Tapping Into Diverse Talent Ensures Strong Cyber Defense
John Sherman, chief information officer, Department of Defense, speaks during TechNet Cyber 2023. Credit: Michael Carpenter
The U.S. Department of Defense’s cyber personnel deficit will be averted by employing the intellectually and geographically diverse, according to its chief information officer.
“When we tap into all the talent we can get after in this great nation, nobody would be able to stop us doing what we need to do, having a workforce that looks like America, having a workforce system that recognizes the changing dynamics of our 21st-century environment… and we've got to get after this because I'll tell you when we do this right, nothing they're going to do in Beijing, or Moscow, or Tehran, or Pyongyang, can stand up to what we're going to bring to this fight,” said John Sherman, chief information officer, Department of Defense, speaking at AFCEA's TechNet Cyber 2023 in Baltimore on Wednesday.
Event host Lt. Gen. Susan Lawrence, USA (Ret.), AFCEA’s president and CEO, brought up the issue of education prior to moving into a cyber career and noted “that kind of talent doesn't necessarily tie to a four-year [college] degree.” Sherman shared a quote from his father, a former enlisted member of the armed forces: “Degrees are great, but experience is even better.”
Placing the human factor at the center of the fight, airman Jack Teixeira’s classified document leak was discussed. Teixeira is being prosecuted for allegedly distributing information on social media that revealed U.S. military plans and analysis.
Degrees are great, but experience is even better.
“What zero trust could have done in this case, and what we are getting after now on areas like robust user activity monitoring, you aim at the top secret and secret levels, which we've already made great progress on, but it's not just the software. You have to have insider threat cells, human beings at different echelons of command that set the triggers,” Sherman said, placing responsibility in command at the base level, where network monitoring should aid but not replace effective control.
Sherman also spoke to potential suppliers in the audience, as future business opportunities will be where new capabilities are added.
“Think of problems we haven't even thought of as technologists,” Sherman said. The focus is on zero trust and cybersecurity, orbit and data transport. “Let's be as creative as we possibly can [and] use that space domain in a way we haven't done before,” Sherman added.
Sherman encouraged future business partners to challenge the established technologies if flaws are found.
“Make sure that we're asking hard questions, ask us about our capabilities and don't be afraid to come open our door and say, ‘Hey, we've got something better,’ maybe a micro-thing or a macro-thing that's going to make your job easier. That's what I need your help with,” Sherman laid out.
“The one thing that scares our potential adversaries more than a U.S. ship transiting a strait is a U.S. and a Canadian ship together, or a U.S. and Japanese and a Canadian ship together,” Sherman said. And bringing technology back into the discussion, he added that as the joint all-domain command and control initiative, JADC2, comprises operations with allies, “we've got to make this seamless.”
The fireside discussion was presented by Brig. Gen. Paul Fredenburgh, USA (Ret.), AFCEA's executive vice president for National Security and Defense.