The day after the Japanese bombed Pearl Harbor the U.S. Army began posting guards around dams, power plants, defense factories and transportation hubs to defend them against possible enemy attack.
Seventy-six years later a soldier's role in defending the nation's critical infrastructure has not changed, but the training needed to handle today's missions has changed dramatically. That's because guarding these important positions requires a cyber, not physical, presence and to help sharpen America's cyber soldier skills the Army National Guard and Reserve just ran a major exercise subbed Cyber Shield 2017.
Held at Camp Williams, Utah the training event featured reservists from 44 states and two territories who came together to not only learn new skills, and take ISA courses to obtain certifications, but to figure out how to defend against a variety of attacks.
"We know how to take a hill and control the sea and the air," Medlock said. "Industrial control systems is an area of our critical national infrastructure we must defend,” Sgt. 1st Class James Medlock, a National Guard member with the Texas Cyber Protection Team, according to a U.S. Army report.
Altering the militaries focus from dealing with physical to cyber threats was a key part of the exercise and the new reality for our nation's defenders and one that is perfectly suited for the military's reserve components.
Jeff Schilling, chief security officer at Armor, and retired U.S. Army colonel last serving as Chief of Current Operations Army Cyber Command, said having the National Guard and Reserves filling this role is sound thinking as these soldiers can legally respond to events that are out of bounds for active duty soldiers and industrial control system security is the largest gap not covered by civilian incident response companies.
“I believe it is a good idea to train National Guard soldiers to support our Critical Infrastructure providers with expertise in this field because they can operate under Title 32, US Code, with local and state governments, to do consequence management as a result of a Cyber Attack on an ICS that might affect public utilities such as water and electricity,” he said, adding, “Active duty, Title 10 soldiers, cannot respond without a suspension of posse comitatus or orders attaching them to a Title 32 commander like we have done in the past to support Hurricane relief.”
The need for proficient cyber soldiers is so great that Schilling believes the military should consider putting in place the same recruiting standards used for its medical personnel. Doctors and nurses are given minimal military training and their rank is based on their civilian expertise.
“With our medical professionals, the rank they are given in the National Guard and Reserves is based on their civilian certifications, training and experience, vice time in service like all other soliders. I think this model would serve well with recruiting cyber security experts who have this desire to serve their country,” he said.
Currently, the standard is the almost exact opposite and follows the militaries standard practice of taking in people that are untrained in a skill, say helicopter repair or logistics, and then bringing them up to speed. However, with something as complicated as cybersecurity the time it takes to train someone to a high level of proficiency is too great.
“Up until this point it was not a focus, but more of if they had a person who was interested, they would pursue the technical skills. This is a great step in having more capability in the world of Cyber Defense,” said retired Marine Gunnery Sergeant Kip James (CISSP, CRISC) and current chief information security and privacy officer for Treasure Data.
