A Last Year and Increased National Security Concerns
Written By: CENSA Editorial Board
—
During his recent State of the Union Address President Obama outlined five specific themes not just for his last year in office but for setting the nation on a course to achieve success and prosperity over the next five to ten years. In short, these areas are: 1) building a better cyber defense force; 2) expanding healthcare for all; 3) reforming immigration laws and policies; 4) enacting gun control, and 5) ensuring workers right’s and benefits. He went on to say that, “priority number one is protecting the American people and going after terrorist networks.”[1] With respect to cyber, the fiscal year (FY) 2017 budget request submitted to Congress includes several new initiatives, just as 25 million American citizens view cybersecurity as a primary concern and contemplate the vulnerability of their personal data in the wake of a recent cyber-attack at the Office of Personnel Management. With respect to attacking terrorist networks, the priorities of the budget also appear promising, if somewhat uncoordinated and unclear.
The FY 2017 budget request contains more than $19 billion for specific cybersecurity initiatives, representing a 35% increase from FY 2016 in overall Federal resources for cybersecurity. The proposed increase includes $3.1 billion for an Information Technology Modernization Fund and $62 million for the education and training of an expanded national cybersecurity workforce. The President, moreover, has called for the establishment of a CyberCorps Reserve, the creation of a Cybersecurity Core Curriculum, and for strengthening the National Centers for Academic Excellence in Cybersecurity program. According to the official White House fact sheet, the “CyberCorps Reserve program [will] offer scholarships for Americans who wish to obtain cybersecurity education and serve their country” and “the Cybersecurity Core Curriculum [will] ensure [that] cybersecurity graduates who wish to join the Federal Government have the requisite knowledge and skills”; the additional emphasis on the National Centers for Academic Excellence in Cybersecurity called for by the President is aimed at increasing the overall number of academic institutions and students involved in cybersecurity studies.[2]
It is clear the Administration is both concerned with and serious about keeping the United States at the forefront of cyber operations, a mindset that is necessary (even if it has been slow to evolve) given global trends. According to reports, Beijing has already established China’s Cyber force and created a State-run university focused on educating and developing cyber officers for an “informitized” defense capability [i.e., Beijing’s effort to broadly push technologically-driven modernization]. Moscow also appears to enjoy a leveraged position with its aggressive and already well-established amount of cyber activities and the development of “armies of trolls”. Therefore, members of American industry, academia, and the federal workforce (especially those in the Department of Defense) would be foolish not to capitalize on the new programs proposed by the Administration and to be implemented over the next year. Properly utilized, these initiatives could have great impact and, hopefully, lead to the allocation of a greater amount of wisely-targeted resources during the next administration – in an area certain to require an ever-increasing amount of attention for the foreseeable future.
Despite the promise of these cyber initiatives, the FY 2017 budget request still contains many unanswered questions that point to a possible disconnect between strategy and resource allocation, including but not limited to cyber-related matters.
Designed to address a wide range of challenges facing the U.S. national security community the FY 2017 budget request for the Department of Defense (DoD) is $582.7 billion, which is $2.4 billion (about 0.4 percent) more than the FY 2016 enacted level of $580.3 billion[3]. According to DoD Comptroller Mike McCord, these challenges include:
- Balancing capability, capacity, and readiness;
- Terrorism, instability across the Middle East and North Africa;
- Rising pressure from Russia and China;
- Globalization of advanced technology;
- Rebalancing to the Asia-Pacific region;
- Cyber defense, attribution and response;
- Short-term budget deals, constrained resources, and fiscal uncertainty.” [4]
For the United States – a global power with vast and far-reaching interests – the diverse nature and range of these challenges presents yet another even more complex hurdle. For strategists, the range of diversity undermines efforts to target and channel finite (and perhaps diminishing!) resources; and their range and diversity suggests a need for “strategic pluralism,” implying a requirement for a high number of investments across several geographical and functional areas (a dispersion of effort that may ultimately prove to be unachievable and unrealistic). To be sure, at least one analyst has alluded to the complexity facing policymakers and the consideration of the FY 2017 request: “[it] reorients the military to deter Russia and China. Down in the trenches, though, it’s a long, slow slog to rebuild the force for high-intensity conflict after 14 years of irregular warfare, mostly in the Middle East—which isn’t actually ending—and three years of Budget Control Act caps.”[5] Thus, as Capitol Hill prepares for yet another battle on government spending, many Administration officials and inspired congressional leaders will no doubt (and must) push for an agreement to provide some sense of stability to national security funding.[6]
Budgeting uncertainty and the year-after-year habit of using Continuing Resolutions (CRs) to appropriate funds have combined to produce “a perfect storm” of bureaucratic conflict and inefficiency, and wreaked havoc on national security planning – especially on attempts to innovate. CRs fund ongoing operations and “legacy” programs and yet restrict new start initiatives – precisely the portion of the budget promising the most fertile ground for cyber-related innovations. Breaking this CR-based paradigm and establishing a new precedent (a return to normal order, actually) is of paramount importance if our nation is to counter cyber-based threats and position itself to lead.
Above and beyond cyber, the President’s FY 2017 budget submission also includes nearly $16 billion to promote a number of broad, far-reaching, and important national security and foreign policy objectives. These goals include: the destruction of the Islamic State of Iraq and the Levant (ISIL); the development of innovative community-based approaches to discourage violent extremism around the world (although “innovative” is not defined or described); support for the transition in Afghanistan from an aggressive war-fighting footing to a more sustainable, training- and support-based posture (with investments in civil projects and infrastructure); funding for the European Reassurance Initiative and related efforts designed to improve NATO capabilities against Russian aggression (an initiative which alone has $4.3 billion earmarked); support for the Central America regional strategy; enhancements for the strategic rebalance towards Asia and the Pacific; support for the President’s “Democracy Agenda”; and assistance for continuing to grow strategic partnerships in Africa (based on promises made at the 2014 Africa Summit in Washington, DC).[7]
But the supporting material announcing these goals and broad themes does not include specifics or suggest the existence of (or include calls for) the guidance necessary for leveraging a coordinated information campaign – one that could be enabled by a capable and empowered cyber security workforce. These questions are left unanswered in the budget roll-out; and this silence suggests that policy makers and practitioners are at a loss on how to proceed. Regrettably, too, this vagueness suggests that the Obama Administration will continue to underperform when it comes to fully coordinating cyber-related activities with national security goals and objectives – despite many high-level claims to the contrary and persistent calls over the years for improvement from voices in government, industry, and academia.
Against this backdrop of additional cybersecurity activity and threats, the more conventional “who, what, when, and where?” questions about national security and geopolitical rivalry appear to be even more relevant than in recent years, especially with respect to existing and aspiring nuclear powers. China and Russia continue to provide near-peer competition to the United States by means of both conventional and nuclear arms and each have adopted a more aggressive “power projection” posture within their respective regions; North Korea represents a real – and potentially dangerous – nuisance of sorts with its impulsive (reckless?) display of periodic rocket launches, low-yield nuclear tests, vocal saber-rattling and rhetorical threats aimed at both Seoul and Washington; and Iran, even though it has pledged to adhere to the recent nuclear-inspections deal, maintains a powerful conventional military capacity and has not signaled an end to its support of clandestine acts of a subversive sort throughout the greater Middle Eastern region.
And while conventional State-on-State conflict might deserve greater force planning attention in the future (especially for the western Pacific), unconventional, irregular, or “hybrid” skirmishes continue to flare in places named Syria, Iraq, Afghanistan, Yemen, Somalia, Libya, Burkina Faso, and Nigeria. The persistence of this type of armed conflict – indeed the “how” – fuels the intellectual cause célèbre of several prominent defense thinkers (John Nagle, Frank Hoffman, Dave Maxwell, Dave Kilcullen, and Seb Gorka, for example). For Gorka, irregular has in fact been the norm or the regular form of armed conflict around the globe ever since the American Revolution and is thus misnamed; and for Gorka, irregular warfare, or IW, is likely to be the way of the future just as it has been in the past.[8] Given its persistence throughout history, therefore, IW should be addressed and accommodated when risk assessment decisions are made and upcoming authorization and appropriations’ bills are crafted and finalized.
The robust nature of U.S. counter-terrorism (CT) operations overseas remains strong and suggests a significant level of commitment for meeting the objectives of the Administration’s highest stated priority (i.e., going after terrorist networks). Funded primarily through the overseas contingency operations account, U.S.-led operations in Iraq, Syria, and elsewhere, have experienced significant gains of late: the recent capture of a senior ISIL operative in northern Iraq; the killing of nearly 100 fighters and an increase in the coalition’s capacity in eastern Syria; and the recent killing of more than two hundred militants in Somalia and Libya.[9] But CT-focused operations alone are not enough. The return of legitimate governance to these areas is required; only the establishment of the rule of law and robust local security and stability measures will conclusively defeat ISIL and other terrorist networks around the globe.
For those concerned about U.S. national security and the prioritization of capabilities against new and evolving threats, President Obama’s most recent budget submission presents considerable reason for optimism. Its stated goal of attacking terrorist networks, its emphasis on cyber as a real viable threat area, and its inclusion of and funding for several new cyber-based solutions is a step in the right direction, even as some areas are in need of greater guidance and detail. If not resolved, the lack of fidelity in these areas will certainly lead to an underutilization of cyber-related assets and perhaps undermine Washington’s efforts to achieve effective strategic gains in the fight against terrorists. And still, the greatest concern about the budget may be its lack of strategic focus for racking and stacking priorities in a tangible manner. Strategic pluralism run amok can be both inefficient and ineffective – and potentially costly in terms of dollars and lives.
[1] https://www.whitehouse.gov/the-press-office/2016/01/12/remarks-president-barack-obama-%E2%80%93-prepared-delivery-state-union-address
[2] https://www.whitehouse.gov/the-press-office/2016/02/09/fact-sheet-cybersecurity-national-action-plan
[3] http://comptroller.defense.gov/Portals/45/Documents/defbudget/fy2017/FY2017_Budget_Request_Overview_Book.pdf
[4] http://www.defense.gov/News-Article-View/Article/632078/dod-comptroller-budget-deal-offers-relief-uncertainty
[5] http://breakingdefense.com/2016/02/2017-budget-the-long-slow-slog/
[6] http://www.nationaldefensemagazine.org/blog/Lists/Posts/Post.aspx?ID=2095
[7] https://www.whitehouse.gov/omb/budget
[8] http://www.correlatesofwar.org/ AND various public speaking engagements by Dr. Sebastian Gorka – http://thegorkabriefing.com/
[9] https://www.washingtonpost.com/opinions/the-islamic-state-is-degraded-but-far-from-being-destroyed/2016/03/08/bc0590fe-e56e-11e5-b0fd-073d5930a7b7_story.html