Army Unveils Four Pillars for Restructured G-6 Office
During an October 27 telephonic roundtable discussion with reporters, Lt. Gen. John Morrison, USA, Army Deputy Chief of Staff, G-6, revealed four pillars for the restructured office. They include building a unified network; posturing signal, cyber and electronic warfare forces for multidomain operations; reforming and operationalizing cybersecurity processes; and driving effective and efficient network and cyber investments.
Army leaders decided earlier this year to restructure the chief information officer (CIO)/G-6 position into two separate roles—CIO and deputy chief of staff of G-6—to meet current and future multidomain operational requirements and remain competitive within the information technology and cyber environments.
The deputy chief of staff of DCS G-6 position serves as the principal military advisor and reports to the Army chief of staff through the vice chief. The G-6 will support the planning, strategy and implementation of CIO policies, along with maintaining oversight of the Army's enterprise and tactical networks. The CIO, meanwhile, is a member of the secretariat and is responsible for the creation, governance and oversight of policy, in addition to advising leaders on information technology and cyber resources that impact the Army's warfighting capabilities.
The first pillar for his office, Gen. Morrison said, is focused on a unified network and is about developing a strategy and implementation plan, creating new architectures and building in cyber operational capability within the G-6. “We need to just stop talking about an enterprise network that is focused on modernizing our bases, posts, camps and installations, and a tactical network that is very [brigade combat team] centric. We need to bring those two together so that we support where the Army’s going both for modernization and from an operational warfighting construct.”
The unified network concept is central to the Army’s modernization goals. “If you buy into many of the things that we’re working on … where cyber effects from a tactical level can be deployed from just about anywhere on the globe, you need a unified network,” he said. “The other notion of this unified network is that it’s got to be our network contribution to [Joint All-Domain Command and Control]. It is really bringing the tactical components of it, the enterprise components of it, and making sure across the joint force that we are all linked.”
The second pillar focuses on positioning the signal and cyber corps for multidomain operations. “The two corps—and cyber includes both cyber and electronic warfare—are just inextricably linked. You can’t separate them if we’re going to properly support multi-domain operations.”
Achieving that, he said, means assessing training, talent management and organization frameworks and adjusting over time as needed. “That means making sure that we have signal and cyber, underpinned by intelligence, operating in a combined arms fashion in cyber space to include electromagnetic spectrum.”
The third pillar, which Gen. Morrison described as “iterative,” reforms and operationalizes cybersecurity processes and requires the Army to review and renew its efforts to implement the risk management framework. The framework requires a methodology for staying in compliance, and continuous monitoring is one way of ensuring that levels of compliance are met and problems are fixed, but the bureaucracy can be too much.
“Some level of bureaucracy is good—things like understanding the network map and network topologies and how it interfaces with the broader network. All those artifacts need to be gathered, but what I want to do is shorten that cycle, shorten the amount of contract dollars we put toward repairing artifacts that I’m not 100 percent sure that we need at this point, and focus those resources on the operations of cybersecurity,” Gen. Morrison offered. “This is one of those effective drills that I think will allow us to apply our resources in a more efficient manner but bring a level of security to the network that quite frankly, I don’t think we have right now.”
Gen. Morrison indicated the Department of Defense has implemented the risk management framework in the most effective way. “It’s not a question of getting rid of [the risk management framework], it’s getting it back to what it was originally designed to do and making sure that we are far more effective and efficient with our resources and applying it so we get the operational outcome that we really want.”
The fourth pillar emphasizes the efficient and effective investments in the network and in cyber capabilities. The general suggested the service needs to harness the joint force activities in the cyber realm to ensure the Army is “really focused on developing those capabilities that we need to support Army operations with the appropriate linkage back to the joint force” and to harmonize joint investments in the Joint Tactical Grid, which supports the unified network.”
Effective investing is important because many experts inside and outside the Department of Defense expect defense budgets to tighten considerably in the coming years. “Quite frankly, we owe it to the taxpayers to force ourselves to be efficient and effective,” he said.
Gen. Morrison described it as his job to create “positive friction” with the office of the CIO and indicated that friction will exist with Army Cyber Command as well. Positive friction will allow for more informed policies that are executable. “The last thing we need are policies that, frankly, are un-resourced or ill-informed that can’t be executed. There’s nothing bad in positive friction. To me, it’s all powerful because in the end, what that means is that we’ve come up with policy and an implementation plan that can be viably executed.”
He also indicated that the Army has learned lessons from other organizations that have separated the CIO and G-6 functions. “The mere fact that cyber ops is included in the G-6, that is not traditional, but … if you really believe in combined arms maneuver in cyber space to include [electromagnetic spectrum], why would we separate that role and function?”
His office already has reached an initial operating capability and expects to reach full operational capability this fiscal year. Officials may need to rewrite descriptions for some of the positions, such as those requiring cloud, data and cyber expertise.
“I think the biggest challenge is hiring in the current operating environment, for lack of a better term. The skillsets that we are wanting to go after are, as you know, in very high demand,” he said. “This is one of those rare opportunities where you’re able to support two organizations to really posture themselves and the Army for the future. But really it is about not just getting the authorization to go do it, it’s about actually hiring the folks on.”
Gen. Morrison also opined that the Army made the right move in separating the CIO and G-6 functions. “The power of having two aligned organizations, one in the secretariat, one on the Army staff, focused on vertical and horizontal integration, driving on really tough information technology, network and cyber challenges, I think is powerful for our Army.”
