The Red Flag 14-1 cyber protection team works on defense procedures inside the Combined Air and Space Operations Center-Nellis during the exercise Feb. 5, 2014, at Nellis AFB, Nev. Air Force photo by SrA. Brett Clashman.
The Air Force is “on the right glide slope” in developing cyber capabilities to fight today’s wars, but “we should be worried” about threats to mission assurance, Maj. Gen. Ed Wilson, deputy principal cyber advisor in the Office of the Secretary of Defense, said Tuesday.
In trying to meet the increasingly sophisticated attacks from adversaries in the battlefield, cyber operations need more speed in developing new capabilities and fielding them. The greatest challenge combat commanders face is “the authorities piece,” said Wilson. In the Defense Department’s conversations with the incoming Trump Administration about cyber defense, Wilson said, the focus is on the question, “How do we delegate authority or make decisions more radically” in order to prepare commanders more quickly to counter cyberattacks.
Both Wilson and Lt. Gen. William Bender, the Air Force’s Chief Information Officer, identified the acquisitions process as a trouble spot. In order to develop effective mission assurance and offensive cyber capability, they called for the requirements process to be streamlined.
“We need a paragraph, rather than a 200-page requirements document,” to communicate commanders’ needs quickly up the chain of command to be verified, Bender said. Their comments were made at a conference of the Armed Forces Communications and Electronics Association in Vienna, Va.
Still, Wilson said he was encouraged by the state of cyber operations in current US wars. While warning that discussion of particular systems and capabilities was not possible because of classification level, Wilson said that the cyber fight against ISIS has been “very, very positive in regard to the progress made and the effects we’re delivering.” When commanders “stay small in terms of fielding capabilities,” he said, they have the flexibility they need to work the acquisitions process to respond quickly to emerging threats. For larger systems, however, there is still a need to “accelerate the decision cycle.”
Another challenge DOD cyber operations face in trying to respond faster is their size. There is good news and bad news here. Wilson praised the standing up of the Cyber Mission Force in 2012, which saw 6,200 DOD personnel, both military and civilian, organized into 133 teams to focus the joint cyber effort on discrete areas like combat, mission assurance, and cyber protection. Wilson said the CMF achieved initial operational capability in October of this year and is on track to reach full operational capability by the end of Fiscal 2018.
Still, Wilson said, the entire cyber force within USAF is only the “size of a large wing.” So far, the DOD has made a “very small investment” in cyber operations. This relatively small cyber force, Wilson said, is faced with the tough reality that “we’re seeing a tremendous growth in commanders’ requirements” in the cyber area. While the performance of this small cyber force is positive, Wilson said, “we have to bring the right people into the department—we have to grow.”
As a way forward, Wilson pointed to STEM education programs focused on middle- and high-school aged children, like the Air Force Association’s CyberPatriot program. Such programs, he said, can turn young people on to the importance of science and technology work and can ultimately “grow that pool” of talent available to join the cyber mission.