Sponsored by Spectra Cyber Security Solutions
07 Nov 17. DoD is outpacing itself on cyber. One of the observations most oft discussed surrounding the cyber domain is how fast it moves. So fast, evidently, that the Defense Department is outpacing itself.
“We are outrunning our headlights,” Lt. Gen. Paul Nakasone, commander of Army Cyber Command, said during a keynote presentation at the CyCon U.S. conference in Washington Nov. 7. “We’re learning so much, whether or not it’s with our forces, with our doctrine, with our strategy; we are well forward of where we thought we would ever be.”
Nakasone referenced the progress DoD has made in the past seven years in this domain, namely the stand up of a cadre of dedicated cyber warriors and the employment of such forces. This has manifested itself in Cyber Command’s cyber mission force, the roughly 6,200 person, 133 team force of offensive, defensive and support teams made up of personnel from the service cyber component commands, which Nakasone described as a gamechanger.
That is the capability DoD built over the past seven years, Nakasone said, adding it’s a capability that they’ve employed defensively and offensively, as well referencing the fight against the Islamic State group, the most public of offensive cyber efforts executed by the U.S.
“What have we learned?” Nakasone asked, “a tremendous amount.” This includes lessons pertaining to:
• Force structure;
• Force employment;
• Command and control of forces;
• The ability to bring capabilities to the forefront;
• How to take defensive teams and ensure they are informed by offensive teams; and
Regarding offensive and defensive personnel, Cyber Command has worked to train each cyber warrior to the same joint standards.
“The first thing you want to do is be careful about saying it’s one or the other. I do think that there’s a benefit and an advantage … that one might inform the other,” Rear Adm. T.J. White, commander of the Cyber National Mission Force at Cyber Command, said during a panel at the INSA National Security and Intelligence Summit in Washington Sept. 6. “There’s a lot that we’ve learned in anticipating what you might have to do on the offense by understanding very, very well what is going on with the defense.”
Others have also noted lessons learned regarding force employment through operational lessons, especially on the defensive side where they can spilt defensive teams – made up of 39 individuals – eschewing the need to send everyone toward a problem.
“One of the things we found with practical experience is we can actually deploy in smaller sub elements, use reach-back capability, the power of data analytics; we don’t necessarily have to deploy everyone,” Adm. Michael Rogers, the commander of CYBERCOM, told the House Armed Services Committee in May. “We can actually work in a much more tailored, focus[ed] way optimized for the particular network challenge that we’re working. We’re actually working through some things using this on the Pacific at the moment.”
Elaborating on this notion, Brig. Gen. Maria Barrett, deputy of operations J-3 at CYBERCOM, has noted that this construct allows for greater agility.
“You would send a smaller group forward and then do whatever analytic work or analysis you need to do back at home base, be it Fort Gordon or San Antonio or Hawaii or reach back and do some of that work there,” she said. “That kind of facilitates us being a little bit more agile and quick.”
Cyber Command has also expounded on these operational lessons and taking them to training and validation exercises. “From that lesson, our branch at Cyber Command has said now that we’ve seen that lesson at an exercise, let’s bring in the mission force experts and figure out how we craft our doctrine to reflect operations,” said an exercise leader at Cyber Command’s annual Cyber Flag told C4ISR