Army advances rapid acquisition for cyber defense

By Claire Heininger

ABERDEEN PROVING GROUND, Md. (Aug. 18, 2015) – From protecting sensitive communications on the battlefield to thwarting the insider threat back home, Soldiers need a wide range of cyber weapons to defend the Army’s information and resources.

Now, the service has a way to quickly buy and deliver those tools to stay ahead of evolving threats.

The Army is moving forward with a unique approach that will enable rapid acquisition of defensive cyber capabilities in response to emerging requirements. By following a model known as the “Information Technology (IT) Box,” the Army is leveraging a proven process while tailoring it to meet the demands and complexities of cyber warfare.

“Cyber doesn’t fit the traditional acquisition process that you would use to deliver a tank,” said Kevin Fahey, executive director of the Army’s System of Systems Engineering and Integration (SoSE&I) directorate, Assistant Secretary of the Army for Acquisition, Logistics and Technology, or ASA(ALT). “As the Army moves from responding to Operational Needs Statements to creating cyber programs of record, we are laying the groundwork to continuously take advantage of the best technology out there.”

Once implemented, the strategy will be used to equip Soldiers with a wide range of tools supporting defensive cyber operations, including analytics, advanced sensors, forensics, infrastructure, insider threat discovery capabilities and several others.

Each capability area is outlined in its own Requirements Definition Package developed by the Training and Doctrine Command, in keeping with the Army’s intent to divide the execution of cyber programs among the program offices that already have subject matter expertise, in order to manage as a portfolio rather than creating a so-called “cyber stovepipe.”

But because all of the tools are part of an integrated system – contained in the same overarching “IT Box” – these requirements and subsequent Materiel Development Decisions will likely require approval at the service level, rather than the joint level. The IT Box structure enables the Army to deliver solutions within weeks of receiving cyber requirements, rather than months or years under the traditional acquisition system.

The strategy also provides the flexibility to create or update requirements as new Operational Needs Statements arrive from the field and influence cyber programs of record, officials said.

“By tailoring the IT Box construct to cyber, we are creating the foundation for rapid response that our Soldiers will need for years to come,” said Col. BJ Stephens, director of the ASA(ALT) Cyber Focal, the office responsible for coordinating and synchronizing cyberspace requirements across Army program offices for execution. “At the same time, the Army has established the Cyber Acquisition Requirements and Resourcing (CARR) working group to provide Army oversight and governance for cyber IT Box requirements so the right stakeholders are prioritizing the acquisition of each materiel solution.”

First implemented by the Department of Defense in 2008 and updated in 2012, the IT Box construct recognizes that information technology evolves more rapidly than major weapon systems. It aims to provide military IT programs with a more adaptive acquisition approach, offering the flexibility to plan for and incorporate evolving technology throughout the program lifecycle. Through IT Box, the Army can adjust requirements, procure and field cyber technologies with minimal delays, incorporating capabilities as they mature or upgrading them as necessary.

Leveraging IT Box is just one piece of the Army’s plans for cyber acquisition, which also include creating a consortium of industry, academia and government entities to foster cross-sector collaboration on emerging cyber solutions. SoSE&I is also developing a repeatable, “innovation challenge”-based model that allows the Army to quickly purchase and evaluate pilot and prototype cyber solutions using Other Transaction Authority methods rather than standard acquisition processes.

“The cyber threat is constantly evolving, so the Army needs an innovative strategy with the flexibility to adapt to changing circumstances,” Stephens said. “All of these steps will help ensure that we protect and defend our vital information and networks, and equip our Soldiers with systems to prevent, counter and recover from cyber attacks.”

Artillery Fire Direction Center personnel assigned to Bravo Battery, 4th Battalion, 27th Field Artillery Regiment, Division Artillery, 1st Armored Division, process live fire artillery missions to M777A2 Howitzer crews during Network Integration Evaluation (NIE) 15.1 at Fort Bliss, Texas, in the fall of 2014. The need to protect battlefield communications from cyber threats has led the Army to develop a rapid acquisition approach for defensive cyber capabilities. (Photo by: Spc. Joshua D. Kramer, U.S. Army, 4th Bn., 27th FA Regt., DIVARTY, 1st AD)

Artillery Fire Direction Center personnel assigned to Bravo Battery, 4th Battalion, 27th Field Artillery Regiment, Division Artillery, 1st Armored Division, process live fire artillery missions to M777A2 Howitzer crews during Network Integration Evaluation (NIE) 15.1 at Fort Bliss, Texas, in the fall of 2014. The need to protect battlefield communications from cyber threats has led the Army to develop a rapid acquisition approach for defensive cyber capabilities. (Photo by: Spc. Joshua D. Kramer, U.S. Army, 4th Bn., 27th FA Regt., DIVARTY, 1st AD)