PEO EIS’ Defensive Cyber Operations (DCO) continues to lead the way across the DOD’s cyber enterprise with a new, collaborative, joint service technical exchange group.
DCO’s Technical Exchange Meetings (TEM) are currently comprised of defensive cyber experts from the U.S. Army, Air Force and Navy. The virtual meetings are intended to provide an opportunity for cyber specialists from across DOD to share best practices, exchange technical implementation ideas, discuss pressing issues and identify solutions from within the group. This type of exchange is the first of its kind for the DOD’s cyber enterprise and is opening the lines of communication for U.S. cyberspace defense.
The TEM is a collaborative, highly technical information-sharing community. Unlike a technical working group, there are no planned joint projects, and the services are not expected to provide any deliverables. Moreover, the meeting is not designed to host capability briefs. Instead, it is a common space where the services can learn from each other and identify ways to integrate the best ideas from each branch.
“The joint service TEM is another testament to how our team has led the way across the DOD’s cyber community,” said Arthur Edgeson, product lead for DCO’s Applied Cyber Technology (ACT) product office. “We’re committed to continually developing innovative initiatives to support our cyber warriors in the Army and across the cyber domain.”
The TEM came about in a rather interesting manner. DCO has long used commercial off-the-shelf tools for threat hunting, system monitoring and log management with great success. These tools continually need upgrades to stay ahead of threat actors. In March 2022, DCO’s ACT technical team began working extensively with industry to ensure successful implementation. The team conducted vulnerability scans and a code review, and ensured that the tools were compliant with the Defense Information Security Agency’s Security Technical Implementation Guides. The ACT team was able to complete the tool updates without any system downtime, thus ensuring seamless support of the Army’s defensive cyberspace mission.
Due to the success of this particular implementation, other military services began seeking advice on how DCO manages to stay ahead of adversaries and maintain an information advantage. DCO established a working relationship with the Air Force and is now sharing its successes with the Navy. The ACT team is the primary connector among these services, and all parties have agreed it would be advantageous to meet regularly; thus, the TEM was born.
The inaugural TEM meeting was held July 14, 2022, less than two weeks after DCO’s initial meeting with the Navy. Discussions centered around various components of each service’s respective cyber weapons systems and explored in-depth how the services are using defensive tools within their platforms. Resources were exchanged among group members, and the meeting ended with plans for follow-on discussion.
The current plan calls for the TEM to meet on a quarterly basis, with monthly “side bar” meetings to be held on an as-needed basis. Efforts are currently underway to invite the U.S. Marine Corps and the Coast Guard to join the TEM.
“The TEM is a unique opportunity for all services to learn and grow from each other, all to the benefit of our nation’s cyber warriors,” said Robert Nash, Forge mission lead at ACT. “To our knowledge, we don’t know of any such group within DOD’s cyber enterprise, and we are proud to have been the genesis for yet another groundbreaking framework.”
The TEM exchange meetings challenge the assumption that DOD works in siloes that inherently exist between the services. The meetings have the potential to break down walls and spur solutions to common cyber problems seen across the military.
“The cyber battlefield operates like no other domain, and it’s worthy of an unconventional platform to support it,” said Kyle Tucker, deputy product lead for DCO’s ACT product office, “DCO’s Technical Exchange Meetings with sister services have the potential to change the game for our nation's cyber defenders.”