Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- Mission-critical Apps in the Cloud
- Mobile Device Management
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
Army ponders proper shape, size of cyber workforce
Monday - 10/28/2013, 4:10am EDT
As the Army builds up a force to operate in its newest warfighting domain — cyber — it's wrestling through a lot of tough questions. How big should the cyber force be? What's the right mix of soldiers, civilians and contractors? And how does DoD need to change its legacy personnel systems to bring the best possible talent on board?
The military as a whole is in the process of building 133 cyber mission teams with responsibilities for offensive cyber operations, defensive cyber operations and operating DoD's own networks. The Army will contribute 41 teams to that joint effort out of a cadre of soldiers it's building under the auspices of Army Cyber Command, which formally stood up just three years ago.
But Lt. Gen. Edward Cardon, Army Cyber Command's commander, said for now, it's impossible to tell whether that force is too big or too small.
"Let's get demonstrated capability out there, and then we're going to find out things we know and don't know and we can adapt our organizational structure," he said. "I'm arguing within the Army that the entire cyber force should be re-looked at about once every two years. I think we're on the inflection point of some pretty amazing technologies coming into the operational sphere. Just with cloud computing and the explosion of mobile devices, the rapid development on supervisory control and data acquisition systems. The impact of Mr. [Edward] Snowden and what's that done to our community in terms of the insider threat. When you start putting all these things together and you try and predict out a couple years from now what size force we need, I'm not sure you can do that. What I do know is we gotta get the best people possible."
Cardon said it's taken a few years to get the Army's initial set of cyber operators trained and ready, and he's comfortable with the service's current plans to build up its cyber force, which cover the time period up to 2017. But he said the Army needs to be willing to adapt those plans.
"I talk to our senior officials all the time about reexamining the force, having an acquisition strategy that operates inside a two-year cycle, and our current Army processes to manage capabilities in this domain, including human talent, aren't capable of keeping up with this kind of speed," he said. "I think we're starting to see some movement in the area of institutional adaptation. There's recognition of this."
Easier path for reservists
One particular question surrounds the Army's use of members of the National Guard and Reserve to perform cyber missions. Many of those members work in IT fields in their civilian jobs, and the military knows they're a huge potential source of untapped talent for cyber missions. But Cardon said the elite cyber teams the Army's trying to build aren't particularly well-suited for part-time work.
"The level of training that some of these operators get requires continuous work on the network," he said. "They complain about going away to the warrior leader course for four weeks, because things really evolve in four weeks and they feel very behind. So a 52-day training model is not going to work for this."
Instead, Cardon said he'd like to see Army hiring systems changed so that those people can be brought on board as full-time Army civilians.
"There is some discussion on lateral entry, and how we would do that," he said. "Are the Army civilian hiring processes good enough to get the super users out there? Probably not. We need a little different structure. And when I asked for a different structure, it's like, 'Well, we don't have the legislative authority for that.' OK, let's ask. This is the kind of innovation we need. It's not just technical innovations inside the cyber domain, it's the institutional domain to build it."
For active duty soldiers, Army cyber leaders say they are making progress toward training and retaining a skilled cyber workforce. Two years ago, the Army created its first occupational field for cyber specialists, but it's still too early to tell whether those soldiers will be lured away to more lucrative jobs in private industry before the Army's substantial investment in their training pays off.
Can't punish cyber warriors
Sergeant Maj. Rodney Harris, the senior enlisted adviser at Army Cyber Command, said he thinks many of his soldiers will take a comparatively smaller paycheck because the missions they perform in the military simply don't exist in the commercial world. But he sees another problem — the current Army personnel system is set up to punish soldiers for specializing in network warfare and sticking with it.