WASHINGTON, Oct. 1, 2009 – Deputy Defense Secretary William J. Lynn said the department’s culture regarding cyber security issues must change, and become more robust.

The deputy secretary spoke at a gathering celebrating the start of National Cyber Security Awareness Month here.

The Defense Department is responsible for ensuring the “dot-mil” domain remains safe, while the Department of Homeland Security oversees security of the “dot-gov” domain, Lynn explained. Private companies and non-profit groups have responsibility over “” and “,” while academia has “”

But none of this works unless every American takes cyber security seriously, Lynn said. “There is no exaggerating our dependence on information networks,” he said. “In our case, we are a 21st Century military that simply cannot function without it.”

There also is no exaggerating the threat with its source, its speed and its scope. Lynn said the department is facing many threats — from teenage hackers to organized crime networks to attacks by foreign intelligence services. “We’re seeing assaults come at an astonishing speed – not hours, minutes or even seconds – but in milliseconds at network speed,” he said.

The scope of the assaults is incredible and the mission ahead for DoD is jaw-dropping. “We have hundreds of different organizations, we have 15,000 networks administered by about 90,000 employees. We have 3 million employees who use 7 million computers and IT devices,” Lynn said.

The department must establish a culture of cyber security, the deputy secretary said. The department must certify all those network administrators, “training our 3 million employees that when you log on, you are the front line of our cyber defenses.”

The department is looking to build “leap ahead” cyber security programs. “We’re also improving our command structure – building a new cyber command to better coordinate the day-to-day defense of our networks,” he said.

Lynn said DoD stands ready to share the technology and expertise of the department with Homeland Security and others who need the cyber-defense capability.

“It would be unwise, indeed irresponsible, if we didn’t somehow leverage the technical expertise of the department – including the Defense Information Systems Agency and the National Security Agency,” he said.

The department will ensure that any defense fielded will “uphold and respect civil liberties,” Lynn said.

DoD must also cooperate with nations around the globe, Lynn said. Attacks use computers around the world and protecting the United States means the nation must address complex issues of national sovereignty and international law.

No one can address cyber security alone, Lynn said. Government agencies must work with others, and private industries need government to help establish standards. “Most of all, every leader, every employee in government, industry and academia need to understand the vulnerabilities and responsibilities we share,” he said.

But cyber security is still a young industry, Lynn said. He compared the cyber world to military aviation. Military aviation recently celebrated its 100th anniversary, which went from flying a biplane around Fort Myer, Va., to global missions anywhere, anytime, in any weather.

“By that measure, it’s only 1928,” Lynn said. “This year marks the 20th year of the World Wide Web. In other words, in terms of cyber security, we’re still in the era of biplanes and dirigibles. We’re still in the dawn of the Information Age. We still have decades of change and challenge ahead of us: Decades of innovations and technologies we can’t even imagine.

“To be sure, there will be set backs and failures along the way. But if history is any guide, this too is a challenge we can meet together and solve together.”

Up Next

Some Troops in Iraq May Face Deployment Extension

WASHINGTON, Oct. 1, 2009 – Deputy Defense Secretary William J. Lynn said the department’s…