Aden Magee’s Post

Other than unique authorities, budget control, and limited acquistion authorities, USCYBERCOM has more differences with USSOCOM as commonalities; not a personnel model to follow. CYBERCOM considers options for future force generation model By Justin Doubleday; 9 Apr 2024 U.S. Cyber Command in the coming months will brief Pentagon leadership on options for reforming how the military generates cyber forces for CYBERCOM. Gen. Timothy Haugh, in his first public remarks since taking over as head of CYBERCOM and the National Security Agency in early February, said the force generation study is due to the secretary of defense this summer. CYBERCOM has traditionally relied on the military services to train cyber warriors for the Cyber Mission Force. With that leading to readiness issues, officials have also looked to adopt more of a U.S. Special Operations-command type model. And some have called on the Defense Department to establish an independent cyber force. “We’re doing a study right now that will evaluate, and we brought in an outside think tank to help us look at this, what are the spectrum of options?” Haugh said at the CYBERCOM Legal Conference today. “There are also a number of things in between there that we should consider, and also whether or not any of that menu should be applied together. So we’re evaluating that.” https://lnkd.in/eNfAUNPX

This is a great step towards improving the nations ability to pace with and compete with revisionist powers like Russia and the PRC. Whether or not it results in a service, the assessment and study will be valuable. Congratulations to the numerous people who have been pushing to make this happen. Over the past many months I have had the opportunity to speak with military and non-DoD executive level leaders on this topic. Although there are many reasons for or against a cyber service, the conversation needs to evolve in a few ways: 1. The overhead of a new service is a real concern, but will a SOCOM-like model overcome scale to the degree that we require for an ever expanding domain like Cyberspace? 2. Cyber Command has never developed a Joint Operating Concept that outlines how it should work within the joint environment, nor the extent of the operations it can/should conduct. It is almost guaranteed that upon doing so the requirements will expand significantly. Do the services appreciate the degree of specialization and number of exceptions that will be required to recruit, train, and retain such a force? 3. With history as our metric, do we believe enough service exceptions and changes can be done *fast and drastic* enough to compete with our pacing adversaries? In other words, if saying "we are better today than we were yesterday" were a prohibited response, how would we rate our performance against our pacing threats? Do we match or exceed their velocity of improvement and growth?

A New Military Service to Defend Cyber Space?   Last year, there were rumblings within Congress to study whether a separate service should be stood up to defend, operate, and conduct offensive ops in cyberspace. The proposal was eliminated, but it is alive and well this year.  This results from mounting bipartisan frustration over the DoD's long-running failure to provide CYBERCOM with cyber ready personnel. It passed the House subcommittee and is on its way to the full House for review. The author Rep Luttrell is complimentary on what USCYBERCOM has executed but thinks that a single service, to consolidate all DoD cyber operations, would be more effective. He is not alone in his recommendation. The Foundation for Defense of Democracies recently released a research paper which proposes a new service under the Army. ( https://lnkd.in/g2UwEruN )  In addition, the DoD’s PME schoolhouses are also debating this proposal. Col Couillard, a war college graduate of the College of Information and Cyberspace, released a paper on why now is the time to establish a new service. He draws upon the standup of the Air Force and Space Force. In addition, he calls out how near-peer adversaries and others are consolidating their cyber forces to be more efficient in combat ops. He also calls out that the cyber mission and personnel will always have secondary importance to the primary mission of the current military services. ( https://lnkd.in/gtBkb9di )   As expected, the DoD heavy weights weighed in on this proposal and are opposed to it.  Recently, both former SECDEF Mattis and retired General Nakasone voiced their opinions. According to Mattis, he had 95% of the country’s cyber defense and offense (btw CYBERCOM and NSA), but he had no authority to operate in this country. His solution is to put an FBI deputy director (Title 50 authorities) in CYBERCOM and have Congress set up a special court similar to the Foreign Intel Surveillance Court with the ability to work 24/7.  In time of cyber attack on the US homeland, the FBI deputy director would take the lead in directing DoD and NSA cyber resources. ( https://lnkd.in/g4GdkS9S ) Retired Gen. Nakasone (former CYBERCOM Commander and DIRNSA) says the problem is serious, but said he is not a fan of creating a new force. His recommendation is to model CYBERCOM after SOCOM, with a focus on developing cyber professionals who operate around the clock. ( https://lnkd.in/ghht_Pf6 ) Both sides have valid points of view. What is the best solution? The answer is critical as the US will experience cyber attacks on the homeland as well as abroad in the near future.    https://lnkd.in/ghRVCaUa

Pentagon, Congress have a ‘limited window’ to properly create a Cyber Force. Why it matters: 1. The U.S is in crucial need of an independent cyber military force due to long-standing issues in recruitment, coordination, and developing a robust cyber culture, warns a nonpartisan report by the Foundation for Defense of Democracies. 2. Establishing a Cyber Force is critical as other countries like Russia and China are scaling up their cyber units. The new service can guarantee improved focus, streamlined acquisition process, and optimal budget use. 3. Despite previously failed legislative efforts, the pressure is mounting for lawmakers to enact a new law creating a Cyber Force, as the U.S faces an increased cyber threat and a lack of meaningful growth to counter it. Learn more by visiting The Record from Recorded Future News: https://lnkd.in/ecshi28m

"Create a Cyber Force", said the majority who worked in military cyber for at least ten years... We pleaded with anyone who would listen and received varied non-answer replies. Each department looked out for themselves and their own priorities to get a piece of the cyber pie. The parochialism trickled down to the commanding officer at the local commands, who almost always reiterated some form of "Army, Navy, Air Force, Marines First." Me Me Me My My My - What of America? They have their people conducting nation-state hacking against the toughest, most paranoid adversaries in the world take time out to go shoot a gun or learn about Papa Flags taking time away from what is the most dynamic, ever-changing industry in the world. When one considers the number of people engaged in cyber in a nation like China, does it make sense to divert your personnel's attention to anything else other than their craft? Limited window... they should read the books from the members of their own services, such as "Team of Teams," "Turn the Ship Around," "How Google Works," and many others. These texts all preach the same gospel: we must evolve beyond management principles of the 20th century if we are to be successful in the 21st. A great quote from Professor Nagl is that the Department of Defense today resembles General Motors in 1950. Maybe a cyber force, if ever established, will do this, and maybe it will be one more bureaucracy, but it is a very necessary step in the right direction.

Cyber Force measure expected to resurface in House defense bill debate. Why it matters: 1. "Why it matters": A proposed bipartisan amendment by the House Armed Services Committee could usher the U.S. military into a new era of battlefronts, this time in digital space. 2. The proposal aims to capitalize on the exponential growth of cyber threats and equip U.S. defense better by creating a dedicated Cyber Force—an initiative that, if successful, would mark the military's second new branch since 2019, following the Space Force. 3. Critics argue that the initiative could detract from existing military cyber efforts, highlighting the major changes facing federal defense strategy. However, if created, the Cyber Force could address the longstanding issue of inadequately trained digital personnel across different military branches, transforming the U.S.'s cybersecurity landscape. Learn more by visiting The Record from Recorded Future News: https://lnkd.in/e7Teb9Jn

Pentagon gives thumbs-down to cyber service proposal in defense bill. Key takeaways: 1. The U.S. Department of Defense's request to lawmakers to discard a proposal for assessing the creation of a separate cyber service could catalyze tension between Pentagon officials and legislators who call for an independent examination into the needed new military branch. 2. The proposal rejection can challenge future negotiations on the National Defense Authorization Act (NDAA), which could interfere with the Department of Defense's plans and political capital, given bipartisan support for cyber force studies. 3. If unheeded, the request could also impede overall cybersecurity readiness. The Pentagon warns that without in-depth, classified research, lawmakers may not fully comprehend the challenges Cyber Command faces—especially if relying on public, unclassified information. Learn more by visiting The Record from Recorded Future News: https://lnkd.in/d5xDKQkF

Good morning colleagues! This is my second note supporting the excellent Foundation for Defense of Democracies (FDD) publication “United States Cyber Force: A Defense Imperative” by Dr. Erica Lonergan and Rear Adm. (ret.) Mark Montgomery, March 2024. In this note, I’ll focus your attention on the readiness issue that plagues our military’s cyber forces. On page 14 of the report, a retired officer with extensive knowledge of the subject noted “at root, the current readiness issue stems from the fact that none of the existing services prioritizes cyberspace.” I’ll offer a topic of discussion for my colleagues who have explored this issue in the past: should each of the services continue to focus on cyber force generation, or should they be “freed” to generate forces that focus on their primary domain (sea, air, space, etc.)? For my part, I believe a separate service for this important domain makes too much sense and is long overdue, especially as the 2024 FDD report clearly outlines the systemic and long-standing readiness problems that plague CYBERCOM; the services have thus far failed to meet the needs of their operational requirements despite several adjustments, indicating that the current way of doing this just isn’t going to work. Check out this excellent video introducing the report and its authors: https://lnkd.in/exbWnpf5 #nationalcyberdefense #uscyberforce #nationalstrategy

This is a **BIG** deal - to see how much of a big deal, jump to the end to see the other House-passed provisions. What I hope will come of the Cyber Force study is a clear indication of how the services are doing at producing ready and capable cyber personnel for USCC. The numbers I am aware of indicate that roughly 30% of the MOS-qualified people pass/get through the further training requirements once they get to a USCC unit. With Army numbers alone showing 17As and 17Cs standing at 100%, it means the Army would need to be at 333% in those MOSs to provide the necessary brainpower (note: brainpower - something the Army has not shown it values in its cyber soldiers) USCC needs to do its mission. I hope the study requirement is passed and I'm excited to see what we learn.

The U.S. should create a separate cyber service following years of poor recruitment, lack of coordination by the existing military branches and overall absence of culture for the country’s digital warriors, according to a report from an influential think tank.