CyberCom seeks 16 percent budget surge for 2018

U.S. Cyber Command is hoping to be one of the winners in the 2018 federal budget battle as it seeks a 16 percent boost in funding over its current appropriation.

During a House Armed Services Committee hearing on its 2018 budget request, Adm. Michael Rogers, who heads both CyberCom and the National Security Agency, said CyberCom needs $647 million to address three immediate needs: the congressionally mandated elevation to a full combatant command, the building out of the cyber mission force and cyber operations against ISIS.

Rogers said the 6,200-person cyber mission force is on track to reach full operating capacity by Oct. 1, 2018. The next challenge, he said, will be to develop and implement metrics to assess the effectiveness of the cyber forces – for example, whether they are effectively driving down breaches of DOD networks or reducing malware infections.

The 2017 National Defense Authorization Act mandated that CyberCom be elevated to full combatant command status, but Rogers did not offer specifics on what steps need to be taken in order to complete the transition.

"In anticipation of this possibility, we spent much of the last year working our way through the specifics of how we would do that, and if a decision is ultimately approved we're prepared to apply that and to do it in a timely manner," he said.

CyberCom recently hired new personnel to implement its limited cyber acquisition authorities granted by Congress and Rogers expects to see the first procurements this summer.

"We already identified a series of capabilities through Cyber Command's 'Point of Partnership' we call it, out in Silicon Valley," he said. "So I already have a structure that's interacting with the private sector. Now I want to overlay this acquisition authority to purchase … and acquire some of that capability."

He said the initial purchases will focus on specific mission sets for cyber defense and capabilities for the cyber protection teams.

Rogers stressed that the roles and deployments of cyber teams is still a work in progress.

"If you look at what we've done over the course of the last year, efforts against ISIS, things we're going against other real world challenges, they are shaping the way we're looking at how do we build the force of the future," he said.

One lesson he said CyberCom has learned is that it can forward deploy in smaller elements instead of full teams. "We can actually work in a much more tailored, focused way, optimized for the particular network challenge that we’re working."

Rogers highlighted the limited impact of the WannaCrypt ransomware attack on the U.S. as an example of the work of CyberCom and its “defense in depth” strategy to protect U.S. systems.

"We are asking ourselves how can we do this faster?" he said. "We are in a race to generate more capacity and more capability at the same time that I’m watching a host of global actors do the same thing, and so we’re trying to sustain both staying up with them."

"Quite frankly, my objective is to get ahead of the problem set," Rogers added, warning that the vast amount of legacy infrastructure in the DOD creates increased vulnerabilities for the U.S.

"At some point these vulnerabilities down at the tactical level...become potential points of exploitation by others that have the chance to negate some of that defense in depth, so we've got to address this," he said.