Lt. Gen. Edward Cardon, commander of Army Cyber Command, leads a panel discussion about building Army cyber forces on Oct. 23 at the annual meeting of the Association of the U.S. Army in Washington. (Mike Morones / Staff)
To keep pace with rapid changes in the cyber domain, the Army should re-evaluate the size of its cyber force at least every two years and adopt more agile processes for hiring and procuring security capabilities, the head of U.S. Army Cyber Command said Wednesday.
Speaking at the annual Association of the United States Army convention in Washington, Lt. Gen. Edward Cardon responded to a question about whether the size of the Army’s force is adequate.
“The entire cyber force should be looked at probably on a two-year basis given how fast things move in this domain,” Cardon said.
Cardon cited the evolution of cloud computing, the widespread use of mobile devices and the rapid development of SCADA systems used to centrally control nuclear power plants and other critical infrastructure as evidence of the evolving landscape. Add to that concerns about insider threats and how the damaging leaks by former government contractor Edward Snowden have impacted the community, he said.
“When you start putting all these things together, and you try and predict out a couple years from now what size force we need, I’m not sure that we can really do that,” he said. “What I do know is it takes a whole team, and we’ve got to get the best people possible.”
Cardon said he has talked to senior officials about reexamining the structure of the Army’s cyber force every two years, including putting in place an acquisition strategy that enables the service to operate effectively in cyberspace.
The current processes aren’t capable of keeping up with this kind of speed, and “I think we’re starting to see recognition of that,” Cardon said.
His frustrations aren’t just with the acquisition process but also processes for hiring civilians and top talent. The problem: lack of authority, Cardon said. But he’s not taking “no” for an answer.
“Let’s ask,” he said. “Let’s ask for this kind of authority.”
The need for change and adaptability stems beyond the technical aspects of cyber, said Let. Gen. Dave Perkins, commander of the Army Combined Arms Center.
“We do a lot of things in legacy mode,” Perkins said. There are a number of processes that must be re-engineered.
Perkins said the Army must ensure its processes and institutions are agile and adaptive, otherwise the service is limiting the capabilities of its leaders.
“We just have to do things differently,” he said. “We’re going to be a different size Army. The environment that we’re operating in is quite a bit different.”