The U.S. Navy released the U.S. Fleet Cyber Command/U.S. Tenth Fleet (FCC/C10F) five-year strategic plan on Wednesday, detailing the five strategic goals first announced last month (Defense Daily, April 9).
“A lot of work had been done since our inception in 2010 and the world has changed–gotten a lot more dangerous. The cyberspace domain is changing on a daily basis,” Vice Adm. Jan E. Tighe, commander of FCC/C10F, said at a media roundtable.
“First and foremost [the plan is] a way to organize our mission and to begin to measure if we’re making sufficient progress in each of our goal areas.”
The goals are operating the network as a warfighting platform, conduct tailored signals intelligence (SIGINT), deliver warfighting effects through cyberspace, create shared cyber situational awareness, and establish and mature the Navy’s cyber mission force.
“This strategic plan emphasizes the warfighting aspects of this command–both offensive and defensive–while still recognizing the significant ways in which other warfighters rely on our effectiveness in the confluence of cyberspace, the electromagnetic spectrum, and space,” Tighe said in the document’s foreward.
The plan plots the command’s course to deliver on its responsibilities by leveraging strengths and shrinking Navy vulnerabilities. Each of the five main goals come with several strategic initiatives to achieve the goal and 18-month progress indicators.
The Navy will continue to operate networks and communication systems as an essential warfighting platform as the first goal explains: making them available; defend them from intrusion, exploitation, or attacks; and when necessary, fight through them to achieve operational missions.
The strategic initiatives that will achieve the goal include assure command and control, reduce intrusion attack surface, enhance defense in depth operations, decrease cycle time by increasing organizational clarity, and influence the agility and speed of cyberspace Planning Programming Budget and Execution (PPBE) and acquisition processes.
The progress indicator is that there are no successful adversary cyber operations on Navy networks.
“We’ve got to be able to prevent the intrusion in the first place, and if there is an intrusion, respond to prevent lateral movement inside our network,” Tighe said at the roundtable. “How often are people trying? How successful are they? We don’t necessarily have those measures looking back historically as I would like to have them.”
Goal two, conducting tailored signals intelligence, involves changing to meet evolving needs as well as collaboration with NSA partners.
Initiatives to reach the goal include institutionalize purposeful collaboration, expand and mature distributed SIGINT operations, maintain a technical SIGINT edge, and drive full national SIGINT enterprise integration. The progress indicator is that supported maritime commanders confirm that FCC/C10F provides signals intelligence products and capabilities that are timely and relevant to their mission.
Goal three, focusing on offensive cyber operations, highlights educating the warfighters on the utility of cyber effects. Although the strategy document does not elaborate on what offensive cyber operations entail, Tighe contrasted them with missiles noting they can have unpredictable effects and require unique skills to operate.
The goal has clear methods to measure success: “at any point in time, we can define, count, and prioritize the work at hand; and we know our number of successful outcomes,” the document said.
These factors lead to an internally calculated Effects Performance Score. The 18-month progress indicator is to achieve and maintain at least a 75 percent improvement over 2014 baseline Effects Performance Score for Priority 1 and Priority 2 projects, the strategy said.
Initiatives include raising the level of understanding of and confidence in cyber operations and institutionalizing the cyber delivery capability. “There is much work to do here since the cyber domain poses threats and opportunities that were not a part of military training and education even a few years ago,” the strategy said.
Goal four, creating shared cyber situational awareness, is important because “Success in the cyber domain requires vigilance: it requires that we constantly monitor and analyze Navy information systems, their availability and vulnerabilities, and any suspicious or malicious activity on these systems.”
The Navy said it intends to expand current capabilities to include a robust, globally populated, and mission-tailorable cyber common operating picture (COP). The COP will synthesize current performance of cyber systems, operations, and threats into an integrated picture.
Initiatives under the goal include establish a global DCO-DODIN-N Operations enclave; define a Unified Data Strategy and create analytics to feed cyber situational awareness; and drive requirements for visualization tools to enable shared situational awareness.
The progress indicator is that decision-makers in FCC/C10F confirm they can monitor the network and communications operating status and suspicious or malicious activity on Navy networks from a global or regional perspective.
The final goal, establish and mature the Navy’s cyber mission forces, is part of the larger effort by U.S. Cyber Command to fully establish cyber mission forces (CMF). Fleet Cyber Command’s place in generating Navy-sourced CMF teams is temporary; this is set to transition to the Navy Information Dominance Forces (NIDF), the new type command, in the 2017 timeframe.
The pool of CMF team personnel includes cyrptologists, intelligence specialists, information systems technicians, and information dominance officers. “It’s not single skill set or work role, we have to bring them together as a team,” Tighe said at the roundtable. “We’re leveraging the skill set they come with and giving them specific training for the way the team is operating, or the new way, in some cases, the team is operating.”
Progress in 18 months will be measured by Fleet Cyber Command being on plan with the CMF build along with the completion of the Sustainment Strategy.
The report noted four initiatives to support this goal: develop innovative selection and recruitment requirements, accelerate generation of training requirements, drive requirements for leading edge capabilities, and develop effective command and control capabilities and processes.
Fleet Cyber Command highlighted three actions to ensure they execute the strategic plan: develop an execution plan, conduct regular progress reviews, and foster productive partnerships.
The execution plan will spell out how they have translated the five goals and strategies into measurable results while specifying leadership team individuals who each owns a separate lower-tiered goal supporting the five strategic goals.
The leadership team will also convene at least bi-monthly to review progress and make any necessary changes to enacting the strategies. They will also provide clear requirements, create open dialogue, and build a deliberate engagement plan with each partner.