This is where I provide some commentary on commentary and originally appeared in Soldier Systems Digest, Vol 5, Issue 26.
The Pentagon knows its cyber force model is broken. Here’s how to fix it
The authors of this article revive the argument for establishing a US Cyber Force. I agree, except that the designation of Cyberspace as the fifth warfighting domain was myopic in the first place and establishing a “Cyber” force only gets part of the job done.
The reality is that Cyber is SIGINT by other means and that SIGINT is one of many elements of electromagnetic warfare. The EM spectrum is the true fifth domain.
To solve our current shortfalls, we must look to the past to face the future.
First, establish the US Security Service (USSS) as the sixth military service with specialization in offensive Cyber, Electromagnetic Warfare, and SIGINT. This requires a fix to the Title 10 / Title 50 issues which caused this bifurcation of effort in the first place.
Second, reconstitute service level versions of the Security Service which were stood down and merged with other Intel organizations in the 70s and 80s. Like the USSS, these service elements will provide offensive Cyber, EW, and SIGINT capabilities to support their own service branch.
Third, merge the National Security Agency and US Cyber Command once again into a single entity with additional technical control over Electromagnetic Warfare and an understanding that this entity controls offensive actions in addition to collection. Once again, the tweaking of Title 10 / Title 50 issues is critical.
Fourth, leave cyber security to the services as they establish and manage their own networks.
The new US Security Service will provide the National Cyber Force as well as the lead on national level EMS collection efforts and EW policy and execution. It will also provide forces to support joint warfighting at the Strategic, Operational, and Tactical Levels. Finally, it will establish a SOF component to support properly USSOCOM with a full seat at the table.
Unfortunately, cyber has become a generic term used by operations personnel to describe the full gamut of EW activities. While CEMA has been used here in the US as well as in the UK, Cyber ElectroMagnetic Activites seems to have lost favor even though it better describes the capability. As EW elements are embedded in Army formations under the Transformation In Contact initiative, Army combat arms Soldiers and Leaders will begin to use the term EW to generically refer to what is, EW. Unfortunately, they won’t be getting everything. The Army’s concept of EW is a stripped down capability which provides elementary direction finding and jamming, which makes it a hammer when it could be a scalpel. Signals will be geolocated without ample characterization and either jammed or passed to fires for destruction. This will invariably lead to the denial of exploitable nodes or the destruction of deceptive emitters while the real ones escape notice.
The Army is actually exacerbating the issue. The Army is combining USAREUR’s 2nd Multi-Domain Task Force with the 56th Artillery Command referring to “cyber” and traditional fires and defensive and offensive fires. The Army got the CEMA element correct in the 2nd MDTF, combining Cyber, EW, and SI in one organization. The danger is placing all of that capability under a commander who only understands that targets get destroyed.
–Eric Graves
Founder
SSD
The danger is pacing all of that capability under a commander who only understands intelligence gain/loss.
These are revisited Hugh Trenchard and Billy Mitchell arguments. Only an airman can understand the magical new technology that is the airplane, and only the airman can advocate for and employ these new capabilities.
Electronic warfare and signals exploitation are inherent offensive and defensive design elements in modern ships, aircraft, and weapons. Shifting service and and operational authority to employ a system at the tactical edge to a unified service and combatant command headquartered at Ft. Meade means it will not be available for use to the ship captain or strike package commander without cross-combatant commander coordination. Which capabilities get shifted, and what’s retained by the current services? The empire builders say “everything” that is EW, SIGINT, or cyber related. Sorry captain, you can’t use EW to defend your ship against that inbound missile, we’re waiting for the review and approval process to be completed.
Creating service-level headquarters for new capabilities makes Washington DC bureaucrats happy, but does little to foster effective combined arms.
The system is currently broken, badly. I have been reading up on the creation of USSOCOM and what I’ve learned from it is that, without outside intervention (Congress making law) the military is incapable of fixing itself.
Every service has aircraft and every service has boats, just like they still have Space capabilities after the creation of Space Force. I believe that transitioning NSA and combing it with Cyber Command into a uniformed service rather than a command under DoD is what is needed for the 21st century.
Eric, we’re watching this play out among Space Force, National Reconnaissance Office, and the National Geospatial Intelligence Agency. Each agency has different charters, and each agency controls certain capabilities through distinct authorities. NRO has resisted Space Force acquiring and controlling certain types of satellites for future tactical surveillance, reconnaissance and tracking (tacSRT), instead wanting to share control “shoulder to shoulder.” The Air Force has cancelled the AWACS replacement with the expectation that Space Force can provide equivalent coverage in the future. Will NRO be responsive to the needs of the battlefield commander? NRO has also complained to Congress that Space Force is not meeting its manning requirements to fill seats in NRO organizations.
If we have a Space Force, why do we need NRO and NGA? Space Force and SPACECOM are trying to become a “thing” but they are being relegated to a manpower pool. And NRO still wants space cadre augments from the legacy services.
NSA and CYBERCOM have different charters and different authorities. NSA has resisted CYBERCOM and the services acquiring certain types of capabilities for military purposes for many reasons. If you combine the two organizations, one mindset will override the other, and I suspect it will not favor combat effectiveness over intelligence collection.
All this means is that the services will give up a sizable portion of end strength to Cyber Force that will be relegated to a permanent party manpower pool for NSA with no gain in combat capability for the joint force. Yup, broken, but is the conventional wisdom “fix” solving something, or just rearranging the deck chairs.
You have to remember that the “schism” between NSA and CYBER is self-imposed. They were one organization until 2009 and remain under DIRNSA who is dual-hatted. We’d all be better served if they were one once again. The sticky point is Title 10 / Title 50 which was created in the late 40s and early 50s. They both need overhauling. Things have changed.
The services must continue to protect their networks and provide basic EW capabilities, but transitioning NSA into an actual service with its own MFP line would give Electromagnetic Spectrum Operations the focus it requires.
We did just fine with this during the Cold War when the EW and SIGINT units were all under the technical control of one organization but the tactical control of their respective Corps, Divisions and Separate Brigades/ACRs. It kept the units from being misused or damaging other unit’s operations but still left them available for EW fires and appropriate intelligence collection. If there were conflicts, Division and Corps Commanders fought those out behind the scenes with DIRNSA. It really wasn’t a problem and fixed the overly tight flow of tactical information problems from Vietnam that the CEWI model (mostly) fixed.
This current hash appears to those of us who used to work under the old system to be completely unworkable. EW assets not under the technical control of a SIGINT authority could wind up being more of a hindrance than a legitimate fires capability. Random units shooting random electrons off into the dark with no legitimate targeting.
Cyber wasn’t really a thing back then, but it really is just another SIGINT discipline. There used to be several more SIGINT disciplines that went away with the end of the Cold War because of a shifting in technologies; whole MOSs went away or got folded into other ones.
Folding Cyber back into where it belongs and placing it under centralized technical control is a wise thing to keep separate Cyber elements from working at cross purposes. The various services would likely keep their capabilities, but there would be standards for reporting, security, targeting and collection, like the other SIGINT disciplines had.
Some examples of tactical assets with offensive, defensive, and surveillance EW capability in the inventory:
F-35
EA-18G
E-37B
EC-130
Every US Navy warship in the fleet.
Every US aircraft with radar warning receivers and self-protect countermeasures.
None of these are SIGINT platforms. These are JFACC or JFMCC assets. The people operating, planning, and controlling these ships and aircraft are not “shooting random electrons off into the dark with no legitimate targeting.” They have professional weapons schools. They have professional targeteers. They are communities that have been employing tactical electronic warfare capabilities for decades – more than a century in the case of ships. They do not, nor should not, need the consultation or permission of a major staff 7,000nm from the battlefield to conduct their mission.
Centralized planning and centralized execution has worked so well in the past.
Believe it or not, all of those assets are already under the purview of a joint staff element. Meet the Defense Spectrum Organization DSO – Joint Spectrum Center JSC. Like Nate said, you can’t go shooting electrons Willy-Nilly. Someone has to provide guidance on how, when and where to do it. Things got so bad during the GWOT that comms were wiped out on some areas. It’s only going to get worse now that the Army has decided to emplace EW assets at Bn level.
You don’t fly sorties without coordinating, you don’t conduct fire missions without coordinating, and in the future, you’re going to have to coordinate nonkenetic fires.
When can we turn on a radar? How can we coordinate interflight frequencies? How do we “de-conflict” jamming assignments? Datalinks? Minimize EW fratricide? Don’t worry. Cyber Force will take care of all of that, right? Again, there are professionals that have been doing this at the tactical and operational level for a very long time. Urgent deployment of ground-based jammers to soldiers without the proper training to employ them without comms frat doesn’t mean everyone outside Meade is an amateur.
Like it or not, “purview” is not a command authority. Coordination happens in theater at the functional components based on guidance from the spectrum organizations. Joint Staff J6 or Joint Spectrum Center don’t have COCOM, OPCON, TACON, or service authority over those ships and aircraft or capabilities inherent. The final authority remains with the combatant commander with COCOM of the forces within the theater as laid out in UCP.
You’ve offered nothing to convince me that a historically isolated compartmented organization that has hidden behind the excuse of “Title 50” can be responsive to the needs of an individual task group, task unit, or strike package commander at scale on the other side of the world.
BTW, DIRNSA was a three star combat support agency position. The fourth star was granted when CYBERCOM became a sub-unified combatant command, but the first priority has always been the Title 50 mission at the expense of Title 10. CYBERCOM is neither equipped to, nor does it have the expertise to command global electronic warfare within a GCC, down to the individual strike group or strike package level. It still won’t be equipped if there is a Cyber Force.
This is about empire building, not combat effectiveness.
You apparently missed how Space Force was created. Go learn about that and then reengage.
DIRNSA effectively controlled all of that from 1952 to the 90s, when the Army (stupidly) divested itself of its jamming capabilities.
What is hard to understand, if you weren’t involved, was that during the Cold War, NSA did collection management and targeting deconfliction for ALL EW and SIGINT activities. Army soldiers didn’t fire up an MLQ-34 Tacjam or start spinning dials at a Field Station without a clear mission and permission. And the same went for every collection, EW, ESM, EA, ELINT or other system on a Navy ship or aircraft or an Air Force platform. And many of the platforms you named WERE SIGINT assets or occasionally had them on board, and they WERE most definitely under the technical control of DIRNSA.
The “empire” was already there, but with a lack of foresight, we stripped the ground-based services of the tactical capabilities on the misguided assumption that they would always be able to get national level support for everything. That didn’t work. It turns out that you need local, task-organized assets, whether you are a maneuver Brigade or an Arleigh Burke. But those assets still need technical direction and deconfliction.
Cyber is just another electromagnetic “INT.” We had a bunch of others that were at the forefront and went away because the technology changed…how may 05Hs does the Army produce anymore? We used to crank them out in the thousands from Devens. Now nobody does manual Morse. Mostly. Cyber is just a newer “INT” subset of SIGINT and it was an organizational failure that it wasn’t kept under the auspices of national technical control from the outset.
It needs to be brought under the technical control of an overall organization and synchronized with other collection efforts and electromagnetic fires, or its just random effects that may hurt more than help. That’s not empire building, its appropriate collection management.