Does the US military need a Cyber Force?
Description
The U.S. military is hemorrhaging talent in cyber warfare, which national security experts warn could lead to America being outgunned and outsmarted by adversaries such as China, Russia, or Iran, who could use cyber weapons to wreak havoc on American military and civilian infrastructure.
The only way to fix it may be to start a seventh branch of the military: a Cyber Force.
There are currently about 225,000 service members, civilians, and contractors who work in cyber fields across the Defense Department. Most of them build, operate, patch, maintain, and do routine security for the 4 million computers and 34 billion IP addresses that make up the larger Department of Defense Information Network.
Each of the military services manages its own information networks and defends them against run-of–the-mill cybersecurity threats. They also recruit and train cyber troops and present them to U.S. Cyber Command, a combatant command that provides cyber support to troops conducting real-world operations.
Top Stories This Week
There is some overlap here between what Cyber Command, or CYBERCOM, does and what the services do, but generally, if it’s offensive operations, or if the threat being defended against is really heavy-duty, that is usually CYBERCOM’s business.
But the services have not coordinated how they train cyber troops. That means service members come to CYBERCOM with different training for the same job, using different terms to refer to the same thing, and bringing their service-specific approaches to cyberspace.
That’s bad because CYBERCOM’s Cyber Mission Force — the 6,000 or so people who actually perform cyberspace operations — is designed to be modular, where teams from different services can swap in and do the same job. That’s according to Aden Magee, a retired Army cyber officer who wrote about this for War on the Rocks in September.
CYBERCOM is often compared with U.S. Special Operations Command, or SOCOM, which oversees real-world special operations and is the only other combatant command also charged with guiding how the services train units for it.
Special operations encompasses sea, air, land, and other domains, so it makes sense for the services to train different types of special operations troops who then bring their unique skillsets to the field. But CYBERCOM focuses solely on the cyber domain, so a cyber soldier should have the same skills as a cyber Marine, experts say.
Plus, SOCOM has also been more proactive than CYBERCOM in telling the services what it wants from them, according to Magee, which means SOCOM actually has what it needs to do its mission.
<figure class="wp-block-image size-large">
<figcaption class="wp-element-caption">Personnel with U.S. Cyber Command work in the Integrated Cyber Center, Joint Operations Center at Fort George G. Meade, Maryland on April 2, 2021. Army photo by Josef Cole. Army photo by Josef Cole.</figcaption></figure>Multiple think tanks agree that the current approach isn’t working. In August, the RAND Corporation published a report saying that the Defense Department can’t recruit and retain the right people for cyber jobs, and that a lot of cyber troops aren’t fully trained or qualified before they show up to operational units.
The Center for Strategic and International Studies, CSIS, pointed out that operational planning is split among the five services, each with its own approach to cyber, which leads to an incoherent strategy. That’s worrying when Chinese hackers have stolen important secrets like F-35 designs and the sensitive personal data of more than 22 million Americans, while Iran and Russia have attacked everything from U.S. pharmaceutical companies to oil pipelines and water treatment plants.
A specialized cyber force may help. CSIS proposed that other services would secure their own systems and networks while the cyber force would focus on organizing, training, and equipping troops for those specialized skills that CYBERCOM and the other combatant commanders need in order to coll
United States
