Cyber defense

Army Looking to Formalize Roles of Local Network Defenders

The U.S. Army wants to establish responsibilities at each echelon for local network defenders in a bid to improve service and joint cybersecurity posture.

Currently, cybersecurity service providers within the Army that are tasked as local or installation level network operators and defenders have varying levels of responsibility. The situation occasionally leads to local network defenders having to ask for help from cyber protection teams to carry out traditional incident response, which they are not designed to do, C4ISRNET reported.

Army Gen. John Morrison, deputy chief of staff, G6, told attendees at TechNet Cyber 2021 that formalizing roles would reduce reliance on cyber protection teams and allow them to focus on hunting network threats.

“This is really about aligning all of our cyber defensive capabilities so we get after that notion that the folks that own the terrain are doing that broader area defense,” Morrison explained.

The Army aims to do so by addressing the organizational design for local network defenders, including ensuring that they have the necessary capabilities and training to conduct their mission.

Officials have already released a unified network operations requirements document to standardize and outline requirements for operations, maintenance, security and defense of all Army networks.

Collectively, the U.S. military is looking to establish uniform standards and baselines for local network defenders across the Department of Defense.