Army breaking down network defense silos

There is no challenge that cuts across the government like the never-ending thirst for more and better workers who know how to do cybersecurity.

No agency chief information officer would tell you they have enough well-trained cyber workers. And in the venerable words of Alan Paller, the SANS Institute director of research, the skill set most needed is the technical capabilities to actually secure the computer.

This statement may not be true in the next year or two. The Army may be the one part of the federal government that is getting cybersecurity training right.

Advertisement

The Army Cyber Center of Excellence became fully operational on Aug. 9 and published in April its first doctrine for how it fights in cyberspace to include electronic warfare.

But maybe more important than hitting these milestones is the Army’s shift in how it trains these soldiers to be the first line of network defense.

“Last year, we were basically just training our lieutenants in cyber mission forces. Now we are training all three cohorts — officers, warrant officers and enlisted,” said Maj. Gen. John Morrison Jr., commanding general of the Army Cyber Center of Excellence and Fort Gordon in Georgia, during the TechNet event on Aug. 10. “And just on [Aug. 8] we graduated our first class of enlisted initial entry troopers who are now going off into the operational force. And on the signal school side of the house, we are completely revamping our training to get after multi-discipline signal soldiers who really will do not just the operations and maintenance of the network, but they will also become that first line of defense for us and really do the reinforcing fires for our cyber professionals because the two branches are inextricably linked.”

Morrison said over the last year, Army cyber has become more ingrained and integrated with the operational force as well as the broader force to better understand what cyber capabilities need to be embedded in tactical formations.

“It will come in two components: Where do we strategically place our high-end cyber professionals, but it’s also our electronic warfare professionals, who next October will become a part of our cyber branch,” he said. “We will change how our electronic warfare professionals are employed. They will transition from just being electronic warfare to cyber operational planners that will actually be embedded on every brigade combat team and battalion staff, and we will also start fielding additional capabilities to them.”

Other agencies can easily follow the Army’s lead. Sure, many civilian agencies don’t have tactical formations, but they do have mission areas where embedded cyber experts would only benefit the meeting of mission goals.

Morrison said the Army will soon learn whether it has the proper organizational structure. He said the Army likely will have “force structure mismatches” because it traded away these capabilities over the last 15 years for other skill sets.

“As we look at what the future fight will be, we know this is capability we have to rebuild,” he said. “The other piece we are working is our signal regiment. They are the perimeter guards for all things happening inside the cyber domain. We are working closely with the operational force to make sure we’ve got the high-end defenders, both warrant officers and enlisted, in the right spot and to build that force structure as rapidly as we can. Right now, we have a little bit of a gap. We are about 30-plus percent of the fill that we need to be.”

Morrison said another critical gap is around cyber operational planners. He said the service is planning for mobile training teams to visit commands and bases to educate and close the skill gaps beginning in January as part of the transition of soldiers from the 29 series (electronic warfare) to the 17 series (cyber operations).

The effort to bring cyber and electronic warfare closer together has been ongoing since 2014. The Army conducted several pilots around both personnel and acquisition to ensure the best approach.

Morrison said new recruits will go through the cyber training first and then receive the electronic warfare courses.

“In the end, this will be a very skilled professional, officer, warrant officer and enlisted,” he said. “How do we take care of the existing force and get them trained up, and how do we assess new professionals into the career field and make sure they have that foundational cyber training as well as electronic warfare, because you can’t separate signal from cyber from electronic warfare.”

All of these efforts are about changing the way the Army educates its cyber professionals.

“It’s teaching folks to understand what authorities exist today, who to contact to gain authority and how to act independently if you are given authorities,” Morrison said. “It’s really a completely different education model than what you traditionally do inside the Army institutional force. Previously, Army training is very hands-on, to now it’s about education and being able to think and act in a very dynamic gray space as opposed to it being black and white.”

By the fall, Morrison’s organization will give the Army an analysis of its people, training, leadership development, facilities, doctrine, organization and material, and make recommendations about what the cyber force of the future should look like in tactical formations.

Morrison said he understands that all of this training and education may make it difficult to keep these soldiers over the long term.

That is why the Army, like a few others such as the Homeland Security Department, is considering initiatives such as retention bonuses to hold onto these valuable skill sets.

“The folks that we are training and we put on to operational missions, and that’s the key piece here, the Army cyber force is conducting cyber operational missions each and every day,” he said. “The folks who sign up are passionate about it because they want to serve. Nowhere else in the world can they conduct the kind of operations that they are conducting right now in support of the nation and the Army. That, in and of itself, is a pretty big retention tool.”

While it’s true the Army has the funding and the personnel capacity between service members and civilians to address many of these cyber workforce skill gaps, the overall strategy of training, analysis and actions the service is taking is more about leadership than anything else.

Return to the Reporter’s Notebook