Following reforms, Navy seeing cyber mission force readiness improvements
SAN DIEGO, Calif. — Navy officials are confident they’re on the right path and have corrected concerns regarding the readiness of the teams the service is responsible for providing to U.S. Cyber Command.
While readiness issues have plagued all the services’ contributions, the Navy faced the brunt of ire from former officials, outside experts, and namely, Congress.
The cyber mission force includes 133 offensive, defensive and support teams that conduct cyber operations for Cybercom. Each of the military services is responsible for providing personnel for a set number of teams to the organization, which then employs those forces in operations for the other geographic combatant commands.
Congress had grown concerned that the Navy’s forces were woefully inadequate.
“The readiness of the Cyber Mission Forces assigned to U.S. Cyber Command is substantially below acceptable levels. This shortfall is due primarily to the lack of sufficient numbers of personnel in each of the services in three critical work roles that are especially demanding: tool developers, exploitation analysts, and interactive on-net operators,” senators wrote in multiple questionnaries to prospective service chiefs last year.
At her confirmation hearing in September, the Navy’s top officer vowed to make cyber mission force readiness a top priority.
“The Navy remains fully committed to meeting DOD and USCYBERCOM Cyber Mission Force (CMF) requirements both in readiness and directed growth. We have prioritized fixing readiness while still aggressively working to grow the force,” Adm. Lisa Franchetti wrote in response to senators’ advance policy questions. “Our aggressive action to correct has turned the tide, and Navy readiness for Cyber is rapidly improving in order to meet the demands of U.S. Cyber Command.”
Following several initiatives, top Navy officials have asserted the service is on the right track.
“We’ve been able to make some really important advancements in how we’re approaching readiness and how we’re approaching talent management,” Vice Adm. Craig Clapperton, commander of Fleet Cyber Command, 10th Fleet, Navy Space Command, said at the annual WEST conference last week.
Battle rostering and training
Through efforts primarily from Naval Information Forces — responsible for providing trained sailors and equipment to forces in the information warfare arena — and its commander Vice. Adm. Kelly Aeschbach over the last couple of years, the Navy improved training and developed a dedicated cyber workforce.
“We really need for our cyber mission forces, we needed to develop a force generation engine. We were looking across man, train and equip areas,” Elizabeth Nashold, deputy commander of Naval Information Forces, said at the WEST conference.
Officials sought to get the manning levels of the teams to at least 90 percent, as mandated by Cybercom.
However, upon doing a deep dive, the Navy’s cyber community realized it was having an issue getting enough personnel fully trained onto the teams — a problem Clapperton referred to as a “battle roster” issue.
“We really started doing some analysis. Okay, where are all these people? Because big Navy was saying, ‘Well, I’m giving you most of what you want.’ And you never get all, but [from] big Navy perspective, ‘You’re getting the people, where are they?’” Clapperton told DefenseScoop in an interview. “We had a lot of people that were actually getting assigned to the teams that we could not, as we say battle roster, because they hadn’t had all the classes ahead of time.”
Each team under the CMF has to have a set number of total personnel to be considered fully manned. While a person may show up to their team, they require certain training and certifications in order to conduct real-world operations and be “battle rostered” on that team to count toward the manning numbers. If they don’t have the proper qualifications, despite actually being on the team, they can’t be counted.
The Navy began trying to improve its pipeline. Over the last two years, it performed a self-assessment of its cyber mission force contributions, which included lifting and shifting all training to the left in order for sailors to arrive fully trained, according to the service.
Cybercom in recent years has sought to move training to the left for all the services. When the cyber mission force was created in 2013 and up to now, there was a heavy reliance on on-the-job training, meaning personnel would get basic and intermediate training at their respective service schools based upon loose, joint standards Cybercom set forth. Once they arrived at their specific unit, they would need additional training because they weren’t ready for operations after schooling. That led to readiness concerns.
“Two years ago, the situation with training is that we were sending our sailors to the cyber mission force teams and they weren’t trained,” Nashold said. “They would go to the teams and then they would go get training. And so the readiness of the team suffered because they weren’t qualified.”
To address that problem, Clapperton said the Navy worked with Cybercom to federate that training across various installations or centers of excellence so sailors would have better access to it.
“That enabled us to start pulling training to the left so that when sailors got to the teams, they could in fact be battle rostered,” Clapperton said. “That really helped to improve our personnel numbers. As our personnel numbers went up and then as those guys were able to be battle rostered and get to the teams and then start moving through the quals once they got on the teams, then we started seeing their actual training numbers go up as well.”
Additionally, the Navy’s cyber community has had to work with big Navy, given the requirements set forth by Cybercom for manning teams. Clapperton said the Navy is largely platform based and a rotational force, and its teams normally aren’t manned to 90 percent.
But because the cyber force is engaged all the time, Cyber Command wants its teams constantly ready.
“That was a little bit of a sea change as well to say, ‘Hey, look, these teams need to be manned at 90-plus percent,’” Clapperton said. “We were targeting manning them traditionally within the Navy at 80 percent. And then you always fall, candidly, a little short of the targets. So we’re always in the high 70s. For our rotational force, that might seem like that’s okay, but for a force that has to be ready all the time, it wasn’t.”
He said there are commitments now from within the Navy to get those number up.
“Pulling the training to the left, manning the teams to 90 percent or above all the time, creating some training centers of excellence, and really focusing on that training so that as soon as they get to the teams, they can start moving forward — that’s had really marked improvements,” he said.
The Navy had established Cyber Qualification Training Teams along with its improvements to force generation for Cybercom, which will also better posture it to go from 40 cyber mission force teams to 44.
It was reported last year that the Navy was forced to adjust and scale back four additional teams it was slated to provide to the cyber mission force as part of authorized growth to the overall force. The military had not added any teams to the initial 133 envisioned when the CMF was created in 2013. The Department of Defense has authorized an additional 14 teams over five years, for which the Navy was to provide four.
Clapperton said with the adjustments to manning and training, the Navy is on track to add those additional teams again in coming years.
“I don’t have enough people battle rostered on the teams. It doesn’t make sense for me to spread that peanut butter even further and start failing to meet the battle roster numbers on more teams. I said, ‘Let me get to where I’ve adjusted my training and I’m battle rostering at that 80 to 90 percent on the teams I’m supposed to have, and then I’ll start filling those other teams,’” Clapperton said regarding discussions with Cybercom and the move to scale the build back. “We’re at that point now. It took us about a year, year-and-a-half to make that adjustment and catch up, but going forward, we’re going to start filling those other teams.”
Developing cyber-specific work roles
The other issue that impacted the readiness of the Navy’s cyber teams was the fact it was the only service that didm’t have a dedicated military role for cyber. Its cyber personnel are primarily resourced from its cryptologic warfare community — which is also responsible for signals intelligence, electronic warfare and information operations, among several mission sets — with additional roles resourced from information specialists and cyber warfare engineers. Cyber warfare engineers are not operators, but specialize in highly technical skills and development of tools.
Critics said this risked neglecting cyber and having a lack of institutional expertise both in the operations community and at top echelons of leadership. However, others in the community believe a cyber-specific work role is too limiting, which could lead to a lack of expertise across the entirety of the information warfare discipline.
In last year’s annual defense policy bill, Congress required the Navy to create specific cyber roles for its enlisted and officer ranks — a rating and designator, respectively, in Navy parlance.
In June 2023, the Navy announced the cyber warfare technician rating for sailors and the maritime cyber warfare officer designator for officers.
Clapperton said those have “dramatically increased our readiness over the last 12 months, and then even more so when you look at that over the last 24 months,” but it’s also too early to quantify exactly how much.
He did laud the decision’s importance for creating cyber experts within the Navy.
“This is going to enable both our enlisted and officer force to stay focused in cyber, instead of going across the entire breadth of” information warfare, he said at the conference. “It’s going to drive and force both those officer [and] enlisted personnel to stay primarily in cyber and to stay on target and to create the expertise that we need to defend ourselves and if necessary, be able to attack our adversaries in space and cyber.”