Cybersecurity at a federal level is a complex web of teams, groups, task forces, agencies, and commands. Most US government entities have some kind of dedicated cyber personnel, and a few are even completely digital, and the Department of Defense’s elements are coordinated by the US Cyber Command. The United States Air Force integrated cyberspace into its area of operations years ago, and now there is a bipartisan push to create a dedicated group of civilian cyber professionals who would supplement the Air Force’s cyber components.
This push is not unexpected as recent security events, such as Solar Winds, have demonstrated the need for an increased focus on cybersecurity at all levels in the US. Cyberattacks have the ability to cause significant damage with minimal risk to the aggressor, and they can be launched from anywhere on the globe with little to no warning. Worse, attacks may have been planned for years, slowly amassing resources, backdoors, and intelligence while waiting for the opportunity to strike. Generally, the more planning that goes into a cyberattack, the more damaging it is as the aggressor is able to map out connected systems, exploit vulnerabilities, and generally hamper efforts to detect that the attack is happening. The best attacks are never noticed, or only found weeks after the attack occurred. Cyber attacks, successful or not, have a knock-on effect: the target needs to first determine if the attack was successful and then must exterminate any lingering tricks left by the attacker.
This assessment and cleanup phase can be particularly difficult, as incorrectly declaring an attack as “over” or “unsuccessful” leaves the target open to further exploitation. Failing to find the new backdoors and lingering threats has the same effect, which is why there is the push for a supplementary group of civilian cyberprofessionals to provide extra manpower. In the US, it is estimated that there is a dearth of 13,000+ security analysts and over 300,000 other vacant cybersecurity related jobs that go unfilled.
