Training for Cyber Operations
© 2015 FrontLine Defence (Vol 12, No 2)

The current Chief of U.S. Naval Operations, Admiral Jonathan Greenert, has focused considerable attention on digital operations in the re-set of the U.S. Navy and its approach to 21st century operations. From electronic warfare, to digital interoperability, to integrated fire support and cyber security, the Admiral has underscored that mastering the digital domain is an essential warfighting competence.

September 2011 Adm Greenert speaks during a change of office ceremony at the U.S. Naval Academy where he relieved Adm Roughead as Chief of Naval Operations.

The CNO is a submariner, a force that is really built around stealth, communications, situational awareness, and precision strike as core competencies. Connectivity with the fleet and stealth operations are both key attributes.

In a 2013 discussion with reporters at the 2013 IMDEX Asian maritime defense show in Singapore, Adm Greenert highlighted the importance of the digital domain and placed it on par with nuclear deterrence for USN priorities. “The level of investment that we put into cyber in the department is as protected or as focused as it would be in strategic nuclear. It’s right up there, in the one-two area, above all other programs.” In a subsequent interview, he went on to explain just why cyber is so important: “For the U.S. Navy, cyber security is critical because its ability to coordinate ships, planes and personnel depends heavily on computer networks and satellites. We’ve got to understand how to defend them, how to exploit them ourselves, and how to, as necessary, be able to do offensive effects,” said Greenert.

“Many people who look at the future of warfare say it’s bound to start in cyber. The first thing you’d want to do is shut down their sensors, interrupt their power grid, confuse them [...] and presumably guard against that kind of thing and recognize if it’s starting,” he added.

In the past, nations have been able to utilize federal resources to military advantage in traditional sea, undersea and air warfare, but times have changed and now civilian hackers with their own agendas can wreak havoc whenever they uncover a digital vulnerability.

Cyber is often confused with computer and information security. But in a military context, it is really about cyber operations and within the context of rapidly evolving concepts of operations, particularly as digital systems become dominant players in the evolution of war fighting capabilities. Cyber is part of the evolving concepts of operations for the maritime, joint and coalition force. It is not an add-on; nor is it a stand alone; it is part of the integrated warfighting effort.

As part of his focus on cyber security the CNO underscored as well the importance of the educational process to prepare the Navy for the way ahead in operating 21st century forces: “We’re going to have to teach our people to understand the value of this spectrum and cyber. We just need to break out of our training techniques.”

To understand partly what he has in mind, I visited the U.S. Naval Academy’s new Cyber Security Center in Annapolis, Maryland. The service academies are standing up training programs and breaking new intellectual ground on the cyber dimension of an integrated warfighting approach for 21st century operations. The U.S. Naval Academy is at the cutting edge of “breaking out of our training techniques.”

Not only is the field in flux, the challenges are ever changing, the approaches to deal with the challenges continually being assessed, and the mix of skill sets being defined to operate as cyber warriors. This open-ended approach is being shaped at the Center by its director, his colleagues and the students themselves.

Capt Tortora and students stand by model of the new classified facility. (Photo: Robbin Laird)

The current director is Captain Tortora, a 1989 graduate of the Academy, who went on to serve on a fast attack submarine and then as an intelligence officer aboard USS Eisenhower. My colleague Ed Timperlake and I sat down with Captain Tortora and four students who were members of the first class of cyber operations specialists and are in their junior year.

An academic department is being set up in order to have tenured faculty, with a goal of approximately 6 departmental members, 3 military and 3 civilian, but the Center-led effort will remain crucial to the continual process of engaging with and shaping the field of endeavour.

The Center itself is not an academic department. It strives to be very open-ended and flexible in defining subject areas, a necessary approach when dealing with the emerging subject of cyber operations. And as the first classes go into the field and experience is fed back to the Academy, the subject itself will be redefined, reworked, and taught differently as fleet experience folds into the teaching process.

Captain Tortora explains that there are two different but intersecting processes in play at the Academy. The first is the requirement to teach all Midshipmen cyber awareness and cyber security fundamentals with an expectation that this beginning effort will be revitalized over time as the graduates lead the way in shaping the 21st century USN and USMC efforts. A two semester course covers basic cyber awareness, security and electronic warfare. The ‘all things digital’ approach is being laid down and built upon in shaping cyber engagement.

The second is standing up a cyber security major, which is really more about cyber operations or con-ops than a narrowly technical cyber security curriculum. The goal here is to combine the technical with policy and legal aspects to understand the social dynamics within which cyber attack and defense is an operational reality.

Interaction among the students and faculty is crucial to shaping what should be included in molding the curriculum. Captain Tortora repeatedly emphasizes the key role that students play in shaping the major and how to forge an effective curriculum. “They are the ones crucial to helping us build out an effective curriculum; sometimes they refer to themselves as intellectual guinea pigs.”

The three year track, followed by majors at the Academy (and remember these Juniors are the first-ever majors at the Academy) involves technical, policy, legal, and social issues, and then in the third year seminars and papers. The curriculum already has a number of courses dealing with the non-technical aspects of cyber operations, to shape a more comprehensive understanding of the operational dynamic.

The interactive nature of shaping the field is reflected in the fact that the students in the field are engaging in various outside organizations and attending external conferences and sessions. Internships are crucial as well at places like the National Security Agency, and with various Centers in industry and government involved in shaping con-ops approaches.

The launch class has 28 students and the sophomore class behind them has 55. The goal is to have 40-60 students at each level, with three sections. Midshipmen will take 140 total hours of classes at the Academy, with 15 courses in a major as part of those total hours.

Only four of the majors will go directly into Information Warfare openings, and the rest will proliferate into various fleet positions, and could go to fields like Marine Corps Aviation. This means that in addition to the basic course work taken by everyone at the Academy, the USN is looking to proliferate officers with a cyber major throughout the fleet. And as Captain Tortora puts it: “It won’t be long before fleet admirals will want to have with them an experienced cyber officer and team to help them deal with and generate cyber effects as part of cyber operations.”

Included in the FY2015 federal budget is an allocation of $120 million for a new building to house the Cyber Security Center. It is expected to begin construction in 2016. (Photo: Robbin Laird)

The four midshipmen who participated in the round table had a wide variety of interests and backgrounds and illustrated that the approach to cyber operations was not narrowly technical. Obviously, there needs to be technical proficiency and competence, but one Midshipman was thinking about becoming a history major, another a Chinese major, and they felt that these interests could be met by dealing with the social, policy and legal dynamics of cyber operations.

These folks are not headed down the path of firewall technicians; but rather participating in military operations, which will subsume cyber operations. Cyber operations majors who graduate from the Naval Academy will form, in the words of Captain Tortora, “a bow wave of young officers coming into the force that will force change more broadly in the Navy.”

A key challenge in shaping a Center on Cyber Operations is to be able to attract staff and to retain graduates in the Navy after their obligatory period ends. Of the 60 PhDs who received their degree last year in cyber-related fields, only one went into the Academy. This means the Academy will have to take flexible approaches to appropriate staffing, drawing upon visiting professors, and other ways to bring in the kind of practitioners who would both contribute to and benefit from the dynamic and highly interactive environment that Capt Tortora and his team have put in place.

Included in the FY2015 U.S. budget is an allocation for the full $120 million for a new building to house the Center. “Through hands-on learning in a real-world environment, we are preparing our midshipmen to be future cyber warriors that will protect our country from cyber terrorists, spies and thugs,” commented Senator Barbara Mikulski from Maryland, who serves on the Academy’s Board of Visitors.

This building would also house the first classified facility at the Naval Academy, Capt Tortora told reporters. “Without the classified classroom space, the midshipmen do not get any instruction at the Naval Academy in the classified aspects of cyber and related domains. The Sensitive Compartmented Information Facility (SCIF) will allow things to be done, talked about, shown, that we can’t do now.” This classified facility would include classrooms, research labs, lecture halls and SCIF space.

In short, it is not surprising then that the U.S. service academies are standing up cyber learning approaches in their curriculums and setting in motion and educational revolution for the digital warriors coming to the force and possibly leading the way for Western allies to learn from. The U.S. Naval Academy is certainly at the cutting edge of these efforts, and has set in motion an approach designed to prepare future Marines and Naval officers who are trained at the Academy for both sensitivity to and understanding of cyber threats, challenges, and operations.

Robbin Laird, an international defence analyst based in Virginia, USA, is a regular contributor at FrontLine Defence.
© 2015 FrontLine Defence