WASHINGTON ― The founder of the Military Cyber Professionals Association, Joe Billingsley, discussed with Defense News’ Congress reporter Joe Gould the military's challenges attracting and retaining enough skilled personnel for its cyber billets.
When did you found the association and what has changed for military cyber professionals since?
I founded it in 2013 in Monterey, California, and since then there has been tremendous evolution of this field and this community. Some of the best examples are the full embrace of cyber by the U.S. Army, exemplified by the establishment of the Army cyber branch and the Army Cyber Institute at West Point, and the Army Cyber Center of Excellence at Fort Gordon, Georgia.
Has the Army done as well as it’s wanted to do filling out the branch? What challenges are there for attracting cyber professionals for the Army and the military more broadly?
The Army is filling the billets. There’s a long way to go to recruit and retain the people who are passionate about this field and have the skill set we need to accomplish what we need to in this domain.
What are the big challenges? We hear once these folks are trained, it’s attractive for them to go to the private sector and in other U.S. agencies.
Some of this is that military life means constantly moving, every two to three years, more or less — and where the people are moved to. It was a dream come true to be stationed in Monterey, but I have been stationed other places that are not ideal. It’s not just the soldier, but the soldier’s family.
Is it a matter of better bonuses or relaxing appearance and physical fitness standards, as we’ve heard discussed in the past?
Those are absolutely things to consider, but I really think we need a review of the up-or-out policy, which I believe is mandated by Congress. That’s been inhibiting to people with cyber skills from staying in a cyber job and being moved into a more managerial position, and taking them away from the keyboard.
Outside of personnel policies, what’s of interest to the association? We hear on Capitol Hill about the need for the U.S. to have a cyber deterrence policy.
We are developing our legislative affairs committee to dig into these policies and better articulate our association’s and our community’s position. That said, our biggest general opinion is the need to grow this community with trusted professionals with the requisite skill sets. Developing a master concert pianist is like developing a master cyber operator in that it takes many years. We need a lot more people like that, which is why part of the association’s mission is STEM [science, technology, engineering and mathematics] education, focusing on K through 12, the next generation.
How much of a factor are the cyber conflicts with Russia and China? Is this a hot area now?
It’s very hot, and it’s only going to be getting hotter with the constant flow of news, with high-visibility hacks. Many of them impact regular Americans or people they know and care about, which makes it more personal. The more people are affected, in a great democracy like ours, you’ll have more pressure on our elected representatives to hopefully increase resources and [inject] more fresh thoughts at the strategic level about approaches to become more effective.
I know from my own analysis of the president’s statements concerning cyber that he is well-aware of cyber-related challenges. He has been actively tweeting about them for years.
So contrary to the perception he’s not tuned into the cyberthreat from Russia, you think he is?
In my “Trump on Cyber Warfare” article, I include his tweets, going back to 2012, mostly about Chinese cyber activity and the United States.
What do you think is the biggest misconception about the cyber domain or cyber professionals?
There’s a lot of people capitalizing on all the confusion, in the public or private sector, and there are more people we have that understand this field; where it’s demystified, they will be less easily taken advantage of.
This interview has been edited for length and clarity.