Mark Pomerleau
A Cyber Soldier assigned to the 780th Military Intelligence Brigade prepares his equipment inside a Stryker vehicle during an integrated cyber exercise at Joint Base Lewis-McChord, Washington Oct. 21, 2015. The training integrates infantry ground units with cyber, signal and human intelligence collection capabilities, which gives units on the modern battlefield a broader capacity to search out and isolate their enemies in real time. (Capt. Meredith Mathis)
“To train CMF teams rapidly, CYBERCOM used existing resources where possible … As of November 2018, many of the 133 CMF teams that initially reported achieving full operational capability no longer had the full complement of trained personnel, and therefore did not meet CYBERCOM’s readiness standards,” GAO’s March 6 report stated.
Cyber Command — including its new commander, Gen. Paul Nakasone — has acknowledged the need to not only change the structure and employment of the teams, but also the training.
After several years of operations, many officials believe the time is ripe for training and team structures to be re-evaluated.
Lt. Gen. Stephen Fogarty, commander of Army Cyber Command, told Fifth Domain in 2018 that during the build phase, former Cyber Command Commander Adm. Michael Rogers wanted to lock in a model as to not alter or change the goal posts while the teams were being built.
“The perception could be, 'Hey you’re changing the rules, you’re not playing straight.’ That was his strategic decision ... we’ll lock it down and as we work a mission we’ll tailor and we’ll task organize in order to best meet that mission,” Fogarty, who was previously chief of staff at Cyber Command, said.
The offensive, defensive and support cyber mission force teams all reached full operational capability in May 2018, a full four months before the deadline set by Rogers. Experts, however, have always been sure to caution that the FOC milestone was just a metric that the teams were fully manned and matched the correct career billets.
With the teams fully manned and at FOC, though, Cyber Command has maintained that it is shifting from building the teams to maintaining readiness based on operational lessons learned. That doesn’t mean it’s easy.
Complicating the training and readiness problem of the force is that personnel cycle out every few years for many of the services, an issue that is being recognized. The Army, for instance, created a cyber branch ensuring that personnel can make a career out of being a cyberwarrior.
And, GAO noted, exactly what constitutes readiness is constantly evolving. Since 2013, Cyber Command has updated the CMF training manual 13 times. In December 2017, the command published standard operating procedures for readiness reporting that CMF teams use to assess if they have the resources and capability to perform their missions and define CMF readiness reporting guidelines related to personnel, equipment and training.
Now that Cyber Command has completed the build of its cyber teams, the focus will now shift to readiness.
The dynamic nature of cyberspace in some respects poses challenges to having an established training standard in an ongoing basis. Given that cyberspace is so dynamic — not static like artillery, for example — the environment is always changing. The Army, for example, has changed from task-based training to outcomes-based training — essentially saying they’re not concerned how cyber operators solve a problem, just as long as it is solved.
GAO also noted that DoD has had difficulty ensuring teams maintain levels of readiness.
As cyber forces and threats mature, DoD is looking at how to ensure forces can meet mission objectives.
“DoD has taken steps to shift its focus from building a trained CMF to maintaining this force, but it has not taken key actions to ensure that the department is poised to maintain CMF training following this transition,” GAO stated. “Specifically, the military services have not developed plans that include time frames for validating all phase two foundational training courses, or that comprehensively assess their training requirements. Further, as of June 2018, CYBERCOM had not provided a plan for establishing independent assessors to evaluate and certify the completion of phase three collective training for CMF teams.”
Importantly, in writing to GAO, the deputy assistant secretary of defense for force education and training concurred with all eight of GAO’s recommendations for executive action.
They include:
1) The Secretary of Defense should ensure that the Army, in coordination with CYBERCOM and the National Cryptologic School, where appropriate, establish a time frame to validate all of the phase two foundational training courses for which it is responsible.
2) The Secretary of Defense should ensure that the Air Force, in coordination with CYBERCOM and the National Cryptologic School, where appropriate, establish a time frame to validate all of the phase two foundational training courses for which it is responsible.
3) The Secretary of the Army should ensure that Army Cyber Command coordinate with CYBERCOM to develop a plan that comprehensively assesses and identifies specific CMF training requirements for phases two (foundational), three (collective), and four (sustainment), in order to maintain the appropriate sizing and deployment of personnel across the Army’s CMF teams.
4) The Secretary of the Navy should ensure that Fleet Cyber Command coordinate with CYBERCOM to develop a plan that comprehensively assesses and identifies specific CMF training requirements for phases three (collective) and four (sustainment) in order to maintain the appropriate sizing and deployment of personnel across the Navy’s CMF teams.
5) The Secretary of the Air Force should ensure that Air Forces Cyber coordinate with CYBERCOM to develop a plan that comprehensively assesses and identifies specific CMF training requirements for phases two (foundational), three (collective), and four (sustainment), in order to maintain the appropriate sizing and deployment of personnel across the Air Force’s CMF teams.
6) The Commandant of the Marine Corps should ensure that Marine Corps Forces Cyberspace coordinate with CYBERCOM to develop a plan that comprehensively assesses and identifies specific CMF training requirements for phases two (foundational), three (collective), and four (sustainment), in order to maintain the appropriate sizing and deployment of personnel across the Marine Corps’ CMF teams.
7) The Secretary of Defense should ensure that the commander of CYBERCOM develops and documents a plan for establishing independent assessors to evaluate CMF phase three collective training certification events.
8) The Secretary of Defense should ensure that the commander of CYBERCOM establishes and disseminates the master training task lists covered by each phase two foundational training course and convey them to the military services, in accordance with the CMF Training Transition Plan.
No comments:
Post a Comment