The U.S. Coast Guard has recently been taking steps to improve its cybersecurity practices. Since the military branch belongs to the Department of Homeland Security, that makes sense. DHS is seen in a post-9/11 society as the first line of defense for national security issues. Specifically, the U.S. Coast Guard is restructuring its previous approach, putting its blue team in a new branch of cyber operational assessments. Another change is that, for the first time, the U.S. Coast Guard will have a red cybersecurity team.
In the world of cybersecurity, there tend to be two broad fields into which the most active security teams fall. The first is the blue team and the second is the red team. Both have a similar goal, which is to harden their organization’s defenses against possible threats. This includes (among others) vulnerability assessments, stress testing networks, and designing the infrastructure to be more beneficial in the event of an attack. Where they differ, however, is the actual function. Red teams simulate the role of an attacker through penetration testing, while blue teams attempt to identify the attackers ’actions on the red team. In short, one causes an incident and the other responds.
Both are necessary. However, both are not always used. This is a mistake, as the red and blue teams have a symbiotic character.
According to a report by the Federal News Network, the Coast Guard now recognizes this. The following is an excerpt that specifically shows how Coast Guard authorities react to the new branch of cyber operational assessments:
Lt. Kenneth Miltenberger, branch manager of the cyber blue team, said the blue team will continue to offer endpoint scanning, cooperative vulnerability assessments and security consulting for its acquisition operations. ”We are delighted to see this type of merger: cooperative evaluations, as well [the] the red team for some kind of holistic assessments, ”Miltenberger said last week at a webinar hosted by ATARC.
The red team will try to “serve as an organization for cyber adversary emulation and penetration testing” for the Coast Guard. The hope is that this can turn around what has been a painful place for the U.S. military in the past. Cybersecurity protocols have been ineffective, proving that change was clearly needed. Not just focusing on guessing, but watching active attacks in real time, perhaps this program can serve as a starting point for the rest of the U.S. military.
Featured image: Flickr / UNC – CFC – USFK