The National Guard is perfectly suited to expand our nation's cyber security capabilities by leveraging the unique information technology talents within its ranks.
Cyber security is an increasingly important mission area, impacting both public and private sectors. With modern society’s increased reliance on computer technology, we are left exceptionally vulnerable to cyber espionage, intellectual property theft, advanced persistent threats and exploitation of vulnerabilities in our critical infrastructure. As citizen-soldiers, the National Guard can easily be utilized in the cyber domain with its unique access to a wealth of information technology talents within its ranks, including Guardsmen working as network defenders at top information technology, banking, medical and defense companies.
What's At Stake
The evolving and persistent cyber-based threats to our nation complicate our national security, commerce, intellectual property and Americans as individuals. Over the past six years, the U.S. Computer Emerging Readiness Team details that the number of reported cyber incidents by federal agencies increased 728 percent. However, there is no overarching national cyber security strategy that synthesizes or comprehensively describes the current strategy on cyber security. The cyber domain requires teamwork and partnerships across the public and private sectors. The National Guard is an important asset available to the Department of Defense, Department of Homeland Security and local communities, straddling the intergovernmental divide while also acting as a critical link between all parties.
A whole-of-government response
The National Cyber Incident Response Plan (NCIRP), created in September 2010, establishes a framework for organizational roles, responsibilities and actions to prepare for, respond to, and begin to coordinate recovery from cyber incidents. It recognizes that the National Guard is in a “unique position to assist in information sharing, situational awareness, secure communications and incident response…National Guard forces may also play an active role in information sharing for cyber incidents, including the physical effects of cyber incidents.” President Obama’s Executive Order issued on February 12, 2013, "Improving Critical Infrastructure Cyber Security”, focuses on enhancing the resiliency and security of the nation’s critical infrastructure. This will be achieved through a “partnership with the owners and operators or critical infrastructure to improve cyber security information sharing and collaboratively develop and implement risk-based standards.” It further calls for expanding the “use of programs that bring private sector subject-matter experts into Federal service.”
The Guard is uniquely suited for cyber
The National Guard already has a strong relationship with civilian agencies, working in support of policy in developing capabilities and threat assessments in domestic response when civilian entities are overwhelmed. The potential for collaboration between DHS, the lead agency on cyber security, and the Guard in the cyber domain is significant. The National Guard can channel and utilize its intrinsic hometown history as a force multiplier, bringing together local, state and federal leaders to educate and develop best practices. The Guard also has a long history of working with state and local law enforcement on disaster response and effectively works to provide significant guidelines and procedures to ensure civilian authorities are in the lead. Additionally, the Guard’s unique civilian roles and skills acquired by working full time private sector jobs in local communities captures a centralized repository of information and high-tech skills lacking in the active components.
The way forward
Defense Secretary Chuck Hagel noted that recruiting and training skilled military and civilian personnel needed for cyber operations at U.S. Cyber Command "will be a challenge." U.S. Cyber Command, along with the Active Air Force and Army, has already turned to the Guard for help in developing an operational cyber force. General Keith B. Alexander, commander of U.S. Cyber Command, stated that “it is our intent to have Guard forces align regionally to help in prevention, protection and recovery operations. This will be a key inter-government partnership." The National Guard provides a cost effective and uniquely capable force that can provide capability for the DoD, homeland defense, civil support and intrastate missions. Most importantly, the National Guard is composed of citizen-soldiers, working in communities and providing knowledge of critical infrastructure at the local level. As a whole, the defense of our cyber domain lacks clear situational awareness of local and state concerns. This is why the Guard must be involved.
- Championing the Guard’s unique and diverse capacities and capabilities as an effective and proper cybersecurity workforce, and work closely with Congress to insure the National Guard is part of the solution to our Nation’s cyber security needs
- New cybersecurity plans and policies developed by the Department of Defense and the Department of Homeland Security that recognize and take advantage of the unique, vital and cost effective role that can be played by the National Guard
- Senate bill S. 658, the Cyber Warrior Act of 2013, that recognizes the important role of the National Guard in protecting the nation from cyber attacks
- Encouraging the National Guard to continue to engage state leaders in cyber education and to work with State Emergency Managers, CIOs and others to build and expose cyber by ways of exercises, threats and best practices
- The creation, funding and training of National Guard Cyber and Computer Network Incident Response Teams