HYLAND
provide units with sufficient depth and breadth of expertise for the
decades ahead. e skills required here include not just world-class
technical understanding, but the agility, flare and imagination to outwit
and outmaneuver potential threat actors.
In the middle tier there will also be a need for more and better cybersecurity
professionals in the armed forces and civil service (as well as business), and
for much greater awareness among commanders of the implications for
their commands. is may entail a change in mindset as much as, or more
than, a realignment of manpower. e next generation of commanders
needs to understand that all military operations will now have a cyber
dimension, without themselves needing to be cyber-experts.
In some ways the most important element of a cyber-education program
is the basic tier—raising awareness and improving basic computer security
practice in the population at large, from children at primary schools
through to the elderly. Better education and information for ordinary
people could make quite a difference to us all. A corollary of this is that
government must be willing to be as candid as possible with citizens
on the cyber-threats they face, in clear terms and sometimes in a much
more timely fashion than may be comfortable to either government or
individuals.
Effective Incident Management
However thorough the preventative security measures taken, the nature
of the cyber-threat means that it is prudent to assume that there will
be unexpected and alarming breaches of cyber-security. is does not
mean that thorough preventative measures are in any sense a waste of
time; effective preventative measures should ensure that such incidents
are much rarer than they might otherwise be.
