Recently, Andrew Howard, Kudelski Security CTO was asked to comment in CSOonline on the need for a Cyber National Guard. A US congressman recently proposed the idea, citing digital security as a component of national security amidst headlines of other nations meddling in government business. The cyber national guard would be a team of cybersecurity reservists that could “occasionally be called on to protect the country against cyber threats, and strengthen national security on the digital level.”
My colleague’s response touched on the gap between IT and the military. Military requirements and obligations are often less appealing to tech workers than pursuing a career in the private sector. “Our government, similar to corporate America, is struggling to find qualified cyber security experts. The concept of a national guard cyber security capability is a good idea, but only to help grow the number of qualified military experts, not to actively defend US interests.” That begs the legal question of whether the military should be involved with enforcing domestic policies at all. The Posse Comitatus Act says no.
If the military and the National Guard cant, then the active defense of US interests in cyberspace will be driven by the “might of the nation.” When we talk about “might,” we’re talking about “the power, authority or resources wielded (as an individual or a group (at least according to Merriam Webster). National might is the power of the people, the businesses that create economic wealth, and the organizations that support our way of life, not just the military.
Every day in America, and across the globe, good, patriotic people are defending the world’s way of life in cyberspace. These people are the “might” that must defeat cyber attacks. . Whether it’s a government organization or a company that provides valuable services and economic power, there are cyber “forces” fighting to ensure our way of life continues.
Having spent 22 years in the US Army, helping operate and defend the Army’s networks, and at times, the entire Department of Defense’s networks, I see former Department of Defense military and civilian cyber professionals, serve this nation every day as part of the cyber ‘might’ in the civilian sector. Although they moved outside the military, their commitment to serve by fighting cyber attackers has not wavered. To all of them, thank you for your service and your continued service!
To CEOs, COOs, and CISOs, look for the Might. The nation needs your help, and it needs your employees’ help. Many companies want the world to be safe from cyber attacks, but it’s your team that has to accept the challenge. Ask yourself these two questions:
- Does your team understand their purpose – within the organization and their impact to the Nation?
- Are they prepared to fight? Do they have the attitude and the drive to do what they’ve been called to do?
It’s up to all of us to be part of the “Might” that will defend our nation against cyber attacks, cyber crime and cyber terrorism. The nation depends on it!
Mark is a retired U.S. Army Lieutenant Colonel, where he previously, held positions as the Deputy Director of the US Central Command (USCENTCOM) Joint Cyber Center, the Deputy Director for the National Security Agency/Central Security Service Threat Operations Center’s (NTOC) Counter Cyber Operations Office, and the Chief of Current Operations and Chief of Enterprise Services for what is now the Army’s Cyber Center. Mark has a MS from the University of Colorado in Telecommunications Engineering and a BS from Worcester Polytechnic Institute.
- IT vs. OT Security: 6 Strategies You Can Adapt to Secure OT Environments - October 1, 2020
- The Office 365 Avenue of Approach - October 22, 2019
- Requirements to Action: Cyber Threat Intelligence - August 23, 2018