What do we know about the feasibility of a civilian cybersecurity corps?
- A bipartisan group of lawmakers introduced legislation to create a “Civilian Cybersecurity Reserve” (Rosen’s Bipartisan Bill, 2021).
- A pilot program has already been established in the United States – Michigan Cyber Civilian Corps (MiC3) (Bergal, 2017).
- Metropolitan Police Department (MPD), and a higher education institution, Howard University, have been attacked.
- It is already a proven model internationally – volunteer-led Estonia’s Cyber Defense Unit (Küberkaitse Üksus) (Cohen & Singer, 2018).
- A proven historical model exists - Civil Air Patrol (CAP) during World War II (Cohen & Singer, 2018).
The nation’s capital critical infrastructure is undergoing constant and sophisticated cyberattacks that include the Metropolitan Police Department (MPD) and Howard University. These attacks are increasingly becoming advanced and continue to override the current defense system’s capabilities, strategy, and policy. These attacks are not only local to DC, they are also becoming a national phenomenon with far-reaching security and economic implications on both the public and private sectors. As these sectors continue to find meaningful measures to respond defensively, and two main components remain a challenge – strategy, and talent.
- Strategy – these attacks reveal gaps in the effectiveness of the city’s current cyber security defense capabilities and require an urgent need for a new defense strategy. This new strategy should include a policy change that makes civilian participation possible in the cybersecurity defense of Washington DC.
- Talent – there is a gap in the skilled talent pool of cybersecurity experts, and this limits the city’s capacity to respond to threats and attacks. According to Bate (2017). “There are just under 300,000 open cybersecurity positions in the United States at this time which companies and government are unable to fill; future needs project as high as 1,000,000 unfilled positions.”
