In a recent article, the Washington Post reported that “The Pentagon has approved a major expansion of its cybersecurity force over the next several years, increasing its size more than fivefold to bolster the nation’s ability to defend critical computer systems and conduct offensive computer operations against foreign adversaries.”
The Pentagon’s plan would create three types of forces under the Cyber Command:
- “national mission forces” to protect computer systems that undergird electrical grids, power plants and other infrastructure deemed critical to national and economic security;
- “combat mission forces” to help commanders abroad plan and execute attacks or other offensive operations; and
- “cyber protection forces” to fortify the Defense Department’s networks.
The first of these categories is the one I find most interesting, as it most closely relates to daily life and work in this country. It also raises the interesting question as to which businesses are deemed to be critial infrastructure. While electric grids seem obvious, what about electronic health records? Or Google? Cloud storage? And would you want your company to be designated as critical, if there is increased government oversight as a result?