Interview with Canada's Major General Andrew Jayne, Cyber Force Commander
Published 7 May 2021
As the Canadian Armed Forces look ahead to potential threats in the next decade and beyond, one of the areas of concern is cyber warfare.
Of the new technologies available to both state and non-state actors, a cyber-attack has the greatest potential to destabilise countries overall but also damage and disrupt military operations and communications.
Major General Andrew Jayne, Cyber Force Commander for the Canadian Armed Forces (CAF) and Chief of Staff of the Information Management Group at the Canadian Department for National Defence (DND), tells Studio that the importance of military networks for the future in the information environment cannot be understated.
He says that the CAF and Canada’s allies need to collect information and share it amongst partners at pace and speed to be able to keep up in this complex environment.
‘If we are going to compete in the future contested and complicated information environment, we will need the military networks to support those activities, achieve information superiority and more importantly, decision superiority over our adversaries,’ he explains.
According to Jayne, the challenges are ‘myriad’ and that military forces have always been concerned about losing communications with deployed elements and units and continually try and avoid that situation.
Photos: Canadian armed forces
He cites three ways militaries can mitigate against a loss of connectivity.
‘Firstly, of course, redundancy is one of them. Having multiple or layered systems that you rely on to have primary alternative contingency and having an emergency communications network,’ he says.
‘Secondly, we also need to train ourselves a bit better to operate in a contested and degraded information environment – understanding that it could be more usual to lose communications for periods of time – and to make sure that our deployed forces have the information, confidence and intent to continue to operate and complete missions in this type of environment.
‘And the third thing is that we need to have resiliency in the systems we do have through a cyber mission assurance programme and develop it to make sure that the systems we are using are fit for purpose and all the risks have been considered through the procurement supply chain of components to understand the vulnerabilities that may exist in them.’
The complexity of the information environment and the forces at work make it one of the most challenging to operate in.
Whilst small point-to-point networks can be relatively easy to patch and harden, and make secure, they don’t meet the requirements for sharing information, correlating data and communicating more broadly to allies and other forces.
Therefore, the CAF needs to reduce reliance on these small networks and at the same time create more extensive networks that are equally as resilient and secure against interference.
Jayne says that the CAF tends to view operational outcomes as being enabled by information technology systems. The effects in the information environment are seen as a by-product of operational success.
‘I think we need to place these things more at the centre of what we are doing. To understand that we want to achieve an effect in the information environment, such as change the will of our adversaries to proceed to engage in an activity that is counter to our interests, we need to change their opinion,’ he explains.
The CAF and DND have stood up a new group to bring together joint requirements and consider operational concepts that need to be enabled.
The initiative is to shape projects so that they have coordinated outcomes and are not siloed into specific Navy, Army or Air Force concerns and solutions about how they will communicate in only their environment.
‘We need to make sure they are all moving towards the same goals and objectives so that we can have a pan-domain view and pan-domain effects. This force employment concept is something that Canada has developed and is in the process of maturing, similar to the all-domain concepts in some of our Five Eyes partners,’ Jayne says.
To achieve this, the Five Eyes partners are running specific projects aimed at modernising C2 systems at Secret and Top Secret level as well as projects to ensure better identity credential and access management with a single shared identity database. All the partner nations will know who is logging into the systems and who is in the digital space.
Other projects include the modernisation of cyber defence capabilities for military networks with health monitoring systems.
This can check if a system is working and whether it is a cyber event or another standard failure so that it can be fixed very quickly, thus retaining a high level of connectivity.
‘All the services have projects and our team is working with the joint folks to bring those together to work towards the objective of an interconnected system that can communicate and categorise information to give it the value that we now that it now has to fight and overcome the threats that are out there,’ Jayne says.
‘Common data standards and common communication protocols, amongst the Five Eyes and NATO nations are going to increasingly be important and that we adhere to open architecture standards, but that these are overlain with the security protocols that ensures that we can trust the information,’ he adds.
The military uses the full range of military satellite communications systems, commercial satellites, radio frequency technology and phone systems through which to remain connected and continue to exchange data.
Using multiple systems like these with the right training and protocols when a degraded environment takes place it is possible to switch between them to re-establish communications and alternate until it is possible to bring the primary method of communications back online.
Jayne says it is a matter of figuring out which communications routes will be primary and the alternate.
‘What’s the contingency? How do we layer them? How much do we invest in each of those and ensure it is resilient?
‘The old adage is true, you can’t defend against everything and I don’t think many nations have the money to do that, so we are going to have to be smart about picking our investment in these layered technologies to make sure that we have enough to do what’s needed.'