Unprepared soldiers are ineffective soldiers, and the rise of the networked battle space has made this ancient wisdom no less true.

It is curious, then, that when the Army practices operating in contested cyberspace environments, it does so largely in echelons above corps and not throughout the force. What exercises do take place generally understate the likely effects of network outages and overstate our ability to adapt to them.

If we continue to avoid rigorous rehearsal for cyber attack, or fail to implement it at all levels, we are training to meet incompetent adversaries and setting the stage for improvised, ill-coordinated and ineffective responses to competent ones.

Just as the Army has done for every other aspect of combat, it needs to develop a set of battle drills for such environments and work them into the standard training regimen at each echelon of command. These drills must include individual and collective tasks of the sort that would prepare soldiers, commanders and units to face many varieties of cyber events: short- and long-duration, point and pervasive, man-made and natural. To make this practical, we must also give units at all levels the modeling and simulation capabilities they need to hone their defenses, responses and training efforts.

Good Article. Square on in detailing just how apparently clueless the command structure is w/r/t network defense.  What he misses, is what he doesn't want to know: that command is actually well aware of it's own cyber shortcomings and trying to build a strategy while at the same time trying to keep reality hush-hush.  I would expect to see more force-wide integration of network defense in the coming months and years...

Net-Net is the worst case scenario far worse than I think?

I don't think so....  any truly worst-case scenarios would,  imo, require long term collusion from multiple tier 1 networks (like... serious treason and conspiracy). Fortunately, the military obstinacy helps keep it protected. They don't treat the Internet as some amorphous blob of networks that you just sorta connect to and rely upon, but rather with a certain rigidity that you'd expect from someone planning a corporate token-ring, so there aren't many opportunities available for direct infiltration. However, as more of the battlefield becomes IP based, then the threat possibilities become more pronounced.

So the key is to keep a significant portion of the network off IP?

I was fortunate to have a tour of the Pentagon last year as some very interesting briefings on the state of the military. It was very interesting for me to have my expectations totally destroyed by highly intelligent, forward thinking men and women thinking about how to protect the nation in 50 years and how to do so by avoiding the need for war.

On the other hand, one guy in charge of transitioning military personal back to civilian life was pimping a website to help find military members jobs and had never heard of an API.

you get all sorts in the military