PM Defensive Cyber Operations Aligns with Continuous Transformation

The deployable defensive cyber operations systems kits help soldiers protect their systems from online attacks. They work by automating security tasks, making it easier to set up defenses, and giving experts tools to quickly understand and respond to threats.

The deployable defensive cyber operations systems kits help Soldiers protect their systems from online attacks. They work by automating security tasks, making it easier to set up defenses and giving experts tools to quickly understand and respond to threats. (Images courtesy of PM DCO)

PM Defensive Cyber Operations aligns with Army’s Continuous Transformation to advance defensive cyber operations capabilities

by Katherine Morgan

 

The U.S. Army continues to prioritize a much-needed shift to faster, more agile software development and acquisitions to deliver secure and effective capabilities to defensive cyber operations. Army Directive 24-02, “Enabling Modern Software Development and Acquisition Practices,” emphasized the need for more user feedback and flexible contracting to accelerate innovation, and most recently, the Army officially rolled out Continuous Transformation, formerly the Army Transformation Initiative—which formally mandates streamlining what is deemed mission critical and transforming to a leaner, more lethal force. The overarching goal is to create a more agile, resilient and lethal warfighter able to integrate rapidly in an ever-changing global security environment. This means moving beyond counterinsurgency and preparing for large-scale combat operations, while maintaining capabilities for contingencies. Program Executive Office for Intelligence, Electronic Warfare and Sensors (PEO IEW&S) Project Manager Defensive Cyber Operations’ (PM DCO) product offices and teams are heeding the Army’s call to find new ways to improve and initiate new features and enhancements to defensive cyber operations capabilities.

Continuous Transformation calls attention to a known problem—when it comes to advancing the warfighter in the best way possible, traditional, rigid methods with long development cycles simply will not cut it anymore. Today’s battlefield demands constant innovation in cyber defense, as the landscape constantly changes, with new threats rapidly emerging. To stay ahead, the U.S. Army must anticipate and defend against attacks before they happen, rather than just responding after damage is done. This entails proactive measures that protect the Army’s networks and critical infrastructure from disruption and compromise while remaining agile when supporting the warfighter’s needs and mission.

MODERN CYBER DEFENSE ORIGINS

The PM DCO program, currently under the PEO IEW&S, began in 2018 under the Program Executive Office for Enterprise Information Systems with a crystal-clear mission—to modernize and advance the Army’s cyber defensive capabilities through modern software acquisitions that directly benefit the Soldier. For instance, in 2018, two early defensive cyber operations programs focused on cyber analytics and mission planning were selected by the Office of Secretary of Defense to participate in an agile pilot program spurred by the National Defense Authorization Act. These programs, selected out of the entire Army portfolio to execute a faster, more agile approach to software delivery, gave PM DCO the opportunity to capture key learnings, inform policy, and provide guidance, training and workforce development—all which helped shape and drive PM DCO’s mission and operations today.

graphic depicting PM DCO capabilities allow the Army to defend systems, networks, and critical infrastructure for stronger national security.

PM DCO capabilities allow the Army to defend systems, networks, and critical infrastructure for stronger national security.

“Outpacing our adversaries is essential to our defensive cyber operations mission,” said Robert Zoppa, project manager of Defensive Cyber Operations. “From working with the Army Cyber Command (ARCYBER) and Defense Advanced Research Projects Agency on artificial intelligence and machine learning, to deploying modular defensive cyber operations kits to Soldiers, PM DCO delivers exceptional cyber warfighting capabilities that protect against cyber threats.”

FLEXIBLE, STREAMLINED ACQUISITION AND RAPID PROTOTYPING

The Army’s Continuous Transformation goals around acquisition acceleration—particularly in the cyber domain—cannot be met through traditional, slow acquisition processes. Recognizing that traditional procurement methods are too cumbersome, PM DCO leverages rapid prototyping and flexible Other Transaction Authority agreements, which allow the government to collaborate with partners to quickly prototype and field innovative technologies, bypassing more traditional acquisition regulations to deploy critical defensive cybersecurity features. For example, through the Other Transaction Authority process, PM DCO quickly acquired the first version of the deployable defensive cyber operations systems kits, which advance the warfighter’s cyber defense capabilities by automating tasks, simplifying deployment and providing defensive cyber operations tools that enable higher-level analysis and response. Also, when ARCYBER needed a robust environment to analyze data, PM DCO quickly delivered a greatly needed prototype to ARCYBER’s data scientists in just two weeks. Within 30 days, the capability was fully developed, and it was granted authority to operate in six months.

The Budget Activity 08 (BA-08) “Software and Digital Technology Pilot Program” fund lets PM DCO streamline acquiring software and hardware through one appropriation for relevant technology needs and activities, regardless of their stage of development. This process allows for faster development and quicker responses to evolving warfighter needs and requirements. PM DCO’s User Activity Monitoring program focuses on insider threats by monitoring unusual user access, unauthorized device connections and abnormal website behavior. Leveraging BA-08 funds, the program quickly procured critical cloud infrastructure and services to test cloud capability functionality and cybersecurity, ultimately avoiding delays of 12-24 months—the time it would take to perform a reprogramming effort or program objective memorandum adjustment, and saved on overall program costs that would have been used to maintain an “on-premises” solution.

A Pie- Chart depicting PM DCO leverages rapid prototyping and flexible contracting methods to quickly pilot and field innovative, critical defensive cybersecurity technologies.

PM DCO leverages rapid prototyping and flexible contracting methods to quickly pilot and field innovative, critical defensive cybersecurity technologies.

“Cyber threats continue to evolve, and the ability to strengthen our market intelligence to rapidly integrate and deliver cutting-edge defensive capabilities is paramount to ensuring the security and effectiveness of Army operations in the digital domain,” said Wayne Sok, product manager of PM DCO Cyber Platforms and Systems Product Office. “The BA-08 pilot fund enables our ability to rapidly deliver crucial systems that bolster the Army’s cyber defense capabilities against our adversaries.”

USER-CENTERED DESIGN AND AUTOMATION FOR EFFECTIVE CYBER DEFENSE

User-centered design principles must be incorporated to adapt Soldiers to adhere to priorities resulting from Continuous Transformation. Equipping the Soldier effectively means applying customer research and user feedback early and often and ensuring that new systems are designed to best meet their needs.

“We prioritize user representation in everything we do—from initial ideas to final deployment—using continuous customer research and feedback for a human-centered approach,” said Lt. Col. Brandon Pye, product manager of PM DCO’s Cyber Analytics and Detection Product Office. “Our ARCYBER product owners and tool champions are central to our user-centered design strategy. Working closely with our stakeholders, we deliver and continuously improve cyber defense analytics tools based on real-world feedback, ensuring they meet current and future mission requirements.”

Continuous Transformation calls for the need to harness and infuse technology to transform to a leaner, more lethal force. To advance the warfighter and gain a critical advantage over adversaries, PM DCO promotes cutting-edge cybersecurity solutions for the Soldier to proactively stop malicious activity. Unlike standard antivirus software, the cybersecurity system automatically detects new and evolving threats with little to no manual intervention needed from the user. Soldiers also benefit from the Army’s Big Data Platform, Gabriel Nimbus, managed by PM DCO, which utilizes machine learning, analyzes and detects malicious actors and reports threats.

Graphic depicting Gabriel Nimbus is the U.S. Army's big data platform designed to ingest, process, and analyze massive amounts of data to improve decision-making and operational effectiveness.

Gabriel Nimbus is the U.S. Army’s big data platform designed to ingest, process, and analyze massive amounts of data to improve decision-making and operational effectiveness.

CONCLUSION

The PM DCO teams plan to use the Army’s Continuous Transformation as inspiration for better collaboration with customers, stakeholders and mission partners across the Army and cyber enterprise, as well as integrating modern hardware and software defensive cyber capabilities to maintain a maximum competitive advantage, improve operational efficiency and ensure security.

PM DCO plans to prioritize the execution of more pilot programs and agile programs to spark innovation and continue to challenge the status quo. For instance, under current modernization efforts for forensic and malware analysis, PM DCO teams quickly delivered stronger defensive warfighting capabilities to the field when user feedback prompted changes needed to the material solution. Based on changing requirements, emerging threats and new user feedback, the program office quickly pivoted from the current solution to embracing new, more effective innovative software modules. PM DCO is closely collaborating ARCYBER, leveraging Other Transaction Authority agreements, to greatly increase the cyber defender’s ability to quickly triage cyber incidents, provide full analysis and collect malicious data. The program office will start rolling out modernized iterations of the overall software solution in six to twelve months starting in fiscal year 2026.

PM DCO—in line with the Army’s initiatives to remain agile and open to new ways to strengthen our national security—continues to advance defensive cyber tools and capabilities through modernized, agile and effective acquisition techniques. From applying flexible acquisition and contracting strategies, to practicing agile procurement methods, PM DCO remains ready to lead, pivot and adapt to perpetually advance the warfighter.

 

For more information about PM DCO, go to https://peoiews.army.mil/pm-dco/.

 

KATHERINE MORGAN leads the strategy and execution of PM DCO’s public affairs priorities as a strategic communications specialist. She holds a B.A. in communications from Mississippi State University and specializes in public affairs, strategic communications, digital marketing, media relations, content creation, branding and client services.