Here's some thinking on the mission of Cyber Command that may be helpful. I've had more than a few concerns about the idea of Cyber Command (which is about to suck in tens of billions of $$).
Conceptually, it seems malformed and it doesn't appear to comport to the real world mission environment.
Worse, it also seems that the defense contractors will soon enter this environment, and with their entry (which will focus on selling the legacy systems and skill sets that they currently own or are building) any hope of rationalizing our spending with strategy will become remote.
IF that happens, we will be caught in a funding loop, and redirecting existing spending (allocated to systems, people and thinking that have little applicability to the mission environment) to real world strategic and tactical needs will be impossible.
Here's the conceptual problem. Cyber defense and offense doesn't occur in a vacuum. It is actually only a part of a much more important part of warfare: the defense and disruption of networks.
The big difference between warfare in this century and the last is that we now live in an interconnected world. There are physical and logical networks that underly our most basic functions -- from DoD to government to economic. Further, there are information and social networks that underly our moral and psychological cohesion (rumors, viral stories, etc can blast open holes in our social fabric and create non-cooperative centers of gravity).
The upshot is that the US should be building a "Network Command" and not a Cyber Command.
Here's a quick summary of its four focus areas:
- The defense of physical and logical networks that underly organizational and commercial function. This not only means the defense of US networks, but global and targeted local networks (i.e. Iraq) as well. The vast majority of the most damaging attacks on networks that have occurred have been physical. Physical attacks on critical networks shut down Iraq's economy for nearly 3 years. Recently, in Mexico, two physical attacks on a natural gas pipeline system cost the Mexican economy $2.5 billion. Therefore, the ability to accurately map, monitor, and rapidly secure (after being invited in) these networks from both physical and logical attacks is paramount (external: from small hacker/guerrilla groups, internal: from employees intent on sabotage). Securing critical networks involves everything from physical/logical security of critical nodes to sensor grids/UAVs that secure transmission networks (think in terms of how you would secure Saudi Arabia's infrastructure during a crisis -- to prevent a catastrophic shutdown during a period of turmoil).
- Offensive network operations involves both physical and logical attacks on a target countries critical networks. Dominance of these networks is critical to victory in any conflict. Network dominance of infrastructure networks through both physical and logical attack. This rationalizes the ideas behind "effects based operations" and once fleshed out can be used to eliminate the "fluffy" thinking that EBO thinking is plagued by.
- The defense of social and information networks is critical to maintaining social/psychological cohesion. This efforts works to shore up our own networks as well as extend them (to allies). It also works to shut down emergent viral vectors (information) that can cascade through social/information networks wrecking havoc.
- The offensive version of this type of network warfare is to break the cohesion of the social systems of the enemy through impeding their ability to keep their network cohesive and introducing viral information that causes their networks to cleave. This type of social/information warfare rationalizes the ideas behind Information Operations and Strategic Communications.
Anyway, this is a high level view of a way forward that is both understandable (by everyone involved) and applicable to the real world mission environment. It also finds a home for what are now disconnected and essentially adrift efforts (IO, SC, Cyber, etc.).