The United States is preparing for cyber conflict with a military structure that still treats cyberspace as a secondary supporting function.

We have soldiers for land, sailors for sea, airmen for air, and guardians for space. But in cyberspace, a borderless domain where American forces are engaged with adversaries every day, we still do not have a military service whose central purpose is to build a quality, expert force, equipped with the most cutting-edge capabilities, for war-fighting in the cyber domain.

For more than a decade, Washington has tried to patch this problem instead of fixing it. Congress has granted U.S. Cyber Command new authorities. The Pentagon has adjusted organizations, budgets and training pipelines. Senior leaders have made the current structure work better than it should. But those reforms have not changed the basic fact that there is no military service that sees organizing, training and equipping forces for the cyber domain as its first and primary priority.

Cyber Command’s job is to employ cyber capabilities in military operations. But it still depends on the existing services to recruit, train, retain, and develop the people who carry out those missions and equip them with the capabilities to do so. In the rest of the military, that division of labor is clear: services build forces, and combatant commands employ them.

Cyber remains the exception. The Navy must build fleets, the Army must build land power, the Air Force must attain air superiority, and so on. Each service has cyber responsibilities, but each also has core missions that naturally, and appropriately, come first. Cyber matters to all of the services, but it is not the central organizing mission of any of them.

The result is a weaker cyber force than the country needs. The military’s cyber enterprise still struggles with inconsistent recruiting and retention problems. A young American who can write code, spot weaknesses in software or understand how digital systems break may be exactly who the country needs, even if that person does not fit the standard mold the existing services were built to recruit, promote and retain.

Cyber talent does not grow by accident. It must be recruited deliberately, trained continuously and retained through a career model that rewards technical mastery, instead of forcing top operators to move into command or management roles just to advance. The country needs people who can spend years becoming experts in offensive and defensive cyberspace operations, not personnel forced through systems that were never built for the mission.

The threat is evolving too quickly to justify continuing marginal fixes to the current system. China, Russia, Iran, North Korea and criminal actors are targeting U.S. networks, critical infrastructure and military systems. Artificial intelligence will only increase the speed and scale of cyber operations. The United States cannot keep relying on a cyber force stitched together across multiple services, each with different priorities, incentives and personnel rules.

A new report from the Foundation for Defense of Democracies and the Center for Strategic and International Studies shows how to build a Cyber Force with a clearly defined mission, not a sprawling bureaucracy. Its job should be to organize, train and equip forces for offensive and defensive cyberspace operations. It should not take over every military information technology network or absorb every technology function inside the Department of Defense. The existing services should continue to operate and secure the networks and systems tied to their own missions.

A Cyber Force would also strengthen Cyber Command. Too much of this debate treats a new service as a judgment on Cyber Command’s performance. It is not. Cyber Command houses some of our nation’s most talented cyber warriors. What they need is a better force-generation system behind them.

The U.S. military has adapted before when new domains became central to warfare. The Air Force was created because airpower became too important to remain secondary to another service’s priorities. The Space Force was created because space needed its own culture and focus. Cyberspace has reached the same point: American forces are already in daily contact with adversaries online, cyberattacks can disrupt military operations and civilian infrastructure alike, and artificial intelligence is making the domain faster and more dangerous.

For too long, cyber has been treated as everyone’s responsibility, and therefore no one’s first priority. Our adversaries are not waiting for us to get organized. They are building capabilities, probing our defenses, and preparing for the next conflict. The United States should not enter that fight with cyber forces generated as a side mission by services built for other domains.

If cyberspace is truly a domain of warfare, it deserves its own service built to fight in it.

Dr. Erica Lonergan is an assistant professor in the School of International and Public Affairs at Columbia University and previously held several positions at the United States Military Academy at West Point.

RADM (Ret.) Mark Montgomery served for 32 years in the U.S. Navy and is now the senior director of the Center on Cyber and Technology Innovation at the Foundation for Defense of Democracies.

They both served on the CSIS-FDD Commission on U.S. Cyber Force Generation.

Share:
In Other News
Load More