Embed Size (px)
Citation preview
10 September 2014
Cyber CoE Doctrine Brief
Mr. Rick San Miguel
UNCLASSIFIED
Agenda
• Mission
• Doctrine Key Activities
• Establishment of Cyberspace Doctrine
• Cyberspace Operations – Terms
• Leveraging Efficiencies for Transition
• Signal Doctrine to Cyber Doctrine Transition
• FM 3-12, Army Cyberspace Operations
• Doctrine Development
UNCLASSIFIED
Mission: Manages the Cyber CoE Doctrine and Training Literature Program, ensuring current and relevant Army cyber, electronic warfare, and signal doctrine, training publications, Cyber Center of Excellence Regulations, and Cyber Lessons and Best Practices are available to support the Cyber Center of Excellence and cyber, electronic warfare, and signal operations Army-wide.
Current Mission Focus: Consolidate and re-organize cyber, electronic warfare, and signal doctrine into a cohesive Cyber Doctrine Publication Program. Transfer existing signal doctrine and develop new cyber and signal doctrine according to Doctrine 2015. Develop and sustain Cyber Training Literature Publication Program of non-doctrinal training publications for Cyber Center of Excellence.
Doctrine Division
UNCLASSIFIED
Doctrine Key Activities
• Assess, plan, develop, and publish cyber, electronic warfare, and signal doctrine
• Review other proponent doctrine to ensure cyber, electronic warfare, and signal is accurately represented in Army, joint, multi-service, and multinational doctrine publications
• Monitor implementation and incorporation of cyber, electronic warfare, and signal doctrine into operations, training and education
• Manage Cyber CoE and non-doctrinal cyber, electronic warfare, and signal training publication program
• Edit, review, and publish all Cyber CoE Regulations and cyber, electronic warfare, and signal training publications
• Provide Cyber CoE and DOT-D graphic design, photographic, digital media, and printing support as required
• Document and disseminate resolved Lessons and Best Practices from unit training rotations, recent deployments, and key leader interviews for implementation across DOTMLPF
• Host quarterly Cyber Lessons and Best Practices Assessment and Advisory Forums
• Provide Cyber L&BP briefings to all Cyber CoE Training and Education courses
UNCLASSIFIED
Establishment of Cyberspace Doctrine
UNCLASSIFIED
Cyberspace Operations - TERMS
Offensive Cyberspace Operations
Cybersecurity
Deny the Adversary the FREEDOM of Action in the Domain
Cyber Effects
Cyberspace Defense
Computer Network Defense
Cyber Electromagnetic Activities
Cyber Targeting
Cyber Protection Teams
Defensive Cyberspace Operations – Response Actions
Authorities
Defensive Cyberspace Operations – Internal Defensive Measures
UNCLASSIFIED
Leveraging Efficiencies for Transition
Unified Actions – Unified Land Ops
Mission Command – Warfighter Functions
Network Transport & Information
Services, NETOPS, EMSO and VI Cyber, Signal, Electronic Warfare
Unified Land Operations: Seize, retain, and exploit the initiative to gain and maintain a position of relative
advantage in sustained land operations in order to create the conditions for favorable conflict resolution.
Army communications
networks and information
services throughout strategic,
operational, and tactical levels.
The LWN is part of DODIN and
supports the joint
communication system.
Signal COE
EMSO enables and supports all
warfighting functions.
Cyber COE
CEMA integrates and synchronizes cyberspace operations across echelons and warfighting functions.
VI activities acquires and
provide record documentation,
multimedia/VI products, and
services to satisfy official
mission requirements.
Supports
Network operations construct
is an integrated operational
framework consisting of
NM/ESM, IA/CND, IDM/CS
enabling mission command
and operations across
strategic, operational, and
tactical levels.
Cyber, Signal and EW supports ULO by employing unique net-centric capabilities at every echelon.
VI activities acquires and
provide record documentation,
multimedia/VI products, and
services to satisfy official
mission requirements.
Offensive Cyber
Operations
Defensive Cyber
Operations
LWN NetOps
Spectrum Management
Operations
Network Transport /
Information Services
Electronic Warfare
C
E
M
A
Cyberspace Operations Present
UNCLASSIFIED
Cyber CoE Doctrine
Signal/Communications Networks & Information Services
FM 6-02, Signal support to Operations
• CC - Network Operations
ATP 6-02.71, Techniques for LandWarNet Network Ops
• CC - Network Transport and Information Services
ATP 6-02.43, Techniques for Signal Soldiers
ATP 6-02.45, Techniques for Signal Support
ATP 6-02.53, Techniques for Tactical Radio Ops
ATP 6-02.54, Techniques for Satellite Communications
ATP 6-02.60, Techniques for the WIN-T
ATP 6-02.75, Techniques for COMSEC Operations
• CC - Visual Information Operations
ATP 6-02.40, Techniques for Visual Information Ops
Cyberspace Operations FM 3-12, Cyberspace Operations
FM 3-38, Cyber Electromagnetic Activities (CEMA)
• CC - Offensive Cyber Operations
ATP X-XX.XX, Techniques for Offensive Cyberspace Ops
• CC - Defensive Cyber Operations
ATP X-XX.XX, Techniques for Defensive Cyberspace Ops
Electronic Warfare • CC - Electronic Warfare
ATP 3-36, Electronic Warfare
• CC - Spectrum Management Operations
ATP 6-02.70, Techniques for Spectrum Management Ops
(Published)
(Final Draft)
(In Progress)
CC – Core Competency
Signal Doctrine Signal
• Network Transport & Information Systems
FM 6-02, Signal Support to Operations
ATP 6-02.43, Techniques for Signal Soldiers
ATP 6-02.45, Techniques for Signal Support
ATP 6-02.53, Techniques for Tactical Radio Ops
ATP 6-02.54, Techniques for Satellite Communications
ATP 6-02.60, Techniques for the WIN-T
ATP 6-02.75, Techniques for COMSEC Operations
• Network Operations
ATP 6-02.71, Techniques for LandWarNet Network Ops
• Spectrum Management Operations
ATP 6-02.70, Techniques for Spectrum Management Ops
• Visual Information
ATP 6-02.40, Techniques for Visual Information Ops
Transition To Cyber Doctrine
Signal Doctrine to Cyber Doctrine Transition
UNCLASSIFIED
Lead: Cyber CoE Doctrine Division Planning Meeting Participants: ARCYBER Support Element Doctrine, EW Doctrine, ICoE Doctrine, Cyber CoE Doctrine Stakeholders: Cyber CoE, ICoE, FCoE, ARCYBER, FORSCOM
Way Ahead • Adjudicate comments from world-wide staffing • Prepare final draft • Internal Center of Excellence review • Editor review • Worldwide staffing final draft 22 September
Milestones Jun 14: Initial draft staffing Sep 14: Final draft staffing Dec 14: Cyber CoE approval Jan 15: CAC approval Mar 15: Submit to CADD for publication Apr 15: Projected publication
As of: 1 Jul 14
FM 3-12 Description: FM 3-12, Army Cyberspace Operations, provides tactics and procedures for the implementation and integration of cyberspace operations by commanders and staff in support of unified land operations. Status: Adjudicating comments from initial draft and preparing for worldwide staffing of final draft on 22 September 2014.
FM 3-12 Status
UNCLASSIFIED
Chapter One includes the fundamentals, basic definitions, relation to joint cyberspace operations, and is focused on explaining cyberspace operations significance to the Army. Changes include correct definitions, clarification and alignment of information. Chapter Two includes the authorities and the key organizations above the Army Service level. There is an inseparable relation, that is not always direct or apparent are explained. Changes include clarification of information. Chapter Three explains the tactics of Army units ASCC and below, responsibilities, roles, relationships based on authorities, the commanders role, and other components. Changes include expanding the echelon information and clarification of information, responsibilities, authorities based capabilities. Chapter Four explains the cyberspace operations contribution to the MDMP process and targeting. MDMP changes focus on building the contributions based on including capability differences to the existing process. Changes include verifying the information in the tables, ensuring the explanatory paragraphs identify the step of the MDMP process succinctly, the targeting process explains how cyberspace operations fit within the current targeting processes, and overall cyberspace considerations in the operations process. Appendices will include the CERF
FM 3-12 Final Draft
UNCLASSIFIED
Doctrine Development Timeline
New Pub New Publication Title Publication Status PD Staffing ID Staffing FD Staffing Date to APD
FM 6-02 Signal Support to Operations Published – JAN 14
FM 3-12 Army Cyberspace Operations FD Dev – SEP 14 JUL 13 JUN 14 SEP14 MAR 15
FM 3-38 Cyber Electromagnetic Activities Published – FEB 14
ATP 3-12.1 Techniques for Offensive Cyberspace Operations (Classified)
PD Dev
ATP 3-12.2 TBD PD Dev
ATP 3-36 Electronic Warfare Techniques FEF Prep – JAN 14 JUN 14
ATP 6-02.40 Techniques for Visual Information Operations
FAD Prep - APR 14 APR 13 FEB 14 SEP 14
ATP 6-02.43 Techniques for Signal Soldiers in Support of Operations
ID Dev – AUG 13 APR 13 OCT14 MAR15 NOV 15
ATP 6-02.45 Techniques for Signal Support ID Dev – AUG 13 APR 13 DEC 14 MAY15 NOV 15
ATP 6-02.53 Techniques for Tactical Radio Operations ID Dev – AUG 13 APR 13 JUL14 DEC 14 JUL 15
ATP 6-02.54 Techniques for Satellite Communications ID Dev – AUG 13 APR 13 JAN15 JAN15 AUG 15
ATP 6-02.60 Techniques for the Warfighter Information Network - Tactical
ID Staffing – MAY 14 AUG 13 MAY 14 DEC14 JUL 15
ATP 6-02.70 Techniques for Spectrum Management Operations
FD Dev – DEC 13 APR 13 OCT 13 AUG14 APR 15
ATP 6-02.71 Techniques for LandWarNet Network Operations
FD Dev – DEC 13 APR 13 OCT 13 AUG 14 MAR 15
ATP 6-02.75 Techniques for Communications Security Operations
FD Dev– APR 14 APR 13 MAR 14 SEP 14 MAR 15
TC 6-02.20 Wire and Cable FD Dev – FEB 14 APR 13 NOV 14
UNCLASSIFIED
Cyber CoE Doctrine Website
https://lwn.army.mil/doctrine
Published Doctrine
Doctrine Highlights
POCs
Doctrine Under Development
External Documents Under
Review
https://lwn.army.mil/doctrine
UNCLASSIFIED
Questions
10 September 2014
Cyber CoE
Lessons & Best Practices Briefing
Mr. Rick San Miguel
UNCLASSIFIED
Agenda
• Mission
• Lessons Learned
• Benefits of Lessons Learned
• Coordination – Collaboration – Communication
• Cyber CoE Lessons Learned Process
• Observations
• Way Ahead
• Website
OBJECTIVE:
Document lessons and best business practices (BBPs) based on the Cyber
CoE’s proponencies of Signal, Cyber and Electronic Warfare across
doctrine, organization, training, materiel, leadership and education,
personnel, facilities (DOTMLPF).
MISSION: Collect, analyze and disseminate approved lessons and best practices to the Cyber Center of Excellence to enable continuous improvement of Soldier training and the Cyber community (cyber, electronic warfare and signal) to sustain and enhance the Army's preparedness to conduct current and future Cyber/Signal operations.
COORDINATE – COLLABORATE – COMMUNICATE
Mission
Lessons and Best Practices DO NOT constitute a lessons learned without changing individual, unit, or Army behavior, which is accomplished through the application of the Lessons Learned process.
AR 11-33, Army Lesson Learned Program
COORDINATE – COLLABORATE – COMMUNICATE
Lessons Learned
• Enables continuous improvement of cyber, electronic warfare, and signal forces. • Sustains, enhances, and increases the Army’s preparedness to conduct current
and future operations. • Documented lessons and best practices are analyzed and approve solutions are
provided by Cyber CoE SMEs.
• Solutions/recommendations to lessons and best practices are posted on the Cyber CoE Lessons and Best Practices website.
• Identifies trends within units.
• The lessons learned process does not end until the problem is resolved.
• Invaluable insight to units who will deploy forces under similar conditions in the future.
Benefits of Lessons Learned
UNCLASSIFIED
Coordination, Collaboration, Communication
Leadership and Education
Doctrine
Army Forums
Initial Entry Training
Collection of Lessons & Best Practices
Training Development
Critical Task/Site Selection Board
Advisory Forum
Assessment Forum
Army Enterprise Accreditation Standards
COORDINATE – COLLABORATE – COMMUNICATE
Provides current and relevant information
for critical tasks assessment.
Brief all incoming IET students on
the Concept of Lessons Learned.
Read and understand all Cyber / Signal
Doctrine to identify and assess observations.
Participate in the Army Forum
representing the Cyber CoE.
Assess, validate, categorize and
recommend L&BPs based on
DOTMLPF-P
Present and discuss L&BP with CoE, SMEs,
Instructors, and Training Developers.
POC for TD to assist in obtaining current and
relevant information to update POIs and LPs
CTCs, OP EXs, Home Station Training
UWs, other COEs, Forums, Submissions
AEAS 21 (LL) Applied in AEAS 1 – QAO; AEAS 7 – OE; AEAS 10 – ALM;
AEAS 14 – KM; AEAS 17 – S&F; and AEAS 18 – Education.
Brief all Officer, Warrant, RNCOA and
Pre-Command Course Students on the
Concept of Lessons Learned.
UNCLASSIFIED
Cyber CoE LL Process
UNCLASSIFIED
Phase I - Documentation
orums
COTS
MTOE TPE
POR
25 Series MOS
Information & Knowledge Management
NETOPS
SPECTRUM
COMSEC
CYBER
255A
25A
53A
255N
255S
LESSONS and BEST PRACTICES Cyber CoE Proponency: Cyber, Signal and Electronic Warfare
Doctrine Organization Training Materiel L Personnel Facilities leadership education
Unit Umbrella Weeks
Key Leader Interview
SIGNAL FORUMS
DCO
VI OPS
254A
S6 COP
PCLL SBCT 24A
FORSCOM
Military Intelligence
Lessons Learned Process (Identify – Assess – Recommend)
Phase II
OILs
COORDINATE – COLLABORATE – COMMUNICATE
UNCLASSIFIED
Phase II – Assessment Forum
Purpose: Coordination, collaboration and communication with all CoEs to identify trends, observations
and recommendations captured from operational units at CTCs or from deployments in order to
dominate current and future operations in support of ULO.
• Cybersecurity (phishing attacks)
• The use of Passwords/default password configurations
• Social media (Facebook, rally point)
• Standard Operating Procedures (SOPs)
• S-6 Management (25E Battalion)
• Retransmission (RETRANS)
• Internal/External Sync Meetings (S-6)
• Communications SOP / PACE
• COMSEC SOP
Assessment Forum - 19 August 2014
COORDINATE – COLLABORATE – COMMUNICATE
UNCLASSIFIED
Phase III – Advisory Forum
• Cyber Coe Lessons and Best Practices (L&BP) presents documented OILs from unit
training rotations or recent deployments.
• Facilitates discussion on L&BPs with Cyber CoE Subject Matter Experts.
• Recommends L&BPS if applicable to Council of Colonels (Phase III) for discussion/or
decision.
An opportunity to discuss –
TRADOC TASKORD IN120131 – Support To Decisive Action Rotations at the CTCs
CTC Observations documented during CTC rotations (DA, Cyber and CS 13/14)
Guest Speakers
CS13 Operational observations during Afghanistan Deployment
Discussion on 25D, Roles and Responsibilities
Discussion on 255S, Roles and Responsibilities
Advisory Forum 2 September 2014
COORDINATE – COLLABORATE – COMMUNICATE
UNCLASSIFIED
COORDINATE – COLLABORATE – COMMUNICATE COORDINATE – COLLABORATE – COMMUNICATE
• Command Post Displacement
• COMSEC Dissemination / Changeover
• COMSEC Compromise Plan
• Service Desk Operations
• Lower Tactical Internet (unit training)
• Mission Command Systems (unit training)
• RETRANS
• Power Distribution Planning
• Maintenance (Win-T systems)
• Cyberspace Security Training
• BDE S6 and Signal Company Relationship
• S6 Synchronization Meetings
• Security + Certification
• Communications SOP
• PACE Planning
• Signal Support Systems Chief
• Spectrum Management (25E)
Decisive Action Observations
TRADOC TASKORD IN133383 – Support To Decisive Action Rotations at the Combat Training Centers - NTC Rotations: 14-03, 14-06 and 14-09
UNCLASSIFIED
Way Ahead
Assessment Forum 11 December 2014
Secure DCO 1330 – 1500, Moran Hall 1st Floor, SIPR Room
Advisory Forum 13 January 2015
“A Commanders Role in Cyberspace Operations”
Nelson Hall Studio B and by DCO 1330 – 1530
An opportunity to discuss –
• Cyberspace Operations
• Cyber Threats
• Cyber Electromagnetic Activities (CEMA)
- CEMA Cell
Guest Speakers
To Be Determined
COORDINATE – COLLABORATE – COMMUNICATE
• Enable Continuous Improvement of Army Forces.
• Sustain, Enhance, and Increase the Army’s
preparedness to conduct current and future operations.
• Document L&BPs, analyze and
approve by Cyber CoE SMEs.
• Solutions/recommendations to L&BPs are posted on the Cyber CoE L&BP website.
• The Lessons Learned Process does not end until the problem is resolved.
https://lwn.army.mil/web/slls/home
COORDINATE – COLLABORATE – COMMUNICATE
Scheduled TDY
Training Developers Corner
RFI / Inquires / Submit L&BP
L&BPs by MOS
SOPs, CS 13, Training Insight of the week
Cyber CoE Lessons Learned Website
Questions
