THE WATCH STAFF
A recent conference looked at ways the U.S. Army can learn to deploy its cyber capabilities more effectively to protect the country’s critical infrastructure.
The event, held February 24-25, 2022, at The Citadel military college in Charleston, South Carolina, was part of the Jack Voltaic Conference Series (JVCS) developed by the Army Cyber Institute (ACI) think tank at the U.S. Military Academy. The project seeks to analyze weaknesses through a “bottom-up approach … focusing on cities and municipalities where critical infrastructure and populations are substantial,” according to ACI.
Dr. Shankar Banik, director of The Citadel Department of Defense Cyber Institute, summed up the approach in a December 21, 2021, news release: “We will work to identify gaps that may leave some areas vulnerable and to address those gaps.”
The JVCS thus far has focused on defending infrastructure across two cities — Charleston and Savannah, Georgia — allowing them to develop incident management, according to the defense and technology news website C4ISRNET. The Citadel conference simulated cybersecurity scenarios at local ports.
If ports, which are under the control of state and local governments, are the victim of cyberattacks, it hinders the Army’s ability to deploy.
“We have to be able to get to the fight,” Lt. Gen. Stephen Fogarty, chief of Army Cyber Command (ARCYBER), told C4ISRNET.
“For us, it’s making sure there’s clear understanding by civil authorities what our requirements are, what our expectations are, and then what we can [do] to assist them and protect that strategic capability for the nation,” said Fogarty, who gave the conference keynote address.
For state and local authorities, the ability to identify threats — “essentially to rehearse what their responses are, understand what their capabilities are, where their limitations may be, where they make investments — that’s really what they principally get out of this,” Fogarty told C4ISRNET.
(Pictured: Lt. Gen. Stephen Fogarty, ARCYBER commander, talks with Soldiers during a visit to the Georgia Cyber Center in Augusta in 2018 for the launch of a partnership with the Defense Digital Service.)
The final segment of the four-part JVCC will be held at the University of Illinois in May, according to The Citadel news release. Other partners include the Norwich University Applied Research Institute and the Georgia Cyber Center, which held events in 2021.
Army Cyber Command, as well as the National Guard and Reserves, have cyber protection teams that can be deployed to assist state and local entities. The JVCS can help identify how to best use those teams, according to C4ISRNET.
“Are there places where it would be appropriate to apply those capabilities, and then where are the mechanisms to do that?” Fogarty said.
After Jack Voltaic 3.0 in 2020, officials realized there was a need to keep the conversation going regarding critical infrastructure resilience, according to Col. Jeffrey Erickson, director of the ACI.
“It’s too important to conduct once, write down some lessons and then move on,” he said.
IMAGE CREDIT: U.S. ARMY CYBER COMMAND