US Cyber Command Has Just Half the Staff It Needs

U.S. cyber analysts conduct exercise Cyber Flag 13-1, Nov. 8, 2012, at Nellis Air Force Base, Nev.

U.S. Air Force photo by Airman 1st Class Matthew Lancaster

AA Font size + Print

U.S. cyber analysts conduct exercise Cyber Flag 13-1, Nov. 8, 2012, at Nellis Air Force Base, Nev.

The Pentagon wants to fully staff its Cyber Command with 6,000 workers by the end of the year, but a highly competitive private market could mean it will have to wait.

The Pentagon is at the midway point of staffing a projected 6,000-person Cyber Command, officials said, amid fears of a catastrophic threat to U.S. networks.

The military appears to be backing away from a long-held goal of establishing a full force by 2016. 

Lt. Col. Valerie Henderson, a Pentagon spokeswoman, told Nextgov,”We are about halfway through the overall build, in terms of manning for the cyber mission forces and continue to make progress in training and equipping the teams.” She declined to provide a timeline for reaching that size.

As recently as August, Defense officials said the aim was to position 6,000 people in Cyber Command by 2016. The military has gained around 1,000 information security experts since January 2014, when officials said 2,000 professionals were in place.

(Read More: Is Obama’s $14 Billion Cybersecurity Request Enough?)

Many factors are responsible for the enduring challenge of recruiting skilled information security pros — including competition for talent with the more lucrative and nimble private sector and federal budgeting. 

There will be 3 1/2 times as many troops shielding military data as those deflecting hacks against private networks, such as power grids, according to figures provided by Henderson, 

The Command comprises three types of “Cyber Mission Forces” teams:

  • About 2,720 will serve on Cyber Protection Teams that safeguard dot-mil systems stateside and abroad. 
  • Roughly 780 individuals will work within National Mission Teams that repel incoming attacks against key industries, including the health care sector. 
  • Some 1,620 will belong to Combat Mission Teams that support overseas warfighters.

A 2015 national security strategy the White House issued on Friday states that “the danger of disruptive and even destructive cyberattack is growing.”

The Army, for one, “is on track to have approximately 40 Cyber Mission Force teams established by the end of FY 16,” Army spokeswoman Jennifer Downing said in an email. The fiscal 2016 budget released this week stated $13 million, in part, would fund 22 employees to support “full spectrum cyber operations.” 

The Pentagon wants the Cyber Mission Forces to include 60-person National Mission Teams, 40-person Cyber Protection Teams and 60-person Combat Mission Teams. 

Each military service is trying to hire an additional 20 to 60 computer whizzes starting next fall, according to the budget request.

Close [ x ] More from DefenseOne

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Federal IT Applications: Assessing Government's Core Drivers

    In order to better understand the current state of external and internal-facing agency workplace applications, Government Business Council (GBC) and Riverbed undertook an in-depth research study of federal employees. Overall, survey findings indicate that federal IT applications still face a gamut of challenges with regard to quality, reliability, and performance management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • GBC Issue Brief: Supply Chain Insecurity

    Federal organizations rely on state-of-the-art IT tools and systems to deliver services efficiently and effectively, and it takes a vast ecosystem of organizations, individuals, information, and resources to successfully deliver these products. This issue brief discusses the current threats to the vulnerable supply chain - and how agencies can prevent these threats to produce a more secure IT supply chain process.

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Information Operations: Retaking the High Ground

    Today's threats are fluent in rapidly evolving areas of the Internet, especially social media. Learn how military organizations can secure an advantage in this developing arena.


When you download a report, your information may be shared with the underwriters of that document.