Threats to national security, chiefly cyberthreats, are evolving rapidly and must be met with an evolving strategy by our military and government. That’s according to General Stanley McChrystal, former commander of U.S. and international forces in Afghanistan. He spoke at the annual GovSec conference in Washington, D.C., today.
McChrystal related leading a coalition of military forces and government agencies against al Qaeda to fighting sophisticated cyber attacks. He recounted that when he was first tasked with leading the troops in Afghanistan, he relied too much on traditional military methods to fight an untraditional enemy. But because the terrorist network was spread out among many regions, with no clear hierarchy, he quickly learned the coalition needed to adjust its strategy.
“When we first faced al Qaeda, the first thing we tired to do was do what we already did well. We tried to do all the things that we were good at and better than the enemy. It [wasn’t] effective, because the enemy didn't play in that sector,” McChrystal said. “The only way to deal with them was to take our structure, and we had to let go of it. We had to change, and our mantra became it takes a network to defeat a network,” he said.
In Afghanistan, McChrystal invited different government agencies and the military to work together under the same tent, which he called the “situational awareness room.” There, people could share ideas and information to better understand the terrorist network and how it operated. “It had an extraordinary effect on us being a better informed and effective team,” he said. “The way to success was sharing something called shared consciousness and purpose. We started to be more effective because everyone heard the same conversation."
The general said combating cyberthreats must similarly be dealt with by evolving our strategy, thinking about the enemy in a way we never have before, and sharing information better. “If an informal group goes after one of the major banks in the United States [online], that is a strategic attack, but its not against a state entity by a state entity,” he explained. “The response of nation to nation physically connecting isn't possible,” like in wartime, he said. Rather, he said, the United States government should work with both public and private partners to jointly combat the attacks.
He admitted that while there are risks involved with transparency, the benefit of collaboration outweighs those dangers. “Sharing of info between agencies [and the] public and private sector give people a much better ability to understand and deal with the problem - and the problem’s not going away," he said. “If you want to be a bad actor it's going to be easier to enter that than ever before. We’ve got to cope with evolving threats. Just building firewalls won't be enough.”