Like the Navy, the Air Force years ago chose to integrate its intelligence function — known as the 2 — and its communications and network function, known as the 6, into the A2/6, led by a three-star general. It also added cyber to that portfolio, resulting in an official title of deputy chief of staff for intelligence, surveillance, reconnaissance and cyber effects operations.

This week the Air Force broke the 6 function away from the 2 on the Air Staff, creating the AF/A6 deputy chief of staff for warfighter communications and cyber systems, in what the service calls one of the most significant reorganizations in over 30 years.

The office will be led by Maj. Gen. Michelle Edmondson, who most recently was senior advisor to the undersecretary of the Air Force.

“Our mission is to ensure warfighters have the reliable, secure communications they need to succeed in a complex and contested environment,” she said. “We’re building an enterprise that connects people, systems and decisions at the speed required by today’s operational demands.” 

The new AF/A6 will serve as the functional authority and management for warfighter communications and cyber operations.

The move had been telegraphed for about a year, with officials explaining it was designed to elevate the role of operational communications and cyber needs within the force, providing a dedicated general officer, typically a three-star, to advise senior leaders.

The office will help the Air Force operate in and through cyberspace and compete against the growing threats presented by China and others, officials have stated in the past, given core missions are vitally dependent on secure and resilient communications, and require a deputy chief of staff singularly focused on that.

In future fights, U.S. communications networks are expected to be attacked and stressed by adversaries.

“We created the A6 to ensure communications and cyber systems are available, secure and aligned with warfighter priorities,” Gen. David Allvin, chief of staff of the Air Force, said. “This office will help us focus resources and oversight where it matters most — supporting the mission in contested environments.”

The post Air Force establishes warfighter communications office appeared first on DefenseScoop.

The proposals are part of each chamber’s version of the annual defense policy bill, the National Defense Authorization Act for fiscal 2026.

According to the Senate Armed Services Committee’s version, DOD must conduct a study on force employment of cyber in support of combatant commands and evaluate establishing Joint Task Force-Cyber elements across those geographic combatant commands.

A proposal in the House, offered by Armed Services Subcommittee on Cyber, Innovative Technologies and Information Systems chairman Rep. Don Bacon, R-Neb., requires a similar evaluation, though focused specifically on the Indo-Pacific Command area of responsibility.

According to Bacon, the military is not properly organized for the current cyber conflict.

“Since becoming Chairman of the Subcommittee, I’ve grown increasingly concerned that we are not correctly organized for the cyber fight we find ourselves in today, let alone a more complex and consequential future fight. Our Cyber Command does great working national threats, but I want to ensure our Cyber team is postured right for a potential fight with China over Taiwan,” he said in a statement.

He said he plans to push for the establishment of a Joint Task Force-Cyber — not merely an evaluation — when both chambers of Congress convene to reconcile their bills.

“If we accept the reality that we are already in hostilities with our principal adversary in cyberspace, then there is no time to waste,” Bacon said.

Bacon also pointed to the fact that this is not a new issue. In the fiscal 2023 NDAA, Congress required the creation of a similar organization — a Joint Task Force — in Indo-Pacom to support joint operations in the kinetic space before conflict, because the military was not sufficiently acting jointly, in lawmakers’ view.

Sources indicated that construct has worked well so far and these proposals could mirror that on the non-kinetic side.

Moreover, a classified DOD Inspector General report that examined the effectiveness of Indo-Pacom and Cyber Command’s planning for offensive cyberspace operations and Cybercom’s execution of offensive cyberspace ops in support of Indo-Pacom’s plans, recommended the creation of a Joint Task Force-Cyber, according to someone familiar. That examination began in 2023.

Congress has in several previous NDAAs asked for studies and evaluations on how Cybercom’s headquarters elements are organized and how it employs cyber capabilities effectively. Sources indicated these proposals are likely, in part, an indication that lawmakers aren’t pleased with either the responses from the Defense Department, or there has been a lack of response from DOD.

If realized, the creation of joint task forces for cyber at the combatant commands could potentially lead to a complete restructure for how operations are conducted, according to sources.

How cyber operations are conducted

Ultimately, these proposals could end up giving more oversight and control of cyber operations to the geographic combatant commanders.

Unlike the other domains of warfare, there still is no cyber component command at the geographic combatant commands. Each component command — land, air and maritime — is responsible for commanding and coordinating the forces under their domain on behalf of the four-star combatant commander, who has the ultimate authority on how and which forces are employed for particular operations.

Cyber, however, is different.

Since Cybercom established its cyber mission force over 10 years ago — the 147 teams that the services provide to Cybercom to conduct cyber operations — digital forces and capabilities are employed through what the command calls Joint Force Headquarters-Cyber.

These entities are commanded by the heads of the service cyber components and are assigned particular combatant commands to provide planning, targeting, intelligence, synchronization, and command and control of cyber capabilities.

Joint Force Headquarters-Cyber Army is responsible for Central Command, Africa Command and Northern Command. Joint Force Headquarters-Cyber Navy is responsible for Indo-Pacom, Southern Command and United States Forces Korea. Joint Force Headquarters-Cyber Air Force is responsible for European Command, Space Command and Transportation Command. Joint Force Headquarters-Cyber Marine Corps is responsible for Special Operations Command. DOD Cyber Defense Command, formerly Joint Force Headquarters-DOD Information Network, is the coordinating authority for Transportation Command.

None of the these entities were designed to be identical.

Moreover, there is also the Cyber National Mission Force, a sub-unified command under Cybercom, which is responsible for defending the nation against significant digital threats and is thought to possess the most elite cyber operators. It is a global entity aligned in task forces assigned to different threat actors, which means they are also operating within the areas of responsibility for geographic combatant commands.

Given Cyber National Mission Force’s global mission, the commander of Cybercom can conduct operations in a particular theater based on his priorities and mission sets. While this may be coordinated with the regional commander, they don’t necessarily have to ask for permission, in what could be seen by the geographic combatant commander as infringing on their area of operations.

The geographic combatant commanders don’t have as much control over cyber forces in their regions as they do for the physical or kinetic forces. The cyber teams are controlled by the JFHQ-Cs through Cybercom. Moreover, Cybercom has the ability to reorganize and realign forces around as they see fit against different priorities and threats, though, this is usually done in consultation with the combatant commands.

Cybercom, not the combatant commands themselves, approves the cyber operations for the regional commands, which includes interagency coordination.

Approvals for cyber ops flow through the commander of Cybercom, not the geographic combatant commands themselves, which includes interagency coordination.

Taken together, sources indicated these could all be seen as a loss of control for the geographic combatant commanders, who are responsible for running the operations in their regions and typically have oversight of their forces. Some have argued that the regional combatant commanders should have control and oversight of all the forces in their geography.

Sources indicated tensions exist in this construct with a regionally focused combatant command and a globally focused combatant command that has a high-demand, low-density asset in cyber.

“I think what you’re seeing is the tension that exists today between having Cybercom forces that really, at the end of the day, are controlled by the Cybercom commander in general support to the other Cocoms versus having that combatant commander have full control,” a former military cyber official told DefenseScoop.

Others indicated the creation of a joint task force is a natural evolution for the command and control of cyber forces.

Indo-Pacom, in particular, poses a unique challenge with all the cyber forces operating within its area of responsibility.

There are combat mission teams that conduct cyber operations on behalf of combatant commands, mostly in the offensive sphere, coordinated by Joint Force Headquarters-Cyber Navy, Joint Task Force-Ares — which initially was a counter-ISIS cyber task force but shifted four years ago to focus more on nation-states, particularly in the Pacific region — run by Marine Corps Force Cyberspace Command — as well as teams from the Cyber National Mission Force.

For those reasons, the command and control of these forces must be under a single chain of command. Those forces could be packaged together and work for the Indo-Pacom commander, the former officials posited when discussing a potential future scenario, and then the Indo-Pacom commander would have full control over them, a departure from the situation today.

For Indo-Pacom, everything is on island, a second former military cyber official said, meaning where their Hawaii headquarters are located. Indo-Pacom wants everyone on island with them so capabilities can be better integrated, they added.

Experts and former officials noted that a Joint Task Force-Cyber structure would likely clean up command and control lines for the employment of cyber.

Those that spoke to DefenseScoop noted combatant commands could see this as enhancing simplicity and speed.

In a future conflict, decisions will have to be made at unprecedented speeds, as seen in the Ukraine-Russia war.

However, the global nature of cyberspace and actors could complicate such an arrangement where the regional commander has more control.

China, for example, is a global threat actor and taking control from Cybercom could lessen its ability to surge or act in other regions. If there is a global threat versus a regional threat, officials would have to figure out what takes priority, who makes the decision and who has the authority to re-direct cyber forces to address them, a third former military cyber official posited.

Questions and resource constraints

Experts raised several issues that should be addressed with the potential formulation of joint task forces for cyber at the combatant commands, posing questions that should be answered in an evaluation for their necessity or creation.

One concern is whether the assessment for the creation of a Joint Task Force-Cyber is fair when balanced against what Cybercom has been doing over the last couple of years.

Cybercom has continued to reevaluate how it conducts cyber operations over the years.

Discussions in recent years inside the command have also focused on creating task forces that would be assigned against particular threat actors. This would potentially allow cyber forces to transcend the geographic boundaries given cyber threat actors are global.  

The drafting of this legislation, however, signals that the current processes can be done better.

Would a new process create more hurdles or would it enable greater simplicity?

“You have to ask yourself with what we’ve designed today, is it simple … Simplicity, speed, precision, clarity, these kind of things are really important in a fast fight for C2. And you could offer that’s not necessarily the case with the current design,” the first former official said. “Is the juice worth the squeeze?”

The third former official noted it’s important to ask what problem is this trying to solve? What is this a joint task force to do? Is this an authorities issue, is it a cyber mission force capacity issue, or what are the combatant commands not getting that they need from Cybercom?

Some of these issues could be wargamed or worked out through table top exercises, they noted.

For many officials, an education gap still exists where combatant commands still don’t always know how to employ the JFHQ-Cs or what to ask for from Cybercom. Some of this is relationship and personality based and can differ based on each organization.

About eight years ago, Cybercom began to create planning cells — Cyber Operations-Integrated Planning Elements (CO-IPEs) — located within the staffs of the geographic combatant commands to help them with synchronization and planning given the JFHQ-Cs are at remote locations.

While the CO-IPEs were designed to assist in planning and understanding how to employ cyber operations, they still haven’t all matured effectively to provide all the necessary answers and planning requested.

According to the third former official, some of the geographic combatant commands are probably saying, “I just don’t have the authority.”

They pushed back on that assessment, noting if the combatant commands asked for something, they’d likely get it, but an educational issue on both sides of the problem exists.

Another model could be to bolster the CO-IPEs to mirror Special Operations Command’s theater special operations commands (TSOCs), which are small teams and how special operations forces are employed in geographic combatant commands.

These entities can act as a connective tissue between seams in geographic regions and anticipate which threats may need more resources. They can provide command and control for running operations, if needed. CO-IPEs are currently only for planning and have no command and control functions.  

Another option could be to co-locate the cyber forces within the JTF within the combatant command. Currently, only the CO-IPE is embedded in the geographic combatant command staff. The JFHQ-C and cyber forces conducting the operations are at remote locations, not directly within the geographic combatant command they’re supporting.

But part of the challenge with the way the legislation is written is if Congress wants a Socom model, lawmakers would establish a TSOC equivalent for a Cybercom forward element or cyber element for forces in theater and not a Joint Task Force-Cyber, one of the former officials said. The reason that doesn’t exist today, they added, is the control is done in the rear of the CO-IPE and they conduct the integrated planning with the combatant command staff forward.

“I don’t think Cocom commanders are happy with that. I think they want the control,” the official suggested.

Other key questions surround resources. Oftentimes when there’s a new problem, organizations stand up a new headquarters, but nobody gets any more people, one of the former officials pointed out.

Of note, given each Joint Force Headquarters supports multiple combatant commands, in many cases officials within those organizations wear multiple hats. For example, a service cyber component might have an integrated operations staff that does everything for all their Joint Force Headquarters.

If each combatant command creates a Joint Task Force-Cyber and the Joint Force Headquarters go away — something that isn’t necessarily clear based on the legislation proposed — where do the new joint task force personnel come from? Are those staff that wore multiple hats ripped apart, some sources asked.

Setting priorities

One of the other aspect driving an assessment to create a new joint task force construct is to help drive more emphasis on the combatant command cyber forces and capabilities.

According to a congressional staffer, there was a sense that there was neglect for the combatant command-related cyber capabilities in favor of the Cyber National Mission Forces that defend the nation.

It comes down to prioritization and resources. The Cyber National Mission Force has a global mission and there is a lot of prioritization that goes to them, but that doesn’t mean the other teams aren’t working, former officials said.

With limited resources, what gets the focus? Are they things that are important to Cybercom or the geographic combatant commands, one former official asked, noting they could see an argument coming from a combatant command asking is Cybercom doing things that are of the most interest to that combatant commander or are they working on things that are of less interest to them, but of more interest to Cybercom, which are typically CNMF targets.

The post Congress pushing Joint Task Force-Cyber, shaking up how DOD employs digital capabilities appeared first on DefenseScoop.

The effort is part of the service’s sprawling Next Generation Command and Control (NGC2) initiative, one of its top modernization priorities to provide commanders and units a new approach to manage information, data, and command and control with agile and software-based architectures.

Army officials have said NGC2 is composed of a horizontal operational design that involves a technology stack that goes from a transport layer to an integration layer to a data layer to an application layer, which is where soldiers interact with it. That application layer is also where the Army has broken down the silos of individual warfighting functions — such as intelligence or fires — into applications that ride on the same integrated backbone.

A team of vendors led by Anduril was awarded a nearly $100 million contract last week to continue prototyping for NGC2 and scale it to a full division with 4^th Infantry Division.

Despite the award, the Army is pressing on to continue offering industry opportunities to support the program. The Army is planning to continue releasing periodic so-called characteristics of need statements, which initially served as an acknowledgement of a complex problem space, officials said.

In doing so, the service doesn’t seek to prescribe requirements for industry, but rather provide them with a broad set of challenges they could then seek to develop creative solutions against.

The most recent update, which was just recently signed out, targets decision dominance.

“To me, decision dominance is reflective of a concept,” Joseph Welch, deputy to the commanding general at Army Futures Command, told reporters on the sidelines of a daylong conference hosted by AUSA on Tuesday. “The concept of an OODA loop or a killchain has been one that’s been well established for some time and obviously very consequential to the outcome of a military engagement.”

Officials have stated that one of the most important aspects for NGC2 is the data layer. To realize the stated vision for NGC2 — the ability for commanders to do “more, better, faster” — commanders need to make sense of their data quicker than the adversary.

“The biggest thing for us is the data layer and that’s where artificial intelligence and future capabilities like artificial intelligence come in. We have to understand the data and how we integrate data across a different platform. All of our forces need access to that same level of data. For artificial intelligence, for C2, decision dominance is the answer,” Col. (P) Mike Kaloostian, the incoming director of the C2 cross-functional team for Army Futures Command, told the conference. “Whoever is able to sift through the amount of data that’s going to be available on the battlefield of tomorrow, to sort through that and use that information effectively to make decisions that force is going to win war. There’s no doubt about it … AI-enabled decision dominance is where we need to come and what the future is.”

The updated characteristics of need with the new decision dominance focus provides industry with a baseline to work off of.

Officials noted that data has to be in the right place and AI is ineffective if the location of data is unknown or isn’t in a place where it can be analyzed.

As the Army continues to work with industry partners — either working on the prototype or others still vying for future NGC2 efforts — to establish a data integration layer and scale it, there must be a destination for all the data to go.

Industry can help the Army figure out what that data plane looks like and how the service is bringing in data, ingesting it and sorting through it to make it relevant to commanders in real time. Areas the Army is interested in include using capabilities such as edge computing to process data and decisions faster than the adversary in the dirt.

Continuing characteristics of need for industry

When the initial characteristics of need concept was first announced, the plan was to update it every 90 days or so as the Army conducted exercises and experiments to keep industry abreast of the latest observations.

The plan, even after the prototyping contract, is to continue updating it; however, the cadence might shift.

Welch described periodic updates that will be based on lessons learned, which will likely come from home station events with 4^th Infantry Division at Fort Carson.

“We’re focused now on our work with our awarded team. We’re focused on the work that we’ll have upcoming through the” commercial solutions offering, he said, describing an ongoing effort with the program office to evaluate additional vendor teams and capabilities with the vision of adding them on in the future. “We’re focused on 4ID in our first prototyping initiative right now and I think there’s a lot that’ll be coming from that.”

He said the Army needs to continue to convey where opportunities exist for industry, and the characteristics of need aims to lay things out broadly, including for the Army, to understand the scope of what it is looking for.

“We’re going to continue to describe what we know about the capability as we work into prototyping, what we think we have solved and where we still think there are challenges,” Welch said.

The prototyping effort will help the Army discover what the NGC2 architecture looks like.

“We were very resistant to providing an architecture up front for companies to bid on, not because we don’t understand the importance of it, but because we feel it’ll likely be emergent as we work through, continue on with the prototype, with whatever commercial software or sets of commercial software may underpin it. That’s something that will emerge as we continue to work the prototyping effort,” he added. “That may be a level of detail that may not be in the characteristic of need, but will certainly be, I think, very useful to industry in terms of understanding where the opportunities, the base of which to innovate upon, is going to get established.”

Welch noted that within the technology stack, he’s always envisioned sub-problem statements that components of teams can try to help solve.

The post Army turning attention to AI for decision dominance with Next-Gen Command and Control appeared first on DefenseScoop.

NGC2, one of the Army’s top priorities, is a clean-slate design for how the service communicates on the battlefield and passes data for operations, providing commanders and units a new approach to information sharing and C2 through agile and software-based architectures. The Army plans to spend almost $3 billion on the effort over the next fiscal year across procurement and research and development funds.

The $99.6 million other transaction authority agreement will span 11 months and cover Anduril’s work to prototype a system for 4^th Infantry Division, which will scale the capability all the way up to the division level. Prior, it was outfitted to an armored battalion, as well as higher headquarters elements, and tested at Project Convergence Capstone 5 at Fort Irwin, California, in March.

Anduril’s partners on the contract include Palantir, Striveworks, Govini, Instant Connect Enterprise, Research Innovations, Inc., and Microsoft, the company said in a statement Friday.

The OTA requires the team to provide an integrated and scalable suite of command and control warfighting capabilities across hardware, software and applications, all through a common and integrated data layer, the Army said.

The Army has pushed teams of industry partners to work on the NGC2 effort, calling for “self-organized” teams.

Anduril had been working previously on the NGC2 effort to produce a prototype that was tested at Project Convergence, along with other vendors.

The prototype award is not the end of the road for other vendors seeking entry into the NGC2 program. The Army said additional vendors can seek to participate through an open commercial solutions offering with additional OTAs expected to be awarded later in fiscal 2026 for prototyping with other units such as 25^th Infantry Division and III Corps headquarters.

“NGC2 is not a one-and-done contract, but a long-term effort of continuous contracting and investment in the technologies that will deliver needed overmatch for our force,” said Brig. Gen. Shane Taylor, program executive officer for command, control, communications and networks.

Army Futures Command has been in charge of the prototyping effort to date, testing a proof of principle and then a proof of concept to demonstrate what is possible, while the program office has been working on the eventual program of record, devising a contracting strategy and seeking vendors.

Army officials have maintained they want to inject and maintain a high level of competition within the program. If contractors aren’t performing, they will seek to build in mechanisms to offboard them and onboard new vendors.

Similarly, the constant competition is also aimed at avoiding vendor lock-in where one partner holds the bulk of the program for an extended period.

The commercial solutions offering allows the Army to maintain a continuous open solicitation with specific “windows” for decision points, the service said, providing opportunities for industry teams aligning incentives and continuously onboarding new vendors as the capability evolves.

“NGC2 uses a combination of flexible and innovative contracting techniques. This is a completely non-traditional, unbureaucratic way to equip Soldiers with the capabilities they need, using expedited contracting authorities,” said Danielle Moyer, executive director of Army Contracting Command – Aberdeen Proving Ground.  

The prototype OTA will allow the Army to continue its momentum toward delivering a solution for units while the commercial solutions offering enables the service to keep looking for capabilities to add to the NGC2 architecture in the future, the service said.

4^th Infantry Division will take the NGC2 system to Project Convergence Capstone 6 next year to test it out in a division holistically, to include the headquarters and enabling units, which have typically been neglected with communication network upgrades.

The post Army awards $100M contract for Next-Gen command and control prototype appeared first on DefenseScoop.

The language appears in the SASC-passed version of the annual defense policy bill for fiscal 2026. While the committee approved the legislation last week, the full text was only released Wednesday.

Specifically, if it becomes law, the legislation would require a report from the Pentagon on the integration of reserve components, namely the National Guard, into the cyber mission force. It would also mandate an implementation plan.

The cyber mission force is comprised of 147 teams — including offensive, defensive and support teams — that the military services provide to U.S. Cyber Command to employ for operations.

Guard units have been used to support or supplement active units in various capacities. In fact, at the outset and creation of the cyber mission force nearly 15 years ago, the Air Force decided to initially take a total force approach to build its contribution, meaning its teams were made up of a mix of active component and Guard members.

Other assistance, most notably, includes Task Force Echo, the biggest Guard cyber mobilization to date with soldiers from 32 states having supported it over a number of years.

Little public information is known about the task force other than it aids full-spectrum cyber operations for Cybercom’s Cyber National Mission Force. While not so-called “trigger pullers,” sources have also indicated the task force provides infrastructure support.

The Guard has also conducted experiments with Cybercom in years past to test what was called the Cyber 9-Line, a tool that allows participating Guard units from their respective states to quickly share incidents with the Cyber National Mission Force, which can provide analysis of discovered malware and offer feedback to the states to help redress the incident, while also potentially taking action against the threat outside U.S. borders.

The Senate Armed Services Committee’s fiscal 2026 policy bill would require a report that provides an assessment of different authorities in each status of the reserve components, with particular focus on the National Guard and authorities under title 32, and how the DOD can use those personnel in such statuses within the cyber mission force.

It should also include an analysis of current and planned efforts to work with the military departments, the National Guard and the adjutants general of each state to develop unique cyber capabilities that address identified operational requirements — and a description of methods to work with those entities to track and identify key skills and competencies that aren’t part of primary military occupational specialties.

Moreover, senators want to see an evaluation of what types of authorities would be most beneficial to maximize the activation and support of the reserve components to cyber operations as well as an evaluation of the existing barriers to or impediments for integration of the reserve components into the cyber mission force.

The Guard has been lauded as an under-tapped and potentially vital resource for the nation in cyberspace. Many of its members work in cybersecurity as their full-time jobs when they’re not in uniform, meaning they oftentimes possess unique skills not always found in the active component.

There have been big pushes in recent years to more tightly integrate these Guard and Reserve forces into the larger DOD cyber enterprise to be able to act as surge capability in the event of a major cyber incident against the nation.

Legislation has also been introduced previously to help clear hurdles — real or perceived — to allow the Guard to respond to cyber threats.

The post Senate bill calls for tighter reserve component inclusion in cyber mission force appeared first on DefenseScoop.

A provision in the committee’s version of the annual defense policy bill, of which an executive summary was released Friday, would require the secretary of defense to review future force employment concepts for cyber operations. The full text of the bill has yet to be released.

Senior congressional officials that briefed reporters Friday pointed to the fact that to date, cyber operations and forces have largely been focused on the strategic level. More and more, there are other avenues to conduct digital actions, officials said, to include tactical cyber.

In fact, the DOD updated its cyber doctrine at the end of 2022 to include for the first time a definition of what it called “expeditionary cyberspace operations,” defined as “[c]yberspace operations that require the deployment of cyberspace forces within the physical domains.”

That recognition was significant given authorities to conduct cyber operations were held at the highest levels of government for many years due to fears that such activities could have unintended consequences or spread into networks beyond the intended targets.

Cybercom owns the offensive cyber capabilities within DOD, and the services conduct offensive cyber operations through Cybercom and the cyber mission forces that each service provides to the command that operate from static, remote locations, mostly focused on IP-based networks.

However, increasingly, there are targets that either aren’t reachable through IP networks or remote access might not be possible. And as DOD has matured its cyber policies, doctrine and capabilities, the reins have begun to loosen up.

Certain factions have sought to use more proximal effects conducted through radio-frequency, which require fewer levels of approval to conduct operations at the very tactical level.  

Several of the services have begun investing in capabilities and forces for their own offensive activities. However, that is mostly in the blended electronic warfare or RF-enabled sphere at the tactical level.

While individual services have started developing and even deploying such forces, all cyber operations must still be connected through Cybercom.

For example, the Army created the 11th Cyber Battalion — which stemmed from the 915th Cyber Warfare Battalion before it — a unit that provides tactical, on-the-ground cyber operations (mostly through RF effects), electronic warfare and information ops. It consists of four companies with over 300 personnel total and five expeditionary cyber teams, which are scalable formations designed to augment units upon request. The Army was recently approved to create another unit called the 12th Cyber Battalion.

The Air Force in the last year or so has developed a concept called Cyber Enabled Air Superiority (CEAS), that aims to use organic Air Force cyber assets to protect its critical missions, such as safeguarding fighter jets from cyberattacks. While the concept is still emerging, the Air Force re-missioned a National Guard unit to initially take charge of the effort.

The Navy has been building what it calls non-kinetic effects teams that are afloat assets to provide cyber, electronic warfare and other similar capabilities for commanders at sea.

The Marine Corps has developed information units for its Marine Expeditionary Forces that include cyber, intelligence, EW and information-related capabilities.

Cybercom has recognized these capabilities, and command officials have begun exploring ways to utilize them, especially as they can serve as entry points for its high-end operators to access hard-to-reach networks that might not be connected to the internet.

These efforts also fit into the concept of the modern triad, which consists of combining the capabilities of space, cyber and special operations forces to create military packages greater than the sum of their parts. SOF are located in some of the hardest places on earth, giving them the opportunity to get close to targets and potentially providing access and entry points for cyber effects.

Given this growth in the concept, the Senate Armed Services Committee also wants the review to encompass the types of personnel DOD will require to conduct cyber operations of all kinds in the future. To date, that has only really included the cyber mission force. As referenced, this could include a much larger pool across the conventional and even special operations forces beyond the Cybercom enterprise.

The summary of the policy bill states the review would include an assessment of personnel policies that could be needed to support any such evolving cyber force, though committee officials clarified this has nothing to do with discussions surrounding the potential creation of a separate and distinct service, or Cyber Force.

“We have focused a lot of this around how we man, train and equip for very exquisite cyber mission forces. There is a bigger pool of people out there,” an official said. “How are we going to employ that full scope of people and how do we need to adjust the personnel policies to be able to keep that flow of people?”

The post Senate Armed Services Committee wants DOD to explore ‘tactical’ cyber employment appeared first on DefenseScoop.

The provision is part of the annual defense policy bill. The committee released a summary Friday, although the full text of the legislation won’t be released until a later date.

The executive summary of the bill only offers that a provision mandates “a strategy to reestablish a credible deterrence against cyberattacks targeting American critical infrastructure using the full spectrum of military operations.”

A senior congressional official who briefed reporters Friday on the condition of anonymity described the provision as trying to identify a full scope using various methods and full spectrum options to more critically deter adversaries, particularly China, from conducting attacks on critical infrastructure, especially defense critical infrastructure.

An official noted the provision directs DOD toward what the department needs to be doing to more effectively establish a deterrent. Officials in open testimony have indicated a clear concern that Beijing, in particular, continues to attack critical infrastructure.

They singled out Volt and Salt Typhoon by name, noting they’re a growing and more aggressive threat in cyberspace to utilities and critical infrastructure that supports DOD.

Volt Typhoon is one of a number of cyber players from China that have been discovered in U.S. networks, troubling American officials. For its part, Volt Typhoon was discovered inside U.S. critical infrastructure using a technique in the cybersecurity world dubbed “living off the land,” which means it’s using legitimate tools organic to the systems for malicious purposes.

China has become more brazen in intrusions and probes into U.S. and defense networks, particularly in maritime or port environments to potentially limit an American military mobilization response if Chinese leaders decide to invade Taiwan.

Guam, a key U.S. military outpost, has been a top target for Beijing in recent years. Chinese hackers targeted critical infrastructure there, burrowing deep inside a couple of years ago and startling experts who referred to it as one of the largest cyber espionage campaigns against America.  

What has particularly alarmed officials regarding Volt Typhoon is the paradigm shift of Chinese threats moving from espionage and intellectual property theft to holding critical infrastructure at risk.

Salt Typhoon, by contrast, has been found inside networks of telecoms and other companies, likely for the purpose of espionage.

Cyber deterrence has been an elusive policy point for many years. While some academics have pointed to evidence cyber deterrence exists, such as U.S. hesitance to hit back against Russia following its malicious activity in the 2016 election for fear of America’s great digital vulnerability, current and past officials have noted the difficulties of deterrence and how adversaries don’t fear the United States in cyberspace.

Senators recently pressed the Trump administration’s nominee to be the top cyber policy official at DOD on the subject.

“There’s no price to pay for our adversaries. I hope in your counsels within the Defense Department and in the administration you’ll argue for a serious and substantial cyber deterrent stated policy. If it’s not stated, a deterrent doesn’t work,” Sen. Angus King, I-Maine, a fierce critic of perceived weaknesses in cyber deterrence, said at the May hearing.

For her part, Katie Sutton, President Donald Trump’s nominee to be assistant secretary of defense for cyber policy, wrote to senators as part of her confirmation process that a critical part of her role, if confirmed, would be to improve the nation’s defenses and digital deterrent.

“Deterrence is possible in cyberspace and can be made more effective through a combination of denial, resilience, and credible responses. If confirmed, I will review the capabilities we have in our toolkit, integrate military cyberspace capabilities with other tools of national power, and restore deterrence in the cyber domain. One of my core goals as ASD Cyber Policy will be to ensure the Department has the offensive and defensive capabilities and resources necessary to credibly deter adversaries from targeting the United States,” she wrote.

While Salt Typhoon was considered traditional espionage activity, which is virtually impossible to deter, especially given the United States does the same thing, officials are hoping to deter activity like Volt Typhoon in the future.

As Trump was coming back into power for his second term, officials associated with the transition and new administration vowed a top priority would be a more aggressive posture in cyberspace to respond to a bevy of activity against the U.S., namely from China.

The post Senate panel pushing DOD on strategy to deter Chinese cyber activity on critical infrastructure appeared first on DefenseScoop.

While the organization’s counter-unmanned aerial system (C-UAS) efforts date back several years, the work by the Army Combat Capabilities Development Command’s Command, Control, Communications, Computers, Cyber, Intelligence, Surveillance and Reconnaissance (C5ISR) Center is part of Project Flytrap taking place in Europe.

Flytrap is a joint U.S. and U.K. effort to test new counter-UAS technologies in order to eventually incorporate them into formations. It began in the European theater last month, and may become a standard, yearly exercise, expanding on innovation and experimentation while building on lessons learned, Army officials said.

The event initially sought to bring these technologies down to the squad level and seek to lower the cost per drone defeated through new methods and technologies.

The U.S. military has been behind the cost curve when trying to thwart small drones, using million-dollar missiles to defeat large numbers of inexpensive UAS.

C-UAS has proved to be a difficult problem for the Army and joint force, dating back several years when terrorist and insurgent groups in the Middle East began strapping homemade explosives onto commercial drones and dropping them on troops’ positions.

The problem has grown since then, as evidenced in Ukraine’s war with Russia where first-person-view drones have been a prominent fixture of the fight. Based on its observations, the Army has realized it must up its game to protect its own forces from these types of attacks that will be inevitable in future conflicts.

Part of the problem is there aren’t many commercial C-UAS solutions on the market, akin to the ballooning availability of drones. And even if there were easy counter-drone solutions on the market, the military must knit them together to create a system of systems for thwarting overhead threats through a command and control architecture.

That’s where the C5ISR Center comes in.

“The genesis of it was create a C2 architecture that worked for counter-UAS that included individual soldiers all the way up to our joint partners,” Brandon Dodd, mechanical engineer with C5ISR Center, said in an interview. “How are we going to get data from individual sensors to individual soldiers and then all the way up and over to our partners? How does that look at each level? Where are the hiccups throughout that architecture? That’s where we came in, was we had some projects that were existing in counter-UAS.”

Flytrap aims to not only develop and test counter-UAS technologies and strategies, but inform new tactics for the Army in how to thwart these threats in the future.

The C5ISR Center serves as the Army’s science and technology hub, looking at problems and gaps that exist and beginning research and development through government solutions, at first, to solve them. They then work with industry to proliferate those solutions and get them into the field to soldiers and units.

The work for Flytrap is no different.

The C5ISR Center began by looking at best-of-breed sensors and working to link them up through a command and control architecture through the Army’s Android Tactical Assault Kit, or ATAK, where data from the sensors were shared across the force.

That work started with a set of commercial-off-the-shelf sensors that initially were stationary and tripod mounted.

The team then transitioned those stationary capabilities to vehicle-mounted tools to allow units to sense on the move — a more realistic scenario given these are maneuver units that have to go fast on the battlefield.

“Through rapid innovation, we’ve been able to adapt our sensors and effectors that are traditionally static and turn them into something mobile that fits the needs of the Army. To me, as a former operator, that’s a really big deal to have something that you can actually use when you go outside the wire,” Mike Moore, an engineering technician with the C5ISR Center who has been on the ground supporting Flytrap, said. “We’ve been able to mold the sensors and effectors and infuse them into a way that meets the soldiers’ needs on the ground, using a layered approach to command and control. The layered approaches we found is a necessity. We created one common operating picture using ATAK, something that that soldiers already have, we didn’t invent something new.”

The C5ISR team worked tightly with various industry partners on not only the vehicle integration, but constant software fixes and iteration in real-time with the unit to improve how the system worked based on feedback from troops during the exercise.

“We’ve shown that through some of our sensors that we’ve been able to solve these … lengthy software development problems very rapidly through how soldiers actually use the equipment and the tactics in which they employ them,” Moore said.

The team worked with V Corps and specifically 2nd Cavalry Regiment, initially planning to outfit a platoon but grew to a company element. The exercise has used Strkyers thus far, but the technologies are meant to be platform agnostic and capable across domains, officials said.

There were challenges to adapting a static, stationary sensor system to something that was mobile. Physics constraints posed challenges such as certain acoustic sensors that become more limited when they’re moving. The team at first developed quick fixes with industry to determine how best to employ the sensors in a way that they remain effective and still support maneuver operations.

One of those fixes was a way to pull the sensors off and set them up in a timely manner to provide the coverage needed.

The team developed a couple of different command and control layers — mostly through ATAK — and a variety of sensing modalities for drone detection and one modality for defeating them.

Sensor fusion was developed as to not cognitively overburden soldiers and reduce the amount of information they received. The C2 architecture allowed forces to not be co-located with the sensor and effector in order to use it. Because it was tied to ATAK, forces up and down echelon could track systems and cue the effectors, allowing for distributed command and control.

The government and industry teams were working hand-in-hand on the integration software in near real-time during the exercise.

“In terms of the other sensors where we created a whole new way for this for soldiers to employ them, we worked directly at the exercise with the vendor where we were modifying how our integration software works, how we were displaying things on a C2 system,” Dodd said. “Those things were stuff that we modified on the government side while the vendor actually was modifying their proprietary software on their side.”

Soldiers tested these sensors and systems in realistic environments overseas in almost live-fire scenarios.

“We’ve been able to incorporate realistic scenarios and knowledge of current [tactics, techniques and procedures] to help push these systems in a direction that apply real-world lessons learned. We’re not we’re not just creating something that works. We’re creating something that works in our current environment,” Moore said, adding there was an opposing force going against the unit while it maneuvered.

The next iteration of Flytrap will take place at the end of this month and will focus on conducting counter-UAS operations at the company and battalion-minus level for multi-day missions, according to Army officials. The soldiers will see a faster tempo, more realistic scenario to stress their skills and the systems.

“As we get into the exercise occurring in July, that’s certainly going to ramp up more where there’s even more live threats and it’s even more realistic for what they might see in a place like Ukraine,” Kevin White, global operation support and threat chief at C5ISR Center, said.

Officials noted that the team and unit have gone through the early phases and are hitting their stride through the first couple of iterations.

“Now it’s really, we do have some minor tweaks that we’re going to make from the engineering or technical aspects, but most of it is allowing the soldiers to now utilize what they’ve learned over the last few exercises and employ them while doing their other job,” Dodd said. “Allow a maneuver unit to do their normal mission and then add counter-UAS as the aside, that we see it going to be. Do that and then slowly ramp that up throughout the next exercise so that we stress it to its max while seeing what lessons [were] learned or how they incorporated it to their current mission.”

The post Army maturing counter-drone command and control architecture at Project Flytrap exercise appeared first on DefenseScoop.

While the budget proposal would allot just $5 million for the effort — a small portion of Cybercom’s $1.3 billion research and development spending plan — the stand-up of the program follows congressional direction to prod the command to develop an AI roadmap.

In the fiscal 2023 defense policy bill, Congress charged Cybercom and the Department of Defense chief information officer — in coordination with the chief digital and artificial intelligence officer, director of the Defense Advanced Research Projects Agency, director of the National Security Agency and the undersecretary of defense for research and engineering — to jointly develop a five-year guide and implementation plan for rapidly adopting and acquiring AI systems, applications, supporting data and data management processes for cyber operations forces.

Cybercom created its roadmap shortly thereafter along with an AI task force.

The new project within Cybercom’s R&D budget aims to develop core data standards in order to curate and tag collected data that meet those standards to effectively integrate data into AI and machine learning solutions while more efficiently developing artificial intelligence capabilities to meet operational needs.

The effort is directly related to the task of furthering the roadmap.

As a result of that roadmap, the command decided to house its task force within its elite Cyber National Mission Force.  

The command created the program by pulling funds from its operations and maintenance budget and moving them to the R&D budget from fiscal 2025 to fiscal 2026.

The command outlined five categories of various AI applications across its enterprise and other organizations, including vulnerabilities and exploits; network security, monitoring, and visualization; modeling and predictive analytics; persona and identity; and infrastructure and transport.

Specifically, the command’s AI project, Artificial Intelligence for Cyberspace Operations, will aim to develop and conduct pilots while investing in infrastructure to leverage commercial AI capabilities. The command’s Cyber Immersion Laboratory will develop, test and evaluate cyber capabilities and perform operational assessments performed by third parties, the budget documents state.

In fiscal 2026, the command plans to spend the $5 million to support the CNMF in piloting AI technologies through an agile 90-day pilot cycle, according to the documents, which will ensure quick success or failure. That fast-paced methodology allows the CNMF to quickly test and validate solutions against operational use cases with flexibility to adapt to evolving cyber threats.

The CNMF will also look to explore ways to improve threat detection, automate data analysis, and enhance decision-making processes in cyber operations, according to budget documents.

The post Cyber Command creates new AI program in fiscal 2026 budget appeared first on DefenseScoop.

Next Generation Command and Control is a clean-slate design for how the Army communicates on the battlefield and passes data for operations, providing commanders and units a new approach to information sharing and C2 through agile and software-based architectures.

In the past, warfighting functions, such as fires and intelligence, were all separate and distinct silos on the network for those communities, creating stovepipes and challenges for sharing timely battlefield information. Now, the Army is trying to fix that with an integrated architecture that allows data to flow more freely, on-the-move, and enable better and faster decision-making.

The nearly $3 billion funding number is an approximation based on figures provided by the Army for its total portfolio request surrounding NGC2, which added up to about $2.95 billion. The Army’s budget request for its network has always been spread across several funding lines, making it difficult to parse out an exact tally.

This year’s request attempts to move toward a clearer portfolio, as officials aim to improve that in the out years.

“The Army is consolidating C2 resources, requirements and funding lines into a combined capability portfolio of hardware and software supporting NGC2 to provide commanders with increased speed, precision, and adaptability for decision advantage,” a spokesperson from program executive office for command, control, and communications network, said. “This shift is a ‘zero sum’ realignment for the Army that uses existing resources and directs funding toward priority capabilities in order to support NGC2 equipping and experimentation at the Division level, while introducing competition for best of breed commercial capabilities.”

Officials have maintained that the Army would not be asking for extra funds at the moment for the NGC2 effort, but rather, using what was already appropriated and realigning it.

The spokesperson noted that the Army realigned funding corresponding to the NGC2 technology stack layers, which include:

—Transport for moving data across the battlefield.

—Infrastructure or integration, which uses artificial intelligence to triage the data that comes in to lessen the cognitive load for commanders.

—Data that proliferates shared information across warfighting systems.

—Applications that provide software apps for all echelons that will replace the stovepiped systems specific to warfighting functions. For example, the fires community will be able to execute their mission via an app on the system, which takes in all shared battlefield data, as envisioned.

The request includes funding for prototyping and experimentation efforts that will be undertaken by the Command and Control Cross Functional Team under Army Futures Command.

Regarding the transport and infrastructure layer, the fiscal 2026 budget request includes roughly $2.58 billion in procurement funds that would go toward satellite communications, radios and other transport, as well as computing infrastructure, for delivery to operational units, the spokesperson said. On the R&D side, the service is requesting $101.4 million for these layers to continue development based on prototyping and experimentation.

For the applications and data layers, the Army is only requesting R&D money, approximately $344.9 million. This includes funding from several programs that previously provided isolated warfighting function systems but now will transition to integrated software applications and data in the NGC2 program, the spokesperson said.

The Army has sought a faster, agile and software-based approach to NGC2, in the hopes it will be able to not only deliver quicker, but make more timely changes based on battlefield conditions.

The aim is to turn what only a few years ago would have been a decades-long process into a two-and-a-half-year process, based on reinvestment efforts as part of the Army’s Transformation Initiative, Gen. James Mingus, vice chief of staff, said Wednesday at an event co-hosted by AUSA and the Center for Strategic and International Studies.

The Army has said it expects to award initial contracts as part of the official NGC2 program of record — for which PEO C3N stood up the office in April — later this year.

Service officials said they had a successful demonstration of a NGC2 prototype “proof of principle” at the Project Convergence Capstone 5 event at the National Training Center at Fort Irwin, California, in March, that will help inform the program of record.

4th Infantry Division as well as elements from 25th Infantry Division will continue that prototyping effort into this year, working to scale it all the way to division to include all enabler units.

Mingus noted that the prototype is quite mature and will likely help speed the delivery to units going forward.

“We are going to give it to 4ID, starting this summer, they are going to experiment with this — prototype is still what we’re calling it, but I would say it’s an advanced, proven prototype. Once we have shown that this is demonstrated … we think we’ll be able to very quickly scale this across the entire Army,” he said.

The post Army plans to spend roughly $3B on next-gen command and control in fiscal 2026 appeared first on DefenseScoop.