U.S. Cyber Command (USCYBERCOM)
U.S. Cyber Command (USCYBERCOM) fuses the Defense Department's full spectrum of cyberspace operations and plans, coordinates, integrates, synchronizes and conducts activities to lead day-to-day defense and protection of DoD information networks; coordinates DoD operations providing support to military missions; directs the operation and defense of specified DoD information networks; and prepares to conduct (and when directed, conducts) full-spectrum military cyberspace operations. The command is charged with pulling together existing cyberspace resources, creating synergy that does not currently exist, and synchronizing warfighting effects to defend the information security environment.
USCYBERCOM centralizes command of cyberspace operations, strengthens DoD cyberspace capabilities, and integrates and bolsters DoD's cyber expertise. USCYBERCOM improves DoD's capability to ensure resilient, reliable information and communications networks, counters cyberspace threats, and assures access to cyberspace.
USCYBERCOM's efforts support the armed services' ability to confidently conduct high-tempo, effective operations, as well as protect command and control systems and the cyberspace infrastructure supporting weapons system platforms from disruptions, intrusions and attacks.(4)
According to the USCYBERCOM website in August 2002, the Army established the U.S. Army Network Enterprise Technology Command/9th Army Signal Command, renamed NETCOM/9th Signal Command (Army) in 2006, as the “single authority to operate, manage, and defend the Army’s enterprise level infostructure,” in response to the increasing complexity and growth of security threats to the Army’s portion of the worldwide web, known as LandWarNet.
In 2004, the Army recognized the critical collaboration required between computer network defenders and providers to secure Army networks and combined the NETCOM Army Global Network Operations and Security Center, or AGNOSC and the U.S. Army 1st Information Operations (IO) Command (Land) Army Computer Emergency Response Team, or ACERT into the ACERT/AGNOSC Theater Operations Center at Fort Belvoir, Va. This new and collaborative organization ensured not only a robust defense of the Army’s computer network, but also the ability to protect the integrity and validity of both the network and the content stored on them.
By September 2006, the Army recognized that computer network operations were evolving into the larger mission set of cyberspace operations and directed 1st IO Command to integrate, coordinate, and synchronize Army computer operations. There remained, however, a requirement for senior operational leadership to oversee this mission. To address this requirement, in January 2008, the Army designated the commanding generals for NETCOM/9th Signal Command and INSCOM as deputies for Network Operations and Network Warfare, respectively, under the commanding general, U.S. Army Space and Missile Defense Command/Army Forces Strategic Command, or USASMDC/ARSTRAT. This new structure put an operational lieutenant general in charge of Army computer network operations and provided the capabilities required across the spectrum of computer network operations.
In July 2008, the Army activated its first provisional network warfare battalion under INSCOM. The battalion’s mission entailed supporting both Army and the Department of Defense with a variety of tasks, ranging from tactical support to brigade combat teams through strategic support for other Services, Joint commanders, and interagency partners.
In late May 2009, in anticipation of a Secretary of Defense memorandum directing each of the Services to identify an appropriate component to support the establishment of U.S. Cyber Command, or USCYBERCOM, the Army directed an Army cyberspace task force, led by a brigadier general, to take the lead in examining and recommending courses of action to the Army chief of staff to identify the Army’s Service component.
In June 2009, the Secretary of Defense issued the memorandum directing the Services to identify an appropriate component to support US Cyber Command before its fully operational capability date of October 2010. The Army named USASMDC/ARSTRAT, designated U.S Army Forces Cyber Command, or ARFORCYBER, as the interim Army Service component support, pending the outcome of the Army Cyberspace Task Force recommendations to the Army chief of staff. ARFORCYBER subsequently reached initial operational capability on October 1, 2009. Within its first year as an operational command, Army Cyber Command accomplished nine major objectives that included:
The command succeeded in developing an operational focus with an unprecedented of unity of effort in operating and defending all Army networks. For the first time, a single entity in the Army became responsible for the operations and defense of all the Army's networks. This single focus allowed the command to prioritize resources and enabled commanders across the Army to make educated decisions based on the threats and operational needs of their commands.(4)(5)
Network dominance is an integral part of the cyber fight – today and tomorrow. Cyber threats demand new approaches to managing information, securing information, and ensuring our ability to operate. Cyberspace is on par with the other war-fighting domains of land, sea, air and space.
U.S. Army Cyber Command and Second Army's breadth of responsibility spans the entire Army and the entire world, from the tactical edge to the strategic enterprise level or national levels. Traditional boundaries no longer exist and anonymous attacks can occur literally at near-light speed over fiber optic networks.(6)
The Network Enterprise Technology Command, headquartered at Fort Huachuca, Ariz., is the Army's single information technology service provider for all network communications. A major subordinate command to U.S. Army Cyber Command, it maintains and defends the Global Network Enterprise to enable information superiority and freedom of access to the network in all phases of Joint, Interagency, Intergovernmental and Multinational operations. With the expertise of nearly 16,000 Soldiers, Civilians and Contract personnel stationed around the globe, the command provides support to organizations across the entire spectrum of strategic, expeditionary, joint and combined environments.(7)
The 1st Information Operations Command (Land), is a major subordinate command to U.S. Army Intelligence and Security Command and is under the operational control of U.S. Army Cyber Command. It is the Army’s only active component IO organization.
The command has regionally focused information operations and IO-related intelligence planning teams assigned to provide reach-back planning and special studies support. Operations planners are involved prior to, during, and after exercises and support contingencies such as the counter improvised explosive device effort.
The 1st IO Battalion is responsible for training and deploying multiple field support teams, vulnerability assessment teams, chief of staff, Army-directed operations security (OPSEC) awareness teams in direct support of Army and land component commands' planning, preparing, executing and assessing information operations for Operations Iraqi Freedom and Enduring Freedom and other Army missions.
The 2nd IO Battalion conducts and synchronizes Army computer network operations through an around-the-clock operations center fully integrated with forward-positioned regional computer emergency response teams in support of service, joint and combatant commands. When tasked by the Army, 2nd Battalion deploys worldwide to provide commands with technical support for computer incidents and intrusions.
The Army Reprogramming Analysis Team–Threat Analysis supports Army, Navy, Air Force, Marine Corps, U.S. Special Operations Command forces and materiel developers through the identification and reporting of changes in worldwide threat signature information that require the reprogramming of Army target sensing systems.
1st IO Command conducts specialized training for IO subject-matter experts, deploying IO teams and deploying units through fixed resident training facilities and by customized and deployable mobile training teams.(8)
U.S. Army Cyber Troops
Cyber officers – officially known as Cyber Warfare Officers (17A) -- direct teams of professionals and technicians that defend Army cyberspace and take actions against adversaries to ensure commanders' freedom of maneuver in the cyber domain. As leaders of Cyber Mission Force teams, Cyber officers are on the electronic front lines, planning and executing defensive operations to protect Army networks and systems from attacks in cyberspace and offensive operations to disrupt and degrade our adversaries’ abilities to use the cyber domain to their advantage. During a career Cyber officers typically serve in positions such as Cyber Protection Team Cyber Operations Officer, Cyber Mission Force Support Team Leader, Cyber Operations Planner, and Operations and Integration Center division chief, as well as in progressive command and career developmental positions.
Army competitive category officers in the ranks of first lieutenant (promotable) through colonel can apply to become Cyber officers during periodic Voluntary Incentive Program application windows. Typical prerequisites include acquiring and maintaining a Top Secret - Sensitive Compartmented Information security information clearance; passing a polygraph test; and completing a minimum bachelor of science degree in a related engineering, computer science, information technology or math field with at least six hours in structured programming, or passing a cyber aptitude test. Regular Army officers controlled by the Judge Advocate General's Corps, Chaplain Corps, Army Medical Department or Medical Service Corps are not eligible for VTIP, but can contact their Army Human Resources Command assignment officers for information on the branch transfer process.(9)
Cyber warrant officers, or Cyber Operations Technicians, are highly specialized subject-matter experts who supervise and manage the execution of cyberspace defense; cyberspace intelligence, surveillance and reconnaissance; cyberspace operational preparation of the environment; and cyberspace attack actions. Cyber warrant officers give commanders the advantage in the cyberspace domain. The Cyber warrant officer advises commanders on the availability and employment of capabilities; maintains and assists in the development of staff estimates; helps to de-conflict and synchronize cyberspace operations, and coordinates external support for cyber operation mission requirements and integrates effects into the planning and targeting processes. Their primary function is to act as the subject-matter expert and advisor to the commander and staff regarding the employment of offensive and defensive cyber operations.
There are two routes to becoming a Cyber warrant officer, one for Army enlisted Soldiers and one for Army warrant officers who wish to reclassify from another branch into the Cyber branch. Preferred applicants will come from the military occupational specialties (MOSs) 17, 25 or 35. All other enlisted MOSs (including sister services) may apply with a strong related technical background and a minimum Bachelor of Science degree in computer science, programming or a similar field. All applicants must be sergeants (pay grade E5) or above with a minimum of 36 months of rated time documented in non-commissioned officer evaluation reports, and must have successfully completed Advanced Leadership Course Phase 1 or SSD 2. Applicants must also hold an adjudicated TS/SCI security clearance and hold a current IAT/IAM Level 2 certification (Security +, etc.)(10)
Cyber Soldiers are highly skilled technical experts who provide crucial intelligence and network support that safeguards the cyber domain and ensures commanders can maneuver and win. Enlisted members of the Army Cyber Branch serve in Military Occupational Specialty (MOS) 17C -- Cyber Operations Specialist. Soldiers in other Army specialties, such as Military Intelligence and Signal MOSs, may also serve in or support Army cyber units.
As defenders of America’s presence in cyberspace, Cyber Soldiers collect, analyze and report digital data, deploy and maintain network defense tools such as routers and firewalls, evaluate network defense operations and respond to incidents in cyberspace.
There are two paths to becoming a Cyber Soldier: one for current enlisted Soldiers and one for those who wish to join the Army and be part of the Cyber team. For enlisted Soldiers typical prerequisites to reclassify into a Cyber MOS include a Top Secret - Sensitive Compartmented Information security clearance; Armed Services Vocational Aptitude Battery (ASVAB) and screening test requirements; experience and certification requirements; and time in service and service remaining requirements. For those who would like to enlist, typical requirements include minimum ASVAB scores, basic combat training and Advanced Individual Training consisting of classroom and on-the-job training in automated data processing, data analysis and development of analytical tools. During their careers Cyber Soldiers serve in challenging positions as digital analysts, network operators, cyber planners, security analysts and operations planners, as well as in progressive leadership and career developmental positions. Potential incentives for career Cyber Soldiers include benefits such as Training with Industry programs, the opportunity to become a Cyber warrant officer, targeted compensation, Special Duty Assignment Pay, Assignment Incentive Pay, skill certifications and reenlistment bonuses.(11)
There are also several civilian positions with U.S. Cyber Command including: