The article at Danger Room regarding $400M of DoD cyber war business could perhaps be better titled “Cyber Chicken Little Wins Conflict Cash” or “There’s No Business in Saying ‘All is Well’.” There is much to agree with on Danger Room’s take on the subject.
Fundamental issues cyber war contractors should address:
- If we are fighting a cyber war today and losing, as has been asserted, can we please define cyber war, define the metrics for winning and losing, and then explain how we’re losing? Please don’t hide behind hand waves like “It’s complicated” or “Its classified.”
- Does anyone really believe “The cyber-war mirrors the nuclear challenge in terms of the potential economic and psychological effects”? If so, how? Nuclear weapons could rearrange–in the worst way possible–life on earth as we know it. A reasonable person–me for example–might think the impact of the cyber threat is being hyped.
- It is unclear how a contractor can provide combat-ready forces to secure cyber operations. Again, define what is a combat-ready cyber force is and then explain how a contractor performs that mission. I come from an ops background and would be interested in initial and recurring training, standardization and evaluation, and certification processes traditionally encompassed within the phrase ‘combat-ready.’
I am not attempting to dismiss the cyber threat but am more inclined to think are holding our own. I’m just not sure how building a culture of ‘learned helplessness’ by having contractors performing cyber war work will help the military develop competencies in this area.