By September the Army’s cyber protection teams will have reached full operational capability (FOC), but the units already established are participating in named operations including a digital campaign against Islamic State militants.
“The really important thing to take away from that is not where we are in the build,” said Army Brig. Gen. Maria Barrett, deputy commander of operations for the National Cyber Mission Force. “The purpose of that IOC or FOC status, the mission teams have been and continue to be engaged in operations in support of their respective service, combatant commands, Joint Force headquarters … we didn’t wait for them to get FOC and then deploy them, we started out as soon as they started to exhibit any sort of capacity and capability to get them on mission. That has been really critical to their advancement.”
Cyber mission forces are engaged in over 50 U.S. Cyber Command (CYBERCOM) named operations, Barrett said June 1 at the Armed Forces Communications and Electronics Association (AFCEA) annual Army Information Technology Day conference outside Washington, D.C. Barrett’s command falls under the joint CYBERCOM, to which all military services contribute.
The Army remains the only service with its own cyber component command, at the head of which is Gen. Paul Nakasone. Army Cyber Command (ARCYBER) is actively launching cyberattacks against ISIS networks from its base at Fort Meade, Md., according to a senior Army official who asked not to be named. ARCYBER has been involved in the counter-ISIS fight for about six months.
September, or the end of fiscal year 17, is the deadline for manning and activating 41 cyber mission teams (CMTs) within the active Army, the senior Army official said. Another 10 cyber protection teams (CPTs) will be established in the Army Reserve and the Army National Guard will have 11 of its own CPTs spread across the country. Those teams will come online through 2024 because they are harder to recruit and train because of the technical skills required for cyber operations, the official said.
The Army is in the process of consolidating some of those teams into deployable units. The 20 CMTs run by U.S. Cyber Command from Fort Gordon, Ga., will be formed into a single brigade that can deploy to combat zones like a brigade combat team (BCT).
The Guard’s 11 cyber protection teams will be linked in a cohesive command within that component, as well.
Once the various cyber capabilities are up and operational, the services must transition to sustainment of training and equipment, Barrett said. The key capability of each CPT is its deployed mission support system (DPSS), a kit that provides reconnaissance, security and counter-mobility operations capability to the team.
Each kit was designed by a specific service for its CPTs and contains laptop computers, passive and active network sensors and analytic capabilities that are both commercial- and government-off-the-shelf systems, Barrett said.
“Each service designed its kit and I don’t see that model changing,” she said. But the requirements for each kit were set before the CPTs were formed and fielded. Through ongoing cyber operations, the central leaders at CYBERCOM have identified some improvements and standardizations that can be made to the DPSS kits, namely in software and data management systems.
Before the recent proposed increase in topline funding, even as the Army was reducing its overall endstrength, the service laid plans to grow its cyber force. Still, offensive and defensive cyber is underfunded, Barrett said.
“This is probably a growth industry like we have never seen before in terms of the threat,” she said. “We have to assume that as we get better, we make the adversary better. We slow them down, but then they adapt.”