Growing threats in the cyber realm have senior military and defense officials increasingly pressing to integrate the joint force across domains and combatant commands. Speaking at AFA’s Air, Space & Cyber Conference, leaders emphasized the need to be ready before future crises strike.
The unclassified summary of the Pentagon’s 2023 Cyber Strategy, released Sept. 12, highlights the deterrent value of cyber capabilities when they’re understood by potential adversaries. “Cyber capabilities held in reserve or employed in isolation render little deterrent effect on their own,” the report states.
“Military [cyber] capabilities are most effective when used in concert with other instruments of national power, creating a deterrent greater than the sum of its parts,” the strategy states. DOD, it adds later, must “campaign in and through cyberspace to advance joint force objectives.”
Air Force Lt. Gen. Kevin B. Kennedy, head of Air Forces Cyber, told an audience of Airmen and Guardians that “cyber is different, but not special.” Operators must “think about the effects that we can create in the cyber domain and [align] those into crisis and conflict planning in the normal processes that exist within the combatant commands for aligning those capabilities.”
But cyber does present specific challenges, he said. U.S. Cyber Command is so new—it only became a unified combatant command in 2018—and figuring out how to coordinate and ensure maximum effect is still an ongoing effort. Some argue that a future military Cyber force, modeled on the U.S. Space Force, may be a necessity in the future.
Kennedy is not quite sold, at least not yet. “For me, when you start any kind of military capability and you think across domains, you generally start with some level of just deconfliction,” he said. “Then you move into some level of maybe coordination, synchronization, and then you want full-on synergy of the forces to get some effects upscaling. Where I’d say we are right now … [is] we’re definitely in the coordination and synchronization line.”
Sorting out who is responsible for executing particular missions is the major hurdle today.
“All are involved, all in the planning, it needs to integrate with both commands’ joint fires’ processes,” Kennedy said. “But the question of timing and tempo goes to who has the [unified command plan] mission. And then who is the person that has to execute that mission and align it with the effects in the other domains? So I’d say we’re moving along. We’re not at full synergy yet.”
Air Force Lt. Gen. Timothy D. Haugh, vice commander of CYBERCOM, said that as more Airmen, Guardians, and other service members gain cyber operations experience in cyber units, planning and coordination will become easier. The services themselves will gain confidence in the domain.
“It starts with that talent,” he said. Then it requires ability, “the maturation of each of the service cyber component headquarters, the maturation of our integrated planning elements that are with each of the combatant commands,” Haugh said. Today, they are increasingly “working to campaign, to develop operations and investments, and to be able to have outcomes.”
Wanda T. Jones-Heath, principal cyber advisor to the Department of the Air Force, said cyber operations have to be folded into existing training exercises, so operators get use to responding to cyber effects and employing cyber effects in operations.
“We’re starting to do a lot of that. You see it in the INDOPACOM region, joint exercises, we don’t find ourselves, let’s include our sister services,” Jones-Heath said. “So we have to keep that in mind as we think about, are we able to project enough power, both in the Air and Space Force?”
The Space Force is particularly vulnerable to cyber attack—space is about moving sensor data and communications around the globe rapidly, and the links between assets on orbit and ground stations are subject to attack.
But Col. Zachary “Shay” Warakomski, the USSF’s senior cyber officer, said the reverse is also true. “You can flip that paradigm just a little bit, from the standpoint of offering a wider array of exquisite capabilities for the combatant commanders, our nation’s leadership, through space-enabled cyber operations as well,” Warakomski said. “And when you take into consideration the entire portfolio of information warfare and electronic warfare … that’s a whole lot of arrows in the quiver for our nation’s leadership.”
Given those close ties, Warakomski said the Space Force is looking to stand up a service component to CYBERCOM, an issue Chief of Space Operations Gen. B. Chance Saltzman also raised during the conference. Already, the service has established an integrated mission analysis team for space in CYBERCOM, and Warakomski said they will continue to build “direct connective tissue.”
The Cyber Strategy document also noted the importance of aligning cyber effects with other government agencies, industry partners, and allies and partners—particularly key because the focus of many cyber threats is to critical U.S. infrastructure. Haugh, nominated to be the next head of CYBERCOM and the National Security Agency, said coordination on that front has also significantly expanded in the past few years.
“That has really started with election defense, and the work that began in 2018, to be a partner in support of [Department of Homeland Security] and FBI, to defend our elections and our electoral process,” Haugh said. “That foundation was really built on how we collaborated with both DHS and FBI, but also how we share information. And as U.S. Cyber Command, we’ve received significant new authorities on how we can partner with industry and to share information directly. We’ll do that in concert with DHS and [the Cybersecurity and Infrastructure Security Agency] and with FBI.”