The Department of Defense’s cyber warriors are not one-trick ponies.
In creating a cyber warrior class, DoD and Cyber Command sought not to stovepipe their workforce into certain roles, namely offense or defense. From their perspective, the relationship is symbiotic and both sides are equally imperative.
“The first thing you want to do is be careful about saying it’s one or the other. I do think that there’s a benefit and an advantage ... that one might inform the other,” Rear Adm. T.J. White, commander of the Cyber National Mission Force at Cyber Command, said during a panel at the INSA National Security and Intelligence Summit in Washington Sept. 6.
“There’s a lot that we’ve learned in anticipating what you might have to do on the offense by understanding very, very well what is going on with the defense.”
The cyber warriors within the individual services that feed through the cyber mission force up to Cyber Command are all trained to the same joint standards, which creates a common baseline for all.
“I think this is the piece we’ve always talked about; how do we ensure this workforce we’re developing doesn’t get stovepiped into one or the other because what we always believed as we were standing up CYBERCOM is that the most effective piece is that the offensive is going to inform the defense and the defense is going to inform the offense,” Lt. Gen. Paul Nakasone, commander of Army Cyber Command, said at the same panel, speaking from a joint perspective having previously held White‘s position.
“Now we are taking a look at are we true to our form to be able to assign people from the defensive side to the offensive side and the offensive side to the defensive side.”
This is also true for some of the individual services, which are trying to build out their own organic cyber forces to get at service-specific problems aside from their joint community responsibilities through the cyber mission force build.
The Army was the first to establish a cyber branch within its service, which is on par with artillery or infantry allowing cyber soldiers to stay in this field for their entire career.
In any of those soldiers’ development, the Army envisions them going from offense to defense because all those inform each other, Brig. Gen. JP McGee, deputy commanding general for operations at Army Cyber Command, said at the Billington Cybersecurity Summit in Washington Sept. 13.
McGee noted that some of the more interesting conversations he sits in on are those involving individuals who have only done offensive cyber alongside those who are a network defender or focused on defense. As they start talking back and forth, he added, it’s easy to see how they feed off each other.
McGee believes this is where the future development and evolution of thought will reside to prevent stovepiping because having the experience in all those different fields will be critical for effective actions.
“I think that as you go about your business under the right and appropriate authorities regime, [what you do] on the offensive side can also deepen what you need to do on the defensive side,” White said.
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.