17 January 2023

The Pentagon’s Cyber Personnel Issues Need More Attention

WALTER PINCUS

OPINION — The Army, which seeks to double the size of its cyber forces over the next five years, is already short-staffed in two key cyber career fields, according to a Government Accountability Agency (GAO) study on Military Cyber Personnel, released December 21.

The GAO study discusses why all U.S. military services will face difficulties finding, recruiting and retaining people with needed cyber skills, and I will deal with those findings below.

First, however, I want to use the GAO report to reinforce what the Ukraine war has already shown — how important cyber has become in all elements of warfare and will be more so in the future.

On New Year’s Day, Ukrainian forces used satellite-guided rockets from American High Mobility Artillery Rocket System (HIMARS) launchers to strike with precision, targets more than forty miles away in the occupied Ukraine city of Makiivka. They destroyed a Russian ammunition depot and killed over 95 Russian soldiers and wounded many more who were living adjacent to that site.

For the HIMARS cyber-automated, fire support command, control and communications, the Ukrainians used International Field Artillery Tactical Data System (IFATDS), the export version of the U.S. Advanced Field Artillery Tactical Data System (AFATDS), a program which has been in service with American Army and Marines units since 1995.

But to show how fast these cyber-driven programs change, I found that the currently in-service Army AFATDS is a second-generation version which “automates the planning, coordination, and control of all fire support assets [including] field artillery, mortars, close air support, naval gunfire, attack helicopters, offensive electronic warfare, fire support meteorological systems, forward observers, and fire support radars,” according to a recent Army notice. In addition, for Joint/Coalition Situational Awareness “the system interoperates and integrates with over 80 different battlefield systems, including Navy and Air Force command and control weapons systems,” according to the notice.

Get your 10-minute national security daily open source brief by signing up for The Cipher Brief’s Open Source Report Daily Newsletter or by listening to The Cipher Brief’s Open Source Report Podcast with Suzanne Kelly and Brad Christian, wherever you listen to podcasts.

Last month, the Army announced to contractors, it is seeking again to upgrade AFATDS with a third-generation version to include new and updated capabilities to be fielded in fiscal 2024. Among new elements being sought are “expanded embedded training, various sensor-to-shooter enhancements, support for next generation munitions, and additional code base changes to improve maintainability,” according to the notice.

Listed online are many other new cyber programs being sought by the U.S. military services. For example, Air Force Materiel Command is seeking to research and develop “technologies to intercept, acquire, access, exploit, process and locate both covert and overt (network) data and signals in the cyberspace domain…This work is in support of the Intelligence, Surveillance and Reconnaissance [airborne] mission to protect ‘blue’ coalition forces with command, control, computer and intelligence applications, and to support technologies that will enable SIGINT (signals intelligence) systems and/or platforms with an improved ability to automatically detect, identify, sort, track, prioritize and reliably classify and more importantly geo-locate signals of interest.”

Carrying on this work has required new generations of computer-trained military personnel who work both within their own military services, or on joint teams for U.S. Cyber Command (CYBERCOM).

CYBERCOM’s new Cyber National Mission Force mission is to “plan, direct and synchronize full-spectrum cyberspace operations to deter, disrupt and if necessary, defeat adversary cyber and malign influence actors,” according to a December CYBERCOM press release. To accomplish that mission, there are 39 joint cyber teams currently made up of some 2,000 personnel from the Army, Navy, Marine, Air Force, Coast Guardsmen, (Space Command) Guardians, and civilians from the National Security Agency and Defense Intelligence Agency.

The GAO report, which is concerned with the length of service for military-trained cyber operators, said that CYBERCOM officials have identified Interactive On-Net Operator (ION), as one of three critical cyber work roles where training is lengthy and expensive.

The ION-trained individual develops assessment plans and measures of performance/effectiveness and conducts strategic and operational effectiveness assessments as required for cyber events. He or she also determines whether systems performed as expected and provides input to the determination of operational effectiveness.

“Training and subsequent certification to fill the ION work role may take from one to nearly three years to complete, and Army, Air Force, and Marine Corps officials estimated the training’s cost per service member at from $220,000 to $500,000,” the GAO report says.

Neither the Army nor the Marine Corps has increased its service obligations for individuals who train to take on the ION work role. However, the Navy and Air Force have instituted a three-year service obligation for members who receive ION training.

GAO reported being told by U.S. Army Cyber Command officials that at times, an officer who attended training for ION then left the military soon after completing certification. Army officials said increased, clearly defined service obligations would create a better return on investment in critical cyber work roles, particularly in the ION work role.

Marine Corps officials told the GAO they have “not established service obligations related to ION certification training because only enlisted personnel are eligible to train as IONs, and service obligations for enlisted personnel are handled via enlistment contract.” As a result, “due to the length of ION training and lack of additional service obligations, personnel have approximately 13 months remaining of their initial service obligation once they complete
the training, assuming they began training as soon as they were eligible,” according to the GAO report.

Subscriber+Members have a higher level of access to Cipher Brief Expert Perspectives and get exclusive access to The Dead Drop, the best national security gossip publication, if we do say so ourselves. Find out what you’re missing. Upgrade your access to Subscriber+ now.

Marine Corps Forces Cyberspace Command has requested permission to institute a service obligation of 54 months from the start of ION training, but Marine officers said they were unsure when or if the request would be approved and implemented, according to the GAO report.

The ION position is just one of many new cyber positions created within the military services. The GAO report says the Pentagon created in 2016, and updated in 2020, the DOD Cyberspace Workforce Framework (DCWF), which “describes the work performed by the full spectrum of the cyber workforce, and includes 54 work roles based on the work an individual performs, as opposed to their [traditional military service] position title or career field.”

For example, a Cyber Operations Planner, according to the DCWF, “Develops detailed plans for the conduct or support of the applicable range of cyber operations through collaboration with other planners, operators and/or analysts. Participates in targeting selection, validation, synchronization, and enables integration during the execution of cyber actions.”

A Warning Analyst, according to the DCWF, “Develops unique cyber indicators to maintain constant awareness of the status of the highly dynamic operating environment. Collects, processes, analyzes, and disseminates cyber warning assessments.”

Enlistment, re-enlistment bonuses and assignment incentive pay are used within the services for important career fields. However, officials told the GAO that “while the military services offer retention bonuses and special pay, they continue to experience challenges retaining qualified cyber personnel.”

If past years are any guide, the Army goal of doubling its cyber force in the next five years will be difficult. For example, the GAO report points out that while overall staffing levels for Army cyber career fields generally improved from fiscal years 2017 through 2021, most categories listed by the GAO never hit their authorization goals.

One example: The warrant officer job of Cyber Warfare Technician reached just 68 percent of its authorized number in 2021. The holder of that job “performs as the subject matter expert and advisor to the Commander and staff regarding the employment of offensive and defensive cyber operations assets and personnel,” and “integrates cyberspace effects into war-fighting functions in an effort to optimize combat effectiveness,” according to CYBERCOM’s Military Cyber Career Opportunities Guide.

In short, he or she would be in the middle of the action.

It’s another sign that DoD’s cyber personnel issues need more attention.

No comments: