The U.S. Cyber Command is analyzing traffic across government and military networks in a central database and will use the analysis to bolster threat detection efforts, according to a report on Nextgov.
“One of the things that I’m going to try to do is bring these data feeds in from all of the services, the agencies and anybody that comes to participate — and that will be an ugly challenge,” said Marine Corps Lt. Gen. Robert E. Schmidle Jr., Cybercom’s deputy commander at a cybersecurity seminar this week. Schmidle said Cybercom is still finalizing its role in governmentwide cyber efforts.
So far, the Web traffic analysis is a voluntary program. Schmidle said there would be benefits to participating; for example, agencies would be able to use the database to respond to threats in a comprehensive way.
The original purview of Cybercom relates only to defensive operations of military networks; the command can only conduct offensive operations when ordered by civilian leaders, Nextgov reports. Otherwise, the Department of Homeland Security has primary oversight of cybersecurity in the federal government
But, Schmidle said there is often an overlap.
“You can’t do defensive operations effectively in cyberspace unless you are doing offensive operations — unless you are out there hunting on networks,” he explained.