4 hard-earned lessons about cyber ops

By Maj. Jason Zeruto and Capt. Frederick Waage, U.S. Army
Best Defense guest cyber columnists

Integrating cyber effects into traditional military operations is an emerging and potentially high payoff field. While traditional kinetic operations can draw upon centuries of best practices, cyber operations require significant experimentation to learn how to be most effective on the battlefield. Here is what we have learned through experience in these early experiments. Our article is intended to help tactical Cyber Electromagnetic Activities (CEMA) leaders navigate the future conflicts that will undoubtedly straddle the land and cyberspace domains. As the Army expands its Cyber Support to Corps and Below initiative, we CEMA leaders must continue to prove our value to maneuver commanders, else we risk irrelevance.

It is not about you

You must be in tune with the customer’s culture and needs. This is your job, not theirs. A company commander, all-source analyst, HUMINT source handler and operations officer all have different expectations and gaps to be filled. Even with the most sophisticated and capable system on your hands, its important to remember that the customer has a vote. Operationalizing or employing a capability that is sophisticated, but complex, will be difficult if the customer prefers simplicity. Furthermore, identifying gaps is not the sole responsibility of the customer, but should also be done by the CEMA team. Some customers believe they know exactly what capability they want, others have no idea, yet others just ask for an effect. It is your job to assist in brainstorming, strategy development, present options, and deliver an effect that has a real impact. Real impacts are not measured by the system or planner, but by the customer. As we said, it ain’t about you.

Brainstorm

Here’s the recipe: assemble the right team, give them a good working environment, and accept the fact that failure is part of the process. Teams should begin hypothesizing in order to develop solutions, and in parallel, identify if it is feasible to impact the target given the customer’s time constraints. Present the mission variables and geo-political concerns up front in order to frame the brainstorm session, then establish the necessary boundaries to move into solutions oriented discussions. Never lose sight of the rule that failing during experimentation is acceptable and no matter how out in left field an idea may be, there may be some validity to it. Finally, socialize potential options with the customer while managing their expectations. Ensure that you incorporate their feedback into the CEMA team’s dialogue to refine the options.

This is not the first time

How will you get your effect to the desired target? Do you have access, or do you have to rely on someone else to accomplish that? These are some of the questions that you should pose. Chances are that this is not the first time your particular cyber problem set has presented itself. Look outside of your organization, socialize your problem, and crowd source. Others may have a complete solution or elements of the solution to the problem you’re trying to solve. Once you have identified potential solutions, focus on the material solution gap and the training requirements to operationalize it for application in the field.

Deliver the product

Ultimately, all this work has to come together, and you will have to deliver the desired effect. Delivering a desired effect at the right place and right time requires a great deal of staff coordination to ensure the proper authorities are in place, the teams have rehearsed their missions, and the concept of operation is nested with the customer’s maneuver plan. CEMA leaders should be the puppet master, ensuring synchronization occurs at each echelon and that the maneuver commander’s targets are being serviced in accordance with his intent.

An example

As an example, if the customer desires the disruption of enemy command and control communications, then CEMA leaders and planners need to begin with identifying not only what modes of communications are being used, but also the infrastructure that these communications rely on. Are the communications closed or open to the global network? Do they rely on a specific technology, encryption, service, or protocol? Perhaps you do not have an organic capability matched to the targeted technology, but this does not mean that you are dead in the water. Engage with the key partners and influencers across the commercial, joint, inter-agency, and multi-national cyber community to find or repurpose an existing cyber capability. In your pursuit for a technical solution, you may also discover non-technical solutions to achieving the disruption of enemy command and control communications. Regardless whether the solution is technical, non-technical, or a hybrid of the two, it is the CEMA leader’s responsibility to either make and field the product to the customer directly, or connect the customer to a more appropriate service provider, with the ultimate objective of producing the desired effect on the battlefield.

Wrapping It Up

We know from the histories of artillery and armor that the integration of a technology-driven branch into maneuver operations is nothing new. At the tactical level, only by paying special attention to its customers will Cyber gain the credibility and trust required from the other Army branches to help “build an adaptive and agile, adaptive Army of the future.” Whether that really happens is partly up to you.

MAJ Jason Zeruto is a Cyber Officer and currently leading the 780th Military Intelligence Brigade’s Cyber Support to Corps and Below (CSCB) initiative. For the past 5 years Jason has served as a Mission Commander, Planner and Integrator of Cyber operations supporting Joint, Interagency, and Service level requirements. CPT Frederick “Erick” Waage is a Cyber officer and research scientist at the Army Cyber Institute located at West Point, NY. Erick served with the 75th Ranger Regiment from 2010 to 2015 including multiple deployments. He most recently served as the Regiment’s Chief of Technical (Surveillance and Reconnaissance) Operations. The views expressed in this article are those of the authors and do not reflect the official policy or position of the United States Military Academy, Army Cyber Command, the Department of the Army, U.S. Cyber Command, the Department of Defense, or the U.S. Government.

Photo credit: Wikimedia Commons