Words by Bridget Foster.
When natural (or manmade) disasters overwhelm the resources of local and state emergency response systems, we can count on our civilian-soldiers in the National Guard to be at the ready to assist with response and recovery efforts. Now, thanks to the 2014 National Defense Authorization Act (awaiting signature by President Obama), the National Guard could have units dedicated to thwarting or recovering from cyberattacks anywhere in the nation.
Cyberspace is poised to be the next battleground. So much of what we do every day depends upon computer-based or computer-supported systems, e.g. the power grids that supply our electricity, the wireless and broadband networks we use for communication, our online banking systems, and even the national intelligence systems we depend upon to keep us safe from the next terrorist attack. Securing our national cyberspace is critical to maintaining our way of life.
Under the 2014 National Defense Authorization Act, Defense Secretary Chuck Hagel has been empowered to “assess the appropriateness of hiring on a part-time basis [non-military] status technicians who possess appropriate cyber security expertise for the purpose of assisting the National Guard in protecting critical infrastructure and carrying out cyber missions.” The bill requires the DOD to appoint a “Cyber Czar” (my term) to supervise all cyber operations, including the oversight of an integrated team from all branches of the military, combatant commands and Defense agencies.
Other legislation was introduced earlier this year authorizing the Secretary of Defense to establish National Guard Cyber and Computer Network Incident Response Teams or “Cyber Guards” in all states and the District of Columbia. That legislation, dubbed the “Cyber Warrior Act of 2013”, would authorize governors or the Secretary of Defense to activate these units dependent upon the type of response needed, preferably without having to physically relocate the units. The Secretary of Defense would be charged with ensuring that the servicemembers selected for these teams already have the skills and training required (similar to the requirement outlined in the NDAA). One far-reaching goal of the legislation would be to provide a means of recruiting and retaining cyber-trained military personnel who might otherwise leave the service.
Under the Cyber Warrior Act of 2013, governors would also have the authority to use their National Guardsmen to train local and state law enforcement in cyber security and assist in the development of best practices for working cohesively with federal government responders.
Some states, such as Missouri, Delaware, and Washington have already developed their own National Guard “Cyber Troops” to monitor and defend their states’ critical cyber infrastructure against threats. Missouri bills itself as the first state to have a fully funded and staffed National Guard computer security defense team.
The National Guard Association of the United States (NGUAS) expressed support for the Cyber Warrior Act of 2013, citing the Guard’s “unique access to a wealth of information technology talent within its ranks.”
The bill has not moved from the Senate and House subcommittees where it was introduced.