A

Welcome to the govdiscovery AI podcast. I'm your host, Mike Shanley. Our guest today, General Matthew Glavy is back on the podcast. Great to have you back on here. The general has a 39 year career spanning air, sea, cyberspace and space operations. From commanding officer, excuse me, for HMX1 under President Part of President Bush's tenure, and President Obama commanding the President's helicopter squadron, to leading U.S. marine Corps forces, cyberspace and space commands, Lt. Gen. Glavy offers a strategic insider's perspective on where defense priorities are headed and what they mean for the industry. General, great to have you back on the podcast.

B

Thanks Mike. It's always great to be here with you. Thank you.

A

Well, let's jump right into it. You are now on CSIS, that's the center for Strategic and International Studies, a D.C. think tank. CSIS's Commission on Cyber Force Generation. General, why the commission? What is the problem you and the team there are trying to solve with the generation of a cyber force?

B

Yeah, so I think the obvious one is we're in this incredible competition, I guess one would call it a fight with adversaries in this critical domain. As technology pushes forward, this domain becomes more and more critical. You mentioned space. Obviously space is a critical enabler to the cyber domain. So this is critical terrain for the country, for the nation, to ensure our national security. Without a doubt. And though we've had incredible young men and women, incredible commanders that have led that organization, U.S. cyber Command, you know, the model many of us feel is not quite right. We've had testimony from very senior leaders of our nation's government, talk about some of the advantages the Chinese, very forthright, you know, have posed against us. Everybody from the IC intelligence community to the doj, to certainly national Security advisor in cyberspace and others come out with very high level concerns that not we're not doing as well as we need to and basically stating that, you know, the Chinese have, have an advantage. So you know, the problem we gotta solve is we gotta minimize that and certainly provide the superiority that you know, we're gonna need in the sovereign domain, just like every domain we operate in. And so do we have to take a different look at solving that problem? Again, amazing young men and women, amazing leadership. This is not about the current execution, it's really about force generation and how one recruits, retains, trains, and then ultimately provides to US Cyber Command those incredible young men and do it in a more predictable and repeatable manner. So, you know, right now the services provide those amazing young men and women and Each service component is responsible to do that. And certainly those services have domains that they're specialized in. U.S. navy, right, the maritime domain. No one does it better, no one does nuclear powered anything better than the U.S. navy. No one flies airplanes off carriers or from the sea base better than the United States Navy Air Force. Same when we talk about air domain and we talk about strike packages and you know, the great work that they did that we've seen recently as well. Same for the army from a land component. And you get where I'm going. So there, there are parties for the U.S. marine Corps. You know, our adage is every Marine a rifleman. So you see some conflicts in prioritization of what the services have and they do extremely well at those prioritizations. And where does cyber fit overall based on that? The challenges we've had with recruiting, retention coming through Covid and other things, you though we are doing better certainly from a service standpoint and recruiting and retention, those challenges still exist to make sure we get our best and brightest in the right places through any domain that we operate in. And so there's some tough choices that service chiefs have to make and priorities they have to make. And sometimes, you know, and I think we see that, that maybe cyber doesn't get the right prioritization. And it's not, I don't think it's anything done with malice. I think it's just, hey, we got to make sure we got these ships manned, we got to make sure that obviously squadrons are manned, et cetera, et cetera. So, you know, that's part of the problem that we are trying to fix. And I think every other domain has a service assigned to it and that service is focused on excellence, mastery of that domain. And I think this is no different. And as we've seen, the Space Force is set up. The criticality of the space domain there is, you know, the sky's the limit on what we're going to be able to do when a young man or young woman enters into the service. And that's what they do for the remainder of their time. Right. There isn't a tour they got to go do supporting the fleet Marine Force or other things. They're very important by the way, and, and also in some cases enhancing. So this isn't just a cut and dry. You got to take, understand the pros and the cons in doing this. But with that said, I think the predictability, repeatability of having young men and women operate in the domain, a domain they sign up for, domain they prob have proclivity in from the start where their interest lie and then be able to see them through to mastery and excellence. And I, I, I think that's a model worth. I think the nation has to go down this path. I, I think we're faced with, with very few choices and we've done a. Cybercom is an amazing organization, man. I love my five years supporting US Cyber Command, but I think the time is right and there, there's, there's never a good time. You know, the Davidson window is going to be upon us here. Do we want to generate a force in the midst of that window? If not now, then when? And there's never a good time to do it. And those are really important concerns by the way, and ones the commission is looking at. So just the commission isn't determining if we should or we shouldn't. Basically the committee is looking at how do we stand up a cyber force. Lessons learned from everything that's taken place across all the domains. And really looking at Space Force. So that's kind of what we're looking at in a nutshell, Mike. And it's been a great, a lot of great professionals on it. So I've really enjoyed it thus far.

A

Great. Well, we'll get into more of that. General, as you were talking, all I was thinking about was Space Force coming out from Air Force and becoming its own service. This is a little bit different. We'd be pulling from all the branches. Let's start with the logistics. Do you guys get into that detail of recommendations or what are you thinking about how it would stand up? You know, where, where would be the, the, the, the command center, the HQ for this? Yeah, I'd be interested. And also lessons learned from Space Force. Maybe things that worked well, things that didn't or might not be applicable for standing up a cyber force.

B

No, no doubt. So you got to start with all the legal aspects of all the Title 10 code. Right. And everything that a service has to do. And we go right down the list on all of that. And there's certainly a bureaucracy price that's paid with standing up. You know enough general officers and senior leaders in order to execute all the business in the Pentagon. That's not insignificant. You mentioned higher headquarters. I think this is a focused aspect of what we're doing. I, I think there is an ability to be lean and mean. But, but there is a certain level of infrastructure required to do this. And when and things that you gotta do well, you gotta do operations well. Like you gotta be mastery of your Domain, you, you have to be good at executing operations, whether it's offense or defense, you gotta be good at it. You gotta be good at intelligence. And I think in the cyber domain, intelligence really gets into a lot of data science, data engineering. Right. It's a little different perspective than the process and procedures and intelligence and a normal intelligence cycle that we have to consider and build the force. And again, we have great intelligence professionals at U.S. cyber Command, but a lot of them come in from all different domains and they come in basically with different skill sets, all very helpful. But gaining a true cyber expert from an intelligence standpoint really has to start with understanding the technology, understanding how important the data is. And I use the idea of data science, data engineering, because everything's turning into a data problem, even collecting on the adversary and using that information to gain insights. Right. That's really what the joint force is doing writ large. And then finally, acquisitions. You got to bring these young men, amazing men and women to do things like the targeting cycle, provide effects as required based on the requirements of our nation. And you got to give them the tools to be successful. Those are three core pieces to what you gotta do and the things that the committee's gotta focus on. But like you said, you gotta do all the Title 10 requirements that has to be in the win column very early and then determine some areas that you're gonna weigh a main effort and some areas maybe you can accept risk in is part of everything you gotta do in order to get something through the US Congress or certainly through the administration first.

A

You mentioned the adversaries side of it. China. What about in the allied side? Are there any models or allies that you all are looking at that either lessons maybe didn't go well or that are doing this well that, that you can pull from in addition to learning from internal our own examples like Space Force.

B

Yeah, I could just talk to certainly the, primarily the five eyes relationships that we've had and, and there's certainly others that have done this, you know, done this. But, but with that said, US Cyber Command has really been a model. Right. It was, it was one of the first. Right. To stand up and create what's called the Cyber Mission Force. And those young men and women, you know, do all the incredible work that's required and other nations have done similar and build similar forces. I think we have and, you know, kind of set the pace here, so to speak. And I think this is just part of the evolution of the domain and of what we've learned, what US Cybercom can do. Well, and there is plenty of that and certainly the predictability, repeatability that we need. I think in the cyber domain that mastery only comes by doing something 10,000 times the fingers tip feel that's required to do it. As an aviator, a classic example, born and bred in the world of aviation fleet average helicopter pilot. Doggone if I was going to be fleet average, I had to do it a lot. And so this is no different. And keeping young men and women in the domain keep doing what they're doing, I think it's only beneficial to gain the mastery required. And we see that across all domains and this one is no different. But I think we are leading from a coalition, so to speak, and I think this is the next logical step that probably our partners and allies will or will not proceed with. But I think it's important and I'll just not to belabor this question, but so much of what we do from a cyber domain ends up in the intel community and nothing wrong with that. Mike, please don't take that the wrong way, but we got to get this into more Title 10 effects based operations. You know, the classification level of cyber gets pretty high pretty quick. You know, we can launch B2s out of Whitman Air Force Base, do amazing things in a refueling, get them ingressed into a target set undetected, execute an amazing hardened, deeply buried target and then egress again undetected, come back and, and tell the world and put metals, well deserved metals on their ch. And that is like awesome. There's a deterrence piece to that as well that we use in our favor in the cyber domain. I don't think we have equivalency and I think that's part of the problem as well. Especially if deterrence is what we really need to get to. I think there's going to have to be some evolution there and yeah, so that's going to be important as well. And I think something that service culture can build on and having service leadership doing that from a policy standpoint, working with leadership of the department as well as the executive branch writ large.

A

It's a, I think interesting point you brought up is the level of superiority or domain dominance. It might not be the same in cyber as it is for air power, for example. So I was at the cyber, the AFCS Cybersecurity Summit in Colorado Springs this week as you mentioned in the prep for the podcast. And one of the questions that came up from a CTO was I told him you were becoming on the podcast this week and I said what should I ask the general and he said ask him who is winning currently with AI and cyber. Is it our adversaries? And obviously it's a very broad question so I'm interested in what direction you're going to take this. But is it our adversaries, are they doing that better? Does anyone have domain dominance? Are we all near peers in this space? So whatever direction you want to go, love to, love to hear your take on what thoughts come to mind with that.

B

So I'll just start with some of the things I think we've done. Well from, from an AI standpoint early probably things need to do things quicker. There is no doubt. But I would tell you, you know the, the network, the DoD information network and Recore enterprise network which I was responsible for for General Nakasone, right. When we brought in the hybrid cloud environment, think Office365 we got out of our on prem facilities, raised our, our critical data into a cloud, you know, six different locations, 12 different instantiations, protected like we've never seen before. Our ability to secure, operate and defend changed overnight. The cloud environment allows you one to bring in all. Every piece of equipment in a cloud environment becomes a sensor and bringing all that information into the cloud now affords you. And in this case it was just a Microsoft solution. But the sentinel, which was their scene, this security incident event manager along with Lighthouse, which was essentially the dashboard, right. The enunciations changed how we did a network operations. So those capabilities are AI based and they get better and better as we learn more and more. And now they have afforded us to really change the game and how much a network operations center can do to really understand the security aspect of what's going on. And it was a game changer, right? Glavi travels to someplace and Glavi did not make sure the network owners knew where. Automatically Glavi's location pops up as an anomalous behavior and that's the critical piece to cyberspace. Cybersecurity is anomalous. What's not right here? How do I find the needle in the haystack. But understand the anomalous behavior that'll force you to do something about it. And it gets into that, that soar model, right? Automate all your reactions and responses. Excuse me. Not only do you detect, right, but now you can respond and I'm giving you a simple antidote there, but there's plenty of them. So I think our transformation into the cloud environment using AI capabilities bringing and we're talking about the big Microsoft here. When you get into the sentinel and seeing more data, more, better. And to understand this anomalous behavior and do it quickly was key. The second part is Zero Trust. And though Zero Trust is a journey, cybersecurity is a journey. Whatever works today, man, you better be ready for tomorrow because you're going to have to change. But I think Zero Trust, again provided even more precision in our ability to do cybersecurity. Because the key aspect is still the user, right? The individual, the operator. We're still the key to cybersecurity. You know, do dumb stuff. All, all the great work that I've described, really, you know, is for naught if we still don't make sure the user is to the best of their ability. But Zero Trust ensured that we provide that level of protection baked in already to find out, you know, who needs access to our data when. And to be able to do that in an algorithm like fashion is so important. So everything I just said, right, so that status quo, you know, I think we're doing a good job and there's more to come, a lot more to come. But, but tomorrow it's got it. We already got to be onto what's next. This, this environment is move, counter, move. It's just a constant piece. And, and now we got to worry about not only identity management from a user standpoint, but, but all the bots. Everything that we're gonna do from an AI standpoint, we gotta understand all that identity as well to make sure you got the right, you know, stuff. So, so it's just going to grow, the requirements grow, the technology changes. You got to be just a little bit ahead of the adversary. But as long as you have the mindset, it's a journey that we're going to continue. We've got to wake up every morning, what do I need to do better? And you can do that. And then in the service, we need to be agile enough to conform to what the adversary is doing. So no doubt AI is a part of this. AI is going to be a part of the defense on how we understand the anomalous behavior. And it's going to be part of the offense. And you know, you know full well the adversary understands. We've adopted a big hybrid cloud like environment. They, they understand they're doing the same. You know, what are the strengths, what are the weaknesses? And we gotta be really ready for that. And AI is going to be a part of that as, as well. So we got to adopt it, man. You, like I mentioned, you know, when you walk into the Pentagon, you Know the secretary there is kind of pointing at you. You know, I want you to do AI right. And so you know it's got to be part of ground up in their six critical technology capabilities that they're pushing. Right. This AI piece we just got to get in the wind column. You got to believe. Right. And then that isn't good enough. Right. You got to be ready to understand what it can do on your behalf, but also what it can do to you based on an adversary presence. So a lot to that Mike. Hopefully that gets at some of the.

A

That was great. Thank you. So you all stood up the commission. August 2025, it's February 2026. We're recording. What is the current status tone of your conversations? Reaction Both interested in Pentagon as well as the executive branch as well as with, with Congress. Where's are you found your internal champions? Is this an uphill battle? What's the status of that conversation?

B

Yeah, so there's, there's basically there's always two sides. So certainly the commission is looking at how to stand up a force. Another commission, Naseum is, is looking at the national academ. They're, they're, they're looking at should we, should we stand up? So that's the first piece. But, but we're, we're, we're basically agnostic of how that turns out. We're basically taking the assumption the administration does want to stand up. So we're putting urgency in is once that decision is made, how do you do it right. So you don't waste a lot of time but putting these together. So are there, there's and there's good arguments on both side I hope when I came out and mentioned that. Right. I mean there are great things Cybercom does time now recently released in the fall November is Cybercom 2.0 which gets at the fourth generation model. That has been challenging back to my initial challenges that we face with services with different priorities. Hopefully this fourth generation model kind of mitigates some of that. But a lot of even what they're doing in Cybercom 2.0, which is very important by the way and I believe will be effective, is really organized train and equip service requirements. Right. We're giving Cybercom more and more organized training, equipped service responsibilities as a combatant command that that gets pretty hard. You know, the commander's a war fighter, right. He deploys forces in the field. He's got a lot going on and you know he also now more and more has organized, trained, equip responsibilities. Could be A good thing, right turn fairly quickly or could be overwhelming. And I think in some respects it tends to be overwhelming and I think that everybody could gain more expertise and I believe and again great men and women, great leaders. I'd low crawl over broken glass for General Nakasone and General Hawke. I mean those are great leaders. This is really about a model rather than about incredible leadership because they are exactly that. So how do you get predictability, repeatability not only as a service and the men and women that going to present to that war fighter and then how does Cybercom, you know, focus on the war fighting aspects more and more and less and less on some of the organized train equipped Title 10 requirements are really what we're getting at and people fall on different sides. You know, would a service slow us down? That's legit service is going to mean you start from zero. Right. You got to build it and the bureaucracy can be challenging and is it going to be inefficient? Right. Because you're, you're going to have to generate some of that higher level leadership requirements or can you just make cybercom better? And people kind of come up on both sides and timing matters and I mentioned the Davidson window and things that people are concerned about as well. But I've come to the conclusion, and I love the place, is that most of my time was spent and I was a service component. So in some respects rightfully so. But really making sure the Marine Corps did its part, and it did in providing amazing young men and women and did its part to make sure that they were trained to the, to the right level and we had the readiness requirements to support what US Cybercom was doing. But US Cybercom had a big role in that as well. So anyway, I do think that there's a model there that service chief focused, accountable, responsible, unorganized training, equipped to present a force that the functional combatant commander can use and execute all his war fighting responsibilities is a model I think we're due for my humble opinion.

A

So I'm always interested in the perspectives, the experiences that come into a commission. General, can you talk about some of the other people, their colleagues on the commission, maybe their roles and as well as who's, who's, who's leading who's, who's.

B

Yeah, so the two co directors are Mr. Josh Stifel, Josh obviously PSM, HASC, Cyber. Amazing stuff, amazing background. Josh got stuff done. You know, cybercom needed something, the ndaa, Josh was there, also expected, you know, outcomes. So I think Josh has had a Bird's eye view, certainly from the congressional side of this. And then the other lead is General Ed Cardone. General Cardone, really special guy, army army cyber combat engineer, commanded an army division, so came to cyber relatively late in his career but really saw it from a, a war fighting function. And so he always had a lot of street cred in Wasta. So those two have been great leaders. And then we got a series of both civilian and business leaders part of it as long as a lot of prior component commanders, General Clapperton, General Heritage, there's some great folks on that committee and Admiral Gilday part of it, but again General Barrett, so some heroes of mine that are part of that. And it's very on a emotional, businesslike approach that what's best for the nation and how to do this and how to do this right and take full advantage of the opportunity. And again the administration and so many others would, would be part of the decision making process. We just want to provide an executable course of action if they so decide.

A

Let's talk about open source intelligence now as you know, that's what we focus on is for the defense industrial base mining open source intelligence to identify those demand signals so they can align their solutioning with what Dow needs. I know you advise some clients working in the open source intelligence space, the structured data space. What's your take on the opportunities and challenges that come with so much open source intelligence? I think your quote 1 from the last episode was a estimation that when you were general, 20 or so percent of your decision making was based on open source intelligence. You estimated about 80% now is probably what a general uses. I've run that by a few other retired generals and they say that's, you know, maybe go 5% up or down from there, but that's more or less what I would think. Yeah. What are you seeing now being on the commission?

B

So I'll be honest with you. I think the open source companies that have been doing this for a while are experts in data collection. Right. They are so good in their sources of data. Yeah. How they, the environments they bring it into. And I see this incredible convergence that almost all companies are going into the data business. Right. They're going to use data. Whatever product they're building, they're going to use data to make it better. And the advantage I see, you know, everything from how we do APIs, how we connect all that data together, the environments that you're going to bring it into, the cybersecurity that's, that's required for that which they pay close attention to gives them a unique advantage. Right. In how to do it. So it's turning into more than just Osint, right. As we look at things like contested logistics, even the whole targeting aspects of this. And I could go through every war fighting functions from maneuver to logistics to force protection to information to fires. And they all have this need for the aggregation of data for a commander to make a decision. So course of action development is really about bringing that all together. Right. And having incredible artisans, you know, planners that know how to do this in order to make sure that a commander makes the best decision possible and not just from their gut, which is important. Experience matters, it really matters. But lay that on now with what the data's telling you and aggregate that in such a volume using the right algorithms, bringing it all together to get to some clarification on what's the best decisions. So the open source companies, Glavy's view, have a unique advantage because they have been in the data business for a while, right. They know where to go get the data and the sources and the methods. And I'll be honest with you, how to protect it, right. How to bring it into the right space in order to do something with it. And I think it works for any war fighting function, not just intelligence is what what I'm getting at. And so as other companies are trying to do that, they may be good at understanding logistics. That's awesome. They don't know how to go get the data like some of these open source intelligence data companies I mentioned, Vannevar Labs, I'm just a huge fan. I give them so much credit. They know how to do this and do it well and so good on them. There are others certainly out there, that's just one of them. But they do it well and, and now the sky's the limit. The potential for a company like that. And though certainly their roots are open source and information warfare and all, man, the sky's the limit. When you start thinking data as a commodity, how important data is to all the war fighting functions, you're not just in the intelligence or the information business. You're in fires, you're in maneuver, you're in logistics, you're in force protection and to include intelligence and information. So it just opens the aperture and I think provides more opportunities. That data layer. Critical, critical.

A

So I'm reading here a headline. This is our source. They talked about the importance of data source here. Defense scoop, Major General William Hank Taylor talking about how he. The quote is, I've Become chat and I really close lately using ChatGPT to don't want to put words in his mouth here inform provide context for leadership decisions and other decision making. What's your take take having been a sitting general when. When you hear that.

B

So I, I'm. I'm a. I'm a technologist at heart. I want to be better and better every day. I certainly want to add all my experiences on to you know what's the data saying. What's you know, how do. How do I take my experience and, and merge them with knowledge to fully understand you know what's best for whatever mission we're doing. Whatever you use to do that man, you need to that need to do it and do it well. So I've been a fan of this for a while. I'm a crazy nutty. I got a few of the icons up there, multiple vendors that I'm comparing and contrasting. Some are better than others. I'll be honest with you. Some do certain missions better than others. So I've found that. And then the key role that the user has, the operator has is one. You got to drive it correctly. You're in the driver's day seat, right? You got to drive the prompts. I know this whole prompt science now on how you do this but you got to drive this thing well and then you got to understand and detect the anomalous, the hallucinations and things that aren't quite right. Right. You gotta be able to detect that. So you gotta check your homework man. And so you can tell when things are going in an awkward way and then you know, and, but, but, but I will tell you that's only gonna get better and it does literally weakly right. All the what do we have five point TV anyway. But these things are just, they're just moving so fast. Those guys say, you know, the hallucinations. It told me a wrong answer. That's legit, right? But now, right the next week, the week after, six months from now, you know, it's only getting stronger and stronger but we got to get stronger and stronger too and we got to hone our game. You know it's, it's invaluable to continue reading, understanding what's. What's going on in the environment. All that, you know, knowledge is power, right? All that's got to come in and but be able to them make decisions and to do it to the best of your ability. I think it's a game changer. You know I always, you know and I saw this, I mentioned at The Airborne Corps. But I give them a lot of credit. First place I saw this is, is, you know, is them and how they. General Donahue and others. Right. And how their ability was to use data from a commander, the commander driving it. Right. What data that he needs in order to make the best decision possible. So as others are doing research and important stuff, you know, they're doing AI enabled course of action development, which I think is the right model and certain all the services are adopting that. I think they were just maybe an early adopter. And certainly, like I said, everybody else is getting knee deep in how to do that. So that's how I look at that. If you're not as a senior leader, not immersed yourself in this, I think you're going to be behind fairly quickly.

A

So we've been talking a lot about internally within the Department of War, what your recommendations are, how they're using this. Let's go to the Defense industrial base. What do you see from them in terms of what the innovation you expect to come from them? The processes, the products? What are the demand signals? That's what we're always interested. What are those demand signals? What's your message to those small to medium sized defense contractors out there? What they should be thinking about in terms of their role in this?

B

Yeah, so I think we've seen the dam break, so to speak. The department is setting a series of significant reforms, changing everything from requirements to acquisition. I mean I could go through all the, I think last time we even went through some of the, all the different policy models. There's basically, they have kind of cleaned the books. Right. And they are starting over on how to do this. I'm really enthused about the possibility of how we're going to do that. There's going to be some bumps in the road. There's going to be some winners and some losers on how all this works. I think competition is awesome and I think competition is critical. Everything from what we do as warfighters to what the acquisition process is going to do. Competition is good and quick. Competition probably even better matter. I mentioned it before, but every company that I see has to be a master. From, from a data standpoint, how are you using data? And, and with that, I would say how are using software in order to make your product better? Not in terms of months or years, but I'm talking hours, days and weeks maybe. Right. How does your product evolve? I mean I've, I've heard Secretary Duffy, Secretary Michael. Right. Some of the big leadership there in the building, man and they're pushing this hard, and I think it's an incredible opportunity, especially when the senior leaders get it. They're both very successful businessmen. They know how venture capital works. They understand technology from a Silicon Valley standpoint and now bring it to bear in. The department is good. Department still has to build ships, department still has to build airplanes. Department still has to do some big things. That stuff has to get better as well. But I think when you're a software centric force, then you can look at the capability that you're buying, you're building, and look at improvements incremental, perhaps over time, but based on a software model rather than based on a hardware model, but software that gets refreshed every six days instead of every six months or whatever the case may be. But that's got to be a model. And from a requirement standpoint, you got to, to favor that. Right. You got to make sure the vendor knows how important that is. And no doubt the hardware still incredibly important. But I think software, you know, becomes an equal here where in the past maybe a different. And then the data runs it all right. And being able to, you know, be a data company, I think everybody, they're all got to be data companies in order to take their hardware and turn into something more than it was supposed to be. So, yeah, a lot out there. Like I said, there'll be winners and losers. How you do it is going to be. Is tricky, but I'm excited about the possibilities and I think how it's going to improve. The, at the end of the day is about combat readiness and the joint force. It's about ultimately a deterrence model that ensures that we have peace and prosperity in the nation. Those are obviously the ultimate determinations if you're successful or not.

A

I want to touch on Ukraine and in Ukraine's defense against Russian forces. Are you all lessons learned, seeing anything there? Yeah. Is that their defense informing your decisions or interested in your take on that?

B

Yeah, I mean, I think the model that they are using and forced to use out of necessity, out of survival is really something I think we are trying to determine what portions are going to be best for us. Certainly, you know, they had to take it to an extreme level and not what I'm getting at, but certainly at a strategic principle level. How do you take, you know, the innovation of, of our commercial sector and bring it to bear to solve military problems? I mean, I think that's, you know, that's really what's gone on and they've done it extremely successful. And you know how this thing will end? I, I don't know. It's very tragic what's going on, obviously, but, but understanding how this smaller country is surviving in many cases even thriving in certain ways is pretty remarkable. That's worth studying. And I will tell you the first and foremost lesson is change. Constant change. Move, counter, move. We talked about that. From a cybersecurity standpoint, they live it every day. From a war fighting standpoint, Move, counter, move. How the electromagnetic spectrum, how do you operate in it, how do you operate it when it's not there and how are you still able to be successful? Yeah, so change is probably the biggest lesson. We tend to be as service members and rightfully so. The excellence of the joint force is about doing your job well. And we tend to think of our jobs as doing it 10,000 times. As a pilot, the more you flew, the better pilot you are. It's kind of a natural thing. I think more and more it's going to turn. This fight really is about who's smarter. And so there's a lot there. We could talk for hours. It's something we still got to continue to learn from and look at. But this thing's different than it was six weeks ago and certainly six months ago. You can just see how everything changes as.

A

And we had Admiral Montgomery on the podcast recently spends regularly in Ukraine talking about more on the drone side. But you said that rapid iteration, innovation, a drone comes off the lines, they don't put it through an 18 month testing process. They bring it to the front lines and see if it works. And I imagine the cyber capabilities and testing is a similar process. So. Yeah, just wanted to get your thoughts on that.

B

And I think they move so fast. You know, people talk about cybersecurity. Cybersecurity is a stagnant construct. Right. The more you change and the more you're improving and the more that, that you're adapting to your. Right, that you got to chase that now the adversary, if you're sitting on cybersecurity, that, you know, this is the way we've always done it. Right. Whether it was boundary security with the joint regional security stacks or whatever. But if you sit on that for too long, time adversaries come up. So the more you change as a survivability tactic and you know, in the world of air combat maneuvering, an okay move now is better than a great move three seconds from now because you're moving and it makes the targeting solution harder and harder for the adversary. So I would say that's A really key lesson in warfare writ large is how fast can you change? Because the adversaries, if they're going to be effective, got to change with you. And that can be as long as you're keeping them in that type of reactive mode. I think you're going to say, but it's change, right? It's constant and you got to be ready for it. And I think there's a certain culture that has to be placed in the joint force in order to accept that.

A

Well, as you know, like to wrap up with the so what question, what's the so what? You want to leave with the. The defense industrial base from this conversation?

B

Yeah, keep it up. I tell you, I think there's a lot going on. I think a lot of industry partners are going after it. They're trying to support what the department is doing, all the reforms that are taking place. I think they're adapting, adapting quickly. Again, there's going to be success and failure. That's always the painful part of it. But I think industry has to go after this and bring their best effort forward, understanding full well that even the technology is going to change. So a winner today may not be a winner tomorrow, the next day. Right. I think you got to have some endurance here. Keep improving the product, the whole scale to agile concepts work, I think from an overarching industry approach on how you get incremental success over time. But I'm excited. And they got to take a data centric approach. They got to make software equal or not more important than hardware and they got to think in terms of I can make my product better not in six months or six years, but in six days or six hours even. Right. Based on software being equal to hardware, maybe a little more important.

A

Thank you. That's General Glavy. He's on the CSIS Commission on US Cyber Force Generation. Check out their website@csis.org Again, that's the Commission on US Cyber Force Generation. General, always great to have you on the podcast. Really appreciate your expertise, your service, your insight and taking the time to share that with us and our audience.

B

Hey, thanks, Mike. It's always great to be here. And all my best to your team. And they're so professional. Thank you.

A

Thank you.