In numerous interviews with senior military commanders over the past several years, Vanguard magazine has often posed the question: what does the future cyber warrior look like?
Militaries have been coming to terms with the cyber domain for some time now, securing their systems and seeking methods to exploit adversaries. But is the cyber solider different from the individual a military might normally recruit? Is he possibly more like Sheldon Cooper or any of his The Big Bang Theory cohort, exceptionally knowledgeable of the intricacies of the domain but more likely to ridicule his commanding officer for lacking a PhD than obediently following orders.
Not exactly the ideal recruit but perhaps precisely the type of individual cyber operations require.
Winn Schwartau, a leading authority on all things cyber, raised the issue at the opening of the 3rd annual Privacy, Access and Security Congress in Ottawa on Thursday morning. His focus was not the military, but rather the larger public and private sectors. He noted the recent calls by Homeland Security Secretary Janet Napolitano and a U.K. parliamentary committee for more cyber security professionals. Even the director of the National Security Agency, in a rare appearance at DEFCON, asked the hacking community to get more involved.
Schwartau wondered, though, whether both sectors are ready to hire the types of individuals who might be best suited for this type of work. In short, do we have discriminatory hiring practices? he asked.
Because there is currently a difference between the needed skill sets and the ability of many organizations to successfully integrate those into their culture. With so much emphasis placed on degrees and professional certification, is your office ready for someone like Lisbeth Salander?
“Skills should come first,” he said, and the formal education second. “We need to stop finding reasons not to hire.”
That also means being more accepting of failure. In a domain that requires a willingness to experiment to problem-solve, teaching and embracing failure are critical.
So, what does the cyber warrior look like? In an interview in 2009, Lieutenant-Colonel David Gosselin, then the commandant of the Canadian Forces School of Communications and Electronics, summed up a warrior as: “someone who understands the intricacies of their weapon system in service to others. This means that a warrior understands the capabilities and vulnerabilities of their weapon system, and is capable of executing a plan that ensures that they prevail and overcome any threat or limitation of the weapon system in service to society.” (You can read the article at http://www.vanguardcanada.com/NetOpsWarriorThatcher)
The Congress continues today at the Westin Ottawa.