The Army is working cyber into everything under its purview. U.S. Army Central decided to go one step farther than the Army's Cyberspace Strategy for Unified Land Operations 2025 in creating its own cyberspace strategy.
The strategy, formally titled FY 17/18 USARCENT Cyberspace Strategy, has a heavy workforce focus and is aimed at helping the organic ARCENT workforce understand cyberspace and cyber operations to better position itself to aid cyber warriors and succeed in missions.
Lt. Col. Dwyke Bidjou,USARCENT's deputy chief of information operations and one of the main officials behind the strategy's development, spoke to C4ISRNET reporter Mark Pomerleau about the strategy and its contents, which is still classified.
C4ISRNET: Can you provide an overview of the strategy? Is it more along the lines of cybersecurity, warfighting?
Bidjou: This strategy encompasses all three mission sets of cyberspace operations; offensive, defensive and DoDIN operations. The intent was to make sure the ARCENT staff had our commander's vision and understanding and priories for execution of cyberspace operations hitting on all three mission sets.
As you know, cyber is the hot buzzword and our intent was to make sure that our staff was educated and informed on what are their specific requirements across the staff – so not just G-2, G-3 or G-6 – but the whole of staff of execution of cyberspace operations.
I can go into more detail on what the lines of effort specifically are.
C4ISRNET: Sure. Can you provide more detail on the strategy's origins?
Bidjou: The strategy is directly nested with the Army Cyberspace Strategy for 2025. As the title indicates there are significant gaps in 17/18 versus 2025. Our intent was to build a strategy that immediately address operational challenges but also help inform the Army.
The five lines of effort are prioritized:
One, build an ARCENT cyberspace workforce.
We can't execute a strategy without the manpower. How do we build that workforce? What we've done is take a look at our currently assigned ARCENT soldiers, which have experience in the cyberspace domain.
The [established provisional Cyber Branch stood up in 2014] was at that point before the cyberspace branch was created, was a method the HQDA used to identify cyber personnel with experience in the cyberspace domain. Currently we have soldiers assigned at ARCENT with cyber experience and we wanted to use that as a bridging strategy until we have formally trained 17 series cyber soldiers assigned to ARCENT.
Our second line of effort was conduct cyberspace operations.
So what specifically does that mean? Within our internal ARCENT cyberspace operational planning team (OPT) we decided that we're not going to use the term cyberspace operations unless we were addressing all three mission sets. Identifying them all so that we currently do not have manpower or resources aligned across all three of those mission sets, we decided the internet was to ensure the ARCENT staff understood what those requirements were. So we continue to lean forward in working with CENTCOM, HQDA, Cyber [Center of Excellence] CoE and [Training and Doctrine Command] to refine what the [Army Service Component Command's] requirements are in cyberspace operations.
Those have been loosely defined at this point at TRADOC and being sent to theater. Theater requires for an ASCC; here we're talking about partnerships, logistical support, engagements, mission command, all those details are essential for execution for cyberspace operations. Our intent was to ensure the strategy spoke to those.
The third line of effort was identification and development of cyberspace capabilities. If we say that we're conducting cyberspace operations without manpower without tool development without identification of what our tool kits currently possess and should have, the staff needs to do that.
So we identified that the staff needs to engage and understand what those requirements are holistically not just as an intel or operations component.
As you understand at ARCENT, one of our primary focus area would be engagements with our regional partners. The partnership needs to be resourced, prioritized and synchronized across the staff. That would be just one staff section's primary focus.
The fourth was investment in our facilities, systems and infrastructure.
There are cyberspace vulnerabilities which are almost unfortunately on a regular basis impacting operations. Some of these have been legacy problem, which have not been understood across the staff.
Here I'll say as we look at facilities, how do we bring our engineer cell and educate them on vulnerabilities which may exist within our SCADA or heating, ventilation and air-conditioning systems, our power networks?
How do we ensure that those vulnerabilities are addressed, the ARCENT mission is executable and how are our soldiers protected against those current threats.
The last and final of our lines of effort is developing partnerships. In essence, we cannot conduct operations of any type without coordination and support from our regional partners. Cyberspace should not be any different from a traditional lethal operation. So how do we have these engagements and we developed a contact list so we had discussions with our regional partners on what are the primary focus areas, what are their concerns regarding cyberspace, and candidly there needs to be some discussion on intel sharing.
You may or may not know, topics for engagement with our regional partners are deconflicted at [the office of the Secretary of Defense].
The method with which we would engage our partners would be deconflicting through the CENTCOM joint cyber center or JCC. Going to them, confirming these are the targeted engagements that we're looking at, these are topics that we intend to reach with our partners and confirming they have deconflicted them, not just at a CENTCOM level but OSD policy.
C4ISRNET:From a cyberspace perspective, what are some of the unique problem sets and challenges within both the CENTCOM AOR and also the ARCENT mission space that this cybersecurity strategy and mission in cyberspace gets to the heart of? What are some of those underlying challenges?
Bidjou: I'll start by hitting upon one of the key challenges. It's debatable whether or not CENTCOM is the most engaged geographic command. PACOM may say otherwise, but when you look at operations over the past 15, 17 years at this point, it would be CENTCOM.
So the optempo associated with real word missions regarding being deconflicted against the resource and requirements of an initiative – cyberspace operations are a directive, captured with joint requirements and real missions and the staff needs to understand and embrace that.
So we can't continue to look the other way and see headlines occur daily regarding network vulnerabilities and incidents, which have impacted our operations and say that's the G-6's problem.
I'll also say the workforce development and educate the force piece are two legacy and enduring problems that really cannot be overcome overnight.
C4ISRNET: So this is focused on the ARCENT staff/workforce as a whole, not necessarily the Army cyber service component of ARCYBER?
Bidjou: I would actually say it's both. The development of the ARCENT staff's understanding of what cyberspace operations requires is essential to the execution of the strategy. Regarding the [cyber mission teams], [cyber protection teams], [national mission teams], I think the staff needs to understand what they do. As we're taking a look at our exercises, as an example, the staff needs to understand what capacities are organic and how to request capabilities needed. In the event we were to identify a cyberspace vulnerability the staff needs to know where to reach out to to request or who to reach out to to request those capabilities and what can they do regarding that vulnerability. This needs to be common understanding across the staff.
C4ISRNET: Do you see lack of education right now being a big problem or something that really needs to be addressed in this space?
Bidjou: 100 percent.
