全球智库信息集成服务系统

Information Technology (IT) and Information Security Should Be Managed as Two Separate Disciplines

• Treating the disciplines separately would increase effectiveness and efficiency.
• Reductions in the size of the cyber workforce might result.

IT Should Remain a Critical Core Function

• Despite a trend toward outsourcing, USAF must retain some redundancies to ensure that it can deliver services in cyber-contested warfighting environments at operating locations around the world.
• USAF might be able to find efficiencies above current levels by applying consolidation of IT capabilities to the extent possible.
• On average, companies maintained approximately 20 times more IT personnel than information security personnel. Given this standard, USAF should consider a cyber manpower review, as its information security workforce is smaller than one might expect based on commercial practices.

Technical Depth of Cyber Leadership Should Be Valued and Cultivated

• Managing IT and information security as two separate disciples increases the technical depth of individuals in those fields.
• There is opportunity for gradually developing the breadth required for senior positions by using an approach that still reinforces technical depth.
• Encouraging technical depth in the officer corps need not be in conflict with USAF promotion and career field management practices.