Over the next three fiscal years, the Army National Guard plans to establish 10 Cyber Protection Teams (CPTs) in an effort to improve the Nation’s “cyber posture” or ability to defend against cyber attacks.
Read or listen to the news on just about any day, and you’ll hear about the theft of personal information or credit card numbers due to hacking, a phishing scam, or the spread of a computer virus.
Lieutenant Colonel Matt Chytka, Chief Information Officer for North Carolina National Guard, explains that cyber affects everything – academic institutions, corporations, law enforcement, government, and everyday citizens.
Even though these threats to computer networks are global in nature, one of the Guard’s distinct advantages is its ability to act locally because its personnel are already entrenched within the community.
Although the Guard has not responded to a cyber emergency as yet in North Carolina, it has had the opportunity to partner with State agencies to do assessments and training, says LTC Chytka.
“In the event something should happen, we’re not meeting each other for the first time and trying to figure out who knows what. We’ve already had that handshake and exchange of knowledge.”
LTC Chytka, who joined the Guard in 1979 as an 11C Indirect Fire Infantryman, worked on a team that installed and configured the first local area network (LAN) in the North Carolina Guard in the early 1990s.
“It became obvious to all of us, even in those early archaic days, that issues like network security, user authentication, and how to prevent unauthorized access were going to be critical elements of the IT environment.”
These days, in his role as CIO, LTC Chytka considers it his job to campaign for his State to serve as home base for one of the CPTs. National Guard Bureau will be deciding where the teams are based. So far, California, Georgia, and a joint team in Michigan, Indiana, and Ohio were the first three teams to be chosen.
LTC Chytka says a cyber event that would require a CPT’s expertise could be anything from a major network hack to an infrastructure attack – where someone attempts to infiltrate and manipulate something major, like a power plant, gas line, or transportation network. He notes that his State is home to a number of airports, the Research Triangle Park, which is the largest research park in the country, and ports all along its coast.
“All of those offer unique and different cyber opportunities we have to think about and prepare for,” he says.
While a number of Department of Defense components are focusing on cyber defense, LTC Chytka says that the Guard is uniquely qualified to contribute to the effort.
“We have a very strong ability versus our active duty brethren to attract, and, particularly, to retain, highly skilled cyber military professionals that the Nation requires in order to maintain a keen cyber edge and superiority in the cyberspace realm.”
Part of that can be attributed to the fact that National Guard service is typically part-time, and therefore Guard members are able to maintain full-time private sector careers.
LTC Chytka notes that a number of North Carolina National Guard members are cyber professionals and subject matter experts who work for some of the major cyber defense, research, development, and protection companies across the State.
The CPTs will be comprised of military officers, warrant officers, and enlisted cyber warriors. LTC Chytka believes the following military occupational specialties (MOS) will be essential to these teams:
255S Cyberspace Defense Technician
255A Information Services Technician
25E Electromagnetic Spectrum Manager
25A Signal Officer
25D Cyber Network Defender
Plus, a new series of cyber-related MOSs that will help staff the CPTs is currently under development.
A cyber warrior should be able to apply deliberate, deep, and analytical thought, and have a willingness to ask questions and learn, says LTC Chytka.
“You are always going to be learning a new platform, a new infrastructure, a new coding algorithm. The cyber world is not one of the professions you can get a certification, get a degree, and ride that into the sunset without having to do a whole lot more additional education and professional development just to try to stay current with where the industry and cyber world are heading.”