As hacking fears remain in the media spotlight leading up to the presidential election, a debate is raging in Washington, D.C. over how to best approach cybersecurity and other technological challenges. While there is no consensus, however, there seems to be a common thread among many suggestions: the answer is to hold somebody accountable for cybersecurity — just not anybody or any agency whose position in the federal government currently exists.
Homeland Security Secretary Jeh Johnson, for example, last week reiterated his position that it will be necessary to rename the Department of Homeland Security’s National Protection and Programs Directorate (NPPD). The division, he said, should instead be called the Cybersecurity and Infrastructure Protection Agency and reorganized “into a cyber infrastructure protection agency — and we’re moving in that direction.”
Michael Rogers, who serves as director of the National Security Agency as well as head of U.S. Cyber Command, meanwhile, says that he wants someone else to take over half of his duties. “As Cyber Command, particularly, gains more capacity and more capability, the demand on Cyber Command’s time, resources and capabilities just continue to grow,” Rogers reportedly said in September. “I just think you need two people full time focused on this, but even as we do that, you’re going need to keep these closely aligned.”
Defense Secretary Ashton Carter and and Director of National Intelligence James Clapper reportedly agree with Rogers, although Sen. John McCain (R-Arizona) said in September that he would block confirmation of the appointee to the new position if necessary. McCain demanded the Obama administration provide more detail on the potential NSA/Cybercom split — which McCain apparently heard about via the news media — to the Senate Armed Services Committee, which he chairs.
“This committee does not take well to being stonewalled while their colleagues in the administration leak information to the press,” McCain reportedly said. Others, such as a “former senior intelligence official” quoted anonymously by the Washington Post, similarly do not see the advantage of the proposed separation.
“When you have two organizations whose missions overlap or touch, unless you have some way to control both of them, then they will instantly go to war with each other,” the anonymous source said. “Cyber Command’s mission, their primary focus, is to degrade or destroy, [while] NSA’s is exploit [to gather intelligence] only. So without having one person as the leader for both, the bureaucratic walls will go up and you’ll find NSA not cooperating with Cyber Command to give them the information they’ll need to be successful.”
While Rogers of NSA and Cybercom reportedly agrees with McCain that splitting the agencies is not advisable in the immediate future, he thinks it will eventually be necessary. Secretary Carter, meanwhile, reportedly not only supports the split, as well as breaking with tradition by appointing a civilian to run NSA, but has enthusiastically backed a “Defense Innovation Board” dominated by civilian membership to help the military modernize, which made its first recommendations last week.
After touring various facilities and conducting some initial interviews, the Innovation Board, chaired by Eric Schmidt of Google’s parent company Alphabet and including members such as LinkedIn co-founder Reid Hoffman, Amazon’s Jeff Bezos and TV astrophysicist Neil DeGrasse Tyson, had a number of suggestions for the Pentagon, including that it should appoint “a DoD chief innovation officer to coordinate, oversee and synchronize innovation activities across the department.”
To review: in an attempt to shift responsibility for a lack of innovation at the Pentagon, Carter has brought in a private sector team from Silicon Valley to tell the DoD what it should be doing differently, if Silicon Valley is so smart. The team of Silicon Valley executives, for its part, is not actually so smart, and therefore has suggested, as the top priority on its list, the creation of a new bureaucratic position that might as well be called “tech scapegoat.”
Other no-brainer solutions from this group of deep thinking thought leaders include that the DoD should “Direct Cybercom, working in coordination with the National Security Agency, to conduct a security review of every DoD system.” Also, throw more money at the Defense Advanced Research Projects Agency and similar tech-oriented agencies like the newly-created Defense Innovation Unit Experimental and recently-revealed Strategic Capabilities Office.
It could not be more clear that advances in technology are quickly reshaping U.S. security priorities. While the greatest challenge for America’s military in coming years may be one of quickly innovating to keep up with rapidly evolving technology, with a primary goal of maintaining cybersecurity, however, it is also increasingly clear that the decentralization of the Internet also threatens members of the military, political, and business establishment on an individual, personal level.
“We’re not going to write a report without impact. We view ourselves as more of a contact sport, working with whatever way is appropriate,” Alphabet’s Schmidt reportedly said of the Defense Innovation Board, barely concealing his lack of confidence in his own intelligence and abilities. “And if we don’t perform, we will be fired,” Schmidt added. If only that last part were true.
These people have no idea what to do, or what the eventual solutions will look like, and are therefore first and foremost desperately concerned with maintaining their own unjustified positions. In this light, their patently worthless suggestions of creating more bureaucracy and finding other people to blame make more sense.