A (14:33)

So right now where I see us standing is we are looking as a force and I say when I say I mean the United States, our partners and our allies as that's going to have to integrate across all of the domains of warfare at levels that we haven't done to date. It's becoming increasingly important and what I mean by that is the physical domains of air, land, sea, space. Cyberspace is the new part, right? And so when we think about that is when you add that to the element you say okay, so how do we integrate across those domains? And there's two areas that really come to me, when we think about that, the first one is the information that transits all of that, all of those different domains and finally the electromagnetic spectrum that also connects all of those domains. And so that's kind of where I see us now. And as we're going into future, what's becoming increasingly apparent to me and to many of my colleagues is that is going to be contested in a way and shaped in a way that previous technology wasn't available to enable it, but now we can, and we can gain advantage as well as deny our adversaries advantage.

B (15:44)

So the cost of entry into this battle space has gone way down because of the cyber domain. Is that a fair way to say it?

A (15:52)

Yeah, Dave, I completely agree with you. It's been democratized in a way and commoditized in a way. Especially we saw in the cyber domain that unitary actors, not necessarily even state actors, have access to criminal activities generally that would enable access as well as infrastructure that they were able to stand up quickly, use quickly, and then take down just as quickly as after. They've usually most of the criminal actors, you'll see the ransomware actors and things like that. Well, we can also see that for other types of effects that states are now adopting to do that type of activity as well, and then stand up the infrastructure quickly maintain the effect or gain access and then very quickly move using our infrastructure that's out there and then commercial infrastructure.

B (16:42)

I mentioned that you have been at the front lines of a lot of this. Can you share with our audience some of your background? Where did you get your start and what led you to where you are today?

A (16:51)

Absolutely. So I just recently retired. Well, I still say recently, but last fall, so it's been a year. Recently retired from the United States air force after 34 years in that capacity. I had kind of a three chapter career. First portion was flying B1 aircraft and commanding small flights elements training largely focused on the tactical and operational level. Second chapter of that career focused on strategy at the Air Force and Joint Staff level as well as leading larger teams in squadrons and wings and culminating as a base commander out in Ellsworth air Force Base, South Dakota for B1s. And then the third chapter was when I became a general officer. I joined the CIO and cyber enterprises for the United States Air Force as well as on the Secretary of Staff for the department and up at Cyber Command where I was the J3. And my final job was I was the 16th Air Force Commander which had all of the information warfare capabilities responsible for organized training and Equipping and then as the component to the National Security Agency as well as the component to U.S. cyber Command.

B (18:03)

And today you're at ManTech. What's your day to day like there?

A (18:07)

So at Mantec I joined the team for the primary reason is it's a highly focused organization on the mission of national security. We're about 50% veterans and 70% of our workforce has served in government in some capacity. And my day to day role there is I'm the defense strategy and war fighting integration. So our president of the defense sector has asked us to ask me to look across all of our divisions and see how we can bring capabilities, capabilities and to the market that we require for the future battlefield capabilities focusing in cyber, non kinetic effects, cybersecurity aspects and then leveraging the capabilities we have across our company which we're organized with some practices. We're focusing on data and AI, cyber and cybersecurity, intelligent engineering as well as digital engineering.

B (19:01)

Well, looking at the global situation these days, when we look at our adversaries or even our friendly competitors out there, how are the nations around the world posturing for this new world that includes the cyber element Where I see just.

A (19:20)

Take the cyber domain first. What I see out there for our adversaries is they're leveraging the domain for three primary reasons or activities. The first one will be pre positioning for potential military operation. The second one's espionage and the third one is criminal activity. And so when you look at the criminal activity this is there are nations out there primarily when you think about North Korea, that they're using the cyber domain to fund their illicit activities and evade sanctions. When you look at the Volt series, Volt Typhoon as well as Salt Typhoon, this PRC and what they're doing is pre positioning primarily for potential military operations. There doesn't seem to be an espionage motivation behind their activity. And we saw that most recently with the Volt Typhoon with our critical infrastructure and our water and our waste treatment and our transportation systems and the opportunities they're seeking there to preposition for potential operations where the theory is if they are able to prevent the United States from flowing forces or increase pain on the United States, then we may not take military action in the Pacific. I think that's a miscalculation, but that's my understanding of the theory.

B (20:42)

Yeah, you mentioned the electronic magnetic spectrum. Where do we stand there? What are your concerns?

A (20:50)

Well, as we think through of the cross domain operations in the future, the coin of that and the means of that is the exchange of Information and data. And the spectrum is how we do that. Generally, whether it's radio frequencies or Internet protocol based, we generally use that to make sure we can synchronize our activities, coordinate our activities and integrate to levels that we hadn't before. Primarily in the last few decades, we've been pretty much in a non contested environment for that. As we, you know, we didn't have any active jamming by the adversaries. But what we're seeing now is active jamming. And what I mean by that is if you look at what's happening on the Ukraine battlefield right now, that there is active efforts by both sides to deny the spectrum for navigation, communications and sharing of information. And as we go forward, we need to think through how we can be agile in that manner to ensure that we understand how we need to leverage the spectrum, how we can assure our access to it while dividing our adversary, the same thing. And so this is more than historically electronic warfare kind of capabilities focused on electronic attack and electronic protection. In other words, creating a condition upon adversary systems that made them less effective or providing techniques that enabled our systems to continue to operate. And through jamming, well, now we have the ability we need to think through like, okay, how do we shape the environment in ways that make it more conducive for our systems and less conducive for theirs?

B (22:25)

Help me understand and kind of, I suppose calibrate here, does this future require more of a public private partnership than we had in the past? I'm thinking particularly when it comes to critical infrastructure.

A (22:42)

With respect to critical infrastructure, yes. I think we need to think through how we do the information sharing and then how do we respond to activities and then how do we assess our current posture? And what I mean by that is a large portion of producing military capabilities is understanding how resilient your systems are and how you can posture yourself to overcome fog or friction. And what I mean by that is friction is things that just make large scale operations difficult. When you think about the redundancy on critical infrastructure, or sorry, not the redundancy, when I think about the dependency on critical infrastructure, then you need to think, okay, how do I understand the current posture that a certain base post station port is reliant on a civilian sector. If we don't understand that to a level of understanding how they're resilient, what's their cybersecurity posture, how quickly can they respond to incidents? If we don't tabletop that, if we don't war game that out with exercises and training together, then we really won't know how successful or how quickly we can adapt to an environment that is going to be contested. So I think as we move forward, we'll have to think through as a nation, the authorities and how do we align our, from state and local all the way to federal about the ability to defend ourselves in the nation, in the cyber domain to ensure that we can protect our citizens and our interests.

B (24:10)

You know, recently we've seen budget cuts, organizations like cisa. At the same time we have others who are pushing that in addition to, for example, a space force that we should stand up, a cyber force. Do you have any insights for those?

A (24:26)

I do. So I was on the air staff when we had, when the Space force was born and understand the desire to really focus the war fighting aspects of that domain and ensure we're building capabilities for that domain. The difference I would say between that and a cyber force is the cyber is, as I mentioned before, the needs for cyber across all domains of warfare to include space is prevalent. And having a separate force to do that wholly like lock, stock and barrel, move it to a separate force, I think would be problematic. Now, I do think there are different models that we can for generating cyberpower and the one we, you know, the model that's generally produced is the SOCOM model, the Special Operations Command and how we generate forces through the services and then present them to Special Operations Command and they generally do the care and feeding and development of the doctrine and then the extra capabilities that need to roll on that. I think that model is about 75% of what we need to do in the forest. But the next step on that is understanding, okay, how do we do the talent management of the cyber operators as they come forward on that? Because I do think the model breaks down there and I think Cyber Command probably given some authorities to help generate that force, would then enable the capability, then enable the large scale scaling of the capabilities that we need for the command. A separate force or service, A separate service would be difficult because I think the overhead that comes with being a service would make it very difficult to meet the tooth to tail ratio. And what I mean by that is like the folks that are focused on mission versus the infrastructure that goes around to generating everything that would be necessary as a standalone service. So the relationship between the existing services and a force for US Cyber Command I think is an area that we should explore. And as we continue moving out in that way, we. Just recently the department mentioned an update to Cyber Command 2.0. I think that's a Step in the right direction. I do think that the department should look closely at how they accelerate those timelines to the left.

B (26:42)

Well, let me come at the question from a different direction. I mean, you have hung up your hat as a member of the military, but just as a thought exercise, suppose you were put in charge and it was up to you to organize our future cyber fighting force. What sort of things do you think should be put in place?

A (27:04)

Well, I would look focus on the life cycle of a cyber operator and as we're assessing and then as we then bring them into U.S. cyber Command and then as we continue to develop and employ the operators across the force. And then the key is how do we continue to develop leaders for the Cyber Command enterprise as well as the services, develop leaders that have expertise in the domain. So different authorities given to the commander of U.S. cyber Command within his role or her role as a joint force trainer. If we think through, okay, what does that actually mean? More than just defining what it means to be a cyber operator, also having a active participation in the promotion and retention within the services? I think that is the area that we should explore. And that would be the one thing if I think the commissions that are out there and looking at a cyber force could make some good recommendations about how to give that commander of U.S. cyber Command a bit more authority on the development of the force as it's going forward in the constant development, not just the basic training elements, but also the further development and promotion of the force. The second one is the warfare center that was stood up in cyber, that they're mentioned in Cyber Command 2.0 I think is also vital. It's a way to look at the future of the domain in a very domain centric. That's underneath the leadership of leaders that have spent time focused on the domain for their professional career. And that's how we'll get the innovation and bring it across to the other services. And I think those are some of the key aspects that I would focus on and bringing real capability because then we could have the discussion maybe down the road about, okay, is it to the point of a separate service necessary? Do we need further resourcing, direct accession paths that go straight into the domain? And right now I do not think that the, I do not think the investment is available to really scale that, nor the human capital to fill all those positions.

B (29:08)

When you look at organizations like Mantech and the other folks who are in the same space, what is their part to play in this? What are the opportunities there?

A (29:18)

Right. So I think the key in all military domains, the partnership between academia, industry and the public sector is important. At mantech, the way we're looking at is how do we bring our expertise, as I mentioned earlier, about 50% veterans, 75% former govies. How do we bring that expertise as well as our access to some of the industry leading technologies into the department and so how do we leverage that? One of the areas we're looking for thinking through very, very closely is how do you create a digital environment that really we can provide to our clients and enable the government to look at the capabilities across domain within a digital virtual environment where we have digital twins and where we can develop the capabilities, test the capabilities and then when they're fielding and continue to support their operational development and then have that lead into a training environment that now the operators from any domain, whether it's a cyber domain, air, sea, space or the ground, can then test these capabilities in an environment that is shielded from the adversary. As we think through non kinetic effects and electromagnetic spectrum operations, exercising those in the physical domains is difficult. One, there's concerns for other civilian type of infrastructure that leverages the domain. The second is you don't want to expose your capabilities for the adversary to see them. So I think that's one of the areas, you know, that close partnership bring the new technologies enable a foundry for non kinetic effects. But that's really supported by a digital environment that has built with digital twins and the way we can play out different capability to see their interactions without having to take them out into the physical domains.

B (31:11)

That's Kevin Kennedy, Vice president for defense strategy and war fighting integration at mantech. What's your 2am Security worry? Is it do I have the right controls in place? Maybe are my vendors secure or the one that really keeps you up at night? How do I get out from under these old tools and manual processes? That's where Vanta comes in. Vanta automates the manual work so you can stop sweating over spreadsheets, chasing audit evidence and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data and simplifies your security at scale. And it fits right into your workflows. Using AI to streamline evidence collection, flag risks and keep your program audit ready all the time. With Vanta, you get everything you need to move faster, scale confidently and finally get back to sleep. Get started@vanta.com cyber that's V A N T A dot com cyber.

A (32:32)

So good, so good, so good.

C (32:35)

New markdowns are on at your Nordstrom rack store save even more up to 70% on drop dresses, tops, boots and handbags to give and get cause I.

A (32:45)

Always find something amazing just so many good brands.

C (32:48)

I get an extra 5% off with my Nordstrom credit card Total Queen treatment Join the Nordy Club at Nordstrom Rack to unlock our best deals. Big gifts, big perks. That's why you rack.

B (33:07)

And finally our what could possibly go wrong? Desk reports that Intuit has decided that if everyone is going to chat with an AI anyway, it might as well be the one helping them file taxes. The company signed a multi year deal worth more than $100 million with OpenAI giving TurboTax credit, Karma, QuickBooks and Mailchimp a cozy new home inside ChatGPT users will be able to ask the usual life or death questions, like whether they can finally deduct their home espresso machine. And with permission, Intuit's tools will even dip into their financial data to estimate refunds, review credit options, or nudge clients about overdue invoices. This move puts Intuit among a growing crowd of companies building ChatGPT accessible apps, though few others are letting AI whisper directly into customers. Financial decision making Intuit insists it has guardrails, validation layers and years of tax lore to keep hallucinations at bay, though it stayed politely vague about who pays if the AI makes an expensive oops. Still, the company is expanding its use of OpenAI models across products and internally through ChatGPT Enterprise, all in pursuit of a more automated financial future, hopefully with fewer surprises than tax Season usually delivers. And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music by Elliot Heltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher, and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow. Sam.