The votes are in for the 2025 FedScoop.

See the winners!

Senate wants tighter cyber-electronic warfare integration, clarity on organizations for cyber ops

The Senate Armed Services Committee wants a strategy and more coherent integration of cyber and electronic warfare effects in military operations.

A provision in the committee’s version of the fiscal 2023 National Defense Authorization Act is requiring the Department of Defense to develop a strategy for “converged cyber and electronic warfare conducted by and through deployed military and intelligence assets operating in the radiofrequency domain to provide strategic, operational and tactical effects in support of combatant commanders.”

The committee passed its version of the bill June 16 but did not release the text until July 18.

There are significant similarities between cyberspace effects and electronic warfare, especially in the tactical sphere of battle. Some services, namely the Army, but the Marine Corps as well, have developed tactically focused forces to exploit these capabilities and similarities, primarily through what are known as radio-frequency effects.

This is essentially cyber effects that exploit Wi-Fi or other wireless electronic systems using proximal or close access forces. Contrast that with what U.S. Cyber Command does primarily, which is Internet-Protocol based cyber operations, conducted remotely.

While authorities to conduct cyber operations are notoriously onerous and held at the top levels of government, these more proximal effects conducted through radio-frequency require fewer levels of approval.

In fact, in a report accompanying the SASC’s bill language, the committee noted these “service retained” forces, a distinction from the cyber mission force, which each service presents to and is owned by Cyber Command.

“The committee believes it is essential for the Department to determine its requirements and roles for what are referred to as ‘service-retained’ cyber forces for both defensive and offensive support to combatant commands,” the report said. “The committee expects that these service-retained forces would become part of the personnel rotation through elements of the Cyberspace Operations Forces for career progression. These forces would also fulfill critical roles in protecting deployed and often disconnected weapons systems and platforms and supporting offensive cyber operations executed by military units and systems.”

The bill wants the DOD to develop recommendations regarding command and control, deconfliction and coordination relationships and processes between combatant commanders and the Cyber Command regarding tactical cyber operations and converged cyber and electronic warfare operations conducted prior to and during armed conflict.

Additionally, it charges DOD with developing requirements for service-retained tactical cyber forces for offensive and defensive missions.

As these capabilities and forces mature, it is expected that these proximal forces could actually gain accesses and pass that off to high end Cyber Command operators remotely to exploit. In fact, Cyber Command has budgeted for electronic warfare capabilities, requesting $16.7 million for tools to “adapt EW technology and cyber-peculiar capabilities to gain aces to targeted enemy forces,” according to budget documents.

The Army has created the 915th Cyber Warfare Battalion, which will ultimately encompass a total of 12 expeditionary cyber and electromagnetic activities teams, or ECT, by 2026 that will help plan tactical cyber operations for commanders and conduct missions in coordination with deployed forces.

The Marine Corps, for its part, has also developed tactical cyber forces within its Marine Expeditionary Force Information Groups (MIGs), which integrate electronic warfare with intelligence, communications, military information support operations, space, cyber and communication strategy to provide MEF commanders with an information advantage.

Optimizing Cyber Command

The bill also revisits questions from a previous NDAA regarding how elements under Cyber Command are organized, citing dissatisfaction that the DOD did not address several of the elements required.

Specifically, the committee wants a study to determine the optimal strategy for structuring and manning elements of the various Joint Force Headquarters-Cyber (JFHQ-C), Joint Mission Operations Centers, Cyber Operations-Integrated Planning Elements and Joint Cyber Centers.

The services do not own offensive teams. Instead, these teams work through several organizations, each formally known as Joint Force Headquarters-Cyber, which in turn provide planning, targeting, intelligence and cyber capabilities to the combatant commands to which they’re assigned. The heads of the four service cyber components also lead their respective JFHQ-C. These organizations oversee combat mission teams and combat support teams.

The Joint Mission Operations Centers are actually where the JFHQ-C commands and controls and executes cyber operations.

The Cyber Operations-Integrated Planning Element were created as a means of better integrating cyber operations into the overall planning process. Cyber planners, not actual operators, are physically embedded within various staff sections at the combatant commands to provide expertise on how cyber can be incorporated into their operations.

The Joint Cyber Centers are where combatant commands oversee all aspects of cyberspace operations.

The study must include:

The fiscal 2020 NDAA included a nearly identical provision.

However, Congress doesn’t appear satisfied with the information it was provided.

“The committee is frustrated that the previous report on this topic, as required by section 1656 of the National Defense Authorization Act for Fiscal Year 2020 (Public Law 116-92), did not address many of the required elements,” the committee notes in the report accompanying the bill. “The committee encourages the Department to fully address all of the elements required by this study and to provide robust recommendations on an optimal strategy for providing cyber support to the geographic combatant commands.”

Electronic warfare ‘keeps me up at night’: undersecretary of the Army

While not explicitly one of the Army’s key top named priorities, electronic warfare is something that keeps the service’s number two “up at night.”

“It is something that definitely keeps me up at night,” Gabe Camarillo, the undersecretary of the Army told reporters following his participation in an event at the Association of the U.S. Army Wednesday. “I’ve been concerned about the EW and electronic protection capabilities in the Army since I was in [ the office of the Assistant Secretary of the Army for Acquisition, Logistics and Technology] back in the early part of last decade.”

Russian activities in Ukraine over the last several years, to include its current invasion, underscored for the Army the importance of electromagnetic spectrum operations, whether it’s reducing the signature of its command posts to avoid detection, resilient communications from jamming or jamming enemy systems to achieve superiority on the battlefield.

At the end of the Cold War, the Army divested much of its electronic warfare inventory. During counter-insurgency fights of the last 20 years, the Army used blunt jamming tools to thwart improvised explosive devices, which, in turn, inadvertently jammed friendly systems.

“We’ve made the shift since the emphasis on counterterrorism and the [improvised explosive devices], to having fielded EW and electronic protection capabilities that are really more tailored to where the threat is, which is significant against the pacing threat of China and then of course, elsewhere in the globe,” Camarillo said. “There is a need for continued investment, we do have programs in place that are looking at both mounted and dismounted EW capabilities that are progressing very, very well. But I think there continue to be some areas where there are gaps and I think we need to stay ahead of the of the threat curve. That is something that I am very concerned about.”

While the Army is heavily investing in its electronic warfare force, growing it by three-fold, it still has yet to field any offensive program of record jammers.

The first such program – the Terrestrial Layer System-Brigade Combat Team, an integrated signals intelligence, cyber and electronic warfare system on a Stryker – is slated to field to units in fiscal 2022.

The Army is also developing an aerial system called the Multi-Function Electronic Warfare-Air Large, a pod mounted to an MQ-1C Gray Eagle drone. The system is capable of serving as the first brigade-organic airborne electronic attack asset, and providing limited cyberattacks.

In terms of dismounted systems, Army leadership in the past has discussed the continued use of VROD and VMAX, the former surveys the field from an electromagnetic perspective, and the latter provides a limited electronic attack capability. These were quick reaction systems developed to address capability gaps in Europe as opposed to programs of record.

Camarillo cited the Army’s Multi-Domain Task Forces as concrete examples of forces to address the electronic warfare challenge. These units are meant to be in constant contact with adversaries during the so-called competition phase of conflict and exist at higher echelons.

“As an Army, what we have done to help address that is just organizationally by creating the Multi-Domain Task Force’s giving them the responsibility for handling some of that offensive EW and managing some of those electronic protection capabilities as well,” he said. “We continue to, obviously field the MDTFs and I think the capabilities that they employ is something that we need to continue to put emphasis on.”

Camarillo added that Army Futures Command will focus on systems not just fielding today, but down the road, which will include electronic warfare systems for the Multi-Domain Task Forces.

George Mason experts urge DOD to improve how it uses data from tech consortia

Senior Pentagon leaders have repeatedly emphasized their intent to use data as a strategic asset — but according to a new study shared exclusively with FedScoop this week, the department could benefit from more effective use of data collected through partnerships with tech consortia.

In a study by George Mason University’s Center for Government Contracting on Wednesday, experts argue that consortia are playing a pivotal role in high-profile and other Defense Department acquisition efforts, and particularly those associated with other transaction authorities (OTAs).  

A consortium typically refers to a group of entities that forms an agreement to cooperate on hard-to-solve problems and achieve common objectives.

But the new research also suggests that DOD must improve how it captures and uses data to fully harness the value of such cadres. 

“It is my sense that the data is not strategically being used on an enterprise level at DOD [regarding consortia]. So, while there may very well be pockets of places that have data on these contracts, or those contracts, or this consortia — or even this area, right, — it is not flowing up in a constantly comprehensive way. That’s step one,” Moshe Schwartz told FedScoop. “And step two, it’s not then being used to inform decision-making.”

Schwartz, a procurement expert who previously served as Executive Director of the congressionally mandated Advisory Panel on Streamlining and Codifying Acquisition Regulations, is now President of Etherton & Associates. He and Stephanie Halcrow — an external advisor to the Department of Defense’s Acquisition Innovation Research Center, senior fellow at GMU’s Center for Government contracting and former Professional Staff Member on the House Armed Services Committee (HASC) — provided FedScoop with a first look at this new research they co-authored, ahead of its publication. 

Halcrow noted that during her time as a Congressional staffer, she had so many questions about the process and impact of consortia that seemingly didn’t have answers. “So I thought, this is the report that we want to write that I always wanted to read when I was on the committee,” she said.

In their study, the officials identified 42 consortia supporting agreements, as of May 2022. Of those groups, 38 support the DOD, and four are working with other federal agencies — and 12 of the overall 42 contributed data that informed the experts’ review. 

“I think the biggest challenge that we found in writing this report was getting access to the data to support our findings,” Halcrow explained. “The data exists — but it is not publicly accessible in an easy way.”

Despite that issue, the report incorporates a complete history of the Pentagon’s work with consortia, how the group’s are typically composed and insights into some of the technologies they’ve recently enabled for national security purposes. Three specific use cases depicting consortia-enabled technological innovation are also included. 

In one, DOD used its existing relationship with a medical defense consortium to solicit advanced research and manufacturing of 100 million doses of a vaccine to combat COVID-19. 

“That is so much bigger than DOD, but without the consortia it would never have happened,” Halcrow said.

Ultimately, Halcrow and Schwartz found that consortia bolster engagements between government and non-federal players, expand the defense industrial base — and, in some circumstances, they can significantly speed up acquisition timeliness and promote innovation. 

The co-authors conclude the report by providing seven specific recommendations to improve how DOD benefits from consortia going forward. At the top of that list is their suggestion associated with that gap in data: “improve visibility and transparency.” 

“Part of the conversation around consortia and OTs has been about a lack of transparency and lack of visibility — and one of the questions was, ‘is it that there is no data?’” Schwartz said. But the research showed that “by and large, that data is there and people are generally willing to share it, particularly on the industry side,” he added, “so, let’s see what we can start exposing.”

Among other recommendations, the co-authors also suggested that DOD avoid additional regulatory burdens that could limit consortia, and focus on improving technology transition.

The two are planning an event at George Mason University soon to highlight their findings for the public.

“We would love to talk to as many people about it as possible — be they DOD, industry, academia, Congressional staff, or agencies — because we believe this is an important issue that all of them are interested in,” Schwartz said. “We would love to, I think, do more work in this area both in other events, as well as possibly a follow-on report. So, we’re already talking about that amongst ourselves and seeing if there are opportunities there.”

US, UK governments offer $1.6M for tech that trains AI while preserving privacy

The U.S. and U.K. governments launched a competition series Wednesday offering $1.6 million in prize money for developing privacy-enhancing technologies allowing artificial intelligence models to be trained with sensitive data safely.

Entrants will create federated learning solutions that prevent organizations’ raw data from being revealed, shared or combined as it’s used to train AI improving financial crime detection, forecasting a person’s risk of infection during a pandemic, or both.

The series was announced in 2021 at the Summit for Democracy, which will showcase winning solutions in the financial crime and public health emergency tracks, or generalized solutions, when President Biden convenes it in early 2023.

“This important initiative reflects our common purpose of developing technologies and driving innovation in a manner that reinforces our commitment to and expression of democratic values and the fundamental right to privacy,” said Alondra Nelson, outgoing director of the White House Office of Science and Technology Policy, in the announcement.

The financial crime prevention track is aimed at the problem of international money laundering — a $2 trillion-a-year challenge, according to U.N. estimates — and will supply entrants with realistic but synthetic global transaction data created by financial messaging service SWIFT. Solutions should preserve privacy while facilitating information sharing and collaborative analytics to detect anomalous payments.

Entrants in the track will be afforded the opportunity to engage with international regulators: the Financial Crimes Enforcement Network and the U.K.‘s Financial Conduct Authority, Information Commissioner’s Office, and National Economic Crime Centre.

The pandemic response track is intended to strengthen global readiness for current and future disease outbreaks by providing entrants with a synthetic, regional population dataset from the University of Virginia’s Biocomplexity Institute in designing secure infection risk forecasting solutions.

Entrants in the track will be able to contact the Centers for Disease Control and Prevention and the U.K.’s National Health Service and Data and Analytics Research Environments.

“Building on decades of [National Science Foundation] research investment in the field, these prize challenges will accelerate the translation of game-changing privacy-enhancing technologies,” said Sethuraman Panchanathan, NSF director, in a statement. “In this way, these prize challenges … illustrate the synergy of foundational research and translational activities in moving research to practice.”

ATARC announces 2 labs to spur government adoption of modern credentials

The Advanced Technology Academic Research Center announced two public-private laboratories around identity management Tuesday to hasten government adoption of more easily distributable, modern credentials.

ATARC’s Digital Mobile Credentials Lab will showcase six use cases where devices serve as identifiers to access buildings and workstations, while an Identity Management Working Group lab will have vendors demonstrate the feasibility of a Derived Fast Identity Online 2 (FIDO2) Credential (DFC).

Personal Identity Verification (PIV) cards and Common Access Cards (CACs) became the standard at agencies around the turn of the millennium, but such physical credentials proved hard to disburse with the onset of the pandemic and remote work.

“Identity management is one of the five main pillars of zero trust,” Tom Suder, ATARC president, told FedScoop. “But we’ve seen during the pandemic that it’s really a challenge.”

Like its Zero Trust Lab launched in September, ATARC’s new labs are focused on generating more government-specific use cases.

The onboarding of enumerators for the decennial census creates tremendous demand for credentials, as does the Federal Emergency Management Agency scaling its workforce during disasters. Mobile phones the government typically issues to employees present an opportunity for a post-PIV and CAC environment, Suder said.

ATARC established a memorandum of understanding with General Services Administration for the Digital Mobile Credentials Lab, after the agency brought the use case of its USAccess shared service, which provides PIV cards across more than 110 agencies.

Among the technologies the lab will showcase are Public Key Infrastructure (PKI) and FIDO2 credentials; physical access control and logical access control system (PACS/LACS) technical architectures; and identity, credential and access management (ICAM) solutions.

The six use cases are:

Likely a partly physical, partly virtual lab, it will feature some of the same companies as the Zero Trust Lab, and a “fairly immediate” launch is expected, Suder said.

Meanwhile the DFC Lab came out of a recently published Identity Management Working Group white paper, which requested demos proving the feasibility of agencies issuing and managing FIDO2 hardware tokens tied to existing physical credentials. 

FIDO2 lets users authenticate using mobile devices, so they no longer need their PIV cards or CACs on them at all times. What’s more, the DFC would be transferable if an employee switched agencies.

“These controls are established practices that minimize the risk of impersonation and allow for managing which resources an end user can interact with while leveraging a DFC,” the white paper reads. “Currently, no such guidance exists for the issuance and management of FIDO2 credentials, and enterprise use of these credentials has been limited for this reason.”

GDIT hires Robert Morse to beef up federal judiciary IT team 

General Dynamics Information Technology (GDIT) announced Tuesday it has hired Robert Morse as a senior solutions architect responsible for IT services related to its federal judiciary business.

Morse has over 30 years of experience in the federal government IT organizations in the executive and judicial branches, including most recently as the director of the Office of IT Services at the National Institutes of Health (NIH).

Prior to NIH, Morse for 15 years held multiple senior leadership roles at the Administrative Office of the U.S. Courts, including serving as the executive in charge of the federal judiciary’s cloud computing program. 

“Bob has extensive expertise developing innovative software products, applications and service offerings for various federal agencies,” said John Ludecke, vice president and general manager, Federal Civilian Agencies at GDIT. “His technical and business management skills will be critical in providing better, faster and more efficient IT services to the judiciary.”

Morse began his career as an active-duty officer in the U.S. Navy in the nuclear power program and holds bachelor’s and master’s degrees in mathematics from the University of Maine. 

His appointment follows that of former federal cyber leader Matt Hayden, who joined the company in May as a vice president of cyber client engagement. He has over 20 years’ experience in cyber technology and policy and was previously assistant secretary for cyber, infrastructure, risk and resilience policy at the Department of Homeland Security.

DARPA launching research project to revolutionize brain injury diagnosis on the battlefield

Serving as a leader in military medicine since the 1990s – including as director of force health protection for U.S. and NATO units in southwestern Afghanistan — Cmdr. Jean-Paul Chretien is familiar with the complex damage that traumatic brain injury (TBI) can cause.

In an interview with FedScoop, the naval medical officer, who now leads a soon-to-launch research project at the Defense Advanced Research Projects Agency (DARPA), explains the threat that this type of injury poses to U.S. military readiness.

“I’ve come to appreciate the challenges that we face with traumatic brain injury (TBI) for service members in training environments and operational settings,” he told this publication.

Chretien is spearheading the department’s New Technology for Non-Invasive Intracranial Pressure Monitoring research project, which is intended to produce a non-invasive device that can capture data and enable health personnel to assess TBI severity accurately in a theater of war, where resources are scarce.  

The impact of this condition is broad, with roughly 450,000 military service members were diagnosed with TBI between 2000 and 2020, including more than 16,000 in 2020, according to the Military Health System. A recent study in the Journal of Head Trauma Rehabilitation also demonstrated that military members with TBI are at markedly increased risk of disability — and those who sustained a concussion while in combat, had lower education and were younger when injured, among other factors — had “very high odds of poor long-term outcome trajectory” from such wounds.

Non-invasive devices DARPA aims to innovate via this fresh program could help improve the outcomes of injured military personnel in future combat environments.

Diagnosis in the field

“One of the most difficult challenges around traumatic brain injury is the early identification of the injury and optimizing treatment, or getting the treatment just right for the patient at a given time,” according to Chretien.

That’s partly because skulls are hard and rigid structures of bone.

“So if someone has a brain injury — they’re exposed to an explosion, or something penetrating the skull — that can cause bleeding within the skull and cause swelling,” Chretien noted. “And those things, they take up space, but there’s no room for the skull to expand.”

Traumatic brain injuries can easily become life threatening. In moderate and severe cases, intracranial pressure elevation from brain swelling or bleeding can cause brain damage or death. 

According to Chretien, faster diagnosis in the field lies at the center of improving the survival chances of patients with such injuries.

“We have a whole range of medical and surgical treatments for bringing the pressure down — but measuring the pressure and monitoring it over time and treatment now requires drilling a hole and inserting a probe,” said Chretien. He added: “So, if we had a way to monitor the pressure inside the skull with no risk, ease-of-use technology, that would really be a gamechanger for care of patients with [TBI]. That would be useful in civilian settings too, but especially in military field settings.”

The DARPA project he leads is focused on finding new technology that could allow medics to immediately identify intracranial pressure, without conducting the invasive diagnostic tests that require a hospital and technical surgical procedures.

As a program manager, he intends to help innovate the development of such a device. It will mark the next project in his expanding portfolio that’s largely focused on military medicine, combat casualty care, and other problems that he’s “most familiar with, and most passionate about trying to solve.” 

The Defense Department invests more than $1 billion annually in small business-made technologies through its Small Business Innovation Research (SBIR) program. Once this new DARPA-led SBIR project opens July 29, small businesses will submit proposals and compete to help develop a device that accurately measures ICP non-invasively, is simple to operate and is suitable for both in-hospital and pre-hospital settings, according to pre-release documents. 

“This is definitely a capability that has been of interest for many years,”  Chretien said. “And this is not to take away from any of the technologies that do exist now or that have been reported in the scientific literature — but there’s nothing available now that meets all the criteria that we would need for use in a field setting.”

In particular, the technology “can’t require the amount of technical skill that you only find in a hospital-based subspecialty,” and must be easy to use in austere or challenging settings, the physician noted. Further, it must provide continuous measurements, not just a spot check on whether a patient’s pressure is high or low, but the ability to show changes over time.

DARPA, by the nature of the agency, takes an experimental approach to solving problems, and in this case Chretien is hoping to be surprised with proposals for ideas that others haven’t thought of before.

“We don’t want to stifle that creativity. We want to encourage it,” Chretien said. “So I can’t predict what will come in.”

An open-ended approach to possibly lifesaving tech

Though he couldn’t be prescriptive about what the resulting technology may look like, Chretien said he “definitely” sees artificial intelligence and machine learning playing a “big part” in the development and application of the envisioned monitors. 

“One of the ideas that is getting a lot of interest in the critical care community now is the concept of ‘what is the optimal intracranial pressure for a given patient?’” he explained.

Most existing guidelines provide a particular value for clinicians to try to achieve. But an idea that is growing in interest in the field is that perhaps that value may be different for each patient, depending on their physiology or injury patterns. In Chretien’s view, AI and machine learning could play a key role in exploring whether that is the case and if there should be individual specific treatment targets. 

“This technology is not going to tell us what the target is, but it could enable the research that would get us there,” he said. 

Regardless of the approach proposers take, down the line, software and sophisticated analytics may also one day be used to filter out the inevitable noise associated with the devices to establish a clean and clear signal. 

And another possible use for AI and machine learning in this pursuit has to do with monitoring patients with critical illness, Chretien noted. 

“If we have this ability to measure intracranial pressure non-invasively, and we have other continuous measurements to which is common in an intensive care unit, and it’s increasingly possible in les- resourced settings, how do we take all of that information and use it to gain a better understanding of the patient’s current status, and what treatments they need at a given time — and what treatments they may need in the future?” he explained. 

The potential devices could also enable “that data to get a much broader patient population than it is now,” according to Chretien. “So, AI definitely has a role there.”

DARPA projects can take as long as four years to unfold, but Chretien added that the agency is focused on swift development of a device in as quick as two years. The project also requires approved clinical study on living humans, and could culminate in the submission for Food and Drug Administration (FDA) clearance of the produced device. 

“We want to see how well this device performs in actual patients who have brain injury. So, this is not just a development of a device in a lab and some kind of laboratory model, or even an animal model. This is for human patients, and so I think that’s going to give us early indication of whether we have a successful approach here,” Chretien said.

Senate bill to require annual briefing on NSA-CYBERCOM relationship

A Senate committee wants annual briefings on the relationship between U.S. Cyber Command and the National Security Agency, which are currently co-located and have shared resources.

The provision is found in the Senate Armed Services Committee’s version of the fiscal 2023 National Defense Authorization Act, which passed the committee June 16, but language wasn’t released until July 18.

When Cyber Command was initially being built, the Department of Defense co-located it with the NSA as a means to help it grow, relying on the expertise, staff and even tools and infrastructure of the spy agency to get it off and running. The two still share a boss and are co-located, which is referred to as the dual hat.

However, the arrangement has been understood that it would be temporary given the inherently different missions of each organization and potential undue risk to each: NSA charged with foreign intelligence and the Department of Defense with war fighting. Opponents of the arrangement cite the outsized power of one person leading both organizations and relying on intelligence infrastructure and tools, which are meant to stay undetected, for military activity, which typically isn’t, poses risks to such espionage activity.

Those in favor of keeping the arrangement argue that Cyber Command benefits from the tight intelligence linkage and also still isn’t ready to stand on its own.

In a report accompanying the bill, the SASC notes it is “aware that concerns have been raised about whether the dual hat leadership arrangement … adversely impacts either organization. The committee believes that over the last few years, the dual hat leadership arrangement has demonstrated improved effectiveness both in support of military operations and in defense of the Nation. The committee understands that in the cyber domain success depends on speed, agility, and unity of effort, all of which are enhanced with the dual hat relationship.”

Moreover, the committee notes its understanding that having a single individual in charge of both organizations allows them to allocate resources, assess and mitigate risk to provide unity of effort in operations.

“The committee believes that the dual hat relationship ensures a strategic alignment between these organizations and is essential to the Nation’s success in strategic competition,” it said in the report.

In the 2016 annual defense policy bill, Congress outlined a series of metrics for the Pentagon to meet in order to split the two organizations. Those metrics were then tweaked in the 2017 policy bill adding more restrictions necessary to split the dual hat. They included that each organization have robust command and control systems for planning, deconflicting and executing military cyber operations and national intelligence operations as well as ensuring tools and weapons used in cyber operations are sufficient for achieving required effects. It also sought to ensure that Cyber Command can acquire or develop these tools, weapons, and accesses.

Gen. Paul Nakasone, who leads both organizations, testified before Congress in March that his organizations are still working towards meeting those metrics.

He said Cyber Command and NSA’s requirements continue to grow and that dependencies between the two entities, such as shared infrastructure, have decreased.

The briefing to the committee required by the bill, which must still be approved by the full Senate and then reconciled with the House version, must include:

Senate Armed Services Committee questions Navy’s future role, contribution to cyberspace operations

Editor’s note: This story was updated July 21 with comment from Sen. Mike Rounds, R-S.D., ranking member of the Senate Armed Services Subcommittee on Cybersecurity.

The Senate’s version of the annual defense policy bill raises the specter that the Navy should entirely get out of cyber operations for U.S. Cyber Command.

While the Senate Armed Services passed its version of the National Defense Authorization Act for fiscal 2023 on June 16, the full text of the bill and its provisions were not released until July 18.

The latest version of the bill follows concerns from some quarters that the Navy does not have a dedicated military occupational specialty for cyber, which some believe is a direct result of the readiness issue.

One provision in the bill seeks to evaluate the way the Department of Defense trains, organizes and presents cyber forces. Under the current structure, the services provide a pre-determined number of cyber mission force teams to Cyber Command and are largely responsible for training them under joint standards developed by Cyber Command.

Given the cyber mission force was initially designed in 2013, many experts and members of Congress have sought a reexamination of these forces to see if there are the right number of forces, if they’re focused on the right set of threats, if they’re organized properly and if they have the right tool sets, to name a few.

The SASC bill, which still must be approved by the full Senate and then reconciled with the House version, requires a study on the responsibilities of the military services for organizing training and presenting the total forces to Cyber Command.

As part of this study, the committee is requiring the establishment of a new or revised model by the secretary of defense by December 31, 2024, which, among other aspects, determines whether the Navy should no longer be responsible for developing and presenting forces to Cyber Command as part of the cyber mission force. A force structure assessment was included in the fiscal 2021 NDAA and as a result, the cyber mission force is slated to grow.

Concerns regarding the organization and readiness of the Navy’s cyber teams has been ongoing for some time. A provision in the House NDAA is pushing the Navy to create a singular and special work role dedicated to cyberspace.

The Navy is currently the only service that does not have a dedicated military occupational specialty or, in Navy parlance, “designator” for cyber. Its cyber personnel are primarily resourced from its cryptologic warfare community — which is also responsible for signals intelligence, electronic warfare and information operations, among several mission sets — with additional roles resourced from information specialists and cyber warfare engineers. Cyber warfare engineers are not operators, but specialize in highly technical skills and development of tools.

Critics argue that this leads to a less proficient cyber workforce because personnel have to constantly cycle in and out to gain experience in the other aspects of the cryptology field, while proponents say they want to build a well rounded information force.

In a report accompanying the Senate bill, the committee notes that it is “concerned about continued readiness challenges with cyberspace operations forces, particularly with the Navy contributions to the Cyber Mission Force.”

Relatedly, another provision in the SASC bill requires a plan by the secretary of defense and chairman of the Joint Chiefs of Staff to develop a plan to correct readiness shortfalls of the cyber mission force.

Readiness has long been one of if not the top priority for Cyber Command.

“In terms of our priorities this year and going into next, a major priority that [Cybercom commander Gen. Paul Nakasone] has set for us is our force readiness — how do we look at our cyber mission teams and ensure that our operators and our analysts are the best qualified, most lethal cyber force in the world,” Dave Frederick, the command’s executive director, said at an online event in June. “Readiness is a big focus for us.”

In recent years, the command has sought various approaches to improve readiness and readiness oversight.

However, some senators are concerned with how ready the teams actually are.

“As Ranking Member of the Cybersecurity Subcommittee, I have worked with U.S. Cyber Command to understand the readiness challenges faced by the Cyber Mission Force (CMF). I have also discussed these challenges with leaders in each branch of the military, including a Cybersecurity Subcommittee hearing and a visit to Fort Gordon, Georgia. These conversations culminated in my development of this provision. I am also working to make certain that cyber career fields are prioritized within the Services in order to avoid a shortfall,” Sen. Mike Rounds, R-S.D., said in a statement. “Individuals in these roles defend the nation in the cyber domain in order to maintain our freedom and accomplish overarching goals. An adequate CMF is essential, as cyber-attacks are an existing and dangerous threat to our national security. The threat is not going away, and we must have well-equipped and sufficient manpower to combat it.”

Additional aspects of the study on responsibilities for organizing training and presenting the total forces to Cyber Command include:

Verizon wins $400M FBI task order under EIS contract

Verizon has won a $400 million task order to support the Federal Bureau of Investigation’s network modernization under the Enterprise Infrastructure Solutions contract, the company announced Tuesday.

Through the EIS contract, Verizon will help the FBI improve its connectivity as well as its data and voice solutions in support of its greater intelligence and law enforcement missions.

The task order is a re-award of work the FBI awarded Verizon last year that AT&T protested, but the Government Accountability Office quickly dismissed.

The telecom provider said in a release the award will help the FBI “meet increasing demands for data bandwidth around the globe successfully.”

“We understand the critical nature of the work we will do with the FBI to improve network availability, enhance operational efficiency, use tailored approaches to meet individual division needs, and help modernize technology,” Maggie Hallbach, senior vice president, public sector at Verizon, said in the release. “Building on nearly 20 years of partnership with the Bureau, this next phase will provide stable solutions and a modern network that is faster, more scalable and secure that will help the FBI achieve its mission.”

As part of the win, Verizon will also provide enhanced ethernet access capabilities, global virtual private network services and its 4G LTE and 5G Nationwide wireless, which it says enables “the move to wireless connections provisioned on-demand for faster deployment at FBI locations, and support for high-speed connectivity for FBI agents working in the field.”

The $50 billion EIS contract is a governmentwide vehicle meant to help agencies jumpstart the modernization of their aging IT and network infrastructures. But the transition to the contract has been a slog for many agencies, with deadlines looming for them to have their telecom portfolios transitioned off of legacy contracts by the end of this fiscal year.

Despite the expiration of those legacy contracts, like Networx, Washington Interagency Telecommunications System (WITS) 3 and other local telecom services, May 31, the General Services Administration decided to give agencies an option to continue those services for up to a year.

In January, 15 agencies received “F” grades for their EIS transitions during a biannual FITARA Scorecard hearing.