Technology is moving too fast to keep track of everything, but there’s one overarching trend that policymakers must not miss in 2015. Call it “convergence.”
Cybersecurity is no longer its own specialized function for tech geeks to take care of off to one side while the rest of the organization gets on with the real mission. To the contrary, cybersecurity is becoming an increasingly central concern for more and more institutions, from Sony Pictures to the US Army, from Marine Corps drone units to Pentagon cloud computing contractors. Integrating the new technology into operations will require new concepts, sustained funding, and open communications between government and industry — none of which is guaranteed in 2015.
We’ve seen something like this before. Back in the 1990s, organizations dealing with data — with networks, computing, and all things digital — converged with those that dealt with communications — until then an analog business — to create a unified approach to digital communications. It wasn’t easy, but we did it. Now there are positive signs we’re rising to the challenge once again. In 2014, for example, the US Army merged its Cyber Command with the Signal Center at Fort Gordon, creating a new Cyber Center of Excellence to integrate cyber warfare, electronic warfare, and communications.
In fact, all of the military services are beginning to integrate information technology positions — chief of information operations, commander of a cyber unit, and so on — with traditional operational skills such as aviation, intelligence, or artillery, because each military branch must develop the capability to support at least defense cyber operations and, in some cases, cyber attack. Commanders know that failure to stop a cyber threat may lead to mission failure, destruction of critical infrastructure, and even loss of American lives. That means the military must seamlessly integrate cybersecurity into both training and operations.
Consider cloud computing, which grew rapidly in the military in 2014. The combination of ever-larger amounts of data and ever-smaller budgets means that reliance on cloud computing will only increase. But if your data moves to the cloud, you need constant, reliable access to that cloud to do your job — which means you need cybersecurity. The Defense Department must engage closely with cloud service providers to figure out costs, risks, and requirements so the military gets solutions that are both cost-effective and safe.
We also need new ways of looking at Unmanned Aerial Vehicles (UAVs). Long associated with Intelligence, Surveillance, and Reconnaissance (ISR), drones are being increasingly used for other purposes, for example as communications relays to extend line-of-sight radio and data links. Such an “aerial layer” can reduce the military’s dependence on expensive (and potentially vulnerable) satellites. But as UAVs become more common in the skies, we need better command and control networks to keep them and manned aircraft from colliding by accident — and those networks had better be secure against cyber attackers who might make them collide on purpose.
We already know cyber attacks can have physical effects. Consider how the Stuxnet virus caused Iranian nuclear centrifuges to spin until they broke, or how the Shamoon virus forced Saudi Aramco to replace tens of thousands of hard drives. This year, we saw cyber attacks — in conjunction with threats of physical attack — scare Sony Pictures into almost completely cancelling the distribution of The Interview to movie theaters. (Fighting cyber with cyber, however, Sony ultimately made the film available online).
Overall, both awareness of cyber threats and defenses against them have improved. But better and broader coordination is needed between government and industry. The importance of this partnership cannot be overstated.
As early as 1961, outgoing President Dwight Eisenhower warned that industry, rather than the Defense Department, might become the driving force between new technology with military applications. The former four-star general knew that government spending alone could not sustain scientific and technological leadership when budgets and manpower declined after the Korean War.
Budgets and manpower are declining again. As Pentagon officials from outgoing Secretary Chuck Hagel on down have said, that means shrinking research and development dollars must be carefully targeted. Better use of scarce funds, in turn, requires engagement between government and industry organizations. Other, without open communications, industry may spend limited time, talent, and money developing things the military may not actually need.
Commercial off-the-shelf technology will work well for some missions. But the military has unique needs — for instance, in cybersecurity — that require specific solutions. Keeping the defense industrial base strong enough to produce those solutions requires Congress to stabilize the budget.
Mike Warlick, vice president of defense operations for AFCEA International, oversees AFCEA’s defense engagement through events, AFCEA’s Defense Committee and AFCEA operations.