Over the next few years the U.S. Cyber Command, an army of 900 military personnel and civilians who monitor and defend against cyber attacks, is set to grow by 4,000 cyber soldiers. The command will expand its role in national defense by becoming a new kind of fighting force, one that protects the Internet safety of the entire country. As the expansion is implemented, Cybercom will be separated into three teams:
- National Mission Forces
- Combat Mission Forces
- Cyber Protection Forces
Department Of Offense
Each team serves as an offensive front against potential cyber attacks. The National Mission Force will protect computer networks for infrastructure like electrical grids, telecommunications and power plants from overseas attacks. The Combat Mission Force will provide assistance to the military to respond or implement cyber attacks of their own; and the Cyber Protection Force will add protection levels to Department of Defense websites. (Even though they aren’t DoD, the Department of Justice certainly could have used some protection when Anonymous hacked the U.S. Sentencing Commission twice in tribute to Aaron Swartz.)
With the recent cuts to the Department of Defense’s budget, questions are being raised about where the money to pay these people is going to come from. If the shift happens without adding many new members to the force, possibly by moving people from non-cyber positions to cyber ones, there shouldn’t be a problem. However, if the change requires lots of new people, there could be budgetary issues and Congress may have to get involved.
Shifting some of its cyber defenses to offensive roles is a different move for the DoD. However, with the rise in cyber crime and cyber warfare, it’s no surprise that the Pentagon is taking this action. The general consensus seems to be that the military has to add cyber attacks to its arsenal of traditional warfare capabilities. Even the current Secretary of Defense seems to think so. In New York last fall, Leon Panetta said, “A cyber attack perpetrated by nation states or violent extremist groups could be as destructive as the terrorist attack of 9/11.” he added that an attack like that could paralyze the nation.
Michael Kaiser, executive director of the National Cyber Security Alliance (NCSA), said in an email to ReadWrite that cyber attacks are becoming more attractive as a means of warfare because they can be launched from anywhere, and don’t always come from the usual suspects: “Cyber attacks can be launched by groups that may not be aligned with nation states.”
Are There Enough Cyber Soldiers Available To Meet The Demand?
The demand for skilled and qualified personnel is there, but is there skilled manpower available to fill that need?
Cyber attacks are expensive, dangerous and can hit anyone from the federal government to national banks. Many companies and government agencies will be in a bidding war to get these people on their team. Kaiser says that the demand for professionals in this field ranges from 30,000 to 2 million. According to a report on NPR’s “All Things Considered,” there are currently only about 1,000 qualified people nationwide.
It’s not just hacking, specialists need to know how to clean networks that have been compromised, how to reverse engineer malware and how to develop offensive capabilities for the agency they work for, among many other things. According to eWeek, experts say training a college grad to protect networks could take as many as 2,000 hours.
Companies like defense contractor Northrop Grumman are working with universities nationwide to drum up interest in the cyber security field, even going as far as developing high school programs. A spokesperson from Northrop Grumman, Marynoele Benson, said that its efforts are “aimed at filling the pipeline of needed cyber pros across all sectors of industry and the government.”
Hopefully, the interest in cyber defense will grow more quickly than the incidents of attack.