The military’s Cyber Mission Forces are on track to becoming fully operational at the end of 2017, but there are still some kinks to work out, especially regarding technologies in the Third Offset Strategy.
The Defense Department is reassessing some of the equipment cyber soldiers use and how certain equipment will fit in with the Pentagon’s goal of maintaining technological superiority over its rivals.
This comes as DoD’s Cyber Mission Forces are involved in more than 50 named operations around the world providing offensive and defensive support.
“With this steady increase in operational activity we are continually assessing our requirements and challenging assumptions that we made just a very short time ago,” said Deputy Director for Operations for the Joint Chiefs of Staff Brig. Gen. Maria Barrett during a June 1 AFCEA event in Vienna, Virginia.
Barrett told Federal News Radio that DoD is a month or two away from releasing a new policy on detection and collection of data for cybersecurity in DoD cyberspace.
The goal of the new policy is to more easily leverage machine learning and automated sensing in DoD networks. Those are concepts U.S. Cyber Command chief Adm. Mike Rogers and acting Deputy Defense Secretary Bob Work have called for in the past to keep the United States ahead of the curve on defending against hackers.
“In this case we are putting out a signal to say ‘In order for the [Cyber Mission Forces] to maneuver even more effectively and even for everybody to defend better, this is what we think the sensing strategy should be. There are broad rules, but this is probably something someone else could take and say ‘OK this now can be further refined and defined’ [for their mission]. This is the start,” Barrett told Federal News Radio.
The policy will direct the use of automated sensing and defensive measuring throughout the whole DoD network. It will also require networks to enhance their real-time situational awareness on any operational level. Finally, the policy will enhance threat specific operations to look for certain hacker traits proactively, instead of waiting to be attacked.
Barrett said that will require reconfiguration and augmentation of deployed cyber sensing activities.
Cyber Mission Force
In addition to making the cyber domain more conducive to Cyber Mission Forces activities through policy, Barrett said DoD is reevaluating what those forces are using to find hackers.
Each cyber team gets a Deployable Mission Support System (DMSS) kit, which is created by the military services. Each kit has laptops, passive and active sensors and analytic capabilities.
Barrett said what is required to go in those kits was decided before most of the teams were at full operating capability.
“We recognize emerging requirements, which suggest improvements we can make to the kit and we really need to go back to the system requirements document and make some adjustments. I would put those adjustments into three categories: hardware, software and data management,” Barrett said. “Most DMSS met the hardware requirements, however recent [cyber force] deployments have highlighted an increasing demand for split based operations.”
She added that after a field study DoD is realizing technology specific software is needed by cyber teams as well.
Listen to reporter Scott Maucione discuss this story on the Federal Drive with Tom Temin
When DoD directed the creation of 133 cyber mission force teams by 2018, their duties were split between offensive and defensive tasks.
Some teams defend the homeland against cyber attacks, while others support missions during operations.
Barrett said DoD wants to break down the barrier between offensive and defensive operators.
“We still have a little bit of work to do to bring these two ends together and really have full spectrum planning,” Barrett said.
DoD will make offensive and defensive cyber planners work together so they take into account either others’ goals and missions.
“They still don’t think about when they are doing an offensive mission what they need to do defensively and the same way the defensive guys will go ‘Well why do I need to think about offensive operations’ so they are not making a demand for cyber [intelligence],” Barrett said.