Peter Singer's latest book, 'Cybersecurity and Cyberwar: What Everyone Needs to Know,' explains that cybersecurity is the responsibility of everyone using the Internet. (Photos by Mike Morones/Staff)
- Filed Under
At age 29, Peter Singer became the youngest person to be named a senior fellow in the 95-year history of the public policy think tank, Brookings Institution.
Now director of Brookings’ Center for 21st Century Security and Intelligence, Singer’s research has focused on changes in warfare — the emergence of private military companies such as Blackwater, the increase in child soldiers, and the growing role of robotics and drones. He’s written books on each of those topics.
These days, he’s the “go-to guy” for cyber expertise.
His latest book, “Cybersecurity and Cyberwar: What Everyone Needs to Know,” explains why cybersecurity isn’t just an issue for leaders in the “big boy seats,” but rather, for everyone using the Internet.
Q. How should military leaders see their role in cybersecurity?
A. This isn’t just a Cyber Command issue or an IT department issue. It is everyone’s responsibility to know, and everyone’s responsibility to understand it. ... Because we’re coming at it from one perspective,[where] we tend to focus too much on the software and the hardware and not the wetware, or the people side of it. So the technical community comes at it from a certain perspective but often fails to look at the issue beyond that technical perspective and also stovepipes it so we don’t blend in lessons from areas and fields as well as lessons from history. ... I think what’s played out in the [Edward] Snowden affair is a classic illustration of that.
Q. How would you describe the cyber mission?
A. You can’t sum it up easily, but there are core themes: 1. People matter. That while it’s portrayed as a technical issue, if you want to understand both the threats and the needed responses to them, it’s always about the human side. 2. Incentives and organizations matter. If you want to understand why something is, or more importantly isn’t, happening in cybersecurity, look to the organization people are in — the bureaucracy, the incentives, the trade off, the cost. ... 3. History matters. If you want to understand why you’re in this certain situation in cyberspace, go back to the history of how you got there. [And] look to lessons beyond cyberspace.
Q. So how should non-cyber commanders integrate cyber concerns into their planning?
A. First is a mentality shift. If you are using the Internet, ... if you are using “cyberspace,” and the odds [in the military] are you will be, considering that 98 percent of all U.S. military communications go over the civilian-owned and -operated Internet, you need to understand it and fold it into your expectations just like any other battlefield context. This is not something that you can hand off to someone else to understand for you.
Q. What obstacles do you see developing in cyber offense?
A. I would describe it more as speed bumps. ... It’s issues like budget: We’re in a flat budget environment, but simultaneously, this is a “sexy area.” And so now, everyone’s trying to get into [cyber] or at least act like they’re in it. For example, a couple years ago, the Pentagon budget had four mentions of the word cyber. This year, it had 147 mentions. ... This year’s [Quadrennial Defense Review] used the word cyber on average one time every other page. In 2006, the QDR had the word cyber one time every 10 pages. ... We can see there’s a lot of energy focused on it; on the other hand, it can [get watered] down because everything and anything is in it.
Q. Other speed bumps?
A. Another issue is the personnel question: How to do attract top talent into it? Particularly when the long-term career trajectory is still not clear. When on one hand folks in this community are highly sought after, on the other, they’re paralleled with the remotely piloted systems community — “You’re the most active, you’re the fastest growing, but gosh you make the rest of the service really uncomfortable.” And anytime we set up things to draw you in or reward you, or recognize you, there’s lashback. So you have that personnel problem on the front end, and [it also affects] the retention side. ... So you have a human talent question of, “How do I promote people?”