U.S. Cyber Command is moving forward on new powers granted by Congress to directly spend up to $75 million on cyber capabilities, equipment and services.
The command plans to focus the funds on research and development “cyber-operation particular” goods and services in 2017, Joseph Holstead, a spokesman for CYBERCOM, told Federal News Radio.
CYBERCOM is in the midst of creating its own acquisition office to handle its new spending authority.
“We have made excellent progress in the short time that we have had,” Holstead said. They are “arranging interim fills for the most critical positions while the formal hiring process proceeds. To date, we have brought on-board an interim employee for the command acquisition executive and are proceeding on an interim candidate for the director of procurement.”
The 2016 defense authorization act gives CYBERCOM the authority to spend $75 million of its appropriated funds directly on cyber products without having to go through the military services or Defense Department.
“By utilizing its own acquisition authority, USCYBERCOM will be able to solicit offerors directly, meeting USCYBERCOM’s specific mission goals while also reducing the time and expense generated by having to act thorough a third party,” Holstead said. “We plan to fully utilize current DoD policies and processes for Rapid Acquisition. We plan to actively apply a wide variety of proven acquisition tools. We are closely following the proven U.S. Special Operations Command model by tightly coupling our acquisition functions with operational requirements, delegating authority to the appropriate level and accepting but closely managing risk to deliver ‘cyber-operation peculiar’ capabilities, rapidly.”
CYBERCOM is setting up a team of 10 officials to handle those funds. The command acquisition executive leading the team will be a Senior Executive Service employee, who will report directly to the CYBERCOM commander, stated a November implementation report to Congress.
The command acquisition executive will provide oversight for program management, contracting support, logistics support, legal advice and guidance, the report states.
The executive will negotiate with other military departments to procure equipment, capabilities and services.
Under the acquisition office, the report states CYBERCOM will hire a head of contracting, a contract specialist, a warranted contracting officer and a person in charge of acquisition oversight and policy.
The team will also hire a project manager to work on acquisition cost, schedule and performance.
A senior legal advisor will be hired, along with someone for acquisition logistics, an inspector general, an acquisition security officer, a systems engineer and a test and evaluation lead.
CYBERCOM’s acquisition power is especially salient now it will be elevated to a full combatant command thanks to the 2017 defense authorization bill.
Since 2009, when the command was first created, it has been a subordinate part of U.S. Strategic Command, one of three functional combatant commands in DoD’s unified command plan.
Until now, DoD officials have been reticent to make the case that CYBERCOM should be elevated to a full combatant command, since the department’s cyber capabilities are still in their nascent stages compared to the existing functional commands, which are in charge of coordinating well-understood functions across the military with decades of learning behind them. Those include U.S. Special Operations Command, U.S. Transportation Command and U.S. Strategic Command.
However, this year both Congress and DoD embraced the idea.
Defense Secretary Ash Carter gave CYBERCOM its first wartime assignment last spring.
“We’re going to see how that works out,” Carter said last April. “What that means is interrupting their ability to command and control their forces, their ability to plot against us or our friends and allies, interrupting their ability to pay people. All of those things are things we can do through cyber, but all of those things are happening in U.S. Central Command, the geographic combatant command. That makes things more complicated, because we’re increasingly finding that our problems cross geographical boundaries and the functional boundaries we have now.”
Most of CYBERCOM’s growth to date has come through the three types of offensive and defensive teams the military services have been building on its behalf since 2013.
Eventually, there will be 133 such teams made up of 6,200 people. As of now, 123 are in place, although only 27 have reached full operational capability. Another 68 have been deemed to have attained initial operating capability.
The command is aiming for a workforce made up of about 80 percent uniformed military and 20 percent civilian.