Military Review English Edition March-April 2016 | Page 81
CYBERSECURITY
(Photo by Staff Sgt. Ryan Whitney, 1st Special Operations Wing Public Affairs)
Members of the Ukraine military monitor and maintain network access during Combined Endeavor 2011 in Grafenwoehr, Germany,
19 September 2011. Combined Endeavor, an annual exercise involving nearly forty NATO, Partnership for Peace, and strategic security
partners, is designed to increase interoperability and enhance communications processes between the participating nations.
left over seven hundred thousand Ukrainians without
electricity.44 Ukraine’s experience demonstrates cybersecurity’s relevance to stability operations.
Public-Private Partnerships
Like Kiev, the United States continues to refine
policy for cybersecurity and critical-infrastructure protection (CIP) to adapt to emerging threats. Critical infrastructure, as defined in Presidential Policy Directive
21, are “systems and assets, whether physical or virtual,
so vital to the United States that the incapacity or
destruction of such systems and assets would have a
debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.”45 The United States categorizes
critical infrastructure into sixteen sectors from energy
to transportation.
Discussion of CIP, as well as the resulting policy
implications and changes, has come to the forefront
in the last twenty years. In 2002, DHS assumed a
MILITARY REVIEW March-April 2016
lead role in CIP.46 Even before that, President Bill
Clinton’s 1996 Executive Order (EO) 13010 categorized critical infrastructure threats as physical
and cyber.47 Nearly two decades later, the 2014
Quadrennial Homeland Security Review emphasized
the significant potential destructive effects of cyberthreats to critical infrastructure.48
Need for Government, Military, and
Civilian Cooperation in Protection
of Cyberspace
The centerpiece of effective cybersecurity and CIP
is public-private collaboration. In 2013, President
Barack Obama’s EO 13636 enhanced cybersecurity for
CIP through public-private collaboration and directed
the National Institute of Standards and Technology
(NIST) to develop “a framework to reduce cyber risks
to critical infrastructure.”49 In 2014, NIST released a
preliminary framework affirming public-private cooperation in cybersecurity.50
79