A provision in the committee’s version of the annual defense policy bill, of which an executive summary was released Friday, would require the secretary of defense to review future force employment concepts for cyber operations. The full text of the bill has yet to be released.

Senior congressional officials that briefed reporters Friday pointed to the fact that to date, cyber operations and forces have largely been focused on the strategic level. More and more, there are other avenues to conduct digital actions, officials said, to include tactical cyber.

In fact, the DOD updated its cyber doctrine at the end of 2022 to include for the first time a definition of what it called “expeditionary cyberspace operations,” defined as “[c]yberspace operations that require the deployment of cyberspace forces within the physical domains.”

That recognition was significant given authorities to conduct cyber operations were held at the highest levels of government for many years due to fears that such activities could have unintended consequences or spread into networks beyond the intended targets.

Cybercom owns the offensive cyber capabilities within DOD, and the services conduct offensive cyber operations through Cybercom and the cyber mission forces that each service provides to the command that operate from static, remote locations, mostly focused on IP-based networks.

However, increasingly, there are targets that either aren’t reachable through IP networks or remote access might not be possible. And as DOD has matured its cyber policies, doctrine and capabilities, the reins have begun to loosen up.

Certain factions have sought to use more proximal effects conducted through radio-frequency, which require fewer levels of approval to conduct operations at the very tactical level.  

Several of the services have begun investing in capabilities and forces for their own offensive activities. However, that is mostly in the blended electronic warfare or RF-enabled sphere at the tactical level.

While individual services have started developing and even deploying such forces, all cyber operations must still be connected through Cybercom.

For example, the Army created the 11th Cyber Battalion — which stemmed from the 915th Cyber Warfare Battalion before it — a unit that provides tactical, on-the-ground cyber operations (mostly through RF effects), electronic warfare and information ops. It consists of four companies with over 300 personnel total and five expeditionary cyber teams, which are scalable formations designed to augment units upon request. The Army was recently approved to create another unit called the 12th Cyber Battalion.

The Air Force in the last year or so has developed a concept called Cyber Enabled Air Superiority (CEAS), that aims to use organic Air Force cyber assets to protect its critical missions, such as safeguarding fighter jets from cyberattacks. While the concept is still emerging, the Air Force re-missioned a National Guard unit to initially take charge of the effort.

The Navy has been building what it calls non-kinetic effects teams that are afloat assets to provide cyber, electronic warfare and other similar capabilities for commanders at sea.

The Marine Corps has developed information units for its Marine Expeditionary Forces that include cyber, intelligence, EW and information-related capabilities.

Cybercom has recognized these capabilities, and command officials have begun exploring ways to utilize them, especially as they can serve as entry points for its high-end operators to access hard-to-reach networks that might not be connected to the internet.

These efforts also fit into the concept of the modern triad, which consists of combining the capabilities of space, cyber and special operations forces to create military packages greater than the sum of their parts. SOF are located in some of the hardest places on earth, giving them the opportunity to get close to targets and potentially providing access and entry points for cyber effects.

Given this growth in the concept, the Senate Armed Services Committee also wants the review to encompass the types of personnel DOD will require to conduct cyber operations of all kinds in the future. To date, that has only really included the cyber mission force. As referenced, this could include a much larger pool across the conventional and even special operations forces beyond the Cybercom enterprise.

The summary of the policy bill states the review would include an assessment of personnel policies that could be needed to support any such evolving cyber force, though committee officials clarified this has nothing to do with discussions surrounding the potential creation of a separate and distinct service, or Cyber Force.

“We have focused a lot of this around how we man, train and equip for very exquisite cyber mission forces. There is a bigger pool of people out there,” an official said. “How are we going to employ that full scope of people and how do we need to adjust the personnel policies to be able to keep that flow of people?”

The post Senate Armed Services Committee wants DOD to explore ‘tactical’ cyber employment appeared first on DefenseScoop.

Each of the services, in one way or another, has been developing forces and capabilities to conduct tactically focused, on-the-ground cyber and electronic warfare effects, known as radio frequency-enabled cyber.

Increasingly, there are targets that either aren’t reachable through traditional IP-based networks or remote access might not be possible, which is primarily what Cyber Command does. As the Department of Defense has matured its cyber policies, doctrine and capabilities, the reins have begun to loosen on authorities allowing these on-the-ground forces more latitude, mostly through the electromagnetic spectrum, to perform these actions. Certain factions have sought to use more proximal effects conducted through radio frequency, which require fewer levels of approval to conduct operations at the very tactical level.

Those RF-enabled capabilities, as has been envisioned for some time, could provide the proximal access to the remote operators at Cybercom and be passed off to them.

The command’s new acquisition executive, Khoi Nguyen – who’s been on the job for eight months – has begun thinking more and more about how to leverage these tactical capabilities. He most recently came from the Marine Corps, which has been developing capabilities and concepts for tactical forces that, in some cases, could be the proximal access for Cybercom some have envisioned.

“We’re looking, from a thinking perspective, if every RF sensor is a potential platform for us to deliver cyber effects through? Then from a Cyber Command perspective, how do we ensure that or how do we assist that,” Nguyen, who is also the director of the cyber acquisition and technology directorate (J9) at Cybercom, said during remarks at the AFCEA Northern Virginia chapter’s annual Army IT Day conference Jan. 11. “We’re working closely with both the Army and the Marine Corps and understanding what the way ahead from an RF-enabled cyber prospective or EW implementation and that ensuring that whatever they’re implementing, we can leverage.”

Nguyen confessed that he’s not quite sure how to fully enable this yet, acknowledging this is all very nascent from a Cybercom perspective.

“It’s going to be a balance where I think we need to be able to operate the platform forward with operators in the rear and then some set of cyber operators either trained by us [Cybercom] or certified by us that are assigned to the Army and in the Marine Corps that are forward and then are able to deliver bullets or payloads that we have certified as allowed to be delivered. But that’s a really nascent piece and we really need to work that out,” he noted.

DOD’s updated cyber doctrine, published in December 2022, recognized so-called expeditionary cyber operations for the first time. These are cyber operations that require the deployment of cyber forces within physical spaces.

However, officials in the past have discussed that there is still a potential authorities issue that must be worked through between tactical forces and those from Cybercom.

In a pre-hearing questionnaire for his confirmation to lead Cybercom, Lt. Gen. Timothy Haugh pledged to work closely with the services as they’re building out so-called tactical or expeditionary cyber forces. The Senate approved Haugh as commander in December, but it is unclear when he will officially take over the command.  

Nguyen outlined a potential vision or architecture for how Cybercom could take advantage of the placement and access of forces in the field.

“An area that I’m thinking that we should do as Cyber Command is maybe do the cyber effects against specific targets or against exquisite targets, leveraging off funding and leveraging authority to get the target device and then doing the onboard analysis and everything else and then delivering the effect or delivering data payloads,” he said. “Then ensuring that it can be hosted within an Army device or a Marine Corps RF device and this way, now, I don’t have to add Cybercom’s equipment to the services, but rather, leverage existing service RF-enabled devices and throw our effects through it. Then, of course, there’s also the local operations, where do we need to have cyber operators forward or can we reach back through to where we are at and conduct it from Cyber Command back here and so on.”

This is the type of work they’ve been looking at with the services, Nguyen said, assisting with their equipment and what they need to do the mission and possibly pass off access.

Nguyen said Cybercom is looking to take advantage of open architecture capabilities the Army and Marine Corps have adopted. This includes the Command, Control, Communications, Computers, Cyber, Intelligence, Surveillance, Reconnaissance (C5ISR)/Electronic Warfare Modular Open Suite of Standards, or CMOSS. CMOSS allows for capabilities to be inserted, updated and swapped on hardware platforms — harnessing the modern abilities of software.

“The Army is doing that, Marine Corps [Marine Air Ground Task Force Electronic Warfare Ground Family of Systems] is doing that, Cyber Command we’re going to go with that way too, just from an awareness way ahead. Cyber Command, we’re way, way nascent on this all,” he said. “I just want to communicate that we are supporting CMOSS, that both the Army and the Marine Corps are using.”

The post US Cyber Command looking at how to utilize tactical on-the-ground systems appeared first on DefenseScoop.

“Expeditionary cyber forces have already demonstrated potential to extend the reach of cyber enabling activities and close the gaps that limit cyber forces’ ability to access important tactical targets in forward locations,” Lt. Gen. Timothy Haugh wrote to senators in a questionnaire as part of his nomination process.

For the first time, the Department of Defense recognized and defined cyber operations conducted in physical or tactical spaces, called expeditionary cyber operations, in formal doctrine as an update to its cyberspace doctrine in December 2022.

That recognition was significant given authorities to conduct cyber operations were held at the highest levels of government for many years due to fears that operations could have unintended consequences or spread into networks beyond the intended target.

Cybercom owns the offensive cyber capabilities within DOD, and the services conduct offensive cyber ops through Cybercom and the cyber mission forces that each service provides to the command from remote locations, mostly focused on IP-based networks.

However, increasingly, there are targets that either aren’t reachable through IP networks or remote access might not be possible. And as DOD has matured its cyber policies, doctrine and capabilities, the reins have begun to loosen up.

Certain factions have sought to use more proximal effects conducted through radio-frequency, which require fewer levels of approval to conduct operations at the very tactical level.  

Several of the services have begun investing in capabilities and forces for their own offensive cyber. However, that is mostly in the blended electronic warfare or radio frequency-enabled sphere at the tactical level.

While individual services have begun developing and even deploying such forces, all cyber ops must still be connected through Cybercom.

“If confirmed, I will work with the Services to ensure any tactical forces will meet USCYBERCOM training standards, follow Department deconfliction policies, and when leveraging USCYBERCOM authorities, ensure interoperability with Joint Cyber Warfighting Architecture,” Haugh wrote.

The Joint Cyber Warfighting Architecture was designed in 2019 to get a better handle on the capabilities, platforms and programs Cybercom was designing and set priorities for the Department of Defense as well as industry partners that would be building them. They include systems for collecting data, conducting offensive cyber operations, and commanding and controlling cyber forces, among others.

With the advent of these more proximal or tactical forces being built, it is understood that they could provide access to networks for higher-end cyber operators in Cybercom through their close proximity to harder targets as opposed to accessing them fully remotely.

Haugh noted that if confirmed, he’ll work with the services as well as the geographic combatant commands as the department continues to satisfy a provision in last year’s annual defense policy bill to develop integrated non-kinetic forces and capabilities.

That provision directed the Pentagon to develop a strategy for converged cyber and electronic warfare conducted by deployed military and intelligence assets, specifically for service-retained assets, which refers to non-Cybercom elements.

The issues Haugh plans to examine include training, standards, interoperability, and authorities to implement the requirements under the provision.

Haugh wrote to senators that the military must continue to seek new capabilities to exploit adversary systems.

“In my opinion, developing new and novel capabilities and approaches to deliver non-kinetic effects will benefit the Combatant Commands and the Services,” he wrote. “The unique value of the cyber domain is that it crosses, supports, and enhances every warfighting domain by ensuring the secure operation of the Department’s decision-making systems, disrupting malicious cyber actors’ capabilities and ecosystems before they can threaten our networks and platforms, and, when called upon, deliver non-kinetic effects to enable Joint Force Commanders to achieve early initiative during contingencies.”

From a defensive standpoint, he recognized these same threats to U.S. systems, vowing to improve defenses.

“The nature of modern network-centric warfighting is such that nearly every piece of electronic equipment represents a potential cyber-attack surface, to include tactical military systems,” he said. “USCYBERCOM capabilities are always evolving to take advantage of cutting-edge technology, research, and development. Just as we continually improve our own defenses against novel cyber threats, so do our adversaries; if confirmed, it is my intent for the Command to seek new and innovative means, methods, and doctrine to achieve our mission and provide a comprehensive suite of non-kinetic effects when called upon to do so.”

It is unclear when Haugh will be confirmed due to the blanket hold on senior military nominations placed by Sen. Tommy Tuberville, R-Ala., to protest DOD’s abortion policy.

The post Cybercom nominee plans to work with services on ‘expeditionary’ cyber forces appeared first on DefenseScoop.

The handover — held in Georgia at Fort Eisenhower, formerly known as Fort Gordon — was for the 11^th Cyber Battalion, which sits beneath the 780^th Military Intelligence Brigade under Army Cyber Command and provides tactical, on-the-ground cyber operations (mostly through radio-frequency effects), electronic warfare and information ops.

Lt. Col. Benjamin Klimkowski, the 11^th’s first-ever commander, passed the reins to Lt. Col. Luis Etienne, Jr. at the event on Wednesday, according to an Army release.

The formation was recently activated last October, born out from the 915th Cyber Warfare Battalion. The official activation signified a growth and maturity from inception of table of distribution and allowances years to a modified table of organization and equipment organization. The former is a unit organized to perform a specific mission in which funds are discontinued as soon as the mission is accomplished, while the latter refers to equipment a unit needs to accomplish its specific doctrinal missions.

The unit consists of several expeditionary cyber and electromagnetic activities teams (ECTs) that are scalable and will maneuver with units, plan tactical operations for commanders and conduct operations on the ground.

In fact, in the run up to Russia’s invasion of Ukraine in 2022, the Army sent an ECT forward to Europe to support the Army’s regional theater headquarters to provide subject matter expertise in electronic warfare, information operations, defensive cyber and offensive cyber, in order to help them and answer questions quickly. They were mostly conducting electronic protection functions, but there were also information ops execution personnel as well as planners.

There are currently four ECTs — with a fifth planned at the end of September — within the unit and three companies, according to the Army. By September of 2027, there are expected to be 12 ECTs in total.

From Klimkowski’s time as commander of the 11^th and the 915^th before it, he saw the unit grow, build and test concepts and units, working to integrate them into operations with traditional military units as well as the high-end remote operators that conduct cyber ops on behalf of U.S. Cyber Command.

The unit must be highly adaptable and innovative to be able to take signals and targets and turn them into an effect or something actionable on the fly.

“I have mentioned the following sentiment before, as a new organization, defining a new mission set — the burden of innovation can weigh heavy. It is difficult to ask an organization that is operating at full capacity to simultaneously do those things and be innovative about new approaches, and ask that organization to capture those insights for posterity,” Klimkowski said at the ceremony. “Whether it was working with Special Forces groups or other multi-domain partners, time and again, you went the distance to make the Amy more prepared to fight its next war.”

Etienne comes to the unit from Cybercom’s Cyber National Mission Force — the command’s elite cyber warriors tasked with defending the nation from cyber threats and organized into task forces focused on specific actors and nations — having been the deputy commander of Joint Task Force 2, which is focused on China.

Klimkowski is moving on to an NSA fellowship.

The post Army’s tactical cyber and electronic warfare unit gets new commander appeared first on DefenseScoop.

A revised version of Joint Publication 3-12 Cyberspace Operations — published in December 2022 and while unclassified, is only available to those with DoD common access cards, according to a Joint Staff spokesperson — officially provides a definition for “expeditionary cyberspace operations,” which are “[c]yberspace operations that require the deployment of cyberspace forces within the physical domains.”

DefenseScoop has seen a copy of the updated publication.

The last version was published in 2018 and was publicly available. The Joint Staff spokesman noted that five years has been the norm for updates.

The definition, recognition and discussion of such operations are indicative of not only the maturity of cyberspace and associated operations, but the need for more tactical capabilities to get at targets that the current cyber force might not be able to access.

U.S. Cyber Command owns the offensive cyber capabilities within DOD, and the services conduct offensive cyber ops through Cybercom and the cyber mission forces that each service provides to the command. Authorities to launch cyber effects have traditionally been held at the highest levels of government. In recent years, those authorities have been streamlined and delegated. However, most cyber operations are still conducted from remote locations by the cyber mission force (CMF) and primarily focused on IP-based networks.

Many of the services have begun investing in capabilities and forces for their own offensive cyber, however, that is mostly in the blended electronic warfare or radio frequency-enabled sphere at the tactical level.

The updated doctrine recognizes that these capabilities, which will still have to be coordinated centrally, could provide access to targets that remote operators might not be able to get for a variety of reasons.

“Developing access to targets in or through cyberspace follows a process that can often take significant time. In some cases, remote access is not possible or preferable, and close proximity may be required, using expeditionary [cyber operations],” the joint publication states. “Such operations are key to addressing the challenge of closed networks and other systems that are virtually isolated. Expeditionary CO are often more regionally and tactically focused and can include units of the CMF or special operations forces … If direct access to the target is unavailable or undesired, sometimes a similar or partial effect can be created by indirect access using a related target that has higher-order effects on the desired target.”

It also notes that these effects and operations should be coordinated with the intelligence community to deconflict intelligence gain/loss.

Moreover, the updated doctrine recognizes the complexity of cyberspace and how in-demand cyber capabilities might be. Thus, global cyber support might need to “reach-forward” to support multiple combatant commands simultaneously.

“Allowing them to support [combatant commands] in this way permits faster adaptation to rapidly changing needs and allows threats that initially manifest only in one [area of responsibility] to be mitigated globally in near real time. Likewise, while synchronizing CO missions related to achieving [combatant commander] objectives, some cyberspace capabilities that support this activity may need to be forward-deployed; used in multiple AORs simultaneously; or, for speed in time-critical situations, made available via reachback,” it states. “This might involve augmentation or deployment of cyberspace capabilities to forces already forward or require expeditionary CO by deployment of a fully equipped team of personnel and capabilities.”

When it comes to internalizing the new doctrine, the Air Force sees this as additional access points for operations.

“How do we leverage folks that are and forces that are at the tactical edge for access? That’s primarily how I think about the expeditionary capabilities we have … is empowering or enabling the effect they’re trying to create or using their access or position physically, to help enable some of our effects,” Lt. Gen. Kevin Kennedy, commander of 16^th Air Force/Air Forces Cyber, told DefenseScoop at the AFCEA TechNet Cyber conference.

He noted that these access-enabling capabilities could be across the services, but primarily from an Air Force perspective, “I’m looking at looking within the Air Force, from aerial platforms down to ground-based airmen, as well about how we would do that,” he said.

Officials have described how the services are seeking to build their own forces separate from Cybercom.

“There was a lot of language that came out the [National Defense Authorization Act] that talked about force design in general. All the services to one degree or another are really — I’m not going to say rethinking — but evaluating what their contribution to the joint force is, as well as what their own … service-retained cyber teams are,” Chris Cleary, principal cyber advisor for the Department of Navy, told DefenseScoop at the AFCEA conference.

Last year’s NDAA directed the Pentagon to develop a strategy for converged cyber and electronic warfare conducted by deployed military and intelligence assets, specifically for service-retained assets.

As electronic warfare and cyber capabilities are expected to be a big part of the battlefield in 2030 — a key waypoint the Army has been building toward — it recognizes those capabilities can’t be held from remote sanctuary, Maj. Gen. Paul Stanton, commander of the Army Cyber Center of Excellence, told DefenseScoop in an interview on the sidelines of the AFCEA conference.

In fact, the Army’s principal cyber adviser has tasked the Cyber Center of Excellence with clarifying certain authorities and capabilities.

“How do you execute electronic attack to achieve effects? How do you differentiate a cyber-delivered capability that benefits from proximity based on owning the land, owning the ground?Because that’s what the Army does. The principal cyber advisor, Dr. [Michael] Sulmeyer is tasking me with conducting a study to clearly define and delineate where those lines are,” Stanton said. “This study is going to help us be able to clearly define that. I expect to be tasked to kick that off here in the very near future with about 90 days to complete.”

When it comes to service-retained forces and capabilities, the Army has built the 11^th Cyber Battalion, formerly the 915^th Cyber Warfare Battalion, which provides tactical, on-the-ground cyber operations — mostly through radio-frequency effects — electronic warfare and information ops. The unit will help plan tactical operations for commanders and conduct missions in coordination with deployed forces. It consists of several expeditionary cyber and electromagnetic activities (CEMA) teams that are scalable and will maneuver with units and conduct operations on the ground for commanders.

The Navy, meanwhile, is building what it’s calling non-kinetic effects teams, which will augment afloat forces with critical information warfare capabilities. Cleary has previously noted that the service is still working through what cyber ops at sea will look like.

“As we continue to professionalize this, [information warfare commanders within carrier strike groups] will become more and more important as it fully combines all aspects of the information warfare space, the electromagnetic spectrum, command and control of networks, eventually potentially offensive cyber being delivered from sea, information operations campaigns,” Cleary said.

“That job will mature over time, and then the trick is to get the Navy and the Marine Corps to work together because we are back to our roots of being an expeditionary force. Even the Marines through [Commandant] Gen. [David] Berger’s new force design is really about getting the Marines back to being what the Marines were designed to be, which is an expeditionary fighting force that goes to sea with the Navy. We work together to achieve our objectives as a team, and we’re getting back to our blocking [and] tackling them.”

For the Marine Corps’ part, officials have been building Marine Expeditionary Force Information Groups (MIGs), which were created in 2017 and support each MEF within the Corps, integrate electronic warfare with intelligence, communications, military information support operations, space, cyber and communication strategy — all to provide MEF commanders with an information advantage.

The service has also recently established Marine Corps Information Command (MCIC), which was designed to more tightly link the service’s information forces — including cyber, intelligence and space — in theater with the broader joint force across the globe.

Mission elements the Marines have created and sent forward with Marine expeditionary units are “right in line with [Joint Publication] 3-12,” Maj. Gen. Joseph Matos, deputy commander of Marine Corps Forces Cyberspace Command, told DefenseScoop at the AFCEA conference.

“How do we take what we do at the fort, or back at Fort Meade [where Cybercom is headquartered], and be able to extend that out to the services? That’s what we’re in the process of doing right now … We started about two years ago doing that. That capability is starting to mature pretty well,” he said. “It’s to extend Cyber Command out to those forward units.”

Matos said the recently created MCIC will act as the integrator for a lot of these capabilities throughout the force, acting as a bridge of sorts.

The organization will help tactical forces understand the authorities and capabilities that cyber can provide to help them conduct their missions.

“You kind of hit a glass ceiling of the capability [of] the lower elements being able to reach out and do cyberspace operations,” Matos said of the process prior to establishing that entity. “We’re able to say, OK, here’s a team, trained, capable,’ understand the capabilities that we can bring, give them to the deployed forces to say, ‘OK, you want to do cyber operations, here’s how we can help you do that.’ We know who to talk to, the authorities and so on so forth, and we can do that. I think it’s right in line with what the [Joint Publication] 3-12 is trying to do.”

That command essentially acts as the glue between the high-end cyber forces and the tactical elements, bridging the gap between Cybercom forces and the deployed forces.

“The genesis of the Marine Corps Information Command to tie all these elements together is to address that concern, is to be that integration point between the forces below the tactical edge who have these requirements to operate in a rapidly changing environment. But also tie that to the Marine Corps Information Command knows who to talk to at Cyber Command, or at NSA, or at Space Command. To be able to be that touchpoint between the two organizations so you don’t have to have an infantry battalion going all the way to” a combatant command, Matos said during a presentation at the AFCEA conference.

“I think as we operate in this rapidly changing cyberspace world, that Marine Corps Information Command’s going to be a tremendous benefit to the [Marine Air Ground Task Force], but also to the joint world and the intelligence and cyber world,” he added.

The post New DOD doctrine officially outlines and defines ‘expeditionary cyberspace operations’ appeared first on DefenseScoop.

Previously known as the 915^th Cyber Warfare Battalion, the unit, which belongs to Army Cyber Command, provides tactical, on-the-ground cyber operations — mostly through radio-frequency effects — electronic warfare and information operations. The unit will help plan tactical operations for commanders and conduct missions in coordination with deployed forces. It consists of several expeditionary cyber and electromagnetic activities (CEMA) teams that are scalable and will maneuver with units and conduct operations on the ground for commanders.

The activation ceremony signifies the unit’s growth from its inception of table of distribution and allowances years to a modified table of organization and equipment organization. The former is a unit organized to perform a specific mission in which funds are discontinued as soon as the mission is accomplished while the latter refers to equipment a unit needs to accomplish its specific doctrinal mission.

The unit came out of a pilot effort years ago to test how the Army could integrate tactical cyber and electronic warfare effects for brigades on the ground without having to rely upon the remote, strategic resources of U.S. Cyber Command, which are not only in high demand but, at the time of the pilot, limited in authorities to conduct operations.

“We have come a long way from our initial CSC-B [pilot] engagements and Combat Training Center rotations. We educated Army leaders on what cyber can bring to the fight, but we also learned what the Army needs. We did not have all of the answers and every engagement has been crucial to our battalion’s growth and development. We can thank our leaders and soldiers for their contributions for the better part of a decade that have helped shape what the 11th Cyber Battalion has become,” 11^th Command Sgt. Maj. Marlene Harshman said.

The 915^th previously never received battalion colors or a distinctive unit insignia. With the activation of the 11^th, the unit now has both.

“The transition reflects Army Cyber’s recognition of the Expeditionary CEMA Team as a permanent part of Army forces and an essential part of future land operations — the need for CEMA Soldiers is increasing,” said Lt. Col. Benjamin Klimkowski, commander of the 11^th. “The most important thing to recognize about the transition is what is not changing; while parts of our structure are now more stable and doctrinally grounded, 11th Cyber Battalion will remain adaptive, innovative, and aggressive about supporting the needs of the warfighter.”

As the world and adversaries adapt, the Army is looking to change in kind.

“The Army will adapt with world requirements, this is one of those necessary changes. We owe the people of the United States a cyber force that will help answer the requirements for commanders at all echelons. We will be a force multiplier to Army Cyber Command and an asset to the Army Service Component Commands,” Harshman said.

The post Army activates the 11th Cyber Battalion appeared first on DefenseScoop.

The new colonel-led, or O-6 level, program office will be under Program Executive Office Intelligence Electronic Warfare and Sensors and will be aptly called Program Manager Cyber and Space, officials told reporters at Aberdeen Proving Ground on Tuesday.

It will migrate the offensive cyber programs and capabilities from the current portfolio of program manager Electronic Warfare and Cyber (EW&C) and also incorporate the highly sensitive space capabilities from Product Manager Tactical Exploitation of National Capabilities. Currently, the offensive cyber portfolio is run by a lieutenant colonel, or O-5.

The new office is necessitated by the amount of joint work the Army is doing on behalf of U.S. Cyber Command to deliver capabilities and programs for the cyber mission force across all the services, which grew too big to continue to manage out of the EW&C office.

The services, as executive agents, are responsible for procurement for larger acquisition programs on behalf of Cyber Command for the entire cyber mission force.

The Army is currently the executive agent for something called the Joint Common Access Platform (JCAP), which will provide the infrastructure for those offensive missions. The services’ cyber units will move to the firing platform from separate tools they operate now, more tightly linking their efforts in cyberspace, one of the domains the military is trying to protect as a joint force.

JCAP is part of the larger Joint Cyber Warfighting Architecture (JCWA), which guides all the acquisition priorities and programs for Cyber Command.

ManTech won a $265 million contract in 2020 to support JCAP.

Officials have said the current model for the program allows for a bi-monthly forum to assess gaps, threats, requirements and emerging technology to plan for the injection of capabilities on a faster cycle to outpace threats.

The aim of the program’s agile software acquisition approach is to add new capabilities faster.

“JCAP delivered our first instance or first delivery, we call it MVCR, our first minimum viable capability here a few months ago,” Mark Kitz, program executive officer for IEW&S, told FedScoop at the TechNet Augusta conference in August. “Every other month, we’re doing planning increments, following full agile. We’re delivering full capabilities, almost weekly … We’re continually working with the user and following full agile methodology [because] if we don’t have a DevSecOps, an agile approach to delivery, we’re going to fail on cyber.”

Other joint efforts the IEW&S’s cyber office is working on includes delivering a cyber development environment for the Air Force and Navy, though Kitz noted that this is not a joint solution yet in the executive agent sense.

Within the JCWA is a requirement for a Joint Development Environment. The Army, as part of its own requirements, created the Rapid Cyber Development Network (RCDN), which allows for the free flow of tactics, techniques and procedures as well as a place to rapidly develop and test cyber tools.

The Army is providing this to the Air Force and Navy, but Cyber Command has still not made a decision as to an executive agent for the Joint Development Environment.

“I think Cyber Command is evolving what is that long-term requirement that adds on what the Air Force and the Army have invested in, because Air Force has significant capability in that same area,” Kitz said.

He noted that when Cybercom gains enhanced budget authority in 2024, which will give it responsibility for direct control and management of budgeting, it should not affect the new cyber office.

“I don’t think it’ll have a significant effect,” he said. “The finances will go through Cyber Command. The [program executive memorandum], the financial process, will just shift from the Army to Cyber Command.”

He also clarified that given the RCDN is an Army requirement currently, it has thus far fallen outside of the forthcoming enhanced budget authority for Cybercom.

The new office will also continue work on the Army’s tactical cyber gear, which includes the Tactical Cyber Equipment, a man-packable system that allows expeditionary cyber teams from the 915^th Cyber Warfare Battalion to conduct operations plugging into equipment that resides in brigades.

The Army to date has maintained a tight linkage between the cyber and electronic warfare enterprise. On the tactical level they are closely aligned given most tactical cyber is conducted through radio frequency operations.

“Candidly, I think that’s a risk,” Kitz said regarding the potential for diminished coordination with cyber moving out of the electronic warfare program office. “I think we’ve got to take that risk in order to have the right personnel and infrastructure in place. But I also think that we’re integrating EW with our collection infrastructure, with our data infrastructure that we have in our [intel systems and analytics] portfolio. Those core dependencies, and enabling EW already exist in my organization.”

Kitz said the integration directorate within the PEO is charged with building the architecture and touchpoints given that risk exists across the entire program executive office.  

The post Army to create new offensive cyber and space program office appeared first on DefenseScoop.