The Marine Corps is drafting its first cyberspace doctrine, designed to help commanders build cyber operations into their battle plans, better defend their own networks and help integrate cyber with the more mature field of electronic warfare.
One element is a Marine Corps-specific implementation of the cyber doctrine the Defense Department first published in secret form two years ago. The Marine Corps version, which is still an interim draft document, is based on the service’s current thinking that it needs to ensure that cyber capabilities are not treated as a specialized field, but instead are tightly integrated into Marine air-ground task forces (MAGTFs) and managed by commanders just like any other warfighting tool.
“We call it an interim publication because we know we’re going to learn over the next couple of years about how we operate in this domain,” said Col. Gregory Breazile, the commander of the Marine Corps’ cyber and electronic warfare integration division. “We’re going to have to continually reshape our doctrine as we go forward.”
Abreast of that refinement process, Breazile said his service is adjusting the professional military education courses it offers to its senior leaders so that they begin to consider cyber as one of the domains they will need to manage and assume responsibility for in any future fight, on par with the traditional ones of air, ground and sea.
“That’s so that all of our officers, from the very start, understand the importance of cyberspace operations in the planning process. We have to build a cultural mindset because we get focused on kinetic operations, especially in the Marine Corps where we really like to blow things up,” he said during a panel discussion at the annual Sea Air Space conference in National Harbor, Md. “Our operational commanders don’t even understand the vulnerabilities we have and they need to treat it as a capability they need to be planning for. We’re learning through testing that we have vulnerabilities in our platforms that we didn’t understand in the past.”
In parallel with the creation of the new cyber doctrine, the Marine Corps wants to update its doctrine for electronic warfare, based partially on the premise that cyber and EW are increasingly converging into one interdependent discipline. Breazile said a new publication for “spectrum operations” still is in draft form, but the Corps expects to begin circulating it as interim guidance soon.
“It’s going to complement the cyberspace operations doctrine so that we are moving forward in a unified effort in which the commander understands the capabilities he has on the front end,” he said. “It’s an organizing concept that brings the intelligence, communications and operations communities together so that they can do better planning for cyberspace and electronic warfare capabilities.”
As a precursor to the issuance of formal doctrine, the Marine Corps established a cyber and electromagnetic warfare coordination cell and published some of its initial operating concepts last spring. The 13th Marine Expeditionary Unit was the first to employ them during exercises last year.
But Breazile said the Marines want to continue to embed cyber and EW capabilities into many more of their units, even while the service continues to develop doctrine for how they will be employed.
“Not only are we building forces for the cyber mission forces for Cyber Command, we’re also looking at what capabilities our own MAGTFs need internally and what skill sets they need,” he said. “We’ve got different communities right now. Some of them are cybersecurity guys. Some of them are signals intelligence guys. We need to figure out the right mix so that in our deployed forces, we have people who understand their own capabilities and can request more capabilities through the chain of command.”
To train its personnel for cyber, last fall, the Marine Corps built its own cyber range co-located with the DoD range near Quantico, Va. But in addition to serving as a training ground for its people, the service is using it to test its existing systems for cybersecurity vulnerabilities and accelerate what has traditionally been a ponderous certification-and-accreditation process within the Defense Department. The slogan is “C&A in a day.”
“We took one of our largest command and control programs for aviation over there, and it took us two days to complete the certification-and-accreditation process,” Breazile said. “That’s phenomenal and it’s going to allow us to significantly speed up the acquisition process for our warfighting platforms. The range also runs a training platform so that our operating forces can use it to run exercises: We can do exercises from a Marine Expeditionary Force all the way down to a much smaller unit and individual training as well. It’s all fairly new, but we’re starting to learn through this process.”
The changes are part of what the Marine Corps and U.S. Cyber Command refer to as a “year of transition,” during which the military aims to migrate its nascent cyber forces into genuine operational capabilities that can be employed by commanders at all levels, even while those forces are still being built.
Maj. Gen. Daniel O’Donohue, the commander of Marine Forces Cyber Command, said cyber already is well understood to be a part of future warfare. But until now, most of the capabilities behind it have been treated as the responsibility of chief information officers and other elements of the IT community.
“These are tools for the operational commander. And if the operational commander does not own this, we’re going to get whatever the CIO delivers,” he said. “The risk and the consequence associated with cyber are owned by the commander, but we’ve disassociated that by breaking it out into specialized communities. The acquisition manager takes risk. The staffs take risk.”
As a consequence, he said, it’s not clear how to fight in the operational domain or field a new capability.
“How are you going to prioritize risk if you don’t have a good understanding of the threat, the vulnerabilities, the consequences and the risks?” he said. “So in this next year, we’re going to engage on how we incorporate cyber at the operational level in a fight that’s going to be combined arms and multidomain, but also at the institutional level, where we’re going to align it with all the communities that are involved, including intelligence, communications, cyber and acquisition.”