DOD must balance, accept risks to maintain military edge

Balancing risks has always been part of Defense Department strategy, but technological advances in modern warfare constantly drive the cutting edge forward — and are forcing the military to take chances with security in order to keep up.

Smart phones, social media, the evolving cyber realm, and military culture and training all present growing security hurdles for DOD as they become increasingly essential to defense operations, according to a panel of speakers at 1105 Media’s Defense Systems Summit in Arlington, Va., today.

Related coverage:

Advanced persistent threats require a new dynamic of defense

More news from the Defense Systems Summit

“One of our biggest points of vulnerability in the cyber world is that we’re so dependent on it, particularly in the military,” said Steven Bucci, associate partner, cybersecurity lead and cyber evangelist for strategy and innovation at IBM’s Global Business Services.

“Smart phones and social media open us up to attack...but that’s the way our young troops roll today and that’s how they’re most effective,” Bucci said. “It would be stupid to take that away.”

And although DOD is less flexible in its ability to allow for risk in order to facilitate better technology, it can still make some changes, however small, to help transition from the traditional models of military strength to today’s increasingly computer-based warfare, panelists said.

“We’re not able to accept the same level of risk in DOD and intelligence as in other parts of the government.... That’s not going to change,” said Matthew McCormack, chief of the Office of Cybersecurity at the Defense Intelligence Agency. Still, making sure patches and policies are up-to-date and increasing the pool of smart, qualified people can help create some wiggle room, he added.

But getting to that increased pool of cyber talent presents challenges, the panelists said.

“The kids with the tight abs willing to get up at 5 a.m. for [physical fitness training] aren’t necessarily the kids who are good at computers,” Bucci said. He added that it boils down to a cultural issue and the need to find ways of hiring “non-standard” people.

Training and education are other issues associated with establishing a wealth of cyber talent for the military to draw on.

“It’s a challenge sometimes to do the training,” McCormack said. “How do we get schools to start increasing the number of graduates they pump out in these programs?”

Although those challenges might not yet have well-defined solutions, there are ways DOD can move forward on balancing risks and evolving requirements, including better enforcement of existing rules and innovative thinking to get around the myriad hurdles.

“The military has to enforce the rules they’ve got,” Bucci said. “If they do that, it takes care of a lot of the low-hanging fruit.”

He also noted that tightening budgets could help improve efficiency and encourage new ways to achieve modernization.

“We’ve got to find ways to do this more efficiently.… Hopefully, the big budget squeeze will help cut the fat,” Bucci said.

McCormack agreed and added that DOD must acknowledge that it cannot resolve every issue and must accept some level of insecurity.

“We have to think outside the box and do things differently,” McCormack said. “The budget we had 10 years ago isn’t there anymore. We’re not going to solve all the problems, but we can apply some due diligence to them.”