Time For Cyber Force

Uploaded on 2024-05-24 in NEWS-Cybersecurity News, INTELLIGENCE--USA, GOVERNMENT-Defence, FREE TO VIEW

With the House passage of the FY 2025 National Defense Authorization Act, a committee amendment is now on the table that would require the National Academy of Sciences to “study the creation of an independent Cyber Force” - a seventh U.S. armed Force.

A great academic institution, the Academy. But, frankly, another study. Another task force. Another year gone before the report.  The quintessential DC punt on a perceived difficult bureaucratic issue. Sadly, our enemies in cyberspace don’t have the same problem. Russia and China have their Cyber Forces.

The time is now for a U.S. Cyber Force.

A Domain Ill Protected

Land, sea, air, space - cyber.  All domains required to be defended by our military worldwide. We hold our own in the first four. We are having real trouble in Cyber.

We have 290 million people with internet access in the U.S. We are certainly a dominant player. We founded the thing after all.  However, while we rested on our laurels, the rest of the world caught and surpassed us - five billion person occupy this domain. Many of them bad actors with intent to do us harm.

Our response has been slow to what represents a true 21st century threat to our nation’s security. An intangible domain where there are no borders or boundaries and little security. A world turned upside down where a North Korea or an ISIS can have equal power with us. Frankly, we are adrift in a 20th century bureaucratic response to it.

We have responded militarily with a Cyber Command.  Too little in my opinion. A Force, a Cyber Force, is desperately needed to lead our military organizing, training, and equipping our military forces to deal with this challenge.

A 21st Century Domain  -  A 20th Century Response

The primary challenge for political DC in dealing with cyber is the speed with which its development has taken place.  It was the somewhat the same problem with Space; only worse.  We simply dominated the space domain for 50 years. However, from the mid-2000's until today, China and Russia have focused on undermining our lead role in Space. But at least, we had a long established military bureaucracy and strategies with an Air Force in the lead.

In the Cyber Domain, there was no such military presence during the rush of cyber space expansion in the early 2000’s. Only by May 2010 did the U.S. finally establish a Cyber Command. 

It is a strange, hybrid beast.  An unusual arrangement of military and intelligence co-located with the National Security Agency drawing on its considerable resources and expertise. This Command is charged with defending and attacking our enemies in cyber space and coordinating with our allies. 

It also currently maintains a heavy and bureaucratically difficult role for a Command with “operational control” of the Cyber Mission Teams through six subordinate headquarters: four Service components include Army Cyber Command (ARCYBER), Navy Fleet Cyber Command (FLTCYBER), Air Forces Cyber (AFCYBER), and Marine Forces Join Forces Headquarter-Cyber (JFHQ-C), Cyber National Mission Forces (CNMF), and Joint Forces Headquarters DoD Information Network (JFHQ-DoDIN)

A Force - on the level of the other services - with a place at the Joint Chief of Staff table - that’s the power we need in Cyber spac. As the DoD shaping Goldwater-Nichols Act laid out in 1986, a Force is responsible for organizing, training, and equipping forces, which are then presented to the commands. That’s true control.

The Time Is Now

We are at an inflection point when the USG must stop living with 20th century concepts of endlessly mulling issues.

The pieces are already present. What should be done is  a Task force composed of DoD/IC players run out of the SecDef office charged with setting up a Cyber Force by mid/late 2025. And, as challenging as it is, it must be done with Senate and House Armed Services members and staff fully informed.

The sooner something can be introduced in a new session of Congress the better. Spring of 2025 with an action plan should be the goal.  Not another year of pontification. The time to act is now.

Ronald A. Marks is a former CIA and Capitol Hill staffer and IT Executive.  A member of the Council on Foreign Relations, he is Faculty Member of NSI and a Visiting Professor at George Mason University, the Schar School of Policy and Government.

Image: Ideogram

You Might Also Read:

Tik Tok And A Pack Of Smokes:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 

Cyber Security Intelligence: Captured Organised & Accessible

 

« New Guidance For Business Email Compromise
Staff Data Breach: British Police Could Be Fined £750k »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Security Industry Association (SIA)

Security Industry Association (SIA)

The SIA's mission is to be a catalyst for success​ within the global security industry through information, insight and influence.

SecureNinja

SecureNinja

SecureNinja provides professional training, certifications & professional services related to all facets of Information Technology and Cyber Security.

Horangi

Horangi

Horangi provides security products and services that enable the rapid delivery of Incident Response and threat detection for our customers who lack the scale, expertise, or time to do it themselves.

National Cyber Security Centre (NCSC) - Switzerland

National Cyber Security Centre (NCSC) - Switzerland

The National Cyber Security Centre is Swizerland's competence centre for cybersecurity and the first contact point for businesses, public administrations, and the public for cyber issues.

CSIRT GOV - Poland

CSIRT GOV - Poland

Computer Security Incident Response Team CSIRT GOV, run by the Head of the Internal Security Agency, acts as the national CSIRT responsible for coordinating the response to computer incidents.

Rippleshot

Rippleshot

Rippleshot is a fraud analytics firm that detects mass card compromises faster, allowing issuers to execute more proactive fraud detection strategies.

Vdoo

Vdoo

Vdoo provides an end-to-end product security platform for automating all software security tasks throughout the entire product lifecycle.

Iowa Cyber Hub

Iowa Cyber Hub

Iowa Cyber Hub is a cybersecurity education partnership between Iowa State University and Des Moines Area Community College.

Forum Systems

Forum Systems

Forum Systems is a global leader in API Security Management with industry-certified, patented, and proven products deployed in the most rigorous and demanding customer environments.

Cyber Intelligence House (CIH)

Cyber Intelligence House (CIH)

Cyber Intelligence House provides risk exposure solutions for a wide range of audiences including companies, government agencies, regulators, investors, law enforcement and consumers.

Glocomp Systems

Glocomp Systems

Glocomp Systems is one of Malaysia’s premier ICT infrastructure distributor offering a comprehensive portfolio of solutions including cybersecurity and privacy.

Borwell

Borwell

Borwell delivers software and IT solutions to the UK MoD and to UK Government departments, which are secure by design.

Tychon

Tychon

Tychon develops advanced enterprise endpoint management technology that enables commercial and government organizations to bridge the gap between security and IT operations.

Treacle Technologies

Treacle Technologies

Treacle Technologies are a Cyber Security startup with a focus on Defensive Security.

Cypherleak

Cypherleak

Cypherleak provide Automated Cyber Risk Monitoring & Ai powered cyber recommendations.

Axiotrop

Axiotrop

AXIOTROP is a Cybersecurity firm offering leading services in assessment, remediation, and validation to protect the confidentiality, integrity, and availability of regulated information.