Culture War: Making Cyber Career Military Friendly

The services, and I can speak more for the Army, they don't have viable career paths right now for specialty areas inside the warfare. I know there is effort going on to create some, but for the time being they don't exist. What that means is to maintain a cyberwarfare at skill set, you are putting your career at risk because you have to alternate between jobs, the larger organization values and at the same time try and maintain the skill sets. You alternate between the cyberwarfare job and the recognized job and vice versa.

Oh gosh, last week I had someone ask, "Sir, I want to specialize in cyberwarfare when I graduate, what branch should I join?" I paused and realized and I don't have an answer. There isn't one. So it's this kind at ad hoc scenario now. People are working hard to sort it out, and there are challenges where we've got hundreds of years of kinetic war fighting culture and understandably so. If the military started into going back in time, information warfare cyberwarfare entirely new thing, and it's very different than being a pilot in the Air Force or having a ship with weapons on it or charging up a hill. So culturally, there's a big gap there. My instinct tells me that one potential solution would be to create a new service, one where technical expertise is valued.

The example I used in the paper was I compared the best Ranger competition which is extremely well-thought of in the service. It is basically an Iron Man for some of the elite fighters, and the military skills, the shooting navigating obstacle courses intensely physical, winning that is a life time career achievement. I contrasted that against DEF CON (hacker convention) Capture the Flag, where I've seen incredibly talented people go head to head in that competition. It is about the same length, about the same if not more preparation is required, but it is entirely different, very relevant to cyberwarfare, very different from the best Ranger competition.

When you win that at DEF CON, you earn the black badge, and that gets you a life time admission to any future DEF CON. It is a very coveted prize and in the tech community that is really highly regarded, winning Capture the Flag and earning that badge. But that would pass unnoticed in today's culture in the services. So, coming to grips with that, it's going to take a while and require understanding on both sides I think.

CHABROW: In your article you mentioned that in some ways the National Security Agency, could be that fourth branch but you said there were cultural reasons why you didn't think that was appropriate.

CONTI: That is one of the issues I wrestled with. NSA, from my personal experience, has a great deal of technical understanding and they've been dealing in signal intelligence for many, many years. Signal intelligence, in my personal opinion, is kind of morphing into cyberwarfare because waves will go through the air are now being transmitted as signals on networks. Certainly, as move forward, we have to consider NSA's role in cyberwarfare and how they will fit in. A long answer to a short question is we will have to wait and see.

CHABROW: Based on your proposal, why would it be necessary for it to be the military to provide this cyber protection?

CONTI: That starts coming down to legal authorities. Law lags behind technology. Organizations, human resources lag behind technology. Historically, militaries have been the ones responsible for fighting and winning the nation's wars. I see cyberwarfare being very similar to that, and these are open questions we have to answer. Do we want uniformed people participating in cyberwarfare? It either comes down to legal authorities for conducting warfare and what that constitutes an act of war and what are people authorized to do. Do we want to contract out to get technical expertise? Do was want the reserve forces to have a bigger role? What role do we want civilians? These are questions we ought to explore. The idea behind the article is I want to promote some thought and discussion on the subject because we need to do that to come up with the best solution as we move forward from here.

CHABROW: And one of the concerns you expressed is the career path within the military. Is that really discouraging West Point students from studying cyberwarfare security or cyberwarfare, or have you seen an increased enrollment in courses that offer that?