerable,” she said.
To highlight this contentious threat environment, Norton said DISA prevents about 1 billion cyber operations targeting the DoDIN each month with sensors triggering more than 300 million alarms.
“You can see it really is a battlefield,” she said, hearkening to the theme of CyberCon that cyber is not just an IT problem.
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.