Month: March 2018

Cyber Operations – The Challenge of the Three Sided Coin

As cyber operations have increased in scope and credibility their integration into wider military operations has developed organically. The organisations that design and deliver cyber capability have similarly evolved over time rather than being designed from first principles. This agile approach has served a purpose, but we have now reached a level of maturity where a well-conceived structure and governance model would bring substantial advantage. However, meeting this challenge will mean overcoming a conundrum that lies at the heart of all military cyber structures.

Operating Defence communications networks is something that we have done well for many years. Like most other organisations, the UK military maintains a network operating centre, which acts as a hub from which global networks are managed. Also in common with many large organisations the MOD has a security operating centre that is responsible for preventing and reacting to cyber attacks. It is evidently desirable that these organisations are conceptually (and physically) very close to each other. It would be nonsensical if those who operate our networks and those who conduct defensive cyber operations on our own networks weren’t in the same business space; they are two sides of the same coin.

If we now consider cyber’s contribution to Full Spectrum Effects operations then it is immediately apparent that all elements of cyber operations must be considered in tandem during the planning process. PROTECT is just as much a mission verb as DISRUPT, and for a plan to be successful both offensive actions and defensive actions must be considered simultaneously. This concept is well established in military planning; it is inadvisable to go on the offensive unless you start from a well-established and secure base. Offensive cyber operations and defensive cyber operations must also be conceptually close; they are two sides of the same coin.

The structural problem is that there is no three-sided coin – defensive cyber operations cannot easily be bedfellows with both offensive cyber and network operations concurrently. In the UK our organisational model has evolved to structurally separate network management and military operations. This has had the effect of splitting defensive cyber operations in two so that routine defending sits with network management whilst defensive cyber planning is considered operationally as part of Full Spectrum Effects planning alongside all offensive options. This solution works, but it is inelegant and inefficient. The division of defensive cyber operations makes a unified defence more challenging to achieve than it could be.

It may be that there is no perfect solution to this; certainly none of our international partners have found the ideal solution. However as we consider designing the next generation cyber enterprise it is important that we give this structural challenge all due consideration so that our future operating model is as efficient as it can be.

Planning a Route for LEJOG

Follow me on Twitter @davidrorr for regular LEJOG updates.

I’ve spent some time over the last few weeks planning my route for this summer’s cycling adventure. I’m not out to break any records so I’m aiming for a relatively modest 80 miles a day. Equally I have no intention of playing ‘dodge the juggernaut’ so the route I designed makes use of smaller roads and the occasional cycle path. Whilst this will mean more miles it will give me a chance to enjoy being in the countryside rather than just seeing it flash by over the top of an A-road crash barrier. I wanted to personalise the route too, so I will visit places where I have lived and worked, the town where I grew up and I’ll have a stop at home where I have allowed myself a sneaky rest day!

Having decided I wanted to average around 80 miles a day I used the Garmin Connect route planner to design a detailed plan for each day, bouncing Youth Hostel to Youth Hostel along the master route. The application is really easy to use and it is tailored for the cyclist, maximising use of national cycle routes and minimising time on main roads. I’ll then upload these to my trusty Garmin 800 so in theory I shouldn’t have to worry about navigation when in the saddle! I’ve used this method when training in unfamiliar areas and it works well – although I’ll definitely need a spare battery!

Below is an outline of the final version. If anyone fancies coming along for a ride on any of the days then you are more than welcome – just drop me a message and I’ll give you RV times and a more detailed route for the day. Likewise if you want to say ‘hi’ as I pass by then that would be appreciated too. Frankly I’d welcome the excuse to stop for a few minutes!

Date Day Start End Miles
27-May-18 Day 1 Land’s End Tintagel 73.68
28-May-18 Day 2 Tintagel Tiverton 69.75
29-May-18 Day 3 Tiverton Glastonbury 42.06
30-May-18 Day 4 Glastonbury Gloucester 77.65
31-May-18 Day 5 Gloucester Nuneaton 70.04
01-Jun-18 Day 6 Nuneaton Eyam 82.95
02-Jun-18 Day 7 Eyam Boroughbridge 82.22
03-Jun-18 REST REST REST REST
04-Jun-18 Day 8 Boroughbridge Langdon Beck 64.2
05-Jun-18 Day 9 Langdon Beck Melrose 95.35
06-Jun-18 Day 10 Melrose Glasgow 82.6
07-Jun-18 Day 11 Glasgow Glencoe 83.99
08-Jun-18 Day 12 Glencoe Inverness 84.65
09-Jun-18 Day 13 Inverness Crask Inn 65.43
10-Jun-18 Day 14 Crask Inn John O Groats 83.1