Protecting Critical Military Infrastructures
By Jim Garamone
American Forces Press Service
ARLINGTON, Va., Dec. 7, 2001 Even before Sept. 11, DoD recognized the importance of protecting critical infrastructures.
For more than two years, experts in the Office of the Assistant Secretary of Defense for Command, Control, Communications and Intelligence have been working to identify DoD's critical assets and their associated supporting infrastructures, and develop policy on their protection, and game how the department would work if a node in these infrastructures were destroyed.
Tom Bozek is the director of the Critical Infrastructure Protection Office. He leads a small staff that is putting in place the policy framework for critical infrastructure protection.
The military has long known certain physical or cyber capabilities are essential to protect the nation. They are also essential to help the military accomplish its missions. Measures can be as mundane as physically protecting a facility or installation to ensuring satellite communications continue uninterrupted. The office studies the big picture and applies lessons to specific fixes.
"We want to learn the lessons once and implement the solutions many times," Bozek said.
Bozek's office works with the warfighting commands to determine what capabilities are critical to their missions. Then the office works with the service or agency that "owns" the asset to ensure the capability is protected or that procedures are established so the mission continues in the event of a breakdown.
It's a big job. "We're trying to understand what assets are critical to military mission success," Bozek said. The office concentrates on these critical infrastructures: transportation, logistics, financial services, public works, health affairs, personnel, defense information, space, and intelligence, surveillance and reconnaissance.
Bozek said the picture is complicated because there are many interrelationships between the various infrastructures. "We know that there are interrelationships among the assets in these infrastructures," he said. An asset failure in one infrastructure may have an adverse cascading afect on assets in many other infrastructures.
Once the group defines the interdependencies, it can isolate where the single points of failure may be that would cause mission failures.
The group has built on experience gained during the Year 2000 computer bug effort. "We're taking advantage of the Y2K experiences. That's a good example of the interdependencies," Bozek said. "You have a variety of information systems that are connected. They pass data to each other through this network. The same is true on physical infrastructures transportation, logistics, financial services and so on. So, we find the same principles apply to these infrastructures that we learned in Y2K."
The office calls on many different agencies for help. Bozek relies on the Navy's Joint Program Office for Special Technology Countermeasures as the overall technical agent. He also calls on the Defense Threat Reduction Agency for balanced survivability assessments.
In addition, the office works closely with the Homeland Security Division of the Joint Staff, and with all the combat commands, services and combat support agencies. The office also works with the FBI and the National Infrastructure Protection Center.
The Sept. 11 attacks underscored for the military the need for redundant facilities and partnerships with private industries. The attacks in New York, for example, illustrated the robustness of U.S. telecommunications facilities. Private telecommunications companies -- that DoD uses also -- reconstituted financial communications networks fairly quickly.
But the attacks illustrated how much the military relies on private firms for infrastructure support. "We are dependent on our private sector partners," Bozek said. "Our telecom is over private lines, most bases take power from private sources. Private shipping lines augment our sealift and airlift.
"We are developing even closer relationships with our private partners to identify potential vulnerabilities and to get better."
In light of the asymmetrical threats the U.S. military faces, the mission given Bozek's office is never-ending.
"Critical infrastructure protection has a defensive focus, offense almost always has the advantage," he said. "There are always going to be newer creative ways adversaries are going to use to try to overcome our defenses. Everyone needs to be vigilant."