Pentagon to add thousands of new cybersecurity jobs

If move to deal with growing cyber threats is to reach goals Defense Department must seek innovative ways to find talent, expert says

The Pentagon is planning to expand its cyber security force nearly five fold over the next several years in a bid to bolster its defensive and offensive computer capabilities.

The plan is to add about 4,000 more troops and civilians to the existing 900 personnel in the Defense Department's Cyber Command, the Washington Post reported today citing several unnamed sources.

The planned expansion is in response to growing threats against critical U.S. assets in cyberspace, a defense official told Computerworld on Monday.

"As Secretary Panetta stated in his cyber speech last October, we are faced with an increasing threat of a cyber attack that could be as destructive as the terrorist attack on 9/11," the official said. "The department recognizes this growing danger and is working with a sense of urgency to put the right policies and structures in place to enable us to carry out our role."p>

The official said the Department of Defense (DoD) will work closely with U.S. Cyber Command and the Combatant Commands to develop an "optimum force structure" for dealing with emerging cyber threats.

The goal is to create three separate types of cyber forces each tasked with specific roles and responsibilities. The cyber force structure will include Cyber National Mission Forces, Cyber Combat Mission Forces and Cyber Protection Forces, the official noted.

The national force and cyber protect force will focus on addressing threats to critical infrastructure targets and DoD networks respectively. Meanwhile, the combat mission force will be responsible for planning and executing offensive operations and attacks in cyberspace.

"While the basic cyber force structure model is clear, the implementation plan to achieve it is still being developed and is pre-decisional at this time," the official said.

The planned expansion comes amid heightening concerns about U.S. vulnerabilities in cyber space. Many believe that the U.S. is already in the midst of an undeclared and mostly unseen cyberwar directed against it by unfriendly nation states and well-funded highly organized criminal gangs and hactivist groups.

Countries like China and Russia are well ahead of the U.S. in terms of having cyber forces of the kind that the Pentagon is trying to build up, said Alan Paller, director of research at the SANS Institute. The challenge for the DoD will be to find enough qualified cybersecurity professionals to meet its ambitious expansion plans, he said.

"The key to putting the 4,000 in perspective is that every other critical part of the economy also needs the same people -- banks, power companies, telecom, defense contractors, civilian and state government and hospitals."

But while the hunger for cybersecurity professionals with advanced skills is very real, the supply line is near empty, he said. If the DoD wants to meet its expansion goals it will have to find innovative ways to find talent, Paller said.

He pointed to a recently launched program called Cyber Corps Challenge by New Jersey Governor Chris Christie as an example of the kind of approach the DoD needs to take to find talent. Under the program, the state invited veterans of the U.S armed services and others to take part in a competition for spots in a community college-based cyber security program and six month residencies at banks, the FBI and other organizations.

"China has been running competitions and training programs that work well in every ... district since at least 2003," Paller said. "Russia set up its first advanced school in 1994. We are way behind in quantity and quality."

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed. His e-mail address is

See more by Jaikumar Vijayan on

Read more about cybercrime and hacking in Computerworld's Cybercrime and Hacking Topic Center.

Join the CSO newsletter!

Error: Please check your email address.

Tags Government ITU.S. Department of Defensebusiness issuesCybercrime and HackingGovernment use of ITsecuritycyberwarfarelegalgovernmentcybercrimepersonnel

More about FBISANS InstituteTopic

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jaikumar Vijayan

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts