Secretary of Defense Chuck Hagel’s plan to add 6,000 warriors and $5 billion to the Pentagon’s cyber warfare unit is an ambitious one. Like many ambitious plans made by the Pentagon over the years, the federal government cannot do it alone.
To build this force, DOD is going to have to work with private companies, defense contractors and other outside vendors. The reason for this is simple: there isn’t enough expertise inside the Pentagon’s five walls to build a cyber army that’s capable of facing off with China, a country with a cyber force much more sophisticated than the one at DOD.
Related: Armies of Nerds Could Fight the Next Electronic War
Hagel has already conceded to China that the United States is lagging behind. In an effort to even the playing field, Hagel unilaterally released DOD’s cyber strategy to the Chinese with the hopes that China would reciprocate.
“It is in both countries’ interests to minimize the risk of destabilizing behavior in cyberspace,” a document provided to the Chinese by Hagel in April stated.
China has yet to hand over its cyber blueprints. They’re so far ahead of the United States that there is no advantage to be gained by reciprocating.
This disadvantage raises the urgency of building a capable cyber force, and is the reason private businesses need to participate. Of course, working with outside contractors is nothing new; the U.S. military has been working with private companies to develop weapons for two hundred years.
Smith & Wesson has been developing weapons for the military since the 19th century. During World War II, companies like General Motors worked with the government to build up the American war machine. Even now the Pentagon works with companies like Booze Allen Hamilton – the company NSA leaker Edward Snowden worked for – on its cyber initiatives.
Related: Chinese Attacks Reveals an Undeclared Global Cyber War
But the collaboration with companies like Booze Allen is different. In the past, American companies primarily worked on hardware, like guns and tanks. Now, these companies are working on more advanced technology.
For instance, researchers across the country are working with DARPA, the Pentagon’s secretive research unit, to develop robot technology, some of which can act autonomously. DARPA is also offering a $2 million prize for universities and companies to develop robot technology.
Now, according to Jerry Ferguson, co-Leader of Baker Hostetler's national Privacy and Data Protection team, the government is going to have to undertake similar collaborations to build its cyber defense capabilities.
Related: U.S and China in a Lethal Game of Cyber Chess
“Hiring 6000 new people is great, but at the end of the day it’s a small battalion,” he said. “It’s effective cooperation between infrastructure, industry and government that’s going to create an effective cyber force.”
The ACA and Snowden Effects
Hanging over any collaboration between the federal government and private industry are two key failures. First is the disastrous rollout of the Obamacare web site, a process that soured many of Capitol Hill on outside tech contractors. But the bigger failure in terms of defense and intelligence is the Snowden leaks.
Workers with skill sets similar to Snowden are the ones DOD must collaborate with to create a capable cyber force. However, the fallout from Snowden’s leaks still looms heavy over the defense establishment.
“One the big question of the Snowden events, given that he was a relatively low level analyst, how did he get the information needed?” Ferguson asked. “It seems as if he was given the keys to the kingdom. The question is how did he get this.”
Ferguson added that because of the ever-evolving nature of cyber war, it would never be possible to completely safeguard government secrets. But he said that DOD had a much better chance of stopping cyber attacks with the help of private industry and security companies, despite the risks of another Snowden.
“All we can do as a society …is accept as a given that there will be cyber criminals, that there will be vulnerabilities and attacks that are sometimes successful. What we really need to be doing is investing in prevention and remediation,” he said. “You have to assume your walls are going to be permeable.”
Top Reads from The Fiscal Times
