Military leaders responsible for America’s cyberdefense say the U.S. is lagging due to a lack of personnel and a hastily assembled infrastructure.
“While we’ve held a decisive and dominant advantage in all the other domains, that’s not necessarily the case in the cyber domain,” Brig. Gen. Robert Skinner, deputy commander of the Joint Force Headquarters-DoD Information Networks, told a conference on Thursday.
“The cost of entry in this domain is very minimal, which enables individuals or groups to generate effects that take a significant expenditure of resources to respond. The value curve is in the wrong direction,” he added.
Skinner’s department was launched in January to shoulder some of the responsibility for cyber operations in the Defense Department.
“We are conducting thousands of defensive operations each and every day … and countering millions of cyberattacks annually,” Skinner said. “We are in constant contact with agile, learning adversaries in cyberspace, and their learning curve has turned upside down.”
Additionally, officials said, the integration of technology, bureaucracy and personnel represent a challenge for the U.S., even as cyberattacks grow.
Lt. Gen. Ed Cardon, the leader of Army Cyber Command, said, “If [we] have all these technologies, but you can’t connect these to a command operation, how are we going to integrate all this stuff so that it accomplishes an effect?”
The leaders agreed technology is advancing at a pace beyond their ability to staff it with personnel and organize command operations militarily. “We aren’t nearly steady-state in terms of the cyber mission force,” said Vice Adm. Jan Tighe, head of the Navy’s Fleet Cyber Command. “There’s a lot of lessons to be learned in how we train and organize those forces.”
“We have a sense of urgency in terms of, we need more capacity and ability than what we have today,” Tighe said.
She added that it is important to attract students at a young age. “Starting early with the youth of America in this space is very important,” she said. “We’ve got to start with our ninth graders. If they don’t start at that point, it’s hard to catch up.”
Chris Inglis, who served as deputy director at the National Security Agency under Presidents Bush and Obama, said that offering a clear career development path in the field also represents a new frontier for the military.
“We need to know where we get these people from, how do we sustain them over time, do they have career tracks. There’s not been as much work done on that as on the acquisition of them in the first instance,” Inglis said.
“What are we going to do with the second lieutenants and ensigns when they then become lieutenants or they become captains or they become majors? We need to have a lifelong path of projection for them,” he added.
Even as they confront long-term challenges, defense officials said they are developing new capacities to quickly enhance cybersecurity. Lt. Gen. Kevin McLaughlin, deputy commander of Cyber Command, noted that the Defense Department is developing 133 cybersecurity teams that will work, in part, to anticipate cyberattacks.
“This is the force that didn’t exist before, that exists today and will certainly exist in the future. By the end of 2016, they will all exist, they should all be at initial operating capability, and we will begin to focus more on … combat-readiness,” McLaughlin said.
The ability to anticipate where attacks would take place, Cardon added, was one of the capabilities he most desires. “I’m amazed at how good we are at figuring out when an intrusion happened. I only wish we could have that before an intrusion happens,” he told the audience.
