The U.S. Air Force cyber community is failing for a single fundamental reason: the community does not exist. In 2010, the communications community began to be identified as the cyber community. An operational cyberspace badge was created, and those who previously had been communications professionals now were seen as cyberwarriors. This change did not effectively take into account that cyber and communications are two distinct fields and should be entirely separate communities.
When attempting to identify cyber operators, it is impossible to look at the cyber Air Force specialty codes (AFSCs) as an indicator. In the officer ranks, only a small fraction ever takes part in on-keyboard or operational missions where the effects of cyber are leveraged for exploitation, attack or defense. Yet, all of the personnel wear the badge and identify themselves, some cynically so, as part of the cybercommunity.
This faux community creates problems when trying to identify the personnel needed for a mission. It is a distinct way of thinking and set of skills that enables an operator to target adversary networks or take an active role in defense. As an example, many people consider themselves computer network defense operators and are consulted as such. Yet, often they participate in more of a communications or maintenance role. They establish, maintain and oversee networks. This is a very important role—maybe even more important than a defense operator’s role when done correctly—but it is different. Applying vendor-issued software patches is not defense; it is maintenance.