U.S. Cyber Command’s annual training exercise will rely entirely on a new platform this year, a move that will allow most participants to compete remotely.
This year’s Cyber Flag exercise, which began June 15, will use the Persistent Cyber Training Environment, which has been described as one of the Department of Defense’s most critical projects.
“We are actually getting ready to do Cyber Flag … in PCTE for the first time at a geographically dispersed event,” Col. Tanya Trout, Cyber Command’s PCTE director, said during a webcast hosted by SANS June 5.
PCTE is an online client that allows Cyber Command’s cyber warriors to log on from anywhere in the world to conduct individual or collective cyber training as well as mission rehearsal. In the physical world, military forces regularly go to a training facility such as the National Training Center at Fort Irwin to work on particular concepts or rehearse before deploying. But a robust environment has not existed for DoD’s cyber warriors, creating readiness gaps.
The program is run by the Army on behalf of the joint cyber force.
Cyber Flag is Cyber Command’s major annual training event. For the past several years, it has been hosted at the Joint Staff facility in Suffolk, Virginia. This year’s event, the largest to date, is taking place from June 15-26 and will include DoD, intergovernmental and international partners. Participants typically travel to the facility to participate in the event, though some portions in the past have been remote.
“USCYBERCOM is leading the way in maintaining readiness during a global pandemic — we are meeting operational training requirements, and are prepared to operate and train in this new environment,” a Cyber Command spokesperson told Fifth Domain.
With few exceptions, the entire Cyber Flag exercise will be conducted remotely across several geographic regions, but operationally the exercise will be similar to others, officials said. This means teams will continue to conduct defensive missions on traditional networks and ICS networks against a live opponent.
This marks a milestone for the program as it has scaled from single one-off events to large Tier-1 exercise. Additionally, Cyber Flag will help the PCTE program office take lessons learned for future such events.
Despite the ongoing global pandemic that has caused major disruptions, Cyber Flag leaders had always planned to use the PCTE platform this year, officials said. With units geographically dispersed, they must be able to train as they fight: together.
The platform in the future will allow forces to choose training events from a pre-loaded Netflix-like menu, officials have said, but will also include ongoing tweaks to account for changes in a dynamic environment.
An agile platform
The PCTE program has been running an agile process from its inception, which is atypical of the acquisition process. Officials have leveraged small contracts to date and a set of one off “cyber innovation challenges” to incrementally add capability.
During this process, they also have worked with the user community – the active duty cyber warriors – turning to cyber training events to test and stress the platform while gaining feedback to improve the platform.
The platform is still in the prototyping phase currently. The Army is in the process of awarding a vendor for the final program under what is called Cyber Training, Readiness, Integration, Delivery and Enterprise Technology (TRIDENT), a contract vehicle to offer a more streamlined approach for procuring the military’s cyber training capabilities.
The Army released the request for proposal of the contract June 11.
Cyber Command has also now created something called the Joint Cyber Training Enterprise, which Trout leads as the acting director. She said earlier in June that it reached initial operational capability in February and is the non-material companion to the PCTE platform. It seeks to operate and synchronize training hosted by PCTE for the joint force.
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.