A U.S. Cyber Force moved a step closer to reality this week after the House Armed Services Committee approved language authorizing a National Academy of Sciences (NAS) study of the issue.
The amendment, proposed by Rep. Morgan Luttrell (R-TX), was included in the committeeβs markup of the fiscal 2025 defense bill, which now goes to the full House for a vote.
The amendment β which can be found as
log 4401 in the Chairmanβs En Bloc β gives the Defense Department 60 days after enactment to engage the Academy, which then has 270 days to submit the report to Congress, so the U.S. is unlikely to get the new armed services branch before fiscal 2027 at the earliest, if it happens at all.
But as Sen. Kirsten Gillibrand (D-NY) unsuccessfully pushed a similar measure last year, the study appears to have a better chance of approval this year.
CYBERCOM Under Siege
Cyber defense has been under the U.S. Cyber Command, or CYBERCOM, since 2010. CYBERCOM brings together personnel from the separate service branches, but that arrangement has come under increasing scrutiny as an inadequate solution to a growing global threat.
A 2022 GAO study
noted problems with cyber training, staffing and retention across the service branches, and a Foundation for Defense of Democracies (FDD) study in March of this year
detailed problems with the lack of a singular approach to cyber defense.
Β
βThe inefficient division of labor between the Army, Navy, Air Force, and Marine Corps prevents the generation of a cyber force ready to carry out its mission,β the FDD report said.
βRecruitment suffers because cyber operations are not a top priority for any of the services, and incentives for new recruits vary wildly. The services do not coordinate to ensure that trainees acquire a consistent set of skills or that their skills correspond to the roles they will ultimately fulfill at CYBERCOM.β
Promotion systems often hold back skilled cyber personnel because the systems were designed to evaluate service members who operate on land, at sea, or in the air, not in cyberspace. Retention rates for qualified personnel are low because of inconsistent policies, institutional cultures that do not value cyber expertise, and insufficient opportunities for advanced training.
βResolving these issues requires the creation of a new independent armed service β a U.S. Cyber Force β alongside the Army, Navy, Air Force, Marine Corps, and Space Force.β
The FDD report concluded, βAmericaβs cyber force generation system is clearly broken. Fixing it demands nothing less than the establishment of an independent cyber service.β
CYBERCOM Retools for the Future
CYBERCOM, which was elevated to a unified command in 2018, is taking its own steps to address the growing cyber warfare threat.
In
testimony last month before the Senate Armed Services Committee, Air Force General Timothy D. Haugh, who serves as CYBERCOMβs commander and director of the NSA, noted some of the ways CYBERCOM is addressing those challenges.
βCYBERCOM 2.0β is an initiative under way βto develop a bold set of options to present to the Secretary of Defense on the future of USCYBERCOM and DoD cyber forces,β Haugh told the committee. βTo maximize capacity, capability, and agility, we are addressing readiness and future force generation.β
Enhanced Budgetary Control (EBC) authority granted by Congress gave more than $2 billion in DoD budget authority to CYBERCOM for the current fiscal year, and βstreamlines how we engage the Departmentβs processes,β Haugh said. βEBC is already paying dividends in the form of tighter alignments between authorities, responsibility, and accountability in cyberspace operations. Greater accountability, in turn, facilitates faster development and fielding of capabilities.β
It remains to be seen whether the U.S. will get a seventh military service branch β after the Army, Navy, Marine Corps, Air Force, Coast Guard, and Space Force β or if current initiatives will be enough to address cyber defense challenges. But it seems likely that the issue will get a lot more scrutiny before itβs settled.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.