We have come a long way from the days when Michael Hayden first pulled out the National Security Agency's (NSA) desktop keyboard and hacked into elite foreign networks at the dawn of the information age. The ribbon had just been cut on the playing field. The rule book was as implied and undefined as the spycraft profession itself.

We are in the throes of a wild—some would say ridiculous—incarnation of that age now. Computers and the internet have become more the norm than television sets in the modern home; people log more screen time when typing out their own versions of current events. Newspapers are going the way of the T-Rex (but not Georgia's Diebold AccuVote TS), and we have a president who communicates with the American public almost exclusively through his Twitter feed.

Speaking of Twitter, false rumors on the site, which requires you to boil your thoughts into 140 (recently raised to 240) characters with hashtags, have been responsible for massive shifts in the stock market. Twitter also caused the president of Egypt to shut down the great pyramid due to false rumors involving a Masonic cult that would gather there.1

Terrorists have used Facebook as a method to recruit young, disenfranchised, would-be suicide bombers across the globe. Military drones have replaced humans on the front lines, and everything is becoming so technologically advanced that former director of the CIA John Brennan can sometimes give himself a headache worrying about alien intelligence.²

In the midst of our dependency on social media, we are vulnerable to attack. This was proven to us when our election system was compromised—not just in places where we might expect such attacks would occur (for example, in our antiquated voting booths) but through computer networks at the White House and across all of our states. We learned about all the divisions in our society that increased those vulnerabilities: the widening divisions between Democrats and Republicans, rich and poor, divisions based on race and citizenship status, divisions between counties and states, as well as state and federal governments when it came to holding elections.

Now what? That is the question. What resources do we have to defend ourselves against the Russian-government-supported intruders (or any other government's hackers) who are likely still embedded within our systems, particularly since we have been weakened following this attack? There is increased distrust in our voting systems’ reliability, and in our democracy overall. How do we come to understand the hackers’ odd, finely honed KGB-era strategies on this new playing field?

Can we admit we were foolish for playing into their hands, for allowing them to be spectators watching us fight each other like gladiators in the Colosseum? But isn't that what democracies claim they want? We want the world to watch as we hammer out our differences in the public and political realms. And, yes, we want the world to see democracy in action and choose to emulate it. But what strategies do we have to maintain a free society while at the same time preventing outside manipulation that could undermine the democratic process?

To answer some of these questions, I looked to White House cybersecurity czar and acting deputy Homeland Security advisor to Trump, Rob Joyce.

When I interviewed Joyce in late 2017, he had only been cybersecurity czar for six months after having spent more than twenty-five years at the NSA. During his last four years at the NSA, he led Tailored Access Operations, the agency's elite hacking unit, honing tools and techniques to exploit computer networks and mine for foreign intelligence.

I believed that hacking foreign adversaries likely teaches a person a lot about our own domestic vulnerabilities. I figured that if anyone knew about weaknesses in our cyber defenses, it would be Joyce. During our interview, in which CBS News was given exclusive access to him, Joyce was blunt about the holes in US cybersecurity.

It had to be close to one hundred degrees outside that day. My producer Katie Ross Dominick and I were rushing over to the White House for the interview, sweating in our clothes. Officially, we would be interviewing Joyce about cybersecurity from a dual government and business perspective. That day he was honoring some of the nation's top collegiate cyber defenders from the University of Maryland, Baltimore County. We had plans to push the limitations of the interview from a college hacker puff piece to something more substantial that would actually make it on the air. As journalists (and in my opinion representatives of the American public), we had limited access to high-level government officials like Joyce, and we had to make the most of the opportunity.

We were supposed to gather at the entrance to the Eisenhower Executive Office Building, adjacent to the White House, at the intersection of State and Seventeenth Streets. However, a mix-up landed us on Pennsylvania Avenue at the press entrance to the White House, where we went through a security checkpoint and were escorted down the driveway along the north lawn.

Although I'd been in the White House several times in the past, I never got over feeling awed, not by the building itself but because of the history of where I was standing. Walking down the driveway and then over to the Old Executive Office Building, I noted all the live shot locations where all the major network crews gathered in the rain or the snow. We passed those and went down and up several steps before we reached the building and eventually the vice president's ceremonial office.

Joyce greeted us with a firm handshake and showed us the vice president's desk. It was a grand mahogany, double-pedestal desk with brass handles and a pullout shelf that had first been used by Theodore Roosevelt in 1902. The desk had survived a fire. It has been written on by presidents ranging from Calvin Coolidge to Richard Nixon. Beginning in the 1940s presidents started to sign its inside top drawer. I took a photograph of the drawer and the desk to show my children.

While Joyce's assistant brought us bottled water, I experienced a strange realization. There was so much history in that room. Yet Joyce and I were about to sit down and discuss the most futuristic of threats. A cyberwar was about to begin, or was already under way, depending on your opinion on the matter. An arms race would surely follow. Joyce later confirmed my suspicion that the United States was ill prepared for the first battle that had passed and those that were still to come.

A group of college students were gathered in the room as well. They were aspiring hackers. “One of the things I care about is making sure we have great people and are thinking about education and how we get the quantities of folks in cybersecurity that the nation needs,” Joyce said.3 Like Brennan, he was intent on recruiting future cybersecurity rock stars. Oddly, they would be entering the field at a disadvantage.⁴

I was stunned to hear Joyce tell the students that the United States lacked the three hundred thousand cybersecurity experts it needs. “We've got roughly three-quarters of a million people doing cybersecurity,” he told the students. “If the industry could hire everybody they wanted, they would hire another quarter of a million to almost a third of a million more people.”⁵

More than a year after the FBI launched its investigation into Russian meddling in the 2016 election, the United States was still playing catchup. The Russian influence campaign had succeeded, and yet America still needed “troops” to compete with this new threat.

US law enforcement and intelligence officials testified on Capitol Hill, making it clear the Russian cyber spies would be back during the 2018 and 2020 election cycles and beyond, and that their methods of intrusion and influence would progress.

Pegues: It seems like more people—more young people—are becoming aware of cybersecurity as a field to get into, as it relates to government work.

Joyce: Cybersecurity is a great career. The country has more needs than it has supply, and I think that people recognize that it's a really important service to do, whether you do it in the government or whether you do it for industry.

Pegues: How do you change the mind-set of young college students out there who may not have seen this as a career in the past?

Joyce: I think we need to expose them to hands-on things. I'm a firm believer that trade school–type education will be one of the things that gets us to the quantity of STEM [science, technology, engineering, and mathematics] education, cybersecurity education we need. Everybody doesn't have to do book-level academic work to do computer science—there's a lot of hands-on, and that's what gets people excited, when you're actually doing things.

Pegues: How would you characterize the current cyber threats?

Joyce: The threat from cyber is growing. It's going in the wrong direction. It's going in a bad direction.

As for the upcoming 2018 elections, Joyce believes they will be secure.

You've got to look at the whole belt and suspenders of how we protect the elections, and that's [from] maintaining the integrity of the machines to the accountability of the people to how that information is verified. I think they've [the Department of Homeland Security] got an exceptional plan and they're looking at the issues that have been raised from the past where people have actually looked for vulnerabilities in voting machines and exposed that back to the companies where they can be improved and fixed.

I left the interview with Joyce surprised by how candid he was about the shortcomings of US cybersecurity. But just look at the daily news headlines. There is usually a cyberattack of some sort that caught someone or some company off guard. Also, more adversaries were targeting US computer networks. This new reality demanded a fresh approach, and recruitment wasn't the only arena where government officials were working to come up with new plans for governing cyberspace. Security experts were attempting to find a new set of rules.