New Army Cyber Task Force Does Deep-Dive Review
A new U.S. Army cyber-based task force hit the ground running this week to do a deep-dive, Army-wide review and strategically assess the service’s cyber needs, strengths, weaknesses and assets, officials say. Task Force Cyber Strong is one tangible outcome from a new cyber directorate created in July to spearhead the convergence of cybersecurity and electronic warfare.
“We’re getting the commands to ask themselves: How do you see yourself? What do you need to defend? How do you prioritize what needs to be defended? What do you look at hardening first? Where do you need to be resilient? Where do you need to have contingency operations?” says Maj. Gen. Patricia Frost, USA, who leads the cyber directorate within the deputy chief of staff G-3/5/7 headquarters.
Over the nine months since the directorate started, Army leaders have been integrating cyber with signal, intelligence and electronic warfare operations to bring sharpened cyber offensive and defensive skills to the tactical edge, Gen. Frost says. The directorate will issue authorities, policies and resourcing requirements that enable Army Cyber Command and other major commands to defend networks, data, weapon systems and infrastructure, she says.
But getting a detailed grasp of cyber assets, personnel, policies and practices required a focused group, says Col. Tim Brooks, USA, who leads mission assurance for the directorate. “We took a look at the problem and realized we needed someone focused on it,” Col. Brooks says. “So we put together our short-duration task force, really, to look at our gaps and figure out where we need to go and focus people on getting it going.”
Over the summer, Task Force Cyber Strong will help major Army commands probe four broad areas to gain better understanding of cyber, he says.
The Army must increase operational understanding of the cyber domain across the force and at all echelons, Col. Brooks says. “It is as important that a corps commander knows how to maneuver his force in the cyber domain as it is for a platoon leader,” Col. Brooks offers. “We’ve got to change the culture and understanding of the Army away from a compliance-based culture—where you go and get your cyber training and you’re good to go—to one where everybody really understands how you maneuver, what are the risks and what are the opportunities in cyberspace.”
In developing a broader cyberspace program, the task force will identify what methods work and eliminate any redundancies. “There are a lot of things that are underway, and we don’t want to be duplicative,” Col. Brooks says. “We don’t want to spend money needlessly. So where are the gaps in our cyberspace programs and how do we fill them from an organizational focus?”
It is no small order, but the task force also plans to develop an overarching resourcing strategy, Col. Brooks shared. “We’ve spent a lot of money on cyber and we’ve plugged up a lot of holes. We’ve done a lot of institutional change over the last three or four years. It’s time to assess that and take a good, hard look at what commanders are saying they need, where we have already gone, and figure out where we need to go in the future for resources.”
Finally, the task force will home in on control systems, including weapons systems and industrial control systems. “What we’ve got to do is come up with a holistic approach to address … those areas so that we don’t have seams—because seams are where we have vulnerabilities,” Col. Brooks says.
Each major command will take an introspective look at its cyber-based operations and mission sets and prioritize needs, Gen. Frost says. “Their number one core mission or task may not be what we need to harden and secure,” she adds. “It may be something that’s the fourth node down that mission thread that is the soft underbelly we didn't look at before because we haven’t holistically looked at the environment.” From the task force's overall findings, the directorate then will fashion methodologies and frameworks tailored to each command’s needs, she adds.
While no precise deadline has been set, officials anticipate the task force will complete the review by late summer, early fall, Col. Brooks says.
Read more about the Army's cyber directorate in the July issue of SIGNAL Magazine's special section, The Cyber Edge.