I could have stopped reading after the first sentence and known what the remainder of the article said, but read it all, anyway. I do not think these issues are limited to the AF, because the same laws, policies, and procedures the AF "lives" with come from higher up. Compliance drives more resources than operations, so who has time left to actually work on the network? Or, perhaps the better question, who actually has time left to attain and maintain compliance? The same people cannot be expected to do both, and those that do are spending inordinate amounts of personal time trying to learn how. Capt. Lee is very on-target in his assessment.
The DoD owes any cyber security success it has to a mission-oriented workforce demoralized by, as Capt. Lee rhetorically put it, "...it is easier to get approval to kill someone than it is to drop a router." But we press on.
I think I am going to like the new "Disruptive by Design" column.
More information about text formats