NIST SP 800-137

“The government of our nation needs to be able to operate and defend at network speed, across all the capabilities that we have,” he added.

The NSA has built tremendous intellectual capital over several decades, said Alexander. Neither the Defense Department, nor the Homeland Security Department would be able to build another NSA, he added. Instead CYBERCOM leverages NSA within a different oversight framework, with mutual support for DoD and DHS.

CYBERCOM became fully operational on Nov. 3, 2010 and is co-located with the National Security Agency in Ft. Meade, Md. The command brings under one roof previously separated offensive and defensive military cyber capabilities.

Today, said Alexander, a static, reactive and forensics-based approach is not enough to keep networks secure. Greater situational awareness, testing, continuous monitoring and improved digital literacy will help CYBERCOM employ active defense across networks.

Active defense is CYBERCOM’s aim, said Alexander, but that goal cannot be achieved at the expense of privacy and civil liberties.

“Nobody protects civil liberties and the privacy of the American people better than the folks at NSA,” said Alexander. “When we make a mistake, we self report every mistake. In the technical arena, that can sometimes be a lot. We hit those right away and take corrective actions immediately.”

Alexander said NSA takes every issue very seriously, and if anything, over reports potential privacy issues. He also said extending CYBERCOM’s protection to critical infrastructure would be a “key step” in insuring continuity of government in a crisis.