CyberCom mission forces continue to evolve

Brig. Gen. Maria Barrett photo courtesy U.S. Army 

Brig. Gen. Maria Barrett said that the composition and doctrine of cyber mission forces are evolving.

While all 133 teams of cyber mission forces reached initial operating capability in the fall of 2016, they continue to be a work in progress, a U.S. Cyber Command official said, and changes to their equipping and doctrine are on the horizon.

Brig. Gen. Maria Barrett, the deputy director of operations, J-3, CyberCom, said at the AFCEA Army IT day that teams are currently involved in 50 named CyberCom missions. That experience is shaping how the teams will evolve, she said, and how they will be sustained.

"With the steady and increasing level of operational activity, we are continually assessing our requirements and challenging our assumptions that we made not long ago," Barrett said.

"We've talked about establishing doctrine," she said, "but I do believe that unlike other areas, we're going to be a little bit of a spiral development here for a while."

One of the primary areas of review is the Deployable Mission Support System, or DMSS, which is field kit that cyber protection teams take on deployment. Each of the services builds its own kits, which include laptops, passive and active sensors, "and analytic capability provided by either government off the shelf, commercial off the shelf or free and open software," Barrett said.

Those kits facilitate reconnaissance and security and counter mobility operations, and Barrett said the original requirements document for the kits was developed in January 2016, well before the teams reached initial capability.

She said the kits have generally met hardware requirements, but through deployments CyberCom has learned that teams can deploy in sub-units, which is something CyberCom commander Adm. Mike Rogers discussed in recent congressional testimony. As a result, CyberCom needs to create "out-of-band communications to establish command and control," said Barrett.

In addition, she said additional guidance is needed for "technology-specific software such as those needed for industrial control systems."

She also said CyberCom is looking to improve interoperability between the service DMSS kits by standardizing data.

"Having a fully defined data strategy would greatly enhance analysis across the cyber mission force and facilitate transitions between operations and between the teams regardless of what service they come from," she said.

Another area where the cyber forces need to evolve is in leveraging automation to move from a current focus on addressing known cyber threats to sensing and responding to new and unknown threats. Barrett said CyberCom is nearing completion of a document that outlines guidance for "development, selection, deployment and operation of sensing capabilities."

Another change in the works is restructuring CyberCom to combine offensive and defensive operational planning. Currently, offensive planners do not incorporate cyber defensive measures into their planning, and vice versa.

Barrett said she thinks the current structure and distribution of cyber mission forces has the needed flexibility to move and deploy them as mission demands require, at least for now.

"I think what we need to do right now is see how the force is operated, which we are, make the modifications that we need to do, and probably let it settle down a little bit before we make any changes," she said.

About the Author

Sean Carberry is a former FCW staff writer who focused on defense, cybersecurity and intelligence.


  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

  • Comment
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    Doing digital differently at VA

    The Department of Veterans Affairs CIO explains why digital transformation is not optional.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.