10 March 2017

DoD must act like a startup


by Kevin Coleman

To say things are changing is a giant understatement when you look at all that is going on these days in the national security space.

Look at the current threat environment and the numerous threat actors that are out there and which we must defend against. Look at the widespread availability of advanced weaponry that can easily be acquired over the internet and especially via the dark web. Look at all the advanced cyber weapons that are currently available and put that in context to the target-rich cyber environment we have today, which is rapidly expanding due to emerging technologies. Clearly, this is the most dynamic time that I have experienced in my lifetime, and chances are that you feel the same.

Given the dynamics of the cyberthreat environment, we must change and adapt to this environment immediately — or risk failing and falling behind. Perhaps part of the answer to this issue is for the defense and intelligence organization and industry players to think of themselves and more importantly act like a startup! To do so, out-of-box thinkers must be embraced and used on a continuing basis by all of the defense and intelligence organizations.

While participating at a recent event, the insightful, intelligence, frequently heated banter and out-of-the-box thinkers were far from being embraced by many of the participants from the military and intelligence organizations. They looked down upon this, and their facial expressions were quite telling. The interactions did not fit into the nice, orderly fashion that is associated with traditional thinking around military defense and intelligence collections by the established entities.

In the midst of one out-of-boxer being disrupted and quickly cut off, a glimmer of light surfaced. An individual in the national security space interrupted the interrupter and said: “No, let’s hear him out. I want to hear more about this idea.” That stuck in my mind ,and it became clear that the innovative and creative construct that was being offered was highly disruptive to well-established models that are in use today within the military and intelligence communities.

It was extremely evident the out-of-box thinker was not the most articulate individual, and that contributed to the issue, even though what he offered showed great promise. It was truly innovative and significantly departed from traditional thinking. A small group informally discussed this over lunch, and it was clear the idea that was presented was a cyber force multiplier. It addressed the budget constraints, as well as the growing shortage of properly skilled cyber resources that is plaguing the defense and private sector and is only projected to get worse.

Recent analysis indicates that due to the highly expansive cyber protection operating space, the shortage of properly skilled cybersecurity workers was one million in 2016 and was projected to grow to about 1.5 million by 2018. One organization had more than 500 positions that were open for more than six months, and they weren’t all filled!

Let’s face it — we are behind the eight ball. This has rapidly evolved into an emergency! Failure to address this issue could be catastrophic when you consider all the warnings and cyberwar-gaming scenarios of late.

Given the figures above and others, a cyber force multiplier is a necessity and essential for all those in the military, intelligence, government and private sector if we are to keep up with the growing threat domain! The advice rendered to individuals that have the mindset to research and bring up a cyber force multiplier to market is to submit the ideas as an Small Business Innovation Research program to the Department of Defense and the intelligence community — since it was an out-of-box approach, they may have to force fit into one to their predefined categories. I would recommend the approach from the Netscape days — get in, get known, get everywhere!

Let’s all hope those receiving the proposals evaluate them on their merits and the value the proposed solution brings when it comes to helping mitigate the human-resource shortage crisis we have entered in cybersecurity from a national security space and much more.

No comments: