Frustration with the pace of integrating new technologies within Army cyber can be likened to the "clockspeed dilemma," a term applied recently to the auto industry, said Brig. Gen. Patricia Frost.
The once innovative auto industry has trouble keeping pace with new developments of autonomous vehicles, sensors and information technology gadgets going into their cars. Likewise, the Army has trouble keeping up with new cyber technologies used by adversaries against the United States, she said.
November 6, 2016 - Sgts. 1st Class Richard Miller (left) and Brian Rowcotsky (center) of the U.S. Army Cyber Protection Brigade discuss the response to a simulated cyber attack on the 1st Brigade Combat Team, 82nd Airborne Division with Staff Sgt. Frederick Roquemore, a cyber network defender with the 1-82nd, during the 1-82nd's rotation at the Joint Readiness Training Center at Fort Polk, LA. (U.S. Army Cyber Command photo by Bill Roche)
Frost, director of Cyber, Office of the Deputy Chief of Staff, G-3/5/7, spoke Oct. 5, 2016 at the Association of the United States Army Annual Meeting and Exposition.
The Army and the other services within the Department of Defense are hobbled by a slow acquisition system and bureaucracy that hamper the adoption of innovative ideas and new technologies, she said. Adversaries are not as constrained, she warned, and "they are leaping ahead at a speed never seen in modern history."
Raj Shah, director, Defense Innovation Unit Experimental, or DIUx, who spent a decade as an Air Force cyber operator, agreed with Frost's assessment. He said he could provide many examples of technology the Army has yet to adopt because of bureaucracy.
For instance, he said, he recently visited cyber Soldiers in the field, where he observed their intelligence, surveillance and reconnaissance feeds running "slow and jerky." He asked the Soldiers about the problem and found they were running Windows XP, an old operating system. The Soldiers weren't allowed to install the latest version because of the slow way in which security concerns were being addressed.
Shawn Wells, chief security strategist at Red Hat, also agreed with Frost and cited his own example of the clockspeed dilemma. As an operator deployed to a combat zone with Marines, he said, source code verification was held up in the accreditation process.
In other words, the enemy might have been using an iPhone for command and control. Soldiers could monitor that. However, if the enemy switched to Android devices, the Soldiers had no way to monitor the traffic because they didn't have accreditation to do so.
Wells said his company is now working to eliminate that type of problem through a public-private partnership.
Lt. Gen. Edward C. Cardon, commander, Army Cyber Command and Second Army, said public-private partnerships are critical, because the Army and the Department of Defense can "never keep pace with the innovations going on right now in the tech industry, not in the [science and technology] world and not in the [research, development, testing and engineering] world."
"That's a little bit overstated," he added, "but not too much."
The Army, with a total science and technology budget of $4 billion a year, -- a figure that covers much more than cyber -- would never be able to go it alone when it comes to introducing new cyber technologies, he said. The science and technology budgets of Microsoft, Google, AT&T and Verizon are all much larger than the Army's.
The challenge with public-private partnerships in cyber is the current acquisition system, he said. "It just doesn't work well."
Cardon credited the current secretary of Defense with allowing the Army to use some innovative strategies outside of the current acquisition process to fund cyber projects. They include:
- Defense Digital Service
- Stanford Hacking for Defense
- The Army's new Rapid Capabilities Office
- Hacking the Pentagon Project
- Army Cyber Silicone Valley Innovation Project
According to Cardon, each of these represents a way to conduct a public-private partnership. "But we have to do more," he said.
"Cyber is no longer an intelligence problem or an electronic warfare problem. It's a commander's problem," Cardon concluded.
By U.S. Army David Vergun, DMA
Army News Service
Comment on this article