U.S. must keep pace with China in cyberspace
- By Sean Lyngaas
- Jan 13, 2016
Rep. Mac Thornberry (R-Texas) said personnel are the key to ramping up the country's cybersecurity efforts.
Congress needs to act if the United States is to keep pace with China's investments in cyberspace, said Texas Republican Mac Thornberry, chairman of the House Armed Services Committee.
Despite the talent at the National Security Agency and U.S. Cyber Command, Thornberry said he is concerned about "the scale of what the Chinese are doing and these terrific people trying to deal with it on our side -- there's a mismatch there."
During remarks at the National Press Club on Jan. 13, Thornberry said, "So we're going to have to amp up, significantly, our cyber efforts" and added that personnel are the key to doing so.
He floated the idea of using legislation to give the Pentagon more flexible hiring authority for cybersecurity personnel. Although the fiscal 2016 defense bill authorized the Defense Department secretary to establish new cybersecurity positions with commensurate pay, more can and should be done, according to Thornberry.
"The committee will be pushing issues related to people, organizations, rules of engagement in [cyberspace] to try to make sure we close the gap between the threat and the policies we now have," he said.
The Pentagon needs to be able to bring in outside IT experts and rotate them back to the private sector seamlessly, Thornberry added.
Defense officials are trying to do just that. A program that has brought Cisco to the Pentagon to share its expertise on routers will expand to include personnel from about 10 firms, Defense Department CIO Terry Halvorsen said last October.
"You shouldn't try to match pay with Silicon Valley, but what you should try to do is make it as easy as possible to attract and retain top-quality talent," Thornberry told reporters after his speech.
That speech covered a range of defense challenges, with repeated references to cyberspace. Among the threats he cited were reports of Russian hacking of the Ukrainian power grid and Iranian hackers' infiltration of a New York dam's control system.
When asked whether the Pentagon should be more aggressive in using offensive cyber measures against the Islamic State group, Thornberry said "absolutely" but added that encryption tools are making the information environment tougher and tougher. Defense Secretary Ash Carter has reportedly been considering stepping up cyberattacks against Islamic State's digital infrastructure.
Thornberry also reiterated that his committee's acquisition reform efforts will focus on experimentation and prototyping in 2016.
Despite the substantial policy changes made in last year's defense bill, "the tyranny of consensus has come to dominate the Pentagon," Thornberry said, quoting a former defense official. He added that he will repeat what he did last year and introduce stand-alone acquisition legislation -- perhaps by the end of March -- and then fold a revised version of the bill into the fiscal 2017 defense policy bill.
Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.
Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.
Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.