Posted on Feb 21, 2016
Lt Col Commander
16.9K
22
30
5
5
0
In his 2016 Speech, Gen Hyten (AFPSC/CC) mention the concept of an Air Force Cyber Squadron (CYCS) (dubbed AF Cyber Squadron-Next).

http://gazette.com/air-force-to-develop-cyber-squadrons-gen.-hyten-says-at-broadmoor-symposium/article/1569128

What should this organization look like? How do you change a mx culture to an ops culture? Should each CyCS be tailored to protect wpn/msn systems?
Avatar feed
Responses: 8
Lt Col Cyberspace Operations
1
1
0
Brew Dawg-

Great discussion. In my opinion, the Cyber Squadron is needed as the COS and NOS have found themselves overstretched and the pendulum will need to swing back to where bases have more involvement in securing their part of the battle space. That means a more operational focus, and more rights (appropriate to their level) on the network. Can't tell you how many times I've told my base leadership "If it was mine to fix, I would have fixed it already." The bases, with the right permissions, can ease the strain while being more responsive to their base's missions. What I have never had explained is who takes on the "Comm Squadron" roles, as many of those will still need to be done. And does the new unit report to the base leadership or 24 AF?

But we're thinking too small. I think cyber defense and offense are both complex mission sets that defy national and governmental boundaries and jurisdictions, and should be handled as such. A good problem set to use as a baseline is terrorism, and the JIATF(s) created to combat this problem set. If given the right legal authorities and capabilities (and mindset), a JIATF under CYBERCOM could move as fast, if not faster than our enemies, especially as the operating concept has already been established in F3EA. To bring it back to the original question, would the Cyber Squadron have play in this construct? I think would depend on the threat and what forces need to be presented. And would most likely involve the CMTs.

Lastly, the Cyber Squadron is our best bet to rebuild the experience we can't currently build at the base level.
(1)
Comment
(0)
Lt Col Commander
Lt Col (Join to see)
>1 y
Mark!!! good to hear from you!!! AFIMSC along with AFSPC will take on that role...contracting most of it out.
(0)
Reply
(0)
Lt Col Commander
Lt Col (Join to see)
>1 y
F3EA concept honestly should be abolished. Even Gen McChyrstal has stated that the F3EA process is too industrial....and a more robust approach is necessary. I think the problem is we are trying to apply Industrial Age thinking against and Information Age problem. I think the right consolidation point for networks is at the C-NAF or C-MAJCOM levels for the AF where OPCON lines converge but the AF as a whole has abandoned that notion. it's time align the COMM squadrons under a single command and have organic defenders at each base focused on all aspects of the mission.
(0)
Reply
(0)
Avatar small
Maj Walter Kilar
1
1
0
General Hyten came from the secret squirrel world, and he seems to embrace change to adapt to the changing environment, so he probably has a decent idea of what a cyber squadron should look like. The hard part is getting everyone from the President down to Airman Snuffy to buy into the details. Nobody knows what those details are, because policy, doctrine, manning, training, and funding do not all change with the times at the same rate.

There will be a difference between what the squadrons should look like and what they will look like. They should not look like base communications units. They should probably be collocated (physically or virtually) with other secret squirrels. They should be selectively manned through Green Door. Speaking of Green Door, those Airmen should be sheltered from standard deployments while assigned to cyber squadrons, and "deployed in place" while ADCON to the base, OPCON to the COCOM JTF, TACON to the JFCC-Cyber. For defense the squadrons would be OPCON to USCYBERCOM; for offense that OPCON may shift to, say, USPACOM in the form of a cyber mission team while they operate a classified weapon. Cyber squadrons should always be drilling offense and defense. Approvals for deploying effects is a difficult discussion to navigate through due to policy, as well as technical difficulties in proving attribution. Just because the computer sees an inbound IP address originating from China, it does not necessarily mean that it is actually from China. We cannot go to war against China over solar flares rebooting computers or something crazy like that.

There will be many changes and many missteps before we arrive at the correct way to operate cyber squadrons.
(1)
Comment
(0)
TSgt Jack Manigold
TSgt Jack Manigold
9 y
We went through all of that in the RPA world. It took almost a decade of missteps before we had a somewhat correct vision for how we were supposed to operate. Being coded with an enabler status with controlled tours will help out tremendously.
(1)
Reply
(0)
Maj Walter Kilar
Maj Walter Kilar
9 y
TSgt Jack Manigold - Both the cyber and space mission areas are indeed behind. Both fall into the category of FM, or "f***ing magic", when it comes to delivering effects to the " warfighter" (quoted due to excessive abuse of that term). RPAs provide effects that are easier to quantify, thus easier to justify funding, policy changes, increased manpower, etc. As we pivot away from the Middle East and focus on the Far East, we might see a shift away from RPAs and into space and cyber. Or, the focus will go into the bomber force. Or, the Rest of World situation will change again and we will shift somewhere else. Cyber and space need China and Russia to misbehave in order to get the attention they need for these massive changes being proposed. RPAs have been there, done that, so we should learn from that.
(1)
Reply
(0)
TSgt Jack Manigold
TSgt Jack Manigold
9 y
Well the biggest problem is changing the Air Force's mentality that it is a fighter pilots world where they are still fighting against countries. For some reason the Air Force is afraid of technology that is not in a manned asset.
(0)
Reply
(0)
Maj Walter Kilar
Maj Walter Kilar
9 y
TSgt Jack Manigold - Amen to that! (Note: if "Amen" is offensive to anyone, pretend that was an iPhone autocorrect of "aye, man" or "aye, insert gender neutral noun here".
(1)
Reply
(0)
Avatar small
Col Joseph Lenertz
1
1
0
Edited 9 y ago
Great question. While it might sound cool, the devil is in the details. The AF Trains, Organizes, and Equips its forces...to support the Joint Force Commander...that's its role. Ops units train at home base, but do their wartime mission when assigned to COCOMs/JTFs. Offensive cyber requires very high level approval...well above a JFACC. So, how will AF Cyber Squadrons, assigned to USCYBERCOM under STRATCOM, support the PACOM commander when he needs to retaliate against a Chinese cyber attack? Who has COCOM, who has OPCON, who has TACON, and how does approval for execution of a strike get done? Until we know how they will support the JFC in going offensive, they will still be regarded as base Comms support personnel.
(1)
Comment
(0)
Maj Kevin "Mac" McLaughlin
Maj Kevin "Mac" McLaughlin
9 y
Sir,
That has actually been addressed. The current (and new) Cyber Ops Squadrons (COS) have been formed by each of the services and divvied out to the COCOMs. My last COS, the 834th was one of the AF squadrons assigned to STRATCOM specifically. I believe the Navy provides PACOM with most of their Cyber Ops unit personnel. In our case the 834th is aligned under the 24th AF for ADCON, but the OPCON goes to STRATCOM. This is of course the defensive side of Cyber Ops. The offensive side is a whole different beast to which I cannot speak to.

The units which Maj Brewer speaks of will be the operational units assigned to each base (not the Comm Squadron, those are seperate), which I still think is too much. At best, put them in one of the MAJCOM NAFs with the mission to protect the MAJOCOM's subordinate bases.
(2)
Reply
(0)
Col Joseph Lenertz
Col Joseph Lenertz
9 y
Maj Kevin "Mac" McLaughlin - Yep, the "D" has been addressed, partly. Base units doing base firewall activities are going to be a tough sell as "Operational" units. Tankers train under a wing within AMC, support TRANSCOM operationally day-to-day, become STRATCOM assets under a SIOP activation, and get CHOPped (Change of OPCON) when they deploy to become a regional CCMD asset. Cyber "D" could work similarly. But I was talking about the "O". The "O" is the tough part, and it hasn't been worked out yet. Release authority needs to move downward or we will always be playing catch-up.
(3)
Reply
(0)
Maj Kevin "Mac" McLaughlin
Maj Kevin "Mac" McLaughlin
9 y
You're right, the "O" is the tough part as it is a more effects-based type of weapon used more strategically (for now). This may change however as emerging technologies and capabilities offer more ideas (more akin to the capabilities which our special operations units offer). Still, Cyber is a new domain where the offensive side is heavily shrouded in secrecy (for good reason). Forming offensive cyber ops units throughout the AF is unnecessary, unrealistic, and not recommended at this time. Fortunately, what we do on the defensive side does involve the use of offensive capabilities (thus we are getting the training and experience). There's a lot more to it than that but it creates a pool of experience people who can eventually be picked up by CyberCom for additional advance training.
(1)
Reply
(0)
Lt Col Commander
Lt Col (Join to see)
9 y
Col Lentertz, the cyber squadrons will be a service retained capability that protect the wing/base. That's the last data point that I have. I don't think they have any plans for offensive. With that being said, if you take a multi domain approach (based on the AF future Ops concept) a wing will deliver a particular effect and not focus too much on the platform. I agree, presentation of forces become the central issue.

On a side note, I plan to pitch for a dual status commander (32/10) for CONUS based units to allow protection of critical infrastructure.
(0)
Reply
(0)
Avatar small

Join nearly 2 million former and current members of the US military, just like you.

close