Talent is the key to cyber defence
Interview with Dr. Michael Raska, Assistant Professor, Military Transformations Programme, Nanyang Technological University, Singapore.
19.11.2019 | Defence Communication, Ruth van der Zypen

Dr. Raska, what was your impression of the military cyber course you visited and lectured at in Switzerland?
It is a good start and it shows the political will to progress in the field of cyber security, which is of great importance. A number of nations have formed cyber commands within their forces. And they require a firm base.
What is your most important message to the participants?
This kind of military cyber training provides a good starting point after which they must continue to be active in the cyber field. The training is very good to get young people interested in working in cyber-related jobs in the private sector. Subsequently, they can reintroduce some of their knowledge and skills into the military – which would be the best-case scenario.
Which challenges do you see for society concerning developments in digitalisation and cyber threats?
We are increasingly dealing with a non-linear type of warfare where a country is subjected to non-military threats. These can include cyber espionage, information manipulation, cyber destructive attacks or physical subversion, meaning the manipulation of physical systems such as hardware and installations. There is a whole spectrum of cyber activities. Attackers can obtain and manipulate information to spread fake news via social media channels, thus creating rifts and tension within society. Today every country faces such threats. We saw them during the last U.S. presidential elections or during the Brexit discourse in the United Kingdom. The political effect is as strong as a military operation: it is an attack on alliances, set out to weaken and polarise society and undermine the legitimacy of the targeted government.
Nowadays, society handles massive amounts of data, socalled big data. Whoever obtains access to this data can start using it for negative purposes by manipulating parts of society or by specifically targeting individuals.
What is your advice to Switzerland regarding cyber security?
Today a state can only project power and influence if it has cyber capability. Cyber force is independent from the size of a state, which is an advantage for Switzerland. But in order to be agile in cyber activities there is a need for cooperation between different entities within a state.
In Singapore we have a system where universities work closely with the government to build synergies. The private sector finances innovation within the universities, and the military provides longterm careers in the area. Naturally, it is not easy for the armed forces to recruit highly skilled people, because the private sector is able to offer higher salaries for cadres. So the greatest challenge really is to find and recruit talent.
One weak point is the silo effect, which every society faces: the key is to get out the traditional trench silos and to cooperate. Different ministries work together more closely, and the military cooperates with relevant actors in the private sector. For this, you have to change the organisational culture, and that takes time. You need to develop an institutional agility to respond to external threats and internal needs.
Bureaucratic structures must change and the state needs to remove any barriers to innovation. How you go about it is your issue. But it will be vital component in order to streamline the competitiveness in order to develop strong cyber capabilities.
You are the author of the book «Military Innovation in Small States». What should we specifically focus on in Switzerland?
Most advanced countries have a similar system in which they identify talent at early age, they groom and prepare the talent so that these cyber people can further develop skills and expertise and end up with a kind of sustainable pipeline.
Ideally, there is a comprehensive alignment of institutional response. This involves an increasing synergy between stakeholders in society. There is a development of talent at university, the military sets the requirements and the private sector provides innovation with the specific day-to-day knowledge they have. Subsequently, these synergies help to develop whole cyber-defensive ecosystems.
It is of vital importance to create platforms in which participants can exchange knowledge in confidentiality without risking their reputation. Currently, there is a great reluctance to admit to cyber attacks in fear of appearing unsafe – especially in the case of financial institutions. Switzerland must not display any vulnerability; otherwise, there could be grave economic damage. In short: the financial sector and the armed forces must exchange knowledge and work closely together.
How do you think that cyber developments will change the world in the next few years?
Switzerland is located in the heart of Europe and appears to be physically protected by the EU and NATO. There is no conventional threat per se, but the cyber interference threat is there.
Cyber is a cat and mouse game between the offense and the defense: there is innovation, counter-innovation, challenge, response, and constant adaptation.
There is the late development of artificial intelligence to engineer attacks, and there is the implementation of machine learning. Even with the smartest hackers, a target nation is only as good as the weakest part of its own system. You will never have complete cyber security.
The complexity of the cyber world is increasing day by day. But also the speed of activities. This means, one must be able to react faster. The increasing interconnectedness of infrastructure and society and the use of big data also mean higher vulnerability. But at the same time we want technological progress. So strengths simultaneously become weaknesses. In the cyber world your capability is directly proportional to your vulnerability. Therefore, a country has to rethink the military's role in terms of cyber security. What are the rules of engagement if the country is under cyber attack? Do you just stop a cyber attack or do you create options to counter-attack?
It is particularly interesting to look at the situation of small states. Singapore is an example for such a state. It tried to use rules and norms to shape external developments and partnerships and is using defence diplomacy quite a bit. In Singapore, they focus on cyber to defend their information sphere but also to generate soft power. Small states can reverse the asymmetry through technological advancement. They are no longer dependent on great powers, especially if they become their own cyber power. We can clearly see changing centres of gravity in the new cyber era. But there must still be a national will, the will of the people to resist attacks or manipulation and to offer their service for the state – for example to engage in the area of cyber defence.
Michael Raska, Ph.D.

Dr. Michael Raska is Assistant Professor in the Military Transformations Program in the S. Rajaratnam School of International Studies at the renowned Nanyang Technological University in Singapore. His research interests include subjects such as strategic trends and security conceptions in East Asia as well as military innovation and modernisation and information and cyber conflicts. Raska is author of the book «Military Innovation and Small States: Creating Reverse Asymmetry», Routlege, 2015.