Cyber Command looking to bolster acquisition office as it prepares to handle $3B annually
Poised to gain “enhanced budget authority” in 2024, U.S. Cyber Command is looking to bolster its acquisition and procurement prowess to include hiring new personnel and maturing its main technology arm to handle its additional funding.
“I need to build an organization that’s growing from $75 million a year to figure out how we posture to enable $3 billion a year,” Michael Clark, the director of Cybercon’s J9 acquisition and technology directorate, told reporters during the command’s procurement forum Wednesday.
Cybercom, a combatant command with unique service-like authorities, has been undertaking a multiyear process to improve and mature its acquisition capability as a still relatively young organization within the Department of Defense.
Congress has been satisfied enough that it removed the initial $75 million cap and the command is now executing over $700 million per year, Clark said.
Up to this point, the military services have been serving as executive agents procuring large programs on behalf of Cybercom and its forces. However, by 2024, Cyber Command will gain what’s known as enhanced budget authority, which will give it responsibility for direct control and management of planning, programming, budgeting and execution of the resources to maintain its operations force.
“As we look to the future, the command is posturing based on department guidance to assume responsibility for approximately $3 billion of funds that’s directly related to our responsibility to ensuring the readiness of the cyber operations forces,” Clark said. “Incredible growth, incredible change in terms of how the command and how the department is posturing Cyber Command to take on acquisition responsibilities.”
In order to mature the J9 to do contracting and acquisition on a larger scale, officials need to bring more contracting in house, he said. This will require hiring more personnel.
Currently, much of the contracting activity is outsourced, he noted.
Within the next year, Clark said he’d like to hire at least 40 people. The command has also asked DOD for more manpower by 2024, with perhaps about 50 additional personnel by that time, according to Clark.
In the long term, he was less clear on what the acquisition workforce growth will look like.
“In the long term, let’s say by ’27, it depends. As the department matures its understanding of what it wants [the] command to do, do I scale to the level of a program executive office like a service has?” he said. “That’s now hundreds of people. I can envision over time, that’s what I want.”
He said to get there, the command will be utilizing the Cyber Excepted Service.
Ultimately, Clark said the command wants to get away from the traditional “waterfall” acquisition strategies in which contracts are awarded and something is delivered 18 to 24 months later. Rather, he is envisioning something akin to the Air Force’s Kessel Run software factory that pursues continuous development at faster speeds.
One thing he was articulating to industry during the procurement forum was the need for speed. In one example, he said a few years ago it would take adversaries six or so months to exploit a vulnerability in software or hardware. Now, it’s taking them hours.
“Within hours now, adversaries are taking advantage of new vulnerabilities and beginning to seek an advantage against the U.S.,” he said. “Big technical challenge there. How do I begin accelerating speed or relevance of capabilities that better defend us from that new environment, that new context?”
One of the technical challenges the command is presenting to industry is how to actually realize the potential of artificial intelligence and machine learning.
“When I did my introductory here, what I asked is how do I move beyond AI/ML as a theory [to] practical application? I can envision a future like the way the Air Force does Kessel Run, where operators at the speed of relevance, I need this now, is pulling down a library of AI tools or ML tools and/or the ability to rapidly code something that achieves an outcome on the demand of operations,” he said. “How do I change that kind of environment? How do I move to that more agile DevSecOps environment at the speed of relevance?”
Joint Cyber Warfighting Architecture
Clark explained that Cyber Command is gaining additional responsibilities from DOD related to the Joint Cyber Warfighting Architecture (JCWA).
Cybercom created the architecture in 2019 to help guide its acquisition priorities and programs.
In addition to tools, sensors and other items, the architecture includes four main programs: the Persistent Cyber Training Environment for conducting training and mission rehearsal being run by the Army; Unified Platform — considered the centerpiece where data is ingested, analyzed and shared — being run by the Air Force; Joint Cyber Command and Control to command cyber forces and the larger cyber environment being run by the Air Force; and the Joint Common Access Platform for executing offensive operations being run by the Army.
Currently, the command mostly has influence over the acquisition programs the services are executing on, Clark said.
“It was recognized the department needed to invest greater explicit authority to direct technical control and systems integration across all of that with the design purpose of achieving a cyber operations weapons platform,” he said. “Moving away from just fielding what we’re doing is building an architecture to a purpose-built cyber operations weapons platform in the future. And Cyber Command will have responsibility and authority over that.”
Cybercom was always responsible for the requirements and ultimately the integration of these various systems. But now, and with enhanced budge authority, it will have direct budgeting and oversight of these.
In the short term, Clark said the goal is to “not break good” when it comes to continuing to work with the services as they execute these programs.
“We’re not going to do anything radical that breaks the goodness of what we have today. Over time, one of the reasons that the department is going to invest greater responsibility in us is where can we have efficiencies [and] where can we have greater effectiveness,” he said.
“I think what our vision is, we’re going to greater enable the services to achieve their objectives by the architecture of an enterprise level service, the JCWA, that that enables not just what the command wants to do, but what the department and the services want to do; that it’s going to be incredibly enabling in what we want. It’s not intended to be competitive, it’s meant to be complementary and in the end, get better value for the government,” he added.
Areas for improvement could be in data and cloud services. Each of the services are buying data and cloud services from vendors, but Clark said there is probably a more efficient way to do so.
“As we take on the responsibility for writing the future program objective memorandum, the POM, as we build the budgets, it’s going to be our responsibility to get the best value where can we find efficiencies,” he said.