The Air Force's chief of staff expressed concerns that the Pentagon is moving on cybersecurity spending without a coordinated plan on how defense agencies should deal with threats to sensitive networks, Foreign Policy reports.
Gen. Mark Welsh spotlighted the Air Force’s lack of direction on how it was expected to operate in the digital realm. He told FP, “I don't know of a really stated requirement from the joint world, through U.S. Cyber Command in particular, as to what exact kind of expertise they need us to train to and to what numbers to support them and the combatant commanders.”
While Welsh did not say he opposed computer security spending, he voiced reservations about procurement and spending without clear rules of engagement, according to the report. "I'm just not sure we know exactly what we're doing in it yet, and until we do, I'm concerned that it's a black hole," Welsh said. "I'm going to be going a little slow on the operational side of cyber until we know what we're doing.” He spoke at an Air Force Association-sponsored conference outside Washington.
The federal government hasn’t articulated how it intends to let agencies play both offense and defense in cyberspace, even as it begins to explore aggressive tactics more openly.
There are hints that various moving parts are falling into place, paving the way for the foundations of a more cohesive strategy. The U.S. Cyber Command is inching toward being elevated to full combatant command status, a move that would give it more access to resources and the Pentagon’s top brass. Computer and network attacks can be classified as armed offensives that trigger the right to self-defense, State Department legal adviser Harold Koh said this week, in a move that laid down an early legal framework for approaching the digital realm.