Time For Cyber Force

Uploaded on 2024-05-24 in NEWS-Cybersecurity News, INTELLIGENCE--USA, GOVERNMENT-Defence, FREE TO VIEW

With the House passage of the FY 2025 National Defense Authorization Act, a committee amendment is now on the table that would require the National Academy of Sciences to “study the creation of an independent Cyber Force” - a seventh U.S. armed Force.

A great academic institution, the Academy. But, frankly, another study. Another task force. Another year gone before the report.  The quintessential DC punt on a perceived difficult bureaucratic issue. Sadly, our enemies in cyberspace don’t have the same problem. Russia and China have their Cyber Forces.

The time is now for a U.S. Cyber Force.

A Domain Ill Protected

Land, sea, air, space - cyber.  All domains required to be defended by our military worldwide. We hold our own in the first four. We are having real trouble in Cyber.

We have 290 million people with internet access in the U.S. We are certainly a dominant player. We founded the thing after all.  However, while we rested on our laurels, the rest of the world caught and surpassed us - five billion person occupy this domain. Many of them bad actors with intent to do us harm.

Our response has been slow to what represents a true 21st century threat to our nation’s security. An intangible domain where there are no borders or boundaries and little security. A world turned upside down where a North Korea or an ISIS can have equal power with us. Frankly, we are adrift in a 20th century bureaucratic response to it.

We have responded militarily with a Cyber Command.  Too little in my opinion. A Force, a Cyber Force, is desperately needed to lead our military organizing, training, and equipping our military forces to deal with this challenge.

A 21st Century Domain  -  A 20th Century Response

The primary challenge for political DC in dealing with cyber is the speed with which its development has taken place.  It was the somewhat the same problem with Space; only worse.  We simply dominated the space domain for 50 years. However, from the mid-2000's until today, China and Russia have focused on undermining our lead role in Space. But at least, we had a long established military bureaucracy and strategies with an Air Force in the lead.

In the Cyber Domain, there was no such military presence during the rush of cyber space expansion in the early 2000’s. Only by May 2010 did the U.S. finally establish a Cyber Command. 

It is a strange, hybrid beast.  An unusual arrangement of military and intelligence co-located with the National Security Agency drawing on its considerable resources and expertise. This Command is charged with defending and attacking our enemies in cyber space and coordinating with our allies. 

It also currently maintains a heavy and bureaucratically difficult role for a Command with “operational control” of the Cyber Mission Teams through six subordinate headquarters: four Service components include Army Cyber Command (ARCYBER), Navy Fleet Cyber Command (FLTCYBER), Air Forces Cyber (AFCYBER), and Marine Forces Join Forces Headquarter-Cyber (JFHQ-C), Cyber National Mission Forces (CNMF), and Joint Forces Headquarters DoD Information Network (JFHQ-DoDIN)

A Force - on the level of the other services - with a place at the Joint Chief of Staff table - that’s the power we need in Cyber spac. As the DoD shaping Goldwater-Nichols Act laid out in 1986, a Force is responsible for organizing, training, and equipping forces, which are then presented to the commands. That’s true control.

The Time Is Now

We are at an inflection point when the USG must stop living with 20th century concepts of endlessly mulling issues.

The pieces are already present. What should be done is  a Task force composed of DoD/IC players run out of the SecDef office charged with setting up a Cyber Force by mid/late 2025. And, as challenging as it is, it must be done with Senate and House Armed Services members and staff fully informed.

The sooner something can be introduced in a new session of Congress the better. Spring of 2025 with an action plan should be the goal.  Not another year of pontification. The time to act is now.

Ronald A. Marks is a former CIA and Capitol Hill staffer and IT Executive.  A member of the Council on Foreign Relations, he is Faculty Member of NSI and a Visiting Professor at George Mason University, the Schar School of Policy and Government.

Image: Ideogram

You Might Also Read:

Tik Tok And A Pack Of Smokes:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 

Cyber Security Intelligence: Captured Organised & Accessible

 

« New Guidance For Business Email Compromise
Staff Data Breach: British Police Could Be Fined £750k »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Kenna Security

Kenna Security

Kenna Security is a risk intelligence & vulnerability management platform that helps prioritize and remediate vulnerabilities.

Aviva

Aviva

Aviva provides Cyber Liability cover for small to mid-market customers to help combat the threat of data and privacy breach.

Cobalt Strike

Cobalt Strike

Cobalt Strike is penetration testing software designed to execute targeted attacks.

Lacework

Lacework

Lacework brings speed, scale, and automation to cloud security and allows security and DevOps teams to collaborate on keeping data and applications safe.

Data Recovery Services (DRS)

Data Recovery Services (DRS)

DRS provides data recovery services from media including hard disk drives, RAID, solid state disks SSD, memory sticks, USB drives, SD cards, tapes and mobile phones.

TeachPrivacy

TeachPrivacy

TeachPrivacy provides computer-based privacy and data security training that is engaging, memorable, and understandable.

Threat Intelligence

Threat Intelligence

Threat Intelligence is a specialist security company providing penetration testing, threat intelligence, incident response and training services.

National Cyber Summit (NCS)

National Cyber Summit (NCS)

The National Cyber Summit is the preeminent event for cyber training, education and workforce development aimed at protecting our nation's infrastructure from the ever-evolving cyber threat.

CybeReady

CybeReady

CybeReady’s Autonomous Platform offers continuous adaptive training to all employees and guarantees significant reduction in organizational risk of phishing attacks.

ThreatModeler

ThreatModeler

ThreatModeler is an automated threat modeling solution that fortifies an enterprise’s Software Development Lifecycle by identifying, predicting and defining threats.

Panther Labs

Panther Labs

Panther’s mission is to make security monitoring fast, flexible and scalable for all security teams.

AccountabilIT

AccountabilIT

AccountabilIT is a full spectrum information technology services firm for enterprises with complex information technology needs seeking relief from those challenges.

NSI Global

NSI Global

NSI Global is a specialist Global Risk and Intelligence Advisory Firm that has built a reputation for consistently managing complex projects.

Zigrin Security

Zigrin Security

Zigrin Security offer comprehensive, hands-on security testing of internal networks, applications, cloud-based solutions, e-commerce applications and mobile devices.

U2opia Technology

U2opia Technology

U2opia is a consortium with a proven track record of delivering groundbreaking technology, cybersecurity, and innovative business solutions.

Thunder Shield Security

Thunder Shield Security

Thunder Shield is a professional cyber security service provider of penetration test, source code review and security assessment services.