Joint Force Headquarters Changes Defense Networking
Cyber as a warfighting domain now is defended by an operational organization.
The Defense Department, facing an increase in defensive cyber operations, now has the command and control it needs to wage those actions on its information network. The Joint Force Headquarters Department of Defense Information Network consolidates efforts that previously were dispersed among the services and organizations.
This endeavor reaches throughout every level, not just agency-specific or service-oriented areas. It constitutes a sea change for the defense infosphere. Agencies and services now will take orders and direction from the Joint Force Headquarters (JFHQ) Department of Defense Information Network (DODIN). This also applies to agencies within the U.S. Cyber Command (CYBERCOM) that have been a part of this work in the past.
Establishment of the JFHQ places the command and control (C2) of defensive cyber operations under the authority of a single commander. Previously, that authority resided throughout the leadership of the defense community. Concurrent with that authority, the JFHQ provides effective situational awareness throughout the defense infostructure. Having this C2 capability throughout the DODIN allows the JFHQ to understand what is happening and how it needs to operate in a concerted effort.
This C2 capability never has been done before, declares Defense Information Systems Agency (DISA) Director Lt. Gen. Ronnie D. Hawkins Jr., USAF, the commander of the JFHQ DODIN. This capability provides the CYBERCOM commander with the opportunity to see and align all of CYBERCOM’s forces and direct them in a strategic fashion, Gen. Hawkins relates. It also gives the CYBERCOM element the ability to conduct all the strategic work it has on its plate. “I see this as a win-win for the department,” he declares. “We see this as an important move for DISA as well as for the department.”
The C2 structure of the JFHQ has been agreed upon by the services, and it has gone through the Defense Department process of approval by the Joint Chiefs of Staff chairman and the service secretaries. That C2 aspect will change as the JFHQ grows, Gen. Hawkins says, in the same manner that C2 evolves in other organizations. “I don’t want people to think there is a rigidity to that C2 such that a line drawn today will be the same line that is used tomorrow,” he offers. “We learn from our successes as well as our mistakes on how to do things best.”
He continues that the JFHQ has experienced situations executing with other agencies and organizations, and the standard pre-brief/debrief approach has generated lessons learned. “It’s not a Rubik’s Cube, but we’re constantly changing how we do this C2 as we go.”
The driving force in the creation of the JFHQ DODIN was the recognition that cyber is a warfighting domain akin to air, land, sea and space, the general points out. In this vein, cyberspace has its own challenges unique to its nature.
“Not only is cyberspace a warfighting domain and we need to look at what we do from a weapon system [perspective], we also do a lot of administrative work in the same domain and on the same platforms that we’re going to fight [on] in cyberspace,” he illustrates. So, you have an unclassified effort going on—administrative work, all of it important in support of the warfighter as well as executing day-to-day missions—but this is also that warfighting domain that we have,” the general posits. “That’s important to note.”
The JFHQ DODIN’s initial operational capability was declared on January 11, and it is building toward full operational capability (FOC). It already is at work conducting defensive cyber operations.
Gen. Hawkins explains that the drive toward the headquarters’ FOC is a methodical process. The department has been working toward the JFHQ concept for a couple of years, and now the process has evolved to where it is bearing fruit. The JFHQ has been working toward formulating what its FOC actually will look like, he notes, along with how and when FOC will be reached. The organization is reporting on its progress quarterly to the Joint Chiefs of Staff chairman and the service secretaries.
“It’s a game changer … and we are going to see the fruits of that as we bring more agencies in that have not been a part of this C2 entity,” he says. “I think it is going to change the way [the department] does business and operations overall.”
Gen. Hawkins offers that the biggest misconception facing many people is the JFHQ DODIN is just a new version of the Joint Task Force-Global Network Operations (JTF-GNO) center. “It’s different than that,” he emphasizes. “Not that the JTF-GNO wasn’t doing its job during its time frame [1999-2010], but when you bring in all of the different agencies and all of the different entities that now are under the C2 of one commander, that is not the same as the JTF-GNO.”
The JFHQ is staffing its personnel from within DISA, and that is not likely to change, the general emphasizes. Currently, the organization is establishing the J-codes from J-1 through J-7. Some Js, such as the J-1 and the J-6, will matrix back into DISA, while others are being stood up and staffed with military, civilian and contractor personnel from within DISA.
The JFHQ architecture is in place, and the current staffing totals about 250 people. The ultimate FOC number of personnel remains to be determined, Gen. Hawkins offers. Work continues to define the JFHQ’s activities based on its existing mission essential tasks.
The biggest challenge to achieving FOC will be to grow the talent necessary for it to succeed, Gen. Hawkins allows. This entails both work force management and experience. “To be doing defensive cyberspace operations and doing internal defensive measures, you need to have operational expertise—and we’re going to have to grow that type of talent,” he declares. “You don’t stand up a warfighter from an air/land/sea perspective just overnight. They have to train; they have to test; and they have to operate under the [warfighting] conditions. We are doing all three of those things simultaneously right now.” This is concurrent with ongoing operations, he adds.
Security for the JFHQ will be influenced by how DISA operates in the defensive cyberspace domain, Gen. Hawkins offers. The agency already is standing up the joint regional security stacks and is implementing the single security architecture within the Joint Information Environment (JIE). He characterizes the joint regional security stacks as fundamental to how the agency will manage and operate its security posture across the DODIN, adding that this capability is critical for DODIN situational awareness.
Gen. Hawkins emphasizes the need for cyber sovereignty, which he views in the same manner as air, land, sea and space sovereignty. The command, along with the department as a whole, must operate in an environment in which assets are operated, oriented, protected and defended while denying adversaries’ capabilities. “Cyber sovereignty is about us defining what that entails,” he explains. “We are on the journey for reaching that, but … we need to define what defensive cyberspace sovereignty looks like and what it means.
“We need to start talking in those operational terms ... maneuver, mass, objective, fires, sustainment and execution ... all are part of cyberspace sovereignty,” he continues. “We just haven’t done it before.”
Gen. Hawkins suggests that this concept needs to be all-encompassing across the entire defense enterprise. It can “decompose” from that point to allow for particular organizational needs, but it must cover all of the Defense Department on the defensive cyberspace side. Achieving this goal will hinge on ongoing discussions in academia, operational results, lessons learned and training that ultimately will lead to a consensus among the service chiefs and the Joint Chiefs of Staff. Once this definition is reached, the JFHQ DODIN will be the vehicle for implementing it from the defensive side of cyberspace, he emphasizes.
Gen. Hawkins calls upon industry to work with DISA to bring in new technologies as they emerge—either incrementally or by leapfrogging existing capabilities. “Often we are presented with good technology that is interesting, but it takes a level of effort to move what we have been using into that new technological environment,” he relates. “We need industry to be alongside us as we do that. Just pointing to that technology—while that is good and that is important—and the research and development piece is critically important, implementing it is totally different. I need industry to be a strategic partner with us.”
He continues that he does not believe that all of industry has bought into that movement from the existing model. They may believe this is the approach to take, but they tend not to commit to this new approach. As a result, the cost is borne by DISA, he notes.
The general’s technology wish list includes mobile security, from both an app perspective and a mobile appliance perspective. “We need to secure the devices as well as the information on the devices,” he imparts.
Gen. Hawkins allows that DISA today faces two major challenges. One is to ensure that the agency has the right work force trained and ready to serve the Defense Department. This is a constant challenge, he notes, but a positive one in that it ensures the agency trains its work force correctly.
The second challenge involves implementing JIE concepts. These include the cloud, collaboration and C2, all of which are JIE tenets for which DISA must lead the way. DISA will carry out its roles of developing the cloud security model, developing the single security architecture and addressing other missions assigned by the Defense Department chief information officer, the general emphasizes.