Coast Guard Cyber Moves Closer to Defense Department

The U.S. Coast Guard is expanding its cyber activities to be more in line with those of Defense Department military services and agencies. This move includes building a new offensive cyber team working with the U.S. Cyber Command as well as extending its cyber activities overseas in conjunction with foreign partnerships.

From the Coast Guard’s perspective, the goal is to make cyber cooperation with Defense Department organizations a two-way street. In addition to sharing vital intelligence on cyber activities and threats, the two parties would undertake activities of their own using assets and information provided by each other. And the Coast Guard is nurturing the growth of its cyber assets through a broad range of multifaceted efforts.

“In the offensive cyber arena, our fellow services and U.S. Cyber Command have worn this path already,” said Rear Adm. John “Jay” Vann, USCG, commander of the U.S. Coast Guard Cyber Command. “And we’re welcome as part of the joint force, and so we are beginning to augment and partner with them.”

Adm. Vann noted that the Coast Guard has traditional offensive and defensive cyber functions similar to those of its Defense Department counterparts, but its role as a regulator of the maritime industry brings a third distinct function. That role entails protecting the Marine Transportation System, which comprises more than 360 ports along with coastal and inland waterways. The facilities and the commercial entities that operate on those waterways constitute a significant part of the U.S. critical infrastructure, he pointed out. Together, the Marine Transportation System carries more than 90% of all goods in trade and commerce to the tune of about $5.5 trillion annually.

The Marine Transportation System is a potentially lucrative target for criminals and a strategic one for nation-state adversaries, the admiral observed. “In the work that we do in the Coast Guard, it is absolutely near the top of the list of things that we’re focused on,” he said. “It’s one of our primary missions.”

Protecting this multiuse commercial system against criminals and saboteurs is a key part of the Coast Guard’s cyber effort, Adm. Vann stated. This activity is enhanced by Title 14, which empowers the Coast Guard with law enforcement and regulatory authorities that the other military services lack. That allows the Coast Guard to conduct activities in cyberspace and liaise with public and commercial entities.

This capability is crucial to what the Coast Guard can bring to the military in cyber operations. The shore service can share its information, such as indicators of compromise and vulnerability, with defense services and agencies. “We’re seeing threats surface in cyberspace that other people don’t see, and we share what we find and what we learn,” the admiral offered. This information both enhances protection and illuminates tactics in use by cyber adversaries, he added.

With the Defense Department largely precluded from participating in domestic law enforcement activities under the Posse Comitatus Act, the Coast Guard can provide legal linkage for those types of activities. Adm. Vann pointed out that both entities have established legal means of cooperation for a variety of law enforcement activities, and those constructs can serve as the basis for cyber operations. In particular, the Defense Department has special restrictions on operating in domestic cyberspace, but the Coast Guard has some authorities to function in that realm. He explained that these authorities, including law enforcement prosecution, might be leveraged in partnership with defense organizations.

The Coast Guard is increasing its partnering with the other services’ cyber components, Adm. Vann allowed. This includes “riding along” with their operations and offering reciprocity to those other components. The Coast Guard cyber red team also is undergoing Defense Department certification so it can provide defense-level security testing and cooperate with the other defense red teams.

The new Coast Guard offensive cyber team working with the Defense Department should be fully staffed by the middle of this year, the admiral offered, and then its lengthy training and certification period will ensue. It will take up to two years for that team to operate independently. Nonetheless, the team should be able to conduct early operations as augmentees to the Cyber National Mission Force, he added.

“The real approach is to put the team in support of U.S. Cyber Command [USCYBERCOM], like our fellow military service teams, and work under U.S. Cyber Command’s authorities,” the admiral continued. “The next step would be for us in Coast Guard cyber to work with the U.S. Cyber Command on contributing DHS [Department of Homeland Security] and Coast Guard priorities to the mission planning discussion for offensive cyber operations.” He added that bringing Coast Guard and DHS missions to the table at USCYBERCOM will contribute their capability to action some of those missions. Ultimately, the Coast Guard Cyber Command would be able to work “hand-in-hand” with USCYBERCOM to prosecute DHS and Coast Guard activities.

“They [the Defense Department] have the tools, and they have the platforms from which to launch cyber operations, so we will continue working very closely with them,” Adm. Vann declared. “Initially, we will be working under their authorities. Then, as we mature, there is the opportunity to action some of the priorities that we have in our department and in our service.”

The Coast Guard Cyber Command has challenges and opportunities in each of the foundational areas outlined in the strategic plan issued by the commandant, Adm. Linda L. Fagan, USCG. Primary among these is workforce, as building a cyber workforce poses challenges similar to those faced by all the military services as well as industry. The Coast Guard must recruit, train and retain vital cyber talent personnel, and Adm. Vann described it as the command’s top challenge.

The Coast Guard has undertaken several steps to meet the cyber workforce challenge. First, it is establishing a permanent cyber mission specialist rating. Individuals entering the Coast Guard as enlisted personnel can work in this field throughout their career, Adm. Vann said. Before, the service would find people from various job specialties that had some type of cyber flavor or experience in industry. Now, Coast Guard cyber will have its own job specialty in which it can develop and maintain its own experts. The first group identified for the enlisted specialty features personnel from all walks of life in the Coast Guard, he offered.

This specialty also is being established in chief warrant officer ranks, the admiral added. These technical experts will be the link between the enlisted personnel and regular commissioned officers.

Last year, the command established a direct commissioned cyber officer program. People in industry or the other services who already have the needed professional skills can apply to enter the Coast Guard as officers in cyber—“entry-level leaders in cyber,” the admiral suggested.

The three new work specialties will not be open only to entry-level individuals, he emphasized. They also will be available to Coast Guard personnel who desire a lateral move. “There is a lot of use to bringing Coast Guard people into cyber who have operational experience, be it going to sea or working in our aviation field or deployable forces,” he explained. “They bring that front-line Coast Guard operational perspective into cyber.”

The command also is looking at other lateral entry programs. The targets would be midcareer cyber professionals who might be brought in as uniformed personnel or civilian employees, possibly on a contract basis, the admiral suggested. The volunteer Coast Guard Auxiliary has a cyber program for appropriate expertise among the tens of thousands of volunteers in the auxiliary, and many already have stepped forward.

“We’ve created a lot of new positions, and so we have to find more people,” Adm. Vann declared.

Last year, the Coast Guard Academy graduated its first degree holders in a cyber systems major. That program will feed cyber graduates to the Coast Guard Cyber Command annually, he related. The command also is formalizing an officer specialty that allows these new junior officers to plan careers in cyber.

With these measures come new command opportunities. The Coast Guard views these as a key way of attracting and retaining cyber personnel for leadership and growth.

Last year also saw the Coast Guard receive approval to expand its Reserve cyber program. Adm. Vann posited that the service is tripling the size of this effort, which opens up opportunities for people who have left the Coast Guard for industry or are in the private sector and want to bring their cyber expertise to the Coast Guard part-time.

With these new activities comes diversification—in this case, geographically. Only a few years ago, Coast Guard cyber was largely based in the Washington, D.C., area. Now, it has units in multiple states and field commands, which should improve recruitment, the admiral offered. Cyber specialists are embedded in units in 40 sectors.

Building and maintaining this base involves working with others. Adm. Vann related that the command is partnering with USCYBERCOM and the other service cyber components for training, and it taps the commercial sector for training as well. The Coast Guard has access to USCYBERCOM’s persistent cyber training environment, so it can train and exercise with the other military services. The Coast Guard also works with USCYBERCOM’s DreamPort for more experience in operational technology, particularly industrial control systems. This is especially useful for securing the Marine Transportation System, Adm. Vann pointed out.

The Coast Guard has increased its cyber workforce by 50% over the past 18 months, he related.

In addition to teaming with the Defense Department, the service has expanded partnerships with the FBI and the Defense Department’s Cyber Crime Center along with foreign partners. This foreign cooperation includes the Indo-Pacific region as well as nations in the U.S. Northern Command and the U.S. Southern Command. Cyber protection team missions on the Marine Transportation System have doubled, the admiral added.

In the coming year, the Coast Guard expects to maintain the momentum it has generated over the past year, he offered. In terms of funding, much of this growth was planned years ago. Many of the resources necessary for the growth of Coast Guard cyber have been in place, so this recent and near-term growth is largely covered. For the longer term, the emerging domain of Coast Guard cyber may require additional resources. “The next four years are going to really prove what is our optimal operational output and do we need more resources,” Adm. Vann allowed.