DOD's long path to creating a cyber warrior workforce

The U.S. Cyber Command is gearing up for the initial operating capacity of its Cyber Mission Force, despite some setbacks, and looking to groom the next generation of cyber warriors in the pipeline.

When most all military officials talk about the cyber domain, they don’t focus so much on profound technological advancements and cutting-edge capabilities, but, rather, on the people.   

The Defense Department created U.S. Cyber Command in 2009 as a sub-unified service under the Strategic Command as a means of better enabling cyber operations. Within this structure, the force sought to build a Cyber Mission Force to fill the ranks in a variety of capacities as they relate to operations in cyberspace. The goal is to fill 133 teams consisting of 6,200 personnel with an operational capacity by 2018.

“By the end of 2016, all the teams will be in place and at initial operating capability. And by the end of 2018, we expect all those teams to be at full operational capability,” Air Force Lt. Gen. James McLaughlin, deputy commander of Cyber Command, told an audience at the Center for Strategic and International Studies in October. 

The 133 teams will consist of 68 cyber protection teams focused on DOD’s number one mission— defense of the network—13 national mission teams to help defend the nation’s critical infrastructure, 27 combat mission teams aligned with the combatant commanders and assist in their planning, and 25 support teams that can be called upon, with another 2,000 service members in the reserves. 

“2016 will also be a big year from us because it’s an inflection point for us,” Adm. Michael Rogers, commander of Cyber Command, told and audience at the Atlantic Council in January. The first few years of the organization’s short five-year history was spent on generating capacity and capability with the cyber mission force, he said. “In 2016, as I tell our team, you can tell we’re at the tipping point now. The capacity and capability is starting to come online. You look at some of the things we’ve done on the defensive side, you look at some of the things that we’re doing looking in terms of a broader spectrum of capability, and the hard work of the last few years is really starting to pay off.”  

Building the force

“We’re about half way through that build process right now. We have got to get it finished by September the 30th of 2018, is our goal,” Rogers told an audience at the RSA conference this week. “When I look at the data—and I review this every quarter, I just looked at the data about two weeks ago—we’re right now postulating that if nothing changes, 93 percent of the force will be delivered on time. So I’ve got to figure out in the next two years how we’re going to get that remaining seven percent on time. Because the goal is 100 percent of those 6,200 individuals and 133 teams on station, fully trained, ready to operate in a very demanding environment, and to do that by 30 September 2018.” 

The build has been arduous, as the teams have had to carry out operations as they are built. “What’s happening right as we create them is we’re already using them,” Army Maj. Gen. Paul Nakasone, commander of the Cyber National Mission Force, said at CSIS.

Each service branch has a commitment to contribute to the overall 133 teams under their individual cyber divisions; 13 from the Marine Corps, 41 from the Army, 39 from the Air Force and 40 from the Navy. 

The Army currently has 33 of its 41 teams, an improvement from 2013, when the service only had two, while the Air Force bolstered its cyber mission force by roughly 40 percent last year.

The question of “manning” new cyber teams was a challenge. Robert Naething, deputy to the commanding general of the Fifth Army, offered anecdotal insight into the manning question as it pertains to the first cyber protection brigade being built at Fort Gordon, Ga., home of the Army Cyber Center of Excellence. “As we were looking at this manning, you typically bring a soldier in, you teach him how to be a tanker or something, but you say ‘no, this is a high level skill.’ So do we have to go out there and somehow recruit a bunch of Ph.Ds. out of MIT? Well, how do you do that, how do you pay for them, how do you keep them busy and what do you bring them in as?” he said at a webinar hosted by Defense One. “And so that was really not very tenable. So, as we were trying to figure out how do you man the Army cyber units, really the only immediate solution was to reach out to the Army to see the soldiers we already had…and try and build it initial capacity. And the phenomenon that took us off guard is, actually, there’s incredible capacity out there within our soldiers that we didn’t expect to find.”    

Attracting and training talent

The military has engaged in several initiatives to ensure that the new cyber mission force and the next generation’s cyber warriors are properly equipped. The services have taken to opening hackathons, exercises and cyber ranges for a variety of training and evaluation purposes. For instance, the Army announced last summer the establishment of a Cyber Battle Ground that will be open to all units and will reduce the time and costs of training cyber warriors. It provides a realistic environment for testing skills learned and reinforced in a classroom setting. 

Air Force and Army Reserve cadets in the Advanced Cyber Education program at the Air Force Institute of Technology last summer took part in a competitive hackfest described as the closest thing to hand-to-hand cyber combat. Participants were forced to think outside the box in competitions involving the construction and defense of enterprise networks while attacking opponents.

The Air Force has taken several steps toward attracting uniformed members into its cyber ranks.  According to a spokesperson with the 24th Air Force, these programs include the “Stripes for Certification” program, which provides opportunities to enlist at higher grades when entering the service with cyber-related certifications, selective reenlistment bonus programs and the Cyberspace Warfare Operations career track for officers to provide qualified cyberspace officers proper growth opportunities.       

The Air Force is also standing up a cyber proving ground, which was announced in October. A fresh factsheet published on the new Benjamin Foulois Cyber Proving Ground website depicts a center of “multi-disciplinary teams from the operational, acquisitions, intelligence, test, and developer communities to rapidly explore potential solutions to meet cyber operational needs” and “identify, enable, and accelerate implementation of innovative concepts and technologies to improve Air Force cyberspace operational capability.”

Simulated exercises, however, are going only so far. A recent report submitted to Congress concluded that cyber exercises did not include the full force of possible attacks. “Exercise authorities seldom permitted cyber attacks from being conducted to the full extent that an advanced adversary would likely employ during conflict, so actual data on the scope and duration of cyber attacks are limited,” the director of the Defense Department’s office of Operational Test & Evaluation discovered. The report concluded that combatant commanders’ reluctance to permit realistic cyber effects during training is due to requirements to achieve several other training objectives during exercises. The report recommended that combatant commanders make serious preparations to conduct critical missions in cyber-contested environments as well as perform periodic operational demonstrations involving operational units, network defenders and cyber protection team elements in order to ensure mission success.    

“[O]ne result of conducting the exercise with severe constraints on the opposing force’s cyber operations is that the brigade will not be training against a full-on cyber threat—and thus will get no practice operating in a severely compromised cyber environment,” Herb Lin, a cybersecurity expert at Stanford University’s Hoover Institution wrote in a blog post, regarding a recent exercise in Hawaii. “I can’t help but wonder: Would the cyber-induced collapse of expensive exercises motivate senior decision makers to pay more attention to operating in compromised battlefield environments?”

Ensuring the force is equipped with basic cyber hygiene is also a major priority. “If [DOD] gave you a weapon, you must ensure that that weapon is appropriately treated, appropriately used, always secured. That is pounded into our culture,” Rogers said recently at the Atlantic Council, comparing cyber hygiene to weapons training in the physical world. “You have constant responsibility of the security of that weapon…And you don’t ever forget that. We need to do the exact same thing in the cyber realm.” 

Even the most impenetrable network firewalls are susceptible to human error. “[T]he biggest weak links are the many operators that we have in that cyber domain that don’t exercise good cyber hygiene,” Adm. Paul Zukunft, commandant of the Coast Guard, said at CSIS. One click on a phishing email can send a flood of intruders into a network. 

Recruiting the next generation of cyber warriors

As the Cyber Mission Force gears up, other initiatives put forth by the Defense Department to train the next generation of cyber warriors have been in place for a few years. The strategy to recruit and train the next generation can be compared to the collegiate football pipeline. “We really have to start at middle school,” Gary Wang, Deputy Chief Information Officer of the Army said in September. College coaches “go down to the middle school, they knock on the parent’s house, they go, ‘Hey, your kid has potential to be the middle linebacker for blah blah blah’ and they kind of get them all excited … That’s the approach we have to take with our future cyber warriors.”

The National Security Agency has several such programs, given its decades of operation in signals intelligence and information assurance, as well as close proximity to the Cyber Command, with which they share the same director. The initiatives offered by the NSA include partnerships with colleges applying on-the-job training toward bachelor’s degrees and the National Centers of Academic Excellence for cyber operations. Also, the annual Cyber Defense Exercise pits students from the service academies against each other to build and defend networks against simulated intrusions.

NSA also has partnered with the National Science Foundation to create “GenCyber” summer camps at universities to expose middle school and high school aged students to cyber problem-solving. “You missed the boat if you’re waiting ‘til folks are coming out of college and think you’re going to turn them into a cyber warrior,” Wang said at a Defense Systems event in September. “Your best cyber warriors are already starting at age 11 and 12,” he said, adding that some school districts are mandating computer programming at the elementary school level.     

The Navy and Air Force have also gone to lengths to reach out to local communities assisting with cyber training and STEM programs for youth, such as the Navy “cyberthons" and the Air Force Association's “CyberPatriot” STEM initiative, described by an Air Force spokesperson as “Airmen mentor[ing] cyber teams as part of a nationwide competition involving nearly 20,000 high school, middle and elementary school students.” 

“Technology alone isn’t going to get us there. Don’t ever forget the human dimension in all of this.  It often gets overlooked to me,” Rogers told the audience at RSA. “And that human dimension goes from how do you build a workforce that’s agile and capable of working in this space, to how do you make sure your users are intelligent and smart and knowledgeable about the choices they make. But don’t ever forget the human dimension.”

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.