What will the cyber mission force look like?

The Defense Department is steadily building and training its cyber force, and while it still has a ways to go on both fronts, it is putting teams to work as they are formed, DOD officials say.

The essence of the force will be 133 cyber teams, by Adm. Michael Rogers, Commander of Cyber Command, in a June report, "Beyond the Build: Delivering Outcomes through Cyberspace,” as being the command’s “greatest resource” consisting of “military (both active and reserve), civilian, and contractor” personnel.

As DOD outlines in its cyber strategy, the 133 teams are broken down by mission:

68 Cyber Protection Teams will be focused on DOD’s No. 1 mission – defense of the network.

13 National Mission Teams will help defend the nation’s critical infrastructure.

27 Combat Mission Teams will be aligned with the combatant commanders and assist in their planning and operations.

25 Support Teams will be available to support the National Mission and Combat Mission teams. 

Air Force Lt. Gen. James McLaughlin, Deputy Commander of Cyber Command told an audience at the Center for Strategic and International Studies last week that all of the teams will reach initial operating capabilities within the next year. “By the end of 2016, all the teams will be in place and at initial operating capability. And by the end of 2018, we expect all those teams to be at full operational capability. So this is probably the major element of what we would consider our tactical force that did not exist before 2013.” 

Some components of the teams have already been formed and have participated in operations. “What’s happening right as we create them is we’re already using them,” despite the fact that the force is only halfway to its full complement, he said. Army Major Gen. Paul Nakasone, commander of the Cyber National Mission Force, also told the CSIS audience that the mission force has already been involved in operations, but declined to elaborate further. 

As other officials have expressed, the pace of cyberspace is extremely fast. “So this team that just kicked off and started on the 15^th of January has already been in seven named operations … That’s a big deal,” Army Lt. Gen. Alan Lynn, DISA director and commander of Joint Force Headquarters, Department of Defense Information Networks, said at an event last month hosted by Defense Systems. “And they’ve been extremely successful.”

As Nakasone said at CSIS, the mission force’s primary task is the third mission outlined in the April DOD Cyber Strategy: “if directed by the President or the Secretary of Defense, DOD must be able to provide integrated cyber capabilities to support military operations and contingency plans.”

Nakasone said that 80 percent of the 40 teams currently in place is made up by members of the military, with civilians making up the other 20 percent. He added that the average age of team members is 24. 

One aspect DOD is working to improve on is training. The department has a “persistent training environment,” and is planning a virtual space in which individuals will train and which will have sufficient capacity for aggressor teams and the opposing force to write scenarios and scripts for specific training missions and then assess performance, McLaughlin said. It’s being planned as part of the fiscal 2017 budget, so it is still a ways out but it will be an important capability. While DOD currently has similar training capabilities with it persistent training environment, McLaughlin said it doesn’t accommodate as many teams or training exercises as they would like.

While the force continues to grow and training programs are developed, the force still must be stand ready regardless of policy decisions on the emerging norms in cyber space, such as the still-ambiguous debate over espionage versus attacks and the like.

“What the nation is asking, what my boss is asking me, is, whenever that decision is made, have you formed the partnerships, do you have the capabilities, can you work … within the authorities that are given? And that’s where we’re focusing our time right now. … That’s the right focus right now,” he said. 

Another element still being developed is the cyber component in the military services and National Guard, which Defense Secretary Ashton Carter has called “a great untapped, not yet fully tapped resource.” Paul Stockton, managing director of advisory firm Sonecon and former assistant secretary of Defense for Homeland Defense, told the CSIS audience that DOD should “rely on state national guard forces” to provide support to critical infrastructure, given that they are already in the states, they operate under the command of the governor and can “train on the operating technology systems in collaboration with utilities in a way that’s going to be essential for mission effectiveness.”

However, Adm. Rogers told lawmakers on the Senate Armed Services Committee recently that one of the challenges facing the force going forward is sorting out the question of how it is handled under the U.S. Code, under which Title 10 governs military operations and Title 32 the National Guard, and how that will shape the force.