U.S. Cyber Command leaders say they learned valuable, specific and applicable lessons at last year’s Cyber Flag exercise including that it’s not always necessary to deploy the whole 39-person cyber protection team, or CPT.
“There’s real traction that happens from these lessons learned,” an exercise leader told C4ISRNet, who added that mission force experts will be brought in to figure out how to “craft our doctrine to reflect operations” based on lessons learned during the exercise.
They aren’t looking to make CPTs smaller, however. The whole CPT team may be needed for certain problems. In some cases, a forward element might start on aproblem and determine the whole team is needed to complete the mission, an exercise lead noted. In either event, it’s important that the team is available and able to provide input in an environment that’s changing 24/7.
“You would send a smaller group forward and then do whatever analytic work or analysis you need to do back at home base, be it Fort Gordon or San Antonio or Hawaii or reach back and do some of that work there,” Brig. Gen. Maria Barrett, deputy of operations J-3 at CYBERCOM, said during a keynote address in early June. “That kind of facilitates us being a little bit more agile and quick.”
“One of the things we found with practical experience is we can actually deploy in smaller sub elements, use reach-back capability, the power of data analytics; we don’t necessarily have to deploy everyone,” Adm. Michael Rogers, the commander of CYBERCOM, testified to the House Armed Services Committee in May. “We can actually work in a much more tailored, focus[ed] way optimized for the particular network challenge that we’re working. We’re actually working through some things using this on the Pacific at the moment.”
An exercise lead questioned whether certification tests that evaluate performance measure consistent battlefield operations readiness, and said that already there have been “some heated discussions” about how to “adjust to meet not just certification but readiness,” according to C4ISR.
Bringing real kits to the exercise provided another valuable lesson since every service has a different type of kit, leaders told C4ISRNet. Additionally, the Deployable Mission Support System CPT kit, consisting of passive and active sensors, analytic capability and laptops with commercial or off-the shelf software, has reached full operational capability and is being re-evaluated by command, said Barrett.
Finally, leadership and communications lessons learned in the field will inform decisions as the cyber mission force reaches full operational capacity in 2018.