Cyber National Guard
I’ve spent my almost my entire career working with Federal agencies to write and secure software. The bad guys are increasing in number and getting more sophisticated, so the problem is very difficult to control. The industry needs trained professionals to combat this problem, but there’s just not enough people. Specifically for the government, you’re not going to find top talent working there (unless it’s intel and it’s offensive…that’s enticing). I’m sure there are many patriotic white hats, myself included. Why not let them volunteer? The National Guard provides plus-up capabilities for the armed forces…why not do the same for cyber operations?
The Cyber National Guard is an interested idea in my mind. Do a certain level of training per month as a member of the armed forces. If a cyber problem pops up, a cyber group gets activated to help combat the problem. There will have to be a few changes to the traditional National Guard model in order to attract good white hats:
- No PT (physical training) – We’re computer geeks. Some of us are physically fit, but that’s their choice. We’re not going to be running into battle, so no PT. Ever.
- Do Exercises Remotely – In today’s National Guard, you train on-site with your group. This won’t work for techies. Since the work is all online, keep it online. We might be okay for a yearly on-site for intense training, but keep it low
There you go, problem solved. Ask for volunteers, let them get some of the benefits of being in the National Guard, and you’ll get a cyber force. There will still be some work on getting the level of expertise you want, but at least then you can train them up to the desired capability level.
This idea is probably really bad and will never happen, but it sounds cool in theory.