WASHINGTON – According to an audit by the Government Accountability Office, the US Cyber Command’s vision for developing its key cyber platforms and capabilities lacks clear goals and guidelines.
The review was chaired by Congress – which has also raised concerns – and released on November 19. The government guard examined Cyber Command’s Joint Cyber Warfighting Architecture, which was created by the command to direct its capabilities.
JCWA has been broken down into five elements: common fire platforms for a comprehensive suite of cyber tools; Unified platform that integrates and analyzes data from offensive and defensive operations with partners; common command and control mechanisms for situation awareness and combat management; Sensors that help defend the network and make operational decisions; and the Persistent Cyber Training Environment, which offers individual and collective training as well as mission rehearsals.
Cyber Command has been granted limited acquisition powers, but continues to rely on the armed forces to serve as executive agents on key programs, which means that many key acquisition efforts for systems within the JCWA are spread across the services to drive the common cyber To provide mission troops.
Cyber Command relied heavily on the tools, staff, and infrastructure of the National Security Agency, and the two organizations are in the same location. However, the command is building its own stand-alone military cyber systems separate from the intelligence platforms used by the NSA for intelligence gathering purposes, which is different from military objectives.
GAO noted that the Department of Defense created this architecture to harmonize cyber capabilities, even though commanders told GAO auditors that JCWA is just a loose architecture to provide an idea to bring acquisitions together and guide requirements and investment decisions .
The GAO audit, based on interviews with officials and unclassified material, ran from October 2019 to November 2020.
Crucial to the results was the fact that Cyber Command has not defined any goals for the JCWA that describe how current and future systems would work together.
“The lack of goals contradicts leading practices that we have identified in our previous work that call for program goals to clearly define the desired program outcomes,” said GAO. “Clearly defined goals explain the goals of a program and the results that an organization wants to achieve. Objectives also form the basis for developing performance measures that organizations can use to demonstrate progress. By defining JCWA goals, DOD can describe the overall system goals, relationships, and dependencies of its JCWA programs and then develop performance metrics to track the progress of the JCWA systems as a whole. “
The audit found that the lack of interoperability objectives could result in a lack of consistent practices and standards such as data labeling standards across multiple programs.
The interoperability of the cyber programs in the command’s joint cyber teams is critical. As C4ISRNET has already reported, the Unified Platform is seen as the core of the JCWA, where data is recorded and disseminated. This data is used to make planning and operation decisions and is fed into other mission platforms and sensors.
One of the dangers associated with the lack of goals or common data standards across programs, according to GAO, is that the Unified Platform may not be able to take full advantage of other systems’ data, leading to cyber security Forces may not have the expected skills to perform operations. Unified Platform is based on many systems, e.g. B. the different big data platforms that collect information in different formats.
GAO noted that program officials said they were discussing standards informally in a “coalition of the willing.” While program managers from various programs, including Unified Platform, Joint Cyber Command and Control, and Persistent Cyber Training Environment, regularly share feedback and user data, these efforts are “largely ad hoc and do not systematically address broader data sharing or questions about Interoperability, ”stated the watchdog.
Command officers notified GAO that operational challenges and strategic changes have delayed target development. Since its inception, Cyber Command has built its powers and capabilities while deploying them in a highly dynamic environment. This dynamic environment requires forces and programs to be flexible, unlike traditional warring domains or systems such as aircraft or tanks, which are deployed decades after they were designed and built.
GAO also determined that Cyber Command had not defined roles and responsibilities for the administration of the JCWA. C4ISRNET previously reported that the command established a JCWA integration office, which GAO said was set up to address the challenges associated with defining and implementing the concepts within the architecture. The office will help develop guidelines for integrating programs into a more holistic and interoperable construct, officials told GAO.
In addition, officials said a new JCWA skills management office will work with the integration office to identify and align requirements across systems based on requirements.
Cyber Command officials notified GAO in November that they were making progress in defining roles and responsibilities.
The DoD and Cyber Command kept details of their programs near their waistcoats. GAO outlined four specific programs related to JCWA that Cyber Command and the executive agent services for cyber warriors will procure.
The first is Unified Platform, the heart of data management and integration. The Air Force is acting as the executive agent for the program.
Joint Cyber Command and Control is considered a decision-making platform. The Air Force is also the executive agent for this program. The aim is to provide joint commanders with better situational awareness and combat management for cyber forces and missions. GAO determined that the program has not yet officially entered the acquisition lifecycle. Program officials advised GAO that the effort has maintained and deployed multiple systems, but the bulk of the systems development effort will begin in fiscal 2021. It relied on other programs such as Project IKE, a prototype being developed by the Air Force and the Air Force Strategic Capabilities Office that the armed forces can use to plan and visualize this cyber environment.
The Persistent Cyber Training Environment provides critical space for the armed forces to conduct mission rehearsals. The Army is running the program for the Department of Defense. The Army delivered a second iteration of the platform to Cyber Command in October. The DoD has announced that it will integrate itself into the Unified Platform and elements of Joint Cyber Command and Control.
According to GAO, the Joint Common Access Platform offers “Mission Enablement”. The army is also the lead for this program. The platform enables cyber operators to connect to their target and achieve the effect beyond friendly firewalls.
GAO also provided brief details about the cyber tools and sensors used in operations and for situational awareness. The watchdog reported that the Services and Cyber Command are responsible for procuring these to meet mission requirements.
Recommendations and responses
GAO had two recommendations for the DoD and Cyber Command:
- The Secretary of Defense should instruct the head of cyber command to define and document JCWA objectives for interoperability to aid in synchronizing acquisition efforts.
- Further development of the JCWA governance structure by defining and documenting the roles and responsibilities of the integration and management office.
Accordingly, the Pentagon agreed to the first GAO recommendation, but partially agreed to the second. The department noted that Cyber Command plans to develop JCWA governance with stakeholders and then ensure that the objectives of the JCWA material solution and architecture are taken into account.