Enable breadcrumbs token at /includes/pageheader.html.twig

Army Cyber Command and Cloud Agency To Cooperate Closely

The agreement, which has not been made public until now, benefits both Army Cyber Command and the Enterprise Cloud Management Agency, says the Army Cyber Command leader.

Lt. Gen. Maria Barrett, USA, is the commanding general for U.S. Army Cyber Command. Photo by U.S. Army

Lt. Gen. Maria Barrett, commander, U.S. Army Cyber Command (ARCYBER), and David Markowitz, acting chief information officer for the Army, signed a memorandum of agreement April 28 that defines the operational and command relationship between the Enterprise Cloud Management Agency (ECMA) and U.S. Army Cyber Command to operate, secure and defend cloud activities.

“We realized that ECMA is so critical to the department and the warfighters’ suite of capabilities that if we are not integrated closely from a cybersecurity, cyber defense standpoint, that is a huge miss,” Gen. Barrett said in a SIGNAL Media interview. So, we recently signed a memorandum of agreement in terms of how we are going to integrate more closely between ECMA and Army Cyber on all of their operations, but primarily starting with cybersecurity operations right now.”

The deeper integration between ECMA and ARCYBER is a positive step toward achieving key convergence objectives in support of the Army’s Unified Network Plan, Army officials explained. The primary outcome of the agreement enables ARCYBER to direct routine or urgent defensive actions for Army cloud, or cArmy, consistent with the rest of Army networks. It also provides ECMA greater direct access to other resources, such as critical cyber intelligence, and allows ECMA and ARCYBER to work more closely together.

Cloud computing is a key element of the Army’s digital transformation strategy and efforts to build a data-centric force. It’s important for the Army’s portion of the Department of Defense Information Network and to the service’s tactical networks.

ECMA’s priorities and objectives are expanding the cloud, implementing zero trust, rapidly developing software and developing the cloud workforce. The organization was conceived to build, deploy, secure and scale the cARMY environment providing standard, secure platforms to host Army apps.

“This is good news for ECMA because now they get to leverage some of the insights that we have from our intelligence section, and we also will be able to see some of the data that they have in data feeds. And this will all be part of the same ecosystem—how we're looking for threats, how we're defending our network. So, this is actually a really good, big step for the Army,” Gen. Barrett said.

She explained that in some cases, Army organizations operate their own networks, but ARCYBER has “enforceable authority” to issue instructions for fixing vulnerabilities on those networks. She used the Army Corps of Engineers as an example. “So even though the Corps of Engineers is running their own network, if we see a particular vulnerability that is critical, we can issue them instructions to go ahead and do something with respect to that vulnerability.”

Up until now, ECMA did not fall under that enforceable authority. Gen. Barrett clarified, however, that the agreement does not place ECMA under Army Cyber Command. “To be clear, this does not mean that ECMA belongs to Army Cyber, but like the other organizational networks that we have in the Army … I can't go left 45 degrees and then leave the rest of the Army behind. They have to understand where it is that we're coming from, from a defensive standpoint and a threat standpoint.”