PENTAGON - A hacker only needs to succeed once to break into a system.
One tiny flaw — a singular vulnerability found — and an entire wall of cyberdefense can crumble.
The influx of data available in the invisible, interconnected cyber realm has become "both an opportunity and a challenge," Steve Welby, Assistant Secretary of Defense for Research and Engineering and the Defense Department's Chief Technology Officer, told VOA in an exclusive one-on-one interview.
"Almost everything we're doing in the department is software enabled," Welby said. "There's almost no system today where new capabilities aren't being inserted much faster than ever before by downloading apps into our systems."
The increased speed and capability comes with a major vulnerability to cyberattacks, making the fortification of the cyber realm arguably as critical as the defense of air, land, sea and space.
"The tradition in cybersecurity is to put a Band-Aid on, and when that doesn't work, put another Band-Aid on top of it," Strategic Technologies Program Director of the Center for Strategic and International Studies James Lewis told VOA. "It's the wrong approach."
Lewis argues there are other militaries out there — particularly the Russians — with cyber capabilities that are equally as good as the United States' abilities. Until there's a new, better protected system in place for the U.S. military, hackers with unlimited time and resources eventually can find ways to break through.
"It's not so much that our defenses are weak. It's just that they are hard to defend against," he said.
Why is cyberspace so hard to defend?
The Department of Defense built the first workable prototype for the internet decades ago with the goal of sharing data. The point of the cyber realm, Welby said, was connecting people, without an eye toward providing protection.
Even as security experts today see the need to balance connectivity with protection, the technology market's dynamics are making it hard to change the status quo.
"People want convenience. They want stuff to work and connect immediately, and security doesn't come anywhere near that as a priority," Lewis said.
That means the Pentagon, not the commercial sector, is largely left with the task of brainstorming new systems that are inherently defensible from design.
Welby says the military is doing just that with three techniques — researching new computer architecture, providing arenas for the private sector to produce new cyberdefenses and developing new software that can communicate defensive techniques with the user.
"That idea of having systems that can explain its behavior is an exciting one and is at the root of an entirely new field of cyberdefenses that we're just starting to explore," Welby said.
Experts say the best defense is refreshing and modernizing systems. But the reluctance of Congress to fund the purchase of new systems could lead to major security problems in the near future, Lewis said.
"Within three years, five years, they [opponents] know every bug, they know every opening, they know every vulnerability, so the system isn't protectable anymore," he told VOA. "Some of the stuff the Defense Department is running is over 20 years old, so there's no way to protect that."
Secretary of Defense Ash Carter has courted several technology developers to help the Pentagon as it seeks to improve America's cyber, land, air, sea and space defenses. Carter will meet Wednesday with Elon Musk, the founder and CEO of SpaceX and the product architect of Tesla Motors.