National Guard units are ramping up their defensive cyber capabilities across the
board, and in the not-too-distant future will be able to quickly respond to cyber attacks in their home states and territories, much as they do today for natural disasters.
“The Air National Guard (ANG) has 15 Cyber Operations Squadrons that provide Cyber Protection Teams (CPTs) and National Mission Teams (NMTs) in support of DoD cyber missions,” said Sgt. 1st Class W. Michael Houk, a spokesman for the National Guard Bureau. “In addition, the Army National Guard (ARNG) Cyber Brigade is building a full cyber brigade with five battalions consisting of 11 CPTs, five cybersecurity companies and five cyber warfare companies.”
The guard also is actively working on cyber missions across the country.
“ARNG personnel are currently mobilized as part of Task Force Echo under the control of Army Cyber in support of U.S Cyber Command to engineer, operate and maintain critical network infrastructure,” Houk said. “The ANG continually provides two CPTs and continually fills portions of a NMT in support of U.S. Cyber Command.”
While guard cyber units already contribute to military missions around the globe, the National Guard’s recent efforts are a result of a 2016 Government Accountability Office study that underscored the importance of the guard’s readiness against cyber threats. At the time, many guard units had some limited cyber capabilities, but they were mostly assigned to local duties, such as protecting the online assets of the unit.
Despite early success, the guard acknowledged that quite a few challenges remain in this new area. One is the long-standing fact that most guard personnel are part-time, something that was less of a concern when performing more traditional missions.
“We have in our ranks people with cyber expertise gained through civilian experience,” said John Goheen, the director of communications for the National Guard Association of the United States. “The military could really use these people full time, but the salaries they command as civilians makes that challenging.”
And it’s not just the guard that is experiencing, or will soon experience, the same situation.
“The active military will likely run into the same problem moving forward,” Goheen said. “They train bright, young people — and then lose them to private industry. We have a place for them in the guard, but again, they will only be part-time. The military needs to find ways to tap this resource.”
Another hurdle is one the National Guard has always experienced — that of running a branch of the national military within the jurisdictions of each individual state.
“The nature of the National Guard enables our personnel to work with state and local authorities on critical infrastructure,” Goheen said. “In fact, a lot of guard cyber exercise involves assisting with defending power plants and water systems.”
In an actual incident, such as an attack on a power plant through its cyber infrastructure, a state government could activate the guard, and called upon it to stop it, officials said. After it halted the main attack, a guard cyber unit could remain behind to protect the infrastructure while the critical infrastructure owner constructed the new cyber defenses.
The scope and capabilities of any given state-level mission would be up to the governor of that state, not unlike traditional guard missions.
“National Guard forces would likely respond to a cyber incident in the same manner as other domestic emergencies such as hurricanes or floods,” Houk said. “A governor may activate National Guard personnel in state-funded, State Active Duty in accordance with state and local laws and DoD policy.”
Additionally, under the United States Code Title 32, a state governor, with approval from the secretary of Defense or the president, may activate guardsmen for homeland defense activities, or to provide support for civil authorities.
Then there is the ongoing challenge of training. For these sorts of skills, educational activities are often given at civilian colleges and universities, which come with some unique obstacles.
“There have been some growing pains, primarily with setting the standards for schools and finding the money to get young soldiers and airmen a seat at those schools, ”Goheen said.
National Guard leaders expressed confidence that the guard would soon be responding to cyber incidents on a regular basis, just like they do for floods, snowstorms and missions to maintain the peace in extraordinary circumstances. Now, maintaining the peace extends to cyberspace.
Greg Crowe is a freelance writer.
New risk management framework expected to improve DoD cybersecurity