Army Cyber Command must find right balance

By Jason Miller
Executive Editor
Federal News Radio

Army Maj. Gen. Rhett Hernandez took over as head of the service’s new Cyber Command Oct. 1, and one of the first things he is doing is a top-to-bottom operational assessment.

His challenge is to not only understand the capabilities of the more than 21,000 soldiers and civilians in the Army’s cybersecurity workforce, but balance the ability to be operational versus being functional.

“My focus is getting operational,” Hernandez said in an exclusive interview with Federal News Radio. “The staff can worry about getting functional. The initial priorities will really be to first do a good hard assessment of the organization and where we are in respect to the mission.”

Part of the way Hernandez believes the cyber command can become operational is through its workforce. And like nearly every other federal cyber entity, the Army is finding qualified employees hard to come by.

“Until you can grow capacity, it’s really hard to become more operational,” he said. “We have significant capacity every day in that we have large numbers of defenders and operators defending the network and allowing the network to operate worldwide. I’m not as concerned about that as I am looking at what total capacity we need to have to be able to do full spectrum operations, and what’s the right command and control relationships with U.S. Cyber Command and combatant commanders that will allow us to do that.”

The Army’s Cyber Command will be a service component of the Defense Department sub-unified U.S. Cyber Command. It will be headquartered at Ft. Belvoir, Va. The command’s mission is to plan, coordinate, integrate, synchronize, direct and conduct network operations and defense of all Army networks. When directed, the command will conduct cyberspace operations in support of full spectrum operations to ensure U.S. and allied freedom of action in cyberspace, and to deny the same to adversaries, the Army said in a release.

Hernandez, who used to be the Army’s assistant deputy chief of staff, said the Army has been growing its workforce capacity for some time, but it will conduct a manpower study in the next 18 months.

“Between our two communities with signal corps and military intelligence, I’m pretty comfortable that we have the right career path to grow those skills necessary to defend and operate the network,” he said. “What I think we really need to address is there is an additional requirement for some type of cyber skills that we may not have?”

Hernandez said when about a decade ago, the Army created functional areas for officers when it realized it had gaps in the areas of automation and networks where they were not growing any officers with these skills.

“Part of our assessment will be if we have covered all those gaps well and are there potential gaps in the future where we see really cyber, electromagnetic spectrum, electronic warfare and potentially information operations potentially converging and what that skill set might look like,” he said.

Hernandez also needs to learn more about the skills of the Army’s civilian cybersecurity workforce.

The Army Training and Doctrine Command started a Cyberspace/ Electromagnetic Contest Capabilities Based Assessment in February.

Hernandez said the Combined Arms Center at Ft. Leavenworth, Kan., is leading the effort and will provide additional analytic insights for evaluating doctrine, organization, training, material, leadership, personnel and facility gaps and possible solutions across all echelons of the Army.

He said the Army will have a comprehensive assessment of the training and personnel requirements necessary to conduct effective cyberspace and electromagnetic spectrum operations sometime in 2011.

Beyond workforce issues, Hernandez said the Army must improve its situational awareness both within the service, but also in relation to the rest of DoD.

“We have a large network and it’s critical to have the ability to see ourselves. The Army is working hard to ensure we can see ourselves,” he said. “But I have not been deep into that to understand how well we see ourselves given the type of threats we face, how’s it evolving and what we could threat.”

Hernandez said one way the Army will improve its operational picture is through the acquisition process. He said the cyber command will establish a cyberspace science and technology program, implement cybersepace-specific acquisition and procurement policies to let warfighters conduct research, development, testing and evaluation of potential technologies quickly and develop a rapid development and fielding process for new cybersecurity capabilities.

The Army had an organization focused on cybersecurity since 2004 when it combined the Army Computer Emergency Response Team and the Army Global Network Operations and Security Center into a single Threat Operations Center at Ft. Belvoir. Officials decided in February to move to a full-fledged command.

Hernandez is new to cyber, but not new to technology. He has a degree in systems engineering and an operational background in both technology and management.

“To effectively defend our networks and deter and oppose our adversaries, we must continue to grow our intelligence and cyber operations capabilities,” he said. “We must also establish internal processes and procedures within and between the department’s cyber organizations to enable cyberspace activities under various authorities to work in concert with each other to more effectively support cyber operations. Fundamental first steps in achieving these goals include improving our ability to see and understand our networks better. We will do this by collapsing our networks from a disparate, loose federation into one Army enterprise network. This will enable us to establish centralized control of our networks and give us more complete, integrated visibility into them. Having accomplished this, we can then establish an active defense in depth across the network.”

This story is part of Federal News Radio’s daily Cybersecurity Update brought to you by Tripwire. For more cybersecurity news, click here.

(Copyright 2010 by All Rights Reserved.)