The Cyber Edge

Global, asymmetrical threats now dominate attacks on nations and businesses alike, and the enemy is not always immediately knowable, identifiable or even seen. These realities are forcing leaders to invest more resources into analytics, as well as intelligence, surveillance, reconnaissance and other 21st century responses to cyber bombardments today.

As emerging technologies and capabilities permeate and dominate the military and critical infrastructure, a different skill set is required to secure the increasingly complex cyberspace realm. The Internet of Things will be both an asset and a liability in the future when the military incorporates it into operations, and urban environments will complicate these efforts.

Cyber warfare continues to evolve with ever-changing innovation and technology, increasing critical infrastructure defense. In addition, with the onset of smart cities, the U.S. military in general, and the U.S. Army in particular, is exploring gaps in training and education related to operating in dense, super-connected urban areas.

Artificial intelligence and machine learning techniques could help information and network defenders recognize patterns of potential attackers so their next moves can be proactively blocked. In addition, cyber tools enhanced with these capabilities could provide a much more detailed picture of the cyber battlefield and increase the potential of success in a cyber campaign. This knowledge would complement the kinetic battlefield and could permit war planners to choose the appropriate mix of cyber and kinetic operations.

In the cyber realm, organizations need the means to rapidly identify emerging threats, immediately respond to mitigate risk, and systematically learn from these encounters—just as the immune system responds to a virus.

A single tool, process or team cannot deliver true cybersecurity. Collecting, analyzing and disseminating intelligence requires a converged organization that fuses expertise across domains. As adversaries possessing sophisticated expertise and considerable resources target multiple attack vectors—cyber, electromagnetic and physical, for example—cyber leaders must develop teams and systematic processes to rapidly transform analysis into action.

Personnel working in cyber must continually look for opportunities to learn, say cyber professionals from across government.

During a morning panel discussion on the final day of the AFCEA TechNet Cyber conference in Baltimore, high-ranking officials from the Defense Department, Department of Homeland Security and National Security Agency discussed a wide range of issues concerning the cyber workforce today and tomorrow.

The Defense Information Systems Agency (DISA) is challenged with a significant personnel shortage, including information technology, spectrum and cybersecurity experts.

Vice Adm. Nancy A. Norton, DISA director and commander of the Joint Forces Headquarters-Department of Defense Information Network (JFHQ-DODIN), told the audience at the AFCEA TechNet Cyber 2019 conference in Baltimore that the agency is seeking to hire personnel in a number of areas.

The FBI has a full plate: fighting public corruption, organized and white-collar crime and domestic and foreign terrorism; solving violent crimes; protecting civil rights; neutralizing national security threats, espionage and counterintelligence; and mitigating threats of weapons of mass destruction, among other responsibilities. And one part of the bureau is growing to protect the nation against cyber threats.

The cybersecurity workforce gap is real, and it’s growing. Based on a state-by-state analysis on CompTIA’s cyberstates.org, there are currently 320,000 open cyber jobs in the United States. By 2022, the projected shortage of cybersecurity professionals worldwide will reach 1.8 million, according to the Center for Cyber Safety and Education.

Recruiting and maintaining a cybersecurity workforce is a complicated challenge for the government. According to the Information System Security Certification Consortium, 85 percent of cybersecurity professionals would consider leaving their current jobs. Information technologists do not need to search for positions that are exciting, respect their expertise, help them become more marketable and pay well because as many as 18 percent of non-active job seekers are contacted daily by employers seeking them out.