Eric Haupt
Return to Archive
Sunday Musing

Sunday Musings On A Cyber Force Temporal

Happy Sunday Friends! Here is 1 quote I’m musing, 2 Ideas, 3 of my favorite things from the week, and 1 question. If you find it useful or interesting, please feel free to forward this along to some friends or others!

One Quote I’m Musing

“It’s not that life is short, it’s that we waste a lot of it.”

-Seneca, On the Shortness of Life

First, everything in this should be taken through two lenses.

  1. All my thoughts here should be taken as a “Yes, and” and not a “No” or “Well Actually”.

  2. See my second quote from others. I might be, in fact I’m likely, off from your perspective. GREAT! Let’s chat. If I’m wrong and you help me see it, that’s a win in my book.

  3. These are Eric’s thoughts and are not affiliated with any other element.

Now that that’s out of the way…

Buckle in my friends, it’s time to talk some Cyber.

Dr. Lonergan and RADM (Ret.) Montgomery put together a great monograph. The 40-page research paper from the Foundation for Defense of Democracies calls for a Cyber Force branch as the seventh military branch on grounds that current forces in cyber are not ideally aligned, citing input from some 75 anonymous current and retired service members.

It has stirred up an abundance of conversation both for and against. And that’s the point. We must be having conversations and movement towards the goal of being as effective in this fifth domain as we have been, are, and will be in the land, air, sea, and space domains.

The disagreements and friction points should be solely on the “how” we get there based on the myriad experiences of our professionals, not the “why”.

I’m going to break this down into as unbiased a conversation as I can (which won’t be fully unbiased as I’m not a robot… or am I?). We’ll start with a quick analysis, a summary of the primary topics, then a tiki-taka of where the friction points are and how to mitigate those risks.

For example, things like “China has already centralized its cyber, space, electronic warfare, and psychological warfare capabilities within its Strategic Support Force. Russia is actively leveraging cyber operations both on the battlefield and to threaten U.S. critical infrastructure and interfere in American politics,” the report says, calling the matter an “alarming picture” that needs addressing are a bit of an appeal to emotion. While good insight into what others may be doing, not a call to action.

Analysis

The summary indicates a clear need for an independent Cyber Force. The current structure has led to inconsistencies in training, lack of clear career paths, redundancy, and a fragmented approach to cyber operations. By creating a dedicated Cyber Force, the U.S. military could improve its readiness, reduce redundancy, and provide a more focused approach to cyber threats.

The proposed Cyber Force would take over force-generation responsibilities, allowing CYBERCOM to focus on its primary mission of coordinating and conducting cyber operations. This division of labor could improve efficiency and effectiveness. Additionally, a dedicated Cyber Force could work closely with other agencies like the NSA to strengthen cybersecurity across the board.

However, the establishment of a new service would require significant planning, funding, and congressional approval. It would also involve a transition period with potential disruptions. Proper planning, communication, and risk mitigation strategies would be essential to ensure a smooth transition.

Summary of Primary Topic Areas

[1] Introduction: The cyber domain has become critical to U.S. military operations. Although CYBERCOM plays a key role, there's an urgent need for a more comprehensive approach to cybersecurity.

[2] The Cyber Mission Force (CMF): Created to support CYBERCOM, the CMF comprises personnel from various services. However, despite its responsibilities, CMF has faced recruitment and readiness issues due to lack of clear command structure and focus.

[3] Role of the Services: While CYBERCOM provides guidance, the individual services are responsible for developing their cyber capabilities as well as the manning, training, and equipping of their respective forces. This fragmented approach leads to inconsistency in training and readiness.

[4] Challenges of Existing Structure: The current structure leads to redundancy, inconsistent training, and resource allocation. There's also a lack of clear career progression for cyber professionals within the broader military.

[5] Need for an Independent Cyber Force: An independent service for cyberspace is suggested to address existing issues. This new service fulfills the manning, training, equipping, and organizing of a specialized cyber force.

[6] Governance and Oversight: An independent Cyber Force requires congressional approval and oversight. This could lead to a more unified approach to managing cyber operations.

[7] Impact on Other Services: Establishing a separate Cyber Force could affect existing services. While they would retain some cyber functions, the new force would take on much of the responsibility for offensive and defensive operations.

[8] Comparisons to Other Military Reorganizations: The history of the U.S. military shows that significant changes are often needed to address emergent challenges. The Air Force and Space Force are examples of successful elements of a service reorganizing into an additional service to execute the new warfighting domain.

[9] Challenges in Creating a New Service: Establishing a Cyber Force would involve legislative approval, funding, and reorganization of existing structures. It requires careful planning to avoid disruption.

[10] Advantages of a Cyber Force: A dedicated Cyber Force could streamline training, reduce redundancy, and provide a clear career path for cyber professionals. This would improve overall readiness and effectiveness.

[11] Role of CYBERCOM: CYBERCOM would continue to coordinate and conduct cyber operations, but the Cyber Force would take over force generation responsibilities. This division of labor could improve focus and efficiency for executing operations in the fifth domain.

[12] Effect on U.S. Strategic Command: With a separate Cyber Force, U.S. Strategic Command would have a clearer focus on its other, principle, responsibilities. This could lead to a more efficient command structure.

[13] Additional Responsibilities for Cyber Force: The Cyber Force would manage offensive and defensive operations and work closely with other agencies like the National Security Agency to improve cybersecurity across the board.

[14] Impact on National Security: A dedicated Cyber Force could strengthen national security by providing a more robust and focused approach to cyber threats. This could improve the U.S. military's ability to respond to emerging cyber threats.

[15] Need for Congressional Support: Congressional approval is crucial for the establishment of a new service. This would require bipartisan support and a clear understanding of the benefits.

[16] Budgetary Considerations: Creating a new Cyber Force would require significant funding. However, this could be offset by reducing redundancies and improving efficiency in training and operations.

[17] Training and Career Progression: A Cyber Force could establish specialized training programs and clear career paths for cyber professionals. This would help retain talent and improve the overall quality of the cyber force.

[18] Cooperation with Other Services: While the Cyber Force would take on many responsibilities, cooperation with other services would still be necessary. This would ensure a coordinated approach to cyber operations.

[19] Role of NSA and Intelligence Agencies: The Cyber Force would work closely with the NSA and other intelligence agencies. This cooperation would be critical for effective cyber operations.

[20] Response to Cyber Threats: With a dedicated Cyber Force, the U.S. military could respond more effectively to cyber threats. This could involve proactive measures to prevent attacks and a stronger ability to respond to incidents.

[21] Public Perception and Understanding: Establishing a new Cyber Force might require public education and communication to explain its role and benefits. This could help build support for the initiative.

[22] Challenges in Transition: Transitioning to a new structure could be complex and involve temporary disruptions. Careful planning and communication would be required to ensure a smooth transition.

[23] Potential Risks and Mitigations: While there are risks in creating a new service, they can be mitigated with proper planning and execution. This would require a thorough assessment of potential challenges and solutions.

[24] International Cooperation: A dedicated Cyber Force could enhance the U.S.'s ability to cooperate with international partners on cyber issues. This could lead to a more coordinated global approach to cybersecurity.

[25] Structure of the Cyber Force: The Cyber Force would be organized within a department, similar to the Space Force's relationship with the Air Force. This structure would ensure efficient management and coordination.

[26] Conclusion: The current approach to cyber operations is inadequate, and creating an independent Cyber Force is the best solution. This new service would improve readiness, reduce redundancy, and provide a clear career path for cyber professionals.

[27] Interviews with Servicemembers: Interviews with servicemembers and DoD civilians reveal significant challenges with the current cyber structure. They support the need for an independent Cyber Force to address these issues.

[28] Historical Case Studies: The history of the Air Force and Space Force provides examples of successful military reorganizations. These cases demonstrate that significant changes are often required to address emergent challenges and inflection points in warfighting evolutions.

[29] History of CYBERCOM: The evolution of CYBERCOM shows the growing importance of cyber operations. However, the current structure has limitations, and a new approach is needed to improve readiness and effectiveness.

Friction Points (Risks)

Creating an independent Cyber Force is a significant structural change that could address some of the identified gaps in cyber operations and readiness. However, there are considerable challenges and risks that could hinder its success or make it unfeasible. Here's why the proposed independent Cyber Force might not work:

  1. Duplication of Effort:

    • Many cyber-related functions are already performed by existing military branches and CYBERCOM. A separate Cyber Force could result in overlapping responsibilities and redundant efforts, leading to inefficiency and waste.

  2. Coordination Challenges:

    • A new service might struggle to coordinate with other military branches, given differences in culture, priorities, and operational approaches. This lack of coordination could impair joint operations and weaken overall effectiveness.

  3. Resource Allocation and Cost:

    • Establishing an independent service requires significant financial and human resources. At a time of constrained budgets, creating a new entity could lead to the reallocation of funds from other critical programs, straining existing resources. There are absolutely lessons to be learned from times when the government needed to reduce military budgets by reducing potentially duplicative efforts like in the Revolt of the Admirals.

  4. Resistance to Change:

    • Military organizations often have entrenched cultures and traditions. The creation of a new service might encounter resistance from other branches or within the broader military structure, impacting its integration and effectiveness.

  5. Transition Disruptions:

    • The transition to a new structure can be disruptive, potentially impacting ongoing operations, readiness, and morale. These disruptions might take years to resolve, affecting the military's cyber capabilities during the transition period.

  6. Unclear Jurisdiction and Scope:

    • An independent Cyber Force would require clearly defined jurisdiction and scope to avoid conflicts with existing services and agencies. If not addressed, these ambiguities could lead to confusion and operational inefficiencies.

  7. Legislative and Political Hurdles:

    • Creating a new military service requires congressional approval, which may face significant political hurdles. Lawmakers might be hesitant to support a new service without clear evidence of its necessity and effectiveness.

  8. Potential Impact on Existing Services:

    • With the creation of the Cyber Force, other military branches might deprioritize their cyber operations, potentially leading to a decline in their cyber capabilities. This could weaken the broader military's ability to operate in a multi-domain environment.

These challenges and risks suggest that creating an independent Cyber Force is a complex undertaking with no guarantee of timely success. To be effective, the initiative requires careful planning, clear communication, and strategies to address these potential obstacles. Without a clear and robust framework, the proposed Cyber Force will face significant challenges that undermine its effectiveness and viability.

Risk Mitigation / Overcoming the Friction

Physics teaches us there’s no traction without friction. We should treat it as a necessary and natural element. Here are some ways to tackle these challenges:

  1. Incremental Transition and Pilot Programs:

    • Consider a phased approach with pilot programs to test the concept. This would allow for adjustments based on early results and feedback, reducing disruptions.

  2. Clear Scope and Jurisdiction:

    • Define the role, scope, and jurisdiction of the Cyber Force in detail to avoid conflicts with existing military branches and agencies. Minimizing confusion and ensuring smooth coordination.

  3. Integrated Coordination Mechanisms:

    • Establish robust mechanisms for cross-service coordination and communication. Consider joint training exercises, shared operational frameworks, and regular inter-service briefings to maintain cohesion and reduce bureaucratic hurdles.

  4. Focused Resource Allocation and Budget Management:

    • Ensure that creating the Cyber Force doesn't lead to resource depletion in other critical areas. Dedicated budget, strategic resource planning, and continuous oversight to ensure efficient use of resources.

  5. Cultural Integration and Training:

    • Address cultural resistance by emphasizing the new service's mission and integrating its unique ethos within the broader military culture. Training programs and leadership development to foster a cohesive culture that aligns with the new structure's goals.

  6. Legislative and Political Engagement:

    • Engage with lawmakers and stakeholders early to secure support and address concerns.

  7. Retain and Strengthen Existing Capabilities:

    • While focusing on the Cyber Force, ensure other military branches continue to prioritize cyber operations. Each service experiences unique challenges and threats from its perspective and warfighting domain. This could involve maintaining cyber elements within existing services while providing clear pathways for collaboration with the new structure.

  8. Enhanced Flexibility and Adaptability:

    • Design the new structure with flexibility in mind, allowing it to adapt to evolving cyber threats and technological advancements. This involves regular assessments, feedback loops, and the ability to shift strategies as needed, especially early on.

  9. Comprehensive Talent Management and Retention:

    • Address talent shortages and retention issues by implementing career progression pathways, competitive incentives, and continuous learning opportunities. This would help retain top cyber talent and build a strong workforce for the Cyber Force.

  10. Transparency and Accountability:

    • Ensure transparency in decision-making and accountability in operations. This could involve regular reports to Congress, public oversight mechanisms, and clear performance metrics to measure the new structure's success.

Service Model:

I saved this one for last because of the importance I see in it. Determine the best model for the service. Should it be derived from a current service? Possibly. From SOCOM? Maybe.

I posit that we should consider that the dynamic nature of the Cyber Domain requires a dexterous hand and a formless way of fighting. The networks and microcosms the service will need traverse will be legion.

The service must be able to support civilian authority, commercial equities, as well as military necessity. Being able to accommodate many simultaneously.

I recommend taking a page from the Coast Guard. Working to ensure our Nation's Cyber safety, security, and stewardship as a service under both the Department of Homeland Defense as well as serving under the Army during times of Conflict.

Thoughts?

-e

Two Ideas From Me

  1. The initial, immediate, resistance to doing something is an indicator that you’re onto something good. Get Started, Don’t Stop Before You Start.

  2. It is unlikely that we’ll create perfection the first time. Develop the habit of iteration. Resistance mid-journey is important feedback that we need to iterate.

Three Favorite Things From Others

  1. Generative AI for Everyone – From DeepLearning.ai and taught by non other than Andrew Ng. Great introductory course. | More

  2. The first draft of anything is shit. - Ernest Hemingway

  3. “I’ve made it a principle not to be over-influenced by minor disappointments.” - Marianne Moore

One Question

What haven’t you started because you weren’t sure how to finish?

See the 2nd favorite thing…Now get started.

Have a wonderful week,

I’ll see you Sunday.
​-e

End of transmission.