This blog entry was originally posted on the Army's CIO/G6 Blog.
Lt. Gen. Robert Ferrell is CIO of the Department of the Army.
Secretary of Defense Ash Carter unveiled the new Department of Defense Cyber Strategy in an address at Stanford University in Silicon Valley, California, April 23, 2015.
An update to the original strategy released in 2011, it identifies specific cyber missions for DoD and sets strategic goals to achieve over the next five years and beyond. These missions and goals will guide the development of DoD's cyber forces and strengthen our cyber defense and cyber deterrence posture. I encourage all to familiarize themselves with the new DoD strategy to gain a better understanding of how it will inform the Army's mission, priorities and way-ahead.
Of note, both the U.S. Army Operating Concept (AOC) 'Win in a Complex World' – and DoD's new Cyber Strategy highlight the growth and diversity of the cyber threat our forces now confront in an interconnected global environment. As the cyberspace domain continues to increase in importance, I would like to highlight just a few of the ways the Army's efforts will support DoD's overall cyber strategy.
For example, our Army team is committed to recruiting, training, developing and retaining a highly skilled cyber workforce of military and civilians. In coordination with the U.S. Army Cyber Command/Second Army, the Cyber Center of Excellence and many other partners, the Army is developing career management solutions to capitalize on investments in military Career Field 17 (CF17) and in our civilian cyber talent. Moreover, our teams are collaborating to develop a comprehensive workforce strategy and implementation plan to optimize management of critical Soldier and civilian cyber and IT skills.
In addition, the Army is closely partnered with DoD as we move toward the Joint Information Environment (JIE) of the future. The JIE will enhance our network defense and better secure our data while providing global access for military forces. The core foundation will revolve around the deployment of Joint Regional Security Stack (JRSS) architecture as the department's enterprise solution for network security. The JIE will also rely heavily on cloud computing. In partnership with DoD, Defense Information Systems Agency, the National Security Agency and the other Services, the Army has helped shape development of DoD's initial cloud security architecture. Earlier this month, the CIO/G-6 released the Army Cloud Computing Strategy (Army Cloud Computing Strategy) which outlines how we will transition to cloud-based solutions and services to posture the Army for success.
Further, the Army is taking active measures to protect our networks and data against external and insider threats. We are transitioning to the new DoD certification and accreditation process, known as the Risk Management Framework (RMF). The RMF uses security controls identified in the Committee on National Security Systems baseline, follows the processes outlined by DoD and the National Institute of Standards and Technology, and makes DoD requirements and processes consistent with the rest of the federal government.
We have established the Army Insider Threat Program to better ensure security of Army networks by implementing an integrated capability to deter, detect and mitigate insider threat behavior. This program also provides the workforce with training on insider threat awareness and reporting responsibilities.
To shape acquisition and resourcing strategies and to help build next generation cyber capabilities, our Army team has a partnership between the U.S. Army Cyber Command/Second Army, HQDA G-2, HQDA G/3-5-7, the Assistant Secretary of the Army for Acquisition, Logistics and Technology, the Program Executive Offices and the CIO/G-6. This enhanced partnership will help provide our forces flexible options to shape and dominate the cyberspace domain.
The Army is already well on the way to achieving a secure, integrated, standards-based, information environment. With our planning guided by documents like the Army Operating Concept and the new DoD Cyber Strategy, and by working alongside our partners in DoD, industry, academia and the interagency community – we will further develop our Army capabilities and enable cyber options with a robust combination of materiel, resource, personnel, process and policy solutions.