Army Cyber Command is posturing to have centralized visibility over the service’s entire network — from the office to the battlefield — the likes of which has never been done before.
“Army Cyber is now going to be providing a capability to meet a users’ requirements and now we will adequately resource it so we won’t have that stovepiped approach,” Lt. Gen. John Morrison, deputy chief of staff, G-6, told DefenseScoop in an interview ahead of AFCEA’s TechNet Augusta conference next week. “We’re able to focus all those energies and really balance requirements to capabilities to resourcing through Army Cyber. That is fundamentally different than how we’ve done it in the past.”
This effort is part of the Army’s unified network plan, unveiled in the fall of 2021, and aims to link its tactical battlefield networks with its more static enterprise networks for a singular network approach. Previously, the network was comprised of federated siloes that were largely theater-centric and made it difficult to communicate or share data across theaters.
Last year, the undersecretary and vice chief of staff initiated a top-to-bottom audit of the network, dubbed the network capability portfolio review, to holistically examine everything from requirements for unified network operations and cybersecurity to transport, cloud adoption and data analytics as a means of better understanding network components and funding mechanisms as it sought to develop a unified approach.
That effort “really allowed us to see ourselves as an Army,” Morrison said, and “allowed us to see that we had often duplicative requirements, we saw often duplicative technical implementations and we saw, in some cases, duplicative resourcing against very similar requirements and more capabilities.”
“The network capability portfolio reviews have allowed us to really harmonize our requirements and then prioritize them in a manner in which we really have not been able to do before and align resources. It really is allowing us to accelerate our network modernization efforts towards the notion of the unified network,” Morrison said. “We are shifting to a model where we are going to deliver services and cybersecurity and other capabilities centrally through Army Cyber. That is going to allow us to really collapse all these disparate organizational networks that we have in the Army. We have made great progress in reducing that down and we’re really into the final throes of the last major ones that we really need to do.”
As the Army has evolved from the initial concept of the unified network to actually building it, it has shifted its initial pillars into four strategic priorities, one of which is to reform the security and defense of its information.
The priority states the service is focused on “Modernizing the Army’s cybersecurity posture through the integration of zero-trust principles and other key reforms to ensure the security, integrity, accessibility, and reliability of our data, both in transit and at rest.” Morrison is expected to address ongoing progress in building the unified network at AFCEA’s TechNet Augusta conference Aug. 15.
Through the consolidation stemming from the network capability portfolio review, Army Cyber Command will be more tuned into the cybersecurity of the entire network and able to assist units far flung from traditional desktops on the battlefield.
“We now have the ability to see end-to-end into the network in a means of which we’ve never ever been able to before,” Morrison said. “That’s enabling us to remove some of that complexity at the tactical edge and bring it back up. It’s also allowing Army Cyber to provide cybersecurity overwatch to tactical formations and unburdening from that. It’s allowing units to move and plug into the network at a speed that, quite frankly, wasn’t possible only a few years ago.”
One capability the Army is working on is called Unified Security Incident and Event Management, which will provide end-to-end network visibility across all echelons, spanning the strategic enterprise level all the way to tactical formations.
“When a tactical formation plugs back into the network, Army Cyber can see all the way down into those tactical formations,” Morrison said. “If there’s an incident or an event that needs to be managed and dealt with, they’re able to immediately start tipping and queueing units to take certain actions. That is a significant difference from how we’ve done it in the past where we literally were sort of separated by echelons and we didn’t really integrate the solutions to the extent that we have today.”