Military Review English Edition March-April 2016 - Page 82

Singer and Friedman point out, “the private sector In February 2015, EO 13691 directed DHS controls roughly 90 percent of U.S. critical infrastructo develop Information Sharing and Analysis ture, and the firms behind it use cyberspace to, among Organizations (ISAOs).60 These organizations extend other things, balance the levels chlorination in your the ISACs model beyond the sixteen critical infracity’s water, control the flow of gas that heats your structure sectors to other high-value sectors like law home, and execute the financial transactions that keep and accounting firms, which are prime targets for cycurrency prices stable.”51 DHS Assistant Secretary for berattacks.61 EO 13691 directs the NCCIC to superCybersecurity and Communications Andy Ozment vise ISAO arrangements.62 Still in its infancy, ISAOs explains, “There’s no way that the government is going seek to provide cooperation despite distrust and fricto be able to help every company in America secure tion between the government and other stakeholditself.”52 Public-private cooperation is fundamental to ers. Such a balancing act parallels the Army’s future building an adaptive cybersecurity framework.53 information environment and significantly impacts In 1998, Presidential Decision Directive 63 the Army’s conduct of stability operations. launched Information Sharing and Analysis Centers (ISACs), which invite private sector stakeholders to Conclusion build networks to exchange best practices and facilitate Stability operations doctrinally require coorcrisis response.54 ISACs rely on private industry for dination with the host-nation government, com“non-regulatory and non-law enforcement missions.”55 mercial industry, multinational partners, and even They are “a clearinghouse for information within and nongovernmental organizations (NGOs). This among the various sectors, and provide a library for cooperative mindset applies to cyberspace operhistorical data to be used by the private sector and, ations. Since governments rely on cyberspace to as deemed appropriate by the ISAC, by the governprovide essential services, cybersecurity requires a ment.”56 Since 1998, the ISACs model has evolved to sixth line of effort that simultaneously supports the facilitate cooperation between federal, state, local, tribal, and territorial governments. In 2013, PPD-21 ordered DHS to create two national centers to oversee physical and cyber infrastructure protection.57 DHS incorporated this guidance in its National Infrastructure Protection Plan.58 The National Infrastructure Coordinating Center oversees the physical domain, and the National Cybersecurity and Communications Integration Center (Photo by Staff Sgt. David Bruce, 38th Infantry Division) (NCCIC) handles the cyMore than 350 National Guard soldiers, airmen, and civilians from forty-two states converged ber domain.59 These coordi- 9–20 March 2015 at Camp Atterbury, Indiana, to participate in Cyber Shield. The intent was to train nation centers also facilitate the participants to defend critical infrastructure against cyberattacks. The exe