Cybersecurity

CyberCom mission forces continue to evolve

Brig. Gen. Maria Barrett photo courtesy U.S. Army 

Brig. Gen. Maria Barrett said that the composition and doctrine of cyber mission forces are evolving.

While all 133 teams of cyber mission forces reached initial operating capability in the fall of 2016, they continue to be a work in progress, a U.S. Cyber Command official said, and changes to their equipping and doctrine are on the horizon.

Brig. Gen. Maria Barrett, the deputy director of operations, J-3, CyberCom, said at the AFCEA Army IT day that teams are currently involved in 50 named CyberCom missions. That experience is shaping how the teams will evolve, she said, and how they will be sustained.

"With the steady and increasing level of operational activity, we are continually assessing our requirements and challenging our assumptions that we made not long ago," Barrett said.

"We've talked about establishing doctrine," she said, "but I do believe that unlike other areas, we're going to be a little bit of a spiral development here for a while."

One of the primary areas of review is the Deployable Mission Support System, or DMSS, which is field kit that cyber protection teams take on deployment. Each of the services builds its own kits, which include laptops, passive and active sensors, "and analytic capability provided by either government off the shelf, commercial off the shelf or free and open software," Barrett said.

Those kits facilitate reconnaissance and security and counter mobility operations, and Barrett said the original requirements document for the kits was developed in January 2016, well before the teams reached initial capability.

She said the kits have generally met hardware requirements, but through deployments CyberCom has learned that teams can deploy in sub-units, which is something CyberCom commander Adm. Mike Rogers discussed in recent congressional testimony. As a result, CyberCom needs to create "out-of-band communications to establish command and control," said Barrett.

In addition, she said additional guidance is needed for "technology-specific software such as those needed for industrial control systems."

She also said CyberCom is looking to improve interoperability between the service DMSS kits by standardizing data.

"Having a fully defined data strategy would greatly enhance analysis across the cyber mission force and facilitate transitions between operations and between the teams regardless of what service they come from," she said.

Another area where the cyber forces need to evolve is in leveraging automation to move from a current focus on addressing known cyber threats to sensing and responding to new and unknown threats. Barrett said CyberCom is nearing completion of a document that outlines guidance for "development, selection, deployment and operation of sensing capabilities."

Another change in the works is restructuring CyberCom to combine offensive and defensive operational planning. Currently, offensive planners do not incorporate cyber defensive measures into their planning, and vice versa.

Barrett said she thinks the current structure and distribution of cyber mission forces has the needed flexibility to move and deploy them as mission demands require, at least for now.

"I think what we need to do right now is see how the force is operated, which we are, make the modifications that we need to do, and probably let it settle down a little bit before we make any changes," she said.

About the Author

Sean Carberry is a former FCW staff writer who focused on defense, cybersecurity and intelligence.


Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.