By Brent Donaldson
NKU Marketing + Communications
Colonel Stephen T. Ling retired in June, 2016, as the Chief of Staff, Air Forces Cyber/24th Air Force/Joint Forces Headquarters in San Antonio, Texas.
A 1984 graduate of Northern Kentucky University’s computer science program, Colonel Ling’s 30-year career included duties as an electronic warfare officer, instructor, evaluator, operations officer, squadron, group, and vice-wing commander, staff officer, and Center Director.
In recognition of National Cyber Security Awareness Month—and in conjunction with the upcoming issue of NKU Magazine—we sat down with Colonel Ling to talk about cyber’s role in the modern U.S. military, the whole-of-government approach employed to combat cyber terrorists, and the technological revolution that has occurred during his distinguished career.
How has the “cyber” role in the military evolved over the last decade?
There’s an evolution that’s occurred everywhere as far as cyber is concerned. Our original networks were built without any real thought of having to secure them. If you think about it, the internet was altruistic. Everybody was going to be a good citizen on the internet, and life, theoretically, would be just fine. It was built that way.
The unfortunate thing is, it was built that way. Therefore, a lot of it is susceptible because nobody was thinking in terms of bad things happening on those networks.
So in recent years, what you’re seeing is that we’re looking at the networks with a more operational mindset. That’s how I think as a military member; operations. How do I protect something? How do I attack something? What do I need to do to ensure I can get my job done when someone else may not necessarily want me to be able to do that job? Those kinds of thoughts.
Another piece to consider is that everything is interconnected—everything. Just think about what you do every single day from the time you wake to the time you come home at night. You get up to a Wi-Fi connected alarm on a phone or your computer. You use a remote control for your TV and may have your heat and air conditioner remotely connected and monitored. The traffic lights you go through on the way to work or the mass transit you use all has some aspect of networked systems that they rely on.
Can you talk about the differences between cyber-based operations the Air Force Cyber/24th Air Force undertake, versus those of other government agencies?
One of the things that’s important to understand is that there are domains of war fighting. There’s air, ground, sea, space. So the Army has the lead on the ground along with the Marines., The Navy leads in the maritime domain; the Air Force leads in the air domain. Each Service has a domain that they specialize in and are responsible for, even though we all have assets that work within each of those domains. The Army, Navy, and Marines all have air assets, but the Air Force is considered the lead in that domain.
But, right now, no Service by itself is the executive agent for the cyber domain. Also, cyber is unique in that it is a manmade domain unlike the others. Each of the others are all physics-based domains where cyber is a combination of networks and wires, so it’s a little different. The key point here is that we’ve designated cyber as a domain to allow us to organized, train, and equip personnel and get our arms around how to handle the environment of cyberspace. So, it’s a domain unto itself, and each of the Services are contributing manpower to help work that domain.
Among the many anxieties of modern life, one of them is the fear that nefarious actors or nation-states can wreak massive destruction upon a city in the U.S. through a cyber-attack. How realistic is that?
I would just say that you have a very capable force that’s been assembled throughout the whole of government that is very attuned to what’s happening, and is very focused on ensuring that the American way of life is preserved. That whole-of-government approach that’s being taken is the way in which we’re combating all of this for the future.
Thinking back on your career, which operations stand out as those that best utilized your skills and training?
During Bosnia and Serbia operations when our friendly fighters were targeted by surface to air missile systems (SAMS), I had the opportunity to fly missions to protect those aircraft by jamming those enemy systems. We had a lot of success.
Same thing in Iraq and Afghanistan. We did operations similarly throughout the areas of responsibility during Operations SOUTHERN WATCH, NORTHERN WATCH, IRAQI FREEDOM, and ENDURING FREEDOM. These were all combat operations where we had friendly aircraft targeted, and were able to provide threat-warning and jamming capabilities to protect those aircraft in harm’s way.
Talk about your experience in NKU's computer science program. What was it like during your time here, and what kind of career did you imagine after graduating?
When you talk about what Northern Kentucky University provided, some of the things that I’ll throw out just off the top is, for me, the opportunity to learn how to learn. Before Northern, I don’t think I really understood what it meant to truly study and how to really learn something. Northern helped me to do that. Northern helped me to think independently and kind of connect the dots. It helped me with the bigger picture—how does one thing relate to something else? I think through the Computer Science program, along with its emphasis on heavy mathematics, I was able to move forward confidently throughout my career. That was a big deal for me.
I graduated in the 1984 timeframe and, at that time, I think a lot of folks looked at Northern as a bit of a commuter school with maybe not the reputation of some of the larger universities. Quite honestly though, between the opportunities presented in the Air Force and having grown up there in northern Kentucky and having gone to NKU, I know our Northern Kentucky University graduates can and do compete at any level. I’m sure you have seen that proved over and over. It’s just one of the things I think about as I’ve gone through my career and I look at some of these folks who have gone through what some consider the big universities—the academies, for instance. The Carnegie Mellons, the big state institutions—all of those folks who were with me in our military, I think we all brought our specialties. But I had the opportunity given to me through the Air Force to compete, and I think the background given to me through Northern Kentucky University allowed me to compete well.
When you think about the Computer Science program during my timeframe, you need to consider the environment. Nobody really had a personal computer. We had computer rooms where we did our programming and we had to wait for those programs to be compiled to see if they worked or not. Some of our programming was done on punch cards where you actually programmed in one building and had to walk across campus to run the program on a punch card reader. If you dropped those cards or the were wet because of rain….tragedy!
So if you think about the state-of-the-art at the time, computing science was very much at its infancy and we were very lucky to have some very great professors at Northern Kentucky University in Dr. Gail Wells, Dr. Steve Neumann, and Dr. Chuck Frank. They were all instructors that I had. And then there was Dr. Bart Braden who also drove us hard in physics and math. As computing science was being developed, all these folks were leading to bring it into the forefront. Everyone predicted computer science to be the wave of the future, and it has been. But it was very much in its infancy at that time. I think one person in all of our classes had his own Apple computer. That was it. We were just starting to get our arms around it, and the faculty there was doing a great job of being on the front end of what was happening and trying to give us a good perspective for where things were heading.
How important is the cyber component in the fight against modern terrorism?
Whatever enemy we’re coming across in today’s world, all elements of power are brought together to fight that particular threat. You’ll see the diplomatic side of things, you’ll see the informational and military side of things, you’ll see the economic side of things. You’ll hear the term DIME: Diplomatic, Informational, Military, and Economic. Each of these pieces of national power are brought to bear against an adversary. If you think of any of these elements—diplomatic, informational, military, economic—you can probably tie cyber to pieces of that and how it would help us counter a particular threat.
What kind of skillset does a person need to become involved in your line of work?
Cybersecurity is huge—huge—across all of the commercial industry and across the military, and it’s going to continue to be huge for a long time. When you think in terms of how we’ve pushed STEM (science, technology, engineering, and mathematics) programs overall, those are all areas that have a lot of legs under them for the future. I think rightfully so. A lot of what you do in the cybersecurity world is math-based and understanding logic.
I think the whole of government is truly, truly engaged with all of this. There have been enough high-level issues that have given us all wakeup calls to realize that we need to continue to significantly invest here. The beauty of all of this is, there’s also a great government partnership with the commercial industry side. We all see the need and we all see the susceptibility and we all want to figure out how we can continue our way of life in a world that has vulnerabilities in the cyber domain.
This article will appear as part of a feature package in the Fall/Winter 2016-17 issue of NKU Magazine.