Cyber Aptitude in the Military
© 2017 FrontLine Defence (Vol 14, No 3)

The breadth of services that the public sector offers through digital portals and technology-based platforms has expanded tremendously in recent years. For the Canadian Armed Forces (CAF), information technology is playing an increased role in the design and deployment of advanced weaponry and communications systems. This expanded military presence in cyberspace is driving the urgency to improve the aptitude for establishing cyber security in the armed forces of many countries.

“Cyber security falls under the heading of ‘defense of the realm’ and, as such, is seen as a matter of national security. The armed forces provide the majority of our defense, and cyber security is an essential part of that defense,” says Sean Keeley, Global Psychometric Lead at IBM Smarter Workforce.

Computers are critical to the daily operation of military work. At left, Canadian Armed Forces Resource Management Support (RMS) clerks are shown conducting business at the Air Task Force Headquarters in Kuwait during Operation IMPACT (2014).

Keeley’s study, ‘Searching for Cyber Aptitude from within the Armed Forces,’ was presented at this year’s annual British Psychological Society’s Occupational Psychology conference. It suggests that recruiting and selecting individuals from within the military who possess cyber aptitude is preferrable to recruiting those who have cyber security education but no military experience.

For Canada’s armed forces, which in recent years have struggled with recruitment and retention, the cyber aptitude tests outlined in the study could prove highly valuable.

The urgent need for cyber expertise in the Canadian military
Improving the calibre of cyber expertise in the armed forces of Canada should be a critical objective. The military is tasked to handle and protect highly sensitive data sets, such as those containing information about troop location or other sensitive military plans, such as protection of high profile individuals. According to Public Safety Canada’s Cyber Security Strategy, the number of hacking attempts on various Canadian government networks increases each year, and the military is particularly at risk for foreign state-sponsored cyber espionage. “Cyber attacks, on civilian, governmental, and military targets, are much more likely and regular than more overt forms of attack,” confirms Keeley.

CC-130J Hercules pilots from 436 Transport Squadron in Trenton, Ontario enter data into the aircraft computer at the Gander International Airport in Gander, Newfoundland, before take off, to transport equipment and medical supplies to the Ukraine (2014). (Photo: MCpl Marc-Andre Gaudreault, Canadian Forces Combat Camera)

The CAF is no stranger to cyber security violations. In 2016, the agency’s recruitment website was hacked, redirecting potential recruits to the main page of the Chinese government website.

Increased interest in defining the recruitment criteria for cyber security roles in the military comes at a suitable time, with the military’s recruitment model due for improvement. Already facing shortages of full-time and reserve personnel, the recruitment model needs to be redesigned to accommodate a more efficient way of filling cyber security positions.

Although still at the beginning of the process, the CAF is operationalizing, institutionalizing and integrating the capabilities of its cyber force to ensure freedom of action in the cyber domain.

The cyber force’s key priority is to further develop cyber capabilities and its cyber workforce, to enable the CAF to operate effectively in cyberspace, and to share information and best practices with allies, including within NATO. According to DND, the CAF cyber force is strengthening the ability to defend mission-critical military systems, building the future cyber force, and integrating cyber operations into broader military operations.

“Cyberspace has become an essential enabler of military operations,” says Brigadier-General Frances Allen, DND’s Director General Cyberspace. “Cyber threats are top of mind for the Department of National Defence and the Canadian Armed Forces, and further developing the ability to operate effectively in cyberspace is a key priority. DND and the CAF work with our allies to exchange best practices on a range of cyber issues, including cyber defence, recruitment and training.”

Searching for cyber aptitude from within
Keeley argues that applicants for cyber security roles need to be recruited based on their cyber aptitude rather than their experience and education with cyber security. One reason for this is that there is currently a very low supply of qualified individuals who have training and experience in the area. According to the IBM study, demand for cyber security professionals has grown 3.5 times faster over the last five years than demand for other IT-related jobs, and approximately 12 times faster than all other jobs.

Typically, the few candidates who do have the education and experience enter the private sector. “Very few people come to cyber security ready-made. There aren’t many people who have relevant knowledge and experience in the field. Those people are highly treasured by IT and Finance industries – companies like IBM – and are very highly paid for their skills,” says Keeley.

Furthermore, technology changes so rapidly that the portfolio of knowledge and skills of professionals could potentially become obsolete in a few years. “The number of cyber security roles and positions massively outweighs the number of individuals who have the relevant knowledge and experience, and often this knowledge and experience can very quickly become out-dated,” according to Keeley.

Switching from the private sector to the military is also not as simple as leaving one private financial employer for another. Individuals filling cyber security roles in the military must possess a great love for country and be prepared to handle the special nature of information that may come their way. As Keeley explains, “The confidential or disturbing nature of the materials being dealt with means that individuals who are more used to these issues, such as military personnel, are better placed.”

Traditionally, the CAF has sourced personnel from four ‘feeder’ occupations to fill various cyber operations-related roles: Army Communication Information Systems Specialist; Aerospace Telecommunications and Information Systems Technician; Communications Research; and Naval Communicator.

In January 2017, the CAF rolled out a specialized non-commissioned member occupation for Cyber Operator, giving the military an improved employment structure that will enable the recruitment and selection of individuals with an aptitude for cyber operations, and a means of streamlining cyber operator-specific training.

May 2014 – Cpl Francis Doyon and Capt Stephanie Lutz work in the Air Task Force Operations Centre with other members of the aerospace control team, in Câmpia Turzii, Romania during NATO reassurance measures. (Photo: MCpl Patrick Blanchard, CF Combat Camera)

The recruitment criteria for cyber aptitude
The question now becomes: How can potential cyber security experts be recruited and selected effectively? “Our research suggests that there are key characteristics, which indicate the potential to acquire the skills, the knowledge, and the experience required,” reveals Keeley.

To aid in the recruitment of such individuals, four assessment models – collectively referred to as the Defence Cyber Aptitude Test (DCAT) – were developed in Keeley’s study. The four tests are:

  • Computerized Adaptive Test of Generic Cognitive Ability – assesses logical reasoning, numerical reasoning, and verbal reasoning.
  • Fault Finding Assessment – assesses logical reasoning, fault finding, and decoding.
  • Check Assessment – assesses checking skills, accuracy, and systematic approach.
  • Personality Preference Assessment – assesses levels of tolerance, perseverance, team playing, sociability, dependability, conformity, self-confidence, social assuredness, and energy.

These tests were designed to measure individuals in terms of the skills, abilities, and behaviours that indicate the level of cyber aptitude required of a cyber expert in the armed forces. According to Keeley, the appropriate action for a military cyber security role may adapt almost on a daily basis due to technological changes. Therefore, “Individuals cannot depend on previous information or direction by more senior, but less informed, colleagues. They need to let their technical skill, knowledge, and expertise enable them to inform and challenge these more senior colleagues.”

Sub-Lieutenant Max Rosenkranz and Lieutenant(N) Markian Haluszka operate the navigation computer on the bridge of HMCS Regina during the ship transit through the Strait of Messina in July 2014 during Operation Reassurance. (Photo: Cpl Michael Bastien, MARPAC Imaging Services)

The findings obtained from the study identified three areas where the potential for military cyber security roles can be found:

  1. An individual who is ‘intellectually bright’ – Such individuals are typically located in the top 5-10% of applicants to the armed forces.
  2. An individual with particular cognitive skill sets – A recruit must be able to identify problems, anomalies, patterns, and faults across very detailed and complicated information sets.
  3. An individual with specific behavioural characteristics – A recruit must be: 
  • Resilient: can deal with the confidential and/or disturbing nature of materials.
  • Tenacious: genuinely interested in working with details.
  • Confident: can deal with staff at all levels within an organization.
  • Expressive: can utilize various communication styles and clearly provide recommendations to senior colleagues and aid in their decision-making.
  • Proactive: willing to seek knowledge and enhancement opportunities.
  • Independent: can work in a low-structure environment where there is a lot of latitude using one’s technical skills.
  • Willing to challenge convention: able to balance the need to accommodate the military’s strict structure with the fluidity of technological advancements.

Identifying Skills
In June 2016, the UK Ministry of Defence announced that it had introduced IBM’s DCAT into the British Armed Forces to seek out serving personnel who have a particular skill for cyber work and have an interest in being posted to a cyber unit in the future. It is being rolled out across UK defence for use at the early stages of technical training and service careers.

“It’s a useful tool for service career and branch managers to help identify individuals with natural talent and the right skills to succeed at the cutting edge of defence cyber operations,” says Major Harry Porteous, a senior manager with the UK’s Defence Cyber Programme.

A tactical communications officer in a CP-140 Aurora on a surveillance mission during Operation Impact over Iraq (2016). (DND Photo)

Meanwhile, University of Maryland’s Center for Advanced Study of Language (CASL) has partnered with the U.S. Air Force to conduct a two-year study designed to advance the cyber workforce. Similar to the DCAT, the Air Force Cyber Aptitude and Talent Assessment (AF-CATA) will enable decision makers to: identify candidates who are cognitively equipped to succeed in cybersecurity; determine what position each candidate is best suited for; and to suggest training to broaden knowledge base and strengthen cyber skills.

“Developing the AF-CATA is a great opportunity for CASL because we are taking on a new client to do work that will fill a huge need in the military workforce,” says Dr. Susan G. Campbell, Research Associate at CASL. “The research we do for the Air Force will also apply broadly to improving civilian selection in both the private and public sectors, as well as broadening the talent pool for university cybersecurity programs. We are drawing on years of experience with designing tests to predict performance in intensive training settings and at elite levels of performance and applying that expertise to a new domain that is vital to national security.”

For the CAF, the Directorate of Cyber Force Development and other DND/CAF cyber force stakeholders are working closely with Director General Military Personnel Research and Analysis staff to complete a focused research project that is examining cyber operations-related competencies and aptitude critical for job performance. Building on this, a follow-on project will soon be initiated to develop a robust selection system that will enable DND/CAF to select the most qualified personnel for this unique occupation.

January 2017 – Air Combat System Officers onboard a CP-140 Aurora patrol aircraft on a reconnaissance mission as part of Operation Impact. (Photo: Op Impact, DND)

The individual training and education programs specific to the Cyber Operator occupation are currently being developed to ensure they are fully prepared to perform their duties. Various courses are expected to continue to be delivered by a variety of CAF training institutions, military and civilian universities and colleges, other government partners and international allies, as well as commercial vendors where appropriate.

According to a departmental spokesperson, “DND/CAF consults extensively with our allies regarding best practices for individual training in this field.”

Cyberspace has given rise to a new kind of warzone and the need to fill cyber security roles with bright individuals who possess the required cognitive skills and behaviours will only intensify.

Dr Nicola Davies