Cyber Command prepares to gain significant budget control

Inside U.S. Cyber Command at Fort Meade, Maryland. (Josef Cole / DOD / U.S. Cyber Command)

U.S. Cyber Command is preparing to wield much greater budget control over major cyber programs, shifting funds away from the Army and Air Force programs that currently procure systems on behalf of the command and its forces.

The fiscal 2022 National Defense Authorization Act gave the commander of Cybercom responsibility for direct control and management of planning, programming, budgeting and execution of the resources to maintain the cyber mission force, an authority known as enhanced budget control.

Previously, the commander only had oversight of about $600 million from an overall Department of Defense IT budget of around $40 billion.

“The individual that runs a combatant command that’s responsible for defending the nation from significant cyberattack, defending the Department of Defense information networks and providing cyber capabilities to the other warfighting [combatant commands] … he’s got $600 million out of that topline $40 billion to $50 billion budget,” Lt. Gen. Charles Moore, deputy commander of Cybercom, said during the command’s legal conference March 10. “We have a significant mismatch in terms of the actual money, the authorities and the responsibility. We’re just trying to bring that back into alignment.”

With these new authorities set to take effect in 2024, the command is now working on its program objective memorandum, or POM, which sets fiscal plans for future years.

“We’re having to build our POM starting in 2024 and, of course, acquisitions. [That’s a] big part of what you’re going to need, what your requirements are, how are you going to POM for those types of activities,” Moore said.

In trying to bring the budget back into alignment, Moore said Cyber Command will focus on a variety of things including headquarters, subordinate headquarters, the cyber mission force and the elements of the Joint Cyber Warfighting Architecture (JCWA), which guides the command’s acquisition priorities.  

Under this new paradigm, funding for major acquisition programs that the services were directing on behalf of the command will shift to Cybercom, although the services’ program executive offices and program managers will continue to execute the programs, a spokesperson said.

The elements of the JCWA include systems for command and control of cyber forces and the larger cyber environment, big data, training and executing offensive operations, among others. The Air Force and Army primarily run these programs, providing the funding and acquisition personnel to deliver them on behalf of the command.

Under the new model, funding for those programs will transfer to Cyber Command.

“Having that authority is going to be very, very important for us going forward not only for those traditional … programs that part of the JCWA, but also for rapid acquisition types of programs that we’re going to need if we’re going to stay ahead of adversary” nations, Moore said.

For a command that is still relatively young – less than 15 years – this is an important step that moves it closer to the Special Operations Command model of so-called service-like authorities.

Initially, Congress capped Cyber Command’s funding at $75 million, outlining a crawl, walk, run methodology to ensure it didn’t bite off more than it could chew.

That cap was lifted allowing the command more flexibility.

Cyber Command officials have touted that they are improving their acquisition structure, noting that the organization created a Program Executive Office Cyber within its advanced concepts and technology directorate.