The military as a whole is facing a shortage in cyber talent and the Army is considering changing the way it trains its cyber soldiers to deal with the shortfall.
The cyber realm is demanding an increasing number of civilian and military experts for defensive, offensive and maintenance jobs.
In fact, Essye Miller, the Defense Department’s acting principal deputy chief information officer, told a joint panel between the Senate Armed Services Subcommittees on Cybersecurity and Personnel Wednesday that DoD lost 4,000 civilian cyber-related employees over the past year.
The Army is dealing with a similar challenge and the solution may be to, in a way, expect a little less from cyber soldiers.
One of the direst needs comes in the form of cyber tool developers and interactive on-net operators (IONs). Those are the soldiers who develop exploitation opportunities and maintain situational awareness of ongoing network operations, according to the Army Intelligence and Security Command. It’s important job that is responsible for cyber red teaming and network security. Tool developers make the actual programs that attack enemy cyber targets.
Those soldiers are important for U.S. Cyber Command and the 133 cyber mission force teams the command employs to do its bidding.
The Army needs about 150 of them, but only has about half of that.
“Part of the problem is that the Army has only about 15 spots in the RIOT training, which is remote interactive operating training, which is provided by the National Security Agency,” said Sen. Mike Rounds, the chairman of cybersecurity subcommittee . “About half of these personnel will fail the training, meaning that the Army might only see seven graduate to the Cyber Mission Force. This could leave the Army below the replacement level, given promotions and retirements, and yields a major capability gap.”
The Army’s answer? Don’t require everyone to do the RIOT training.
The service is thinking about keeping its cyber soldiers operating under the military legal rules, Title 10, and observing them in that capacity before sending them off to the NSA’s legal framework, Title 50, to tackle RIOT.
“As we conduct more and more operations off of Title 10 infrastructure, what we recognize is not every ION has to be RIOT qualified,” said Lt. Gen. Stephen Fogarty, the commander of Army Cyber Command. “We have a Title 10 operators course that allows our IONs to actually operate off the Title 10 infrastructure. That gives us the opportunity to observe them as they start to act, conduct reps. Then we can identify better those star athletes that we need to send to RIOT.”
Fogarty said the Army hopes to pick someone with a higher aptitude and a better likelihood of graduating RIOT.
“That would eventually double our numbers if we can get that straight,” he said. “By getting them in the Title 10 operators course we get them on mission much sooner than if we send them through RIOT training.”
The Air Force is already doing something similar to this by keeping its airmen in a course longer before sending them to RIOT so they are better prepared.
Fogarty said the Army gave up some of its RIOT spots so the Air Force could fill its ranks.
The Army also talked to CYBERCOM leader Gen. Paul Nakasone about expanding the pipeline of the RIOT course so more soldiers can go through the course.
“We think success for us is a number of RIOT trained operators and then a larger number of Title 10 trained operators,” Fogarty said. ““We’ve got to get off the NSA platform and become more independent. The Title 10 infrastructure, with Title 10 IONs, actually allows us to achieve that goal.”