U.S. Cyber Command has made joint training requirements of all cyber mission force personnel across every military service a staple in training new cyber warriors. The thinking goes that every soldier, sailor, airman and Marine will get the same baseline training, meaning they’ll be able to have the same skill sets in the joint cyber fight.
However, when it comes to the tools used by these cyber warriors, each service cyber component has equipped its forces with different kits.
“We started out a couple of years ago probably with a requirement to have a kit. The services did what services do ― they went off and they did some operational designs, some review, some best-practice benchmarking,” Rear Adm. T.J. White, commander of the Cyber National Mission Force at Cyber Command, said during a panel at the INSA National Security and Intelligence Summit in Washington on Wednesday.
While a lot of these kits are commercially produced, leading to commonality and overlap, White said that in a joint force, commonality and overlap are insufficient. What is really needed, he said, is a joint kit, which is a path currently being pursued.
Other leaders have discussed the diversity in tool sets, especially as it applies to cyber-protection teams. One kit currently used by CPTs — the Deployable Mission Support System, which consists of laptops, passive and active sensors, and analytic capability provided via either government or commercial off-the-shelf, or free and open software — is being re-evaluated by the command because the kit’s requirements document was published in January 2016 before most of the CPTs had reached full operational capability, Brig. Gen. Maria Barrett, deputy of operations J3 at CYBERCOM, said in June.
[Cyber Flag exclusive: What Cyber Command learns from the annual exercise]
At the time, Barrett noted that every service has its own defensive kit, and she didn’t see that model changing.
Moreover, Navy Lt. John Allen, the CYBERCOM J35 Department of Defense Information Network operations CPT engagement lead, explained in June that while CYBERCOM did produce a standard requirements document detailing that all kits must meet standard baseline requirements, the ending result was four different kits, each with its own suite of tools that meet the requirements.
This presents some interoperability challenges currently being addressed, he added.
While other entities such as the Cyber National Mission Force have more resources than combatant command CPTs, even combatant command kits aren’t standardized, according to Marlene Kovacic, cyberspace branch senior intelligence analyst at U.S. Central Command and defensive cyber operations team lead, who spoke to C4ISRNET in August.
[Defensive cyber teams take on more missions under new model]
White, the division commander at CYBERCOM, explained that the command’s Capabilities Development Group, which is in charge of acquisition and equipping for the command, is working through the mechanisms to establish standards for kits. Based on feedback from the services, he said, they’ll promulgate and publish the standards, and see if a better capability exists today.
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.