What's new
By:
Filters

Cyber Security roles in Royal Sigs.

K

Kroneit44

LE
Tired_Tech said:
most of the new school course are dross. And generally the 'also rans' in the selection process.
Click to expand...
That’s not how the selection process works. Also, they’re all cut from the same cloth now, so if someone isn’t performing perhaps they should be being developed in a different manner.
 
2

2ndpreimage

Old-Salt
Can someone help me out?

There was a thread about Cyber 'stuff' on another forum and one fairly well informed US poster described that cyber effects are already classified as 'fires'. More googling suggests that by 'fires' people mean, loosely, blowing stuff up by dropping stuff on it.

The poster went onto say, that certain things therefore had to be done by proper military types not just contractors and that there were all sorts of restrictions on the types of person that could authorise that, and started to talk about restricted line officers and a load of other stuff that was just over my head. What I sort of got from that was that depending on the 'type' of military officer you were that defined what you were allowed to do in law.

Firstly am I just dribbling nonsense and have I totally got the wrong of the stick and secondly is that reflected in the British military?
 
K

Kroneit44

LE
2ndpreimage said:
Can someone help me out?

There was a thread about Cyber 'stuff' on another forum and one fairly well informed US poster described that cyber effects are already classified as 'fires'. More googling suggests that by 'fires' people mean, loosely, blowing stuff up by dropping stuff on it.

The poster went onto say, that certain things therefore had to be done by proper military types not just contractors and that there were all sorts of restrictions on the types of person that could authorise that, and started to talk about restricted line officers and a load of other stuff that was just over my head. What I sort of got from that was that depending on the 'type' of military officer you were that defined what you were allowed to do in law.

Firstly am I just dribbling nonsense and have I totally got the wrong of the stick and secondly is that reflected in the British military?
Click to expand...
It's going to be a very long time before a British officer gets to drop a "cyber bomb" on anything, maybe a facebook recruiting campaign, but nothing that could do any reputation harm, that'll be left to the big boys.
 
2

2ndpreimage

Old-Salt
Kroneit44 said:
It's going to be a very long time before a British officer gets to drop a "cyber bomb" on anything, maybe a facebook recruiting campaign, but nothing that could do any reputation harm, that'll be left to the big boys.
Click to expand...

Sure. But the question still stands, are there certain classifications of command enacted specifically in law as their appears to be in the US?

Setting aside the fact that the US have already classified for instance shutting down a power station via malware or a TLAM as the same thing.
 
greenbaggyskin

greenbaggyskin

LE
2ndpreimage said:
Sure. But the question still stands, are there certain classifications of command enacted specifically in law as their appears to be in the US?

Setting aside the fact that the US have already classified for instance shutting down a power station via malware or a TLAM as the same thing.
Click to expand...
I have an inkling that you are straying into territory that is highly unlikely to be discussed on ARRSE. At least by anyone who knows the subject.
 
K

Kroneit44

LE
2ndpreimage said:
Sure. But the question still stands, are there certain classifications of command enacted specifically in law as their appears to be in the US?

Setting aside the fact that the US have already classified for instance shutting down a power station via malware or a TLAM as the same thing.
Click to expand...
Probably, but I'm not after money so don't feel the need to read up on cyber doctrine, sorry.
 
2

2ndpreimage

Old-Salt
greenbaggyskin said:
I have an inkling that you are straying into territory that is highly unlikely to be discussed on ARRSE. At least by anyone who knows the subject.
Click to expand...

It's a question of law, so forget the example, let's take an artillery barrage. Is there some legal limitation on who can order that done from a military role perspective. What do you need to be?
 
K

Kroneit44

LE
2ndpreimage said:
It's a question of law, so forget the example, let's take an artillery barrage. Is there some legal limitation on who can order that done from a military role perspective. What do you need to be?
Click to expand...
Well, to put that question into context, theres a few infanteers that wish they had taken legal advice prior to pulling the trigger in the Emerald Toilet.
 
D

Deleted 3147

Guest
2ndpreimage said:
The poster went onto say, that certain things therefore had to be done by proper military types not just contractors and that there were all sorts of restrictions on the types of person that could authorise that, and started to talk about restricted line officers and a load of other stuff that was just over my head.
Click to expand...
Law of Armed Conflict (LOAC) is essentially what the UK is concerned about for all 'effects' whether they be kinetic (traditional bombs and bullets) or cyber effects, if the result creates harm to another actor. Targeting boards advised by specially trained service lawyers consider proportional legal courses of action and employment of said effects. Commanders then choose.

2ndpreimage said:
What I sort of got from that was that depending on the 'type' of military officer you were that defined what you were allowed to do in law.
Click to expand...
I don't think so, the issue is more likely to be whether countries are actively engaged in open conflict and hence LOAC pertains and allows certain freedoms and constraints. If not in open conflict there are less freedoms and more constraints for military led actions/responses.
 
greenbaggyskin

greenbaggyskin

LE
A2_Matelot said:
Law of Armed Conflict (LOAC) is essentially what the UK is concerned about for all 'effects' whether they be kinetic (traditional bombs and bullets) or cyber effects, if the result creates harm to another actor. Targeting boards advised by specially trained service lawyers consider proportional legal courses of action and employment of said effects. Commanders then choose.

I don't think so, the issue is more likely to be whether countries are actively engaged in open conflict and hence LOAC pertains and allows certain freedoms and constraints. If not in open conflict there are less freedoms and more constraints for military led actions/responses.
Click to expand...
I don't think that is quite right. I seem to remember that only certain RA officers and WOs can order fire missions and that some sort of qualification is required.
 
olafthered

olafthered

LE
greenbaggyskin said:
I don't think that is quite right. I seem to remember that only certain RA officers and WOs can order fire missions and that some sort of qualification is required.
Click to expand...
They 'authorise' the fire mission but anyone can call for one. Essentially the authorise is the person who in law is responsible for what happens at the far end, i.e. they have made sure the guns are laid on, that the target appears to be valid, from available data and that the response appears to be proportional - dismounted platoon in the open = ok, single rifleman inside school, let's not use a JDAM.

In cyber terms...redacted is about the best you could get here.
 
D

Deleted 3147

Guest
greenbaggyskin said:
I don't think that is quite right. I seem to remember that only certain RA officers and WOs can order fire missions and that some sort of qualification is required.
Click to expand...
Don't believe so and I'm talking about how the targetting and effects boards work now at the strategic/operational level.
 
D

Deleted 3147

Guest
olafthered said:
In cyber terms...redacted is about the best you could get here.
Click to expand...
In cyber terms the process is the same. What that effect might be is likely to be classified and even then the strategic commander will only know 'the effects' no other detail required.
 
2

2ndpreimage

Old-Salt
I'll see if I can dig up this chaps commentary, it felt well informed.

The article was An entry-level colonel? For those with the right cybersecurity skills, it could happen, general says.

"
Why don't we use civilians or contractors?

Why don't we make them Staff Corps (instead of Restricted Line), like doctors and lawyers who perform specialized functions but need "rank for pay"?

The answer to the first one is easy: we do use civilians and contractors, extensively. The reason this is a problem is that we also need the expertise in uniform, for the same legal and authorities reasons we don't use civilians or contractors to drive ships, fly planes, or conduct raids.

As far as making them Staff officers, we have been talking about going the other direction: making information warfare more like its warfare counterparts. This horse has been beaten to death, but the fact is some activities — like OCO and EA — are already considered Title 10 forms of fires. Both create military effects for the commander, and can degrade/disrupt/destroy targets alongside or independent of any kinetic action.

Under the Navy's Information Warfare Commander Afloat Concept, for the first time the IWC can be a 18XX Officer instead of a URL officer. If anything, we're going more toward URL or "URL-like", and the reality of the information realm as a "warfighting domain" is only becoming more true as time goes on.

So what about Warrants? Well, we use those, too. What about Enlisted? They're doing the work. Right now. Some might say we don't utilize either to the extent we should, but for reasons of authorities, we still need Commissioned Officers. Related reading: https://www.usni.org/magazines/proceedings/2017-10/know-what-officer-commission-means

None of this is to say that direct commissioning of individuals with no prior service as Officers up to O-6 is a "good" (or bad) idea or the only solution, or that it would not create new problems as it solves others — but those are the answers to the questions on civilians, contractors, and Warrants.

My own question is, why don't we better utilize our cyber reservists?

Many of them have multiple graduate degrees and 10-15+ years of experience, usually in management/leadership roles, in IT/cyber. We have people in GS/GG-14/15 or equivalent contractor and other positions, who are doing the work, every day, across the DOD, the IC, academia, and industry.

Yet reservists need to spend 3-5 years before they are even qualified to mobilize, or for their service to use in virtually any operational active duty capacity. And that's after doing usually a year or more of non-mobilization active duty, for which nearly all employers don't give differential pay.

We have virtually no way to even put reservists on active duty at NSA or CYBERCOM, where we claim we need people the most. And the times we do put people on some type of active duty in a cyber role, it won't be a mobilization — which means a person is now an O-2/O-3, getting O-2/O-3 pay, with that "level" of authority.

And they just left their civilian job where they make $200K a year.

I think people understand that you can't just roll in as an O-6, and have the same depth and breadth of experience and knowledge as an O-6 with 20-25 years in uniform. Yet O-6s retire all the time and assume senior leadership positions in all manner of public and private civilian organizations where "they don't know the culture" — because they're leaders.

So while someone off the street doesn't have the same level of understanding of the culture, it's questionable to say they can't lead on cyber matters — to include in uniform. Honestly, we're not that special to imply that you can't lead people and do important work, in uniform, unless you've "put in your time" in a rigid career path. Maybe it's time to change our thinking.

The bottom line is we need people in uniform, as Commissioned Officers, with Title 10 Authority, and with rank and pay commensurate with their experience and expertise. Civilians, contractors, enlisted, and warrants don't meet these requirements, nor do staff officers like doctors, JAGs, and Chaplains. That's the truth, and people can't seem to accept it. "
Click to expand...
 
alfred_the_great

alfred_the_great

LE
2

2ndpreimage

Old-Salt
alfred_the_great said:
Chapter 4 of JSP 383 is what you need

https://assets.publishing.service.g...achment_data/file/27874/JSP3832004Edition.pdf

In short, if you're going to do stuff under LOAC you need to be a combatant. Being a combatant need not mean you are in the Armed Forces, but there are certain provisions you must comply with. From my skim reading of the JSP, Dir GCHQ could authorise actions as a combatant.
Click to expand...

Snippets of that are a really interesting read. Not sure I'll ever read all of it however 4.3.3 and 4.3.7 seem to be specifically relevant. The way I read non-combatants who exist for technical support continue to be so, "so long as they take no direct part in hostilities". Clearly it seems that a civi could cross that line and therefore forfeit their non-combatant status.

Taking that together with only combatants can engage in hostilities which from 4.1 : ". Combatants have the right to attack and to resist the enemy by all the methods not forbidden by the law of armed conflict."

Which leads me to a total chicken an egg situation which I don't understand.

If a civilian expert is engaging in hostilities then they may lose their non-combatant status but in the run up to tacking action they weren't permitted to attack the enemy, which they now might be. So they break LOAC and in so breaking LOAC, no longer break LOAC.

:confused:

and another thing, a nerd now has to distinguish themselves as a combatant by either 'openly carrying arms' or 'wearing military uniform'.
 

Similar threads

B
Help with Royal Signals career choice!
Replies
19
Views
8K
GrumpyWasTooCheerful
GrumpyWasTooCheerful

New Posts

Latest Threads

Top