By Adm. James Stavridis, dean emeritus of the Fletcher School of Law and Diplomacy at Tufts University
In the cyber realm today, the United States and other nations face the greatest mismatch I have ever seen between the extremely high level of threat and the very low level of preparation. We are headed toward a cyber Pearl Harbor—a harbinger of a crippling attack on the U.S. financial sector or energy grid—and we aren’t ready. Maybe only an incident of that magnitude will wake us up to the enormous danger we’re confronting, but I hope we don’t need to suffer through such an assault to address the risks.
There are seven billion people on the planet, but perhaps twenty billion (or more) devices connected to the internet. And there are already twenty-three victims of malicious cyber activity every second, according to a 2016 report from Norton. As Fletcher experts report in the pages ahead, we face risk at every level, from national security and critical infrastructure, to banking, to the most intimate details of our personal lives, which are far too often unprotected in the supercomputers we casually carry in our pockets and purses. Russia’s interference in U.S. politics is particularly troubling. Of all the threats our world confronts, only cyber cuts across so many dimensions.
Although this is a global problem, the United States is the most visible, exposed, and lucrative target nation. While we have made progress, we need to defend against malicious cyber activity and deter belligerents with improvements on several fronts: a more robust military capability; better organization within the U.S. government; higher levels of societal education about the risks we face; better technology and equipment; and vastly improved private-public cooperation. We must make it harder, costlier, and more time intensive for our adversaries to attack us.I would argue that it is also time for the United States to create a dedicated cyber force. While the individual services today—Army, Navy, Marine Corps, Air Force, and Coast Guard—are working hard, they are like five horses who can often pull in slightly different directions. The current distributed force not only breeds redundancies, threatens unity of command, and fosters unproductive competition, but it also dilutes the core competencies of our cyber planners, operators, trainers, and commanders. A new stand-alone cyber force would resolve these problems, as well as help recruit and retain America’s next-generation warfighters—a diverse pool of technical experts and social scientists who can navigate both virtual domains and Washington bureaucracy.We must also signal both the capability and the will to use our cyber abilities. The United States has been reluctant to operate offensively, in part because of fear of compromising our intelligence community’s tradecraft, but cyber operations are a legitimate means of projecting national power. We must convince the world that we will use our cyber capabilities against those who threaten us. Anything less will embolden our adversaries.There’s a lot of work left to do and the stakes could not be higher. Let’s get to it.
This piece was republished from Tufts Magazine.
