Time For Cyber Force

Uploaded on 2024-05-24 in NEWS-Cybersecurity News, INTELLIGENCE--USA, GOVERNMENT-Defence, FREE TO VIEW

With the House passage of the FY 2025 National Defense Authorization Act, a committee amendment is now on the table that would require the National Academy of Sciences to “study the creation of an independent Cyber Force” - a seventh U.S. armed Force.

A great academic institution, the Academy. But, frankly, another study. Another task force. Another year gone before the report.  The quintessential DC punt on a perceived difficult bureaucratic issue. Sadly, our enemies in cyberspace don’t have the same problem. Russia and China have their Cyber Forces.

The time is now for a U.S. Cyber Force.

A Domain Ill Protected

Land, sea, air, space - cyber.  All domains required to be defended by our military worldwide. We hold our own in the first four. We are having real trouble in Cyber.

We have 290 million people with internet access in the U.S. We are certainly a dominant player. We founded the thing after all.  However, while we rested on our laurels, the rest of the world caught and surpassed us - five billion person occupy this domain. Many of them bad actors with intent to do us harm.

Our response has been slow to what represents a true 21st century threat to our nation’s security. An intangible domain where there are no borders or boundaries and little security. A world turned upside down where a North Korea or an ISIS can have equal power with us. Frankly, we are adrift in a 20th century bureaucratic response to it.

We have responded militarily with a Cyber Command.  Too little in my opinion. A Force, a Cyber Force, is desperately needed to lead our military organizing, training, and equipping our military forces to deal with this challenge.

A 21st Century Domain  -  A 20th Century Response

The primary challenge for political DC in dealing with cyber is the speed with which its development has taken place.  It was the somewhat the same problem with Space; only worse.  We simply dominated the space domain for 50 years. However, from the mid-2000's until today, China and Russia have focused on undermining our lead role in Space. But at least, we had a long established military bureaucracy and strategies with an Air Force in the lead.

In the Cyber Domain, there was no such military presence during the rush of cyber space expansion in the early 2000’s. Only by May 2010 did the U.S. finally establish a Cyber Command. 

It is a strange, hybrid beast.  An unusual arrangement of military and intelligence co-located with the National Security Agency drawing on its considerable resources and expertise. This Command is charged with defending and attacking our enemies in cyber space and coordinating with our allies. 

It also currently maintains a heavy and bureaucratically difficult role for a Command with “operational control” of the Cyber Mission Teams through six subordinate headquarters: four Service components include Army Cyber Command (ARCYBER), Navy Fleet Cyber Command (FLTCYBER), Air Forces Cyber (AFCYBER), and Marine Forces Join Forces Headquarter-Cyber (JFHQ-C), Cyber National Mission Forces (CNMF), and Joint Forces Headquarters DoD Information Network (JFHQ-DoDIN)

A Force - on the level of the other services - with a place at the Joint Chief of Staff table - that’s the power we need in Cyber spac. As the DoD shaping Goldwater-Nichols Act laid out in 1986, a Force is responsible for organizing, training, and equipping forces, which are then presented to the commands. That’s true control.

The Time Is Now

We are at an inflection point when the USG must stop living with 20th century concepts of endlessly mulling issues.

The pieces are already present. What should be done is  a Task force composed of DoD/IC players run out of the SecDef office charged with setting up a Cyber Force by mid/late 2025. And, as challenging as it is, it must be done with Senate and House Armed Services members and staff fully informed.

The sooner something can be introduced in a new session of Congress the better. Spring of 2025 with an action plan should be the goal.  Not another year of pontification. The time to act is now.

Ronald A. Marks is a former CIA and Capitol Hill staffer and IT Executive.  A member of the Council on Foreign Relations, he is Faculty Member of NSI and a Visiting Professor at George Mason University, the Schar School of Policy and Government.

Image: Ideogram

You Might Also Read:

Tik Tok And A Pack Of Smokes:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 

Cyber Security Intelligence: Captured Organised & Accessible

 

« New Guidance For Business Email Compromise
Staff Data Breach: British Police Could Be Fined £750k »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Data-Risk Managers

Cyber Data-Risk Managers

Cyber Data-Risk Managers Pty Ltd is an insurance broker based in Melbourne, Australia specializing in Cyber insurance / Data breach insurance.

Verve Industrial

Verve Industrial

Verve specialize in providing software and services to help protect and secure critical industrial control systems.

Israel Aerospace Industries (IAI)

Israel Aerospace Industries (IAI)

IAI offers a holistic approach that provides defense forces, governments, critical infrastructures and large enterprises with end-to-end cyber security & monitoring tools.

RiskCentric

RiskCentric

RiskCentric is a consultancy specializing in risk management and compliance.

Sensible Vision

Sensible Vision

SensibleVision helps organizations transparently protect data and prevent costly security breaches by constantly verifying the identities of people who use computers or mobile devices.

Wayra UK

Wayra UK

Wayra UK, part of Telefónica Open Future, has been chosen to run a new cyber accelerator facility to help UK start-ups grow and take the lead in producing the next generation of cyber security systems

FinlayJames

FinlayJames

FinlayJames supports cyber security companies to meet the increasing demand and pressure on them by finding top talent within the industry for their sales, marketing and technical teams.

Indusface

Indusface

Indusface offers best website security, web application firewall and SSL certificate to keep your online business much safer.

Findings

Findings

Findings (formerly IDRRA) is a scalable AI powered assessment platform that streamlines security compliance across sectors, jurisdictions and regulatory frameworks.

Research Institute in Verified Trustworthy Software Systems (VeTSS)

Research Institute in Verified Trustworthy Software Systems (VeTSS)

The main purpose of VeTSS is to support program analysis, testing and verification, to achieve guarantees of software correctness, safety, and security.

Trellix

Trellix

Trellix is an extended detection and response (XDR) solutions provider created from a merger of McAfee Enterprise and FireEye Products.

CXI Solutions

CXI Solutions

CXI Solutions: Your trusted partner in cybersecurity. We offer a full range of cybersecurity solutions to protect your business from digital attacks and virtual threats.

WBM Technologies

WBM Technologies

WBM Technologies is a Western Canadian leader in the provision of outcomes-driven information technology solutions.

Token

Token

Token is changing the way our customers secure their organizations by providing passwordless, biometric, multifactor authentication.

Quantum Dice

Quantum Dice

Quantum Dice is an award-winning venture-backed spinout from Oxford University’s world-renowned quantum optics laboratory.

SUCCESS Computer Consulting

SUCCESS Computer Consulting

SUCCESS Computer Consulting is a leader in managed IT and security services for small and medium-sized businesses in Minneapolis, St. Paul, and the surrounding Twin Cities Metro area.