Cyber Defense Review

Recent Articles

1 2 3 4 5 6 7 8

The Cyberspace Workforce: An Array of Opportunities

May 1, 2017 — In private industry, businesses identify employment needs, create job openings, and attempt to attract talent. Likewise, the U.S. Army created the Cyber branch in a similar manner. The Army created authorizations, or job openings, for Cyber officers and talent was acquired through the Voluntary Transfer Incentive Program (VTIP). The Cyber branch received no shortage of requests for transfer and the VTIP fulfilled the authorization requirements through a selective process. Unlike industry, the Army created the Cyber branch within a closed personnel system, and the VTIP only considered individuals already commissioned as officers in the Army. Talented civilians in industry and academia may have a desire to serve their country. Below we summarize the many options the Army could use to employ Cyberspace talent that exists outside the military MORE

Four Imperatives for Cybersecurity Success in the Digital Age: Part 2

April 27, 2017 — Having joined Palo Alto Networks following a 35-year career in the U.S. military, the last decade of which I served in a variety of leadership positions in cyber operations, strategy and policy, I have found that many of the cybersecurity challenges we face from a national security perspective are the same in the broader global business environment. This blog post series describes what I consider to be four major imperatives for cybersecurity success in the digital age, regardless of whether your organization is a part of the public or private sector. I covered Imperative #1 in the Fall 2016 CDR and here are the major themes for each imperative: ◾Imperative #1 We must flip the scales ◾Imperative #2 We must broaden our focus to sharpen our actions ◾Imperative #3 We must change our approach ◾Imperative #4 We must work together MORE

The Value of Intelligence and Secrets

April 5, 2017 — Secretary of State Henry Stimson was famously quoted “Gentlemen don’t read each other’s mail” in 1929. Just a couple years later during the 1930-31 London Naval Conference and the 1932 Geneva Disarmament Conference, Secretary Stimson would come to understand and appreciate the value of national security intelligence and would reverse himself. The value of intelligence to both the United States and our allies would become of paramount importance during World War II and in the Cold War to follow. Whether the breaking of Enigma codes, the Purple codes of the Japanese or the use of double agents in the United Kingdom, intelligence saved lives and provided strategic and tactical advantages. MORE

Necessary Audacity: A Case for a U.S. Cyber Academy

March 30, 2017 — On March 21, 2017, Foreign Policy published an article by Dr. Mark Hagerott and Admiral (Ret.) James Stravridis entitled “Trump’s Big Defense Buildup Should Include a National Cyber Academy.” The authors recommended “the creation of something audaciously different but critical to winning the wars of the future: a U.S. cyber academy.” They explicitly endorse a national cyber service academy much like the US Military Academy (USMA), Naval Academy, and Air Force Academy. Their case is made from the historical perspective that service academies were formed in a time of need and crisis for the nation and its military services. The authors see a similar requirement in cyber operations in today’s unsettled world. They also advocate for a similar model of service academy recruitment with a broad-based education and 5-year commitment. The one difference would be the parent organization would be the Department of Homeland Security and not the Department of Defense as is the case for the current service academies. I am teaching a course to cadets at USMA entitled “Networks for Cyber Operations”, and had my senior-year cadets read and discuss the Foreign Policy article in class. We had a lively discussion, where the cadets presented many ideas about the why, how, when, and what of this proposal. I hope they comment on this post so you can read some of their ideas. I must admit that in addition to providing needed talent and skills to the Army’s operational units, I have wanted the recent establishment of a cyber branch to give the Army culture a boost in intellectual and technical perspective. Currently, USMA can produce 15 graduates... MORE

Cyberspace in Multi-Domain Battle

March 28, 2017 — For months, a nation state has covertly infiltrated a neighboring state’s critical networks while massing armored forces along its common border with a US ally. While the adversary prepares to launch a massive cyber-attack on its neighbor state, its tanks are readied to roll over the border. Nearby, a U.S. Division, engaged in an allied training exercise prepares to become the first line of defense against aggression. Unknown to the adversary, Allied and US forces have hardened their networks and at the first indication of aggression, have temporarily cut power to a nearby city to deceive the enemy. Simultaneously, a U.S. Navy warship fires an Electro Magnetic Pulse (EMP) missile at the adversary, disabling their electronic systems. Facing a numerically superior enemy, Allied forces, take advantage of the window of opportunity created by the EMP weapon to engage the crippled and confused enemy forces across multiple domains. MORE

Cyber (In)Security: Decision-Making Dynamics When Moving Out of Your Comfort Zone

March 21, 2017 — “Every assumption we hold, every claim, every assertion, every single one of them must be challenged.” — General Mark A. Milley, 39th Chief of Staff of the U.S. Army This paper focuses on how the dynamic speed of change and the compression of time in cybersecurity move individuals and organizations out of their comfort zones. This often results in forcing faulty decision-making generated by an enhanced dependence on untested assumptions. The counterbalance to this behavior begins by recognizing a key truism: within every decision lies an assumption. Equipping your cyber team with the mechanisms and tools to identify and properly challenge these assumptions drives better decision-making and new opportunities to successfully defend, attack, and adapt in the cyber battleground. Read the whole article... read more MORE

Joint Interagency Coordination: How Can the Reserve Component Be Better Utilized to Defend Our Nation in the Cyber Arena?

March 1, 2017 — In a time of constrained and reduced resources and to fortify the protection against the ever-increasing global cyber threats, the United States (US) must do more with less and better utilize its existing resources. The Reserve Components (RC) of the US military are filled with cyber expertise gained through civilian and military training as well as job experience. If the Department of Defense (DoD) can develop a program to better utilize the experience and skills resident in the Reserves, the US military can improve the nation’s cyber capabilities and better protect its networks. MORE

Countering Hybrid Threats in Cyberspace

February 15, 2017 — For almost two decades, cyberwar has posed various challenges to military organizations. Doctrine has hardly defined the scope of cyber activities and how military forces can act or react in that specific new battlefield. Highly technical by nature, the cyber defense mission was, at first, to counter major cyber threats, thus the focus was, and is, to protect critical infrastructures and networks. Building up a cyber force was, therefore, a move to militarize cybersecurity by transferring methodologies and skills. But the reality of cyber conflict undermines the idea of the unique technical roots of cyber warfare. Most of the strategists and military experts considered cyberwarfare as a force multiplier in the global reshaping of the military affairs. Preparing for a “cyber Pearl Harbor” we have missed the overall picture where State and non-State actors use cyber tools to conduct their global information war. This paper proposes a broad overview of the concept of hybrid threat and how it applies in cyberspace. Built to counter a major cyberattack against our National Critical Infrastructure (NCI), most of the cyber forces are not well adapted to face the guerilla style warfare imposed by our adversaries. Based on recent lessons learned, this paper enlightens the challenges and opportunities of countering hybrid threats in cyberspace. MORE

WarTV: A Future Vision for a Common Operating Picture

December 28, 2016 — 1 MAY 2011 – ABBOTTABAD, PAKISTAN – Abbottabad, Pakistan is less than a two-hour drive from the capital city of Islamabad and 3.1 miles from the Pakistan Military Academy to the southwest. In relative terms, Abbottabad is a much less busy place than Karachi, Pakistan, and is very attractive to tourists and those seeking higher education for their children. Despite Abbottabad’s relative inactivity compared to the bustling Karachi, there were signs of digital life in 2011. MORE

After Twenty Years of Cyber – Still Unchartered Territory Ahead

December 28, 2016 — The general notion is that much of the core understanding of cyber is in place. I would like to challenge that perception. There are still vast territories of the cyber domain that need to be researched, structured and understood. I would like to use Winston Churchill’s words: “it is not the beginning of the end; it is maybe the end of the beginning.” In my opinion, the cyber journey is still in a very early stage. The cyber field has yet to mature, and the big building blocks for the future cyber environment are not yet in place. The Internet and networks that support it have increased dramatically over the last decade. Even if the growth of cyber might be stunning, the actual advances are not as impressive. MORE

1 2 3 4 5 6 7 8

Comment Disclaimer

If you wish to comment on any of the posted articles, please use the comment box provided below the individual article. The Army Cyber Institute (ACI) reserves the right to modify this policy at any time.

This is a moderated forum. This means that all articles are subject to review. In addition, we expect that the participants will treat each other, as well as our agency and our employees, with respect. We will not post and will remove any comments that contain abusive or vulgar language, spam, hate speech, personal attacks, violate EEO policy, are offensive to others or similar content. We will not post and will remove comments that are spam, clearly "off topic", promote services or products, infringe on copyright protected material, or contain any links that don't contribute to the discussion. Comments that make unsupported accusations will not be posted and will be removed. The ACI and the ACI alone will make a determination as to which comments will be posted and/or removed. Any references to commercial entities, products, services, or other non-governmental organizations or individuals that remain on the site are provided solely for the information of the individuals using the Cyber Defense Review site. These references are not intended to reflect the opinion of the ACI, the Army, the Department of Defense (DoD), its officers, or employees concerning the significance, priority, or the importance to be given the referenced entity, product, service, or organization. Such references are not an official or personal endorsement of any product, person, or service, and may not be quoted or reproduced for the purpose of stating or implying ACI, Army, or DoD endorsement or approval of any product, person, or service.

Any comments that report criminal activity including: suicidal behavior or sexual assault will be reported to the appropriate authorities. This forum is not:
- To be used to report criminal activity. If you have information for law enforcement, please contact your local police agency.
- Do not submit unsolicited proposals or other business ideas or inquiries to this forum. This site is not to be used for contracting or commercial business.
- This forum may not be used for the submission of any claim, demand, informal or formal complaint, or any other form of legal and/or administrative notice or process, or for the exhaustion of any legal and/or administrative remedy.

The ACI does not guarantee or warrant that any information posted by individuals on this forum is correct, and disclaims any liability for any loss or damage resulting from reliance on any such information. The ACI may not be able to verify, does not warrant or guarantee, and assumes no liability for anything posted on this website by any other person. The ACI does not endorse, support, or otherwise promote any private or commercial entity or the information, products or services contained on those websites that may be reached through links on the Cyber Defense Review website. 

Members of the media are asked to send questions to the public affairs office through normal channels and to refrain from submitting questions here as comments. Reporter questions will not be posted and may be removed at the discretion of the ACI. We recognize that the web is a 24x7 medium and your comments are welcome at any time. However, given the need to manage federal resources, moderating, posting, and removal of comments will occur during normal business hours Monday through Friday. Comments submitted after hours or on weekends will be reviewed and posted or removed as early as possible; in most cases, this means the next business day.

For the benefit of robust discussion, we ask that comments remain "on-topic". This means that comments will be reviewed and posted only as it related to the topic that is being discussed within the blog post and "off-topic" posts may be removed. The views expressed on the site by non-federal commentators do not necessarily reflect the official views of the ACI, the Department of the Army, the Department of Defense, or the Federal Government.