The man who built the U.S. Army’s cyber command says online threats are going get worse before they get better. But that doesn’t mean leaders are powerless. To win, focus on your culture and your people to create a sense of urgency to protect what you value and ensure you’re ready for the threats focused on you. Some hard-learned lessons from the war for cyberspace.
My 37-year career in the U.S. Army spanned the digital revolution we continue to experience today. From being assigned to the Army’s first digitized division to leading the army’s human resources command during a time of war, to creating, in 2010, a global command with 17,000 cyber professionals charged to not only conduct defensive operations, but when directed, to be able to do offensive operations, I witnessed and helped lead the transformation of our military into a new age.
Over that time, the ability of cyber threats to try to take advantage or limit America’s ability to conduct uninterrupted operations—both militarily, and commercially—increased dramatically. Yet, until recently, many leaders assumed that, despite the occasional interruption, these adversaries would not have the ability to seriously interrupt operations. We took our freedom to operate in cyberspace for granted. That assumption is no longer true. There is a growing threat from sophisticated cybercriminal networks and individual actors that might have a political cause or something that they want to try to impact through cyberspace. Most significant are the growing cyber threats from nation-state actors—especially Russia, China, Iran and North Korea—that have the potential to commit not only cybercrime or espionage but launch disruptive and potentially destructive attacks.