This is part seven of a series exploring the differences between military cyber forces, capabilities, mission sets and needs. For previous installments, see part one, part two, part three, part four, part five and part six.
The Marine Corps Forces Cyberspace Command, or MARFORCYBER, is a direct service link for U.S. Cyber Command, but the Marines Corps mission set in cyberspace is much more expansive than just the man, train and equip cyber mission force CYBERCOM contribution.
MARFORCYBER, similar to the other service cyber components, conducts cyber operations and secures, operates and defenses the Marine Corps Enterprise Network (MCEN).
Maj. Gen. Lori Reynolds, commander of MARFORCYBER, described in written congressional testimony how MARFORCYBER is helping to add cyber capabilities into the Marine Air Ground Task Force, or MAGTF.
The commandant of the Marines, in a recently published operating concept outlining a modernized focus for the Force Design 2025, “understands the necessity to move forward quickly to build MAGTF capability to operate in all five domains. This is not the fight of the future, but the current fight we are in right now,” Reynolds wrote.
In terms of the delineation between operations and generic IT, “we see cyber as maneuver, intelligence-driven operations and capabilities whether offensive or defensive along with the analytics that go with that,” Gregg Kendrick, executive director of MARFORCYBER, said during a March keynote address. “IT, information technology, we see as the infrastructure side of the house, whether hardware or software — it could be apps, it could be just fiber — but the information technology would be the infrastructure that you ride along or use.”
Separate from MARFORCYBER, the Marines, under Marines Corps Systems Command, recently stood up a cyber advisory team (CAT), which is made up of acquisition professionals and located at the command deck as a command asset for program office to facilitate and expedite acquisition and provide expertise on all things cyber.
The team developed two primary lines of effort under this program: an emergency acquisition process, which focuses on fielding capabilities in less than 30 days; and an urgency acquisition process, which is designed to field capabilities between 30 and 180 days. Anything that might take more than 180 days will be considered under the traditional acquisition process as it is clearly not an urgent need.
Mike Cirillo, the CAT’s director at Systems Command, told C4ISRNET in a recent interview that the emergency 30-day process was validated back in the fall. They have fielded about $100,000 worth of IT that directly supported a cyberspace operations capability needed by MARFORCYBER, he said.
This process came out of a cyber task force stood up in 2015 at the direction of then commandant Gen. Joseph Dunford. One of the four tasks outlined by the commandant sought to improve acquisition, Cirillo said. The commander of Systems Command went after this by taking the “the cream of the leadership and the command,” Crillo said, which included cyber IT program managers, senior counsel, senior contracting officers, senior logisticians, senior subject matter experts and senior engineers. They collaborated for three months and developed 26 recommendations to improve acquisition within the Marine Corps.
Half of these recommendations, he said, dealt specifically with Marine Corps Systems Command and Marine Corps central acquisitions activity for ground weapons and IT — what Cirillo described as “little ‘a’” acquisition. The other half dealt with “big ‘A’” acquisition to include capabilities for those in the field such as MARFORCYBER personnel.
Cirillo added that over the course of about a year or so, culminating around the beginning of this year, Marine Corps Systems Command more or less completed or implemented their half of those 26 recommendations and saw a good amount of success changing the culture within the command to understand the need as well as the “urgency of cyberspace and threats that exist out there all the time everyday at all levels touching Marines forward, touching Marines and civilians here at Quantico and touching our family members at home; we’re all connected to the same cyberspace and hence we’re all exposed to the same threats.”
Cirillo noted that while the three main cyber organizations within the Marine Corps — MARFORCYBER, the C4 directorate, which houses the service’s CIO, and Systems Command — are on the same page in terms of countering threats, each has their own specific mission.
The CIO’s office is going to be concerned with things like investment risk, standardization risk, procurement risk, while the MARFORCYBER is focused on securing, operating and defending the MCEN. Systems Command, on the other hand, is focused more on the acquisition and equipping front and is more interested in cost, schedule and performance.
Brig. Gen. Dennis Crall, the service’s CIO, has described several times how the service has been undergoing a network transition of sorts, transitioning to one MCEN going from pre-Navy Marine Corps Intranet to NMCI and now moving to a Marine-owned and -operated network.
“We haven’t fixes some of the vestiges of unification,” Crall admitted during a March keynote address hosted by the Armed Forces Communications and Electronics Association, “and we’re smack in the middle of the Joint Information Environment brining in things like the Joint Regional Security Stacks.”
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.