Here is what a separate cyber force could look like

The Pentagon has long pushed against the idea of a stand-alone cyber service to fix its cyber problems. But the Trump administration is more open to establishing a separate cyber force — and a new think tank report provides a roadmap for how to build it.

The report, co-authored by Mark Montgomery, senior director of the Center on Cyber and Technology Innovation at The Foundation for Defense of Democracies, and Erica Lonergan, adjunct fellow at FDD’s Center on Cyber and Technology Innovation, outlines practical steps for establishing the new service and provides a framework for navigating the challenges of creating a cyber force.

“There’s a chance that President Trump makes the decision in six to 12 weeks. And if that’s the case, someone needs to have done a blueprint,” Montgomery told reporters Tuesday. 

If this administration makes the decision to create a separate cyber branch, “we don’t want to be scrambling to sort of build the aircraft as we’re flying it,” Lonergan said. 

“What we are trying to do in this monograph is really articulate a set of core principles and philosophies and vision that should guide the building of this service. There are a lot of additional decisions that will need to be made if a service is created. But our hope is that this product can provide the blueprint to help guide whatever team is responsible for ultimately making those tough decisions,” she added.

Last year, Montgomery and Lonergan made the case for a separate cyber service, arguing that the Pentagon’s continued push to apply a Special Operations Command-like model to U.S. Cyber Command has not solved its longstanding readiness challenges. “America’s cyber force generation system is clearly broken. Fixing it demands nothing less than the establishment of an independent cyber service,” they said in the report. 

The new report, released today, builds on that work by answering the “how” and detailing what a separate cyber service would look like, its core mission and what is outside of the scope of the cyber force’s mission set. 

Instead of creating a separate cyber branch, the Defense Department decided in 2017 to give Cyber Command the responsibility for generating cyber forces —  it was tasked with organizing, equipping, training and sustaining units’ readiness. Cyber Command relies on the military services to provide personnel, but the model has led to persistent readiness issues since the services run their own recruitment and training systems and digital warriors tend to have inconsistent knowledge and experience when they are sent to CYBERCOM.

Lawmakers have introduced more than 50 pieces of legislation over the past nine years in an effort to fix cyber readiness issues. “When you compare that to when we started SOCOM, they needed about 15 pieces of legislation over 20 years,” Montgomery said. 

“The reason we need a cyber service is to address the force generation challenges that each of the military services were experiencing. And by force generation, we mean recruiting, training, maintaining and retaining cyber personnel,” Montgomery said.

”Each service might be good at one of those four elements. None were good at all four, and at least one service was bad at all four. In the end, that meant we were having insufficient force generation. We, as part of this process, interviewed about just under 100 cyber warriors across the rank structure, across all the different military services — and 100% of them said something’s wrong. Now, 100% didn’t say you need a cyber force, but 100% said you need something different then the status quo,” he added.

The 2025 defense policy bill required the Defense Department to examine alternative ways for organizing the military’s cyber forces, including creating a separate cyber force. 

Creating a cyber force 

Unlike the Space Force, which was built largely from Air Force personnel and capabilities, creating a separate cyber service presents a far more complex set of challenges.

“We will be drawing in personnel from across all of the existing services. And part of the motivation for why we think we need a cyber force is because all of the services, not only are they not prioritizing cyber but they have different different standards for recruitment, for training, career progression models, compensation, MOS definitions and so on. A cyber force is going to have to figure out how to take all these disparate personnel across five existing services and sort of form them into one with coherent standards, a common culture and so on,” Lonergan said. 

A cyber force would need its own culture, force structure and career progression model designed specifically to maximize effectiveness in cyber conflict, the FDD authors argue. 

And more importantly, the new model would have to be flexible and adaptive.

Vision for a separate cyber force

Cyber Command would remain the primary force employer responsible for conducting cyber operations, while the cyber force would provide the personnel to carry them out. 

The cyber force would organize, train and equip personnel for defensive cyber missions, offensive cyber missions and cyber as it relates to intelligence, according to the FDD authors.

“The last one is really essential. We need capabilities for foundational cyber intelligence so that we can have a better understanding of our adversary cyber capabilities, their leadership, their strategy, their centers of gravity, their vulnerabilities and so on. We tend to focus a lot on cyber defense and cyber offense, but the intelligence piece is just as important,” Lonergan said. 

While the cyber force will be in charge of generating capabilities for cyber defense, generating capabilities for cyber protection would fall outside its scope.

“We think the cyber force should not be responsible for building, securing, operating, maintaining and sustaining the entire DoD network. If the cyber force has that responsibility, the reality is it will dwarf all of its other missions, especially in the beginning,” Lonergan said. 

In addition, the cyber force wouldn’t be the information warfare service. “We don’t want the cyber force to get bogged down by that mission,” Lonergan said. And it won’t be the artificial intelligence service either.

The cyber force would be placed within the Army just like the Space Force was established within the Department of the Air Force.

The FDD authors said the cyber force would require a larger civilian workforce than other services to provide deep technical expertise. They also argue that another nontraditional model to consider would be making it an all-officer force.

In addition, one of the report’s key findings is the critical role the National Guard and Reserve would play in a future cyber force. 

“We think there’s a really important case to be made for the role of the Guard and Reserve Components, especially thinking about non-traditional Guard and Reserve models,” Lonergan said. 

Implementation plan

The report lays out a phased approach to building the service. During the initial phase, the transition team would spend the first three months focusing on initial planning and setting the conditions for the second phase. 

Phase two, spanning the first two years, is about building the cyber force’s foundation — defining its structure, personnel and training needs, research and development priorities and processes required to generate cyber forces for the Joint Force and sustain itself as a service.

“The success of the cyber force over the long term will depend on four factors: leadership, personnel, capabilities, and culture. Building the right transition team, selecting the optimal set of initial key leaders, and prioritizing selecting personnel with the right skill set and domain acumen will together set the conditions for establishing the right culture from the outset to build a capable, effective force,” the authors said in the report.

Copyright © 2026 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.