Staffing Cyber Operations (Presentation)

Similar documents
Potential Savings from Substituting Civilians for Military Personnel (Presentation)

Defense Health Care Issues and Data

Medical Requirements and Deployments

Information Technology

The Military Health System How Might It Be Reorganized?

The Fully-Burdened Cost of Waste in Contingency Operations

White Space and Other Emerging Issues. Conservation Conference 23 August 2004 Savannah, Georgia

Shadow 200 TUAV Schoolhouse Training

Independent Auditor's Report on the Attestation of the Existence, Completeness, and Rights of the Department of the Navy's Aircraft

ASAP-X, Automated Safety Assessment Protocol - Explosives. Mark Peterson Department of Defense Explosives Safety Board

Panel 12 - Issues In Outsourcing Reuben S. Pitts III, NSWCDL

Improving the Quality of Patient Care Utilizing Tracer Methodology

Integrated Comprehensive Planning for Range Sustainability

Mission Assurance Analysis Protocol (MAAP)

CRS prepared this memorandum for distribution to more than one congressional office.

Opportunities to Streamline DOD s Milestone Review Process

Intelligence, Information Operations, and Information Assurance

Report Documentation Page

DDESB Seminar Explosives Safety Training

terns Planning and E ik DeBolt ~nts Softwar~ RS) DMSMS Plan Buildt! August 2011 SYSPARS

World-Wide Satellite Systems Program

Electronic Attack/GPS EA Process

Perspectives on the Analysis M&S Community

712CD. Phone: Fax: Comparison of combat casualty statistics among US Armed Forces during OEF/OIF

Report No. D February 9, Internal Controls Over the United States Marine Corps Military Equipment Baseline Valuation Effort

Fiscal Year 2011 Department of Homeland Security Assistance to States and Localities

Acquisition. Air Force Procurement of 60K Tunner Cargo Loader Contractor Logistics Support (D ) March 3, 2006

Military to Civilian Conversion: Where Effectiveness Meets Efficiency

The Affect of Division-Level Consolidated Administration on Battalion Adjutant Sections

Wildland Fire Assistance

Army Modeling and Simulation Past, Present and Future Executive Forum for Modeling and Simulation

Chief of Staff, United States Army, before the House Committee on Armed Services, Subcommittee on Readiness, 113th Cong., 2nd sess., April 10, 2014.

Veterans Affairs: Gray Area Retirees Issues and Related Legislation

Report No. D May 14, Selected Controls for Information Assurance at the Defense Threat Reduction Agency

USMC Identity Operations Strategy. Major Frank Sanchez, USMC HQ PP&O

Department of Defense DIRECTIVE

Evolutionary Acquisition an Spiral Development in Programs : Policy Issues for Congress

Social Science Research on Sensitive Topics and the Exemptions. Caroline Miner

DoD Countermine and Improvised Explosive Device Defeat Systems Contracts for the Vehicle Optics Sensor System

Incomplete Contract Files for Southwest Asia Task Orders on the Warfighter Field Operations Customer Support Contract

Software Intensive Acquisition Programs: Productivity and Policy

Battle Captain Revisited. Contemporary Issues Paper Submitted by Captain T. E. Mahar to Major S. D. Griffin, CG 11 December 2005

Cyber Attack: The Department Of Defense s Inability To Provide Cyber Indications And Warning

Report No. D July 25, Guam Medical Plans Do Not Ensure Active Duty Family Members Will Have Adequate Access To Dental Care

Afloat Electromagnetic Spectrum Operations Program (AESOP) Spectrum Management Challenges for the 21st Century

Financial Management

Cerberus Partnership with Industry. Distribution authorized to Public Release

Air Force Science & Technology Strategy ~~~ AJ~_...c:..\G.~~ Norton A. Schwartz General, USAF Chief of Staff. Secretary of the Air Force

Infantry Companies Need Intelligence Cells. Submitted by Captain E.G. Koob

Contemporary Issues Paper EWS Submitted by K. D. Stevenson to

Conservation Law Enforcement Program Standardization

Comparison of Navy and Private-Sector Construction Costs

Biometrics in US Army Accessions Command

Make or Buy: Cost Impacts of Additive Manufacturing, 3D Laser Scanning Technology, and Collaborative Product Lifecycle Management on Ship Maintenance

USAF Hearing Conservation Program, DOEHRS Data Repository Annual Report: CY2012

Dynamic Training Environments of the Future

DOD Native American Regional Consultations in the Southeastern United States. John Cordray NAVFAC, Southern Division Charleston, SC

February 8, The Honorable Carl Levin Chairman The Honorable James Inhofe Ranking Member Committee on Armed Services United States Senate

ASNE Combat Systems Symposium. Balancing Capability and Capacity

United States Army Aviation Technology Center of Excellence (ATCoE) NASA/Army Systems and Software Engineering Forum

The Need for NMCI. N Bukovac CG February 2009

DoD Scientific & Technical Information Program (STIP) 18 November Shari Pitts

Military Health System Conference. Putting it All Together: The DoD/VA Integrated Mental Health Strategy (IMHS)

Fleet Logistics Center, Puget Sound

INSIDER THREATS. DOD Should Strengthen Management and Guidance to Protect Classified Information and Systems

The Uniformed and Overseas Citizens Absentee Voting Act: Background and Issues

Munitions Response Site Prioritization Protocol (MRSPP) Online Training Overview. Environmental, Energy, and Sustainability Symposium Wednesday, 6 May

Afghanistan Casualties: Military Forces and Civilians

The DoD Siting Clearinghouse. Dave Belote Director, Siting Clearinghouse Office of the Secretary of Defense

Required PME for Promotion to Captain in the Infantry EWS Contemporary Issue Paper Submitted by Captain MC Danner to Major CJ Bronzi, CG 12 19

NORMALIZATION OF EXPLOSIVES SAFETY REGULATIONS BETWEEN U.S. NAVY AND AUSTRALIAN DEFENCE FORCE

AFRL-ML-WP-TP

IMPROVING SPACE TRAINING

United States Military Casualty Statistics: Operation Iraqi Freedom and Operation Enduring Freedom

Defense Acquisition: Use of Lead System Integrators (LSIs) Background, Oversight Issues, and Options for Congress

DOING BUSINESS WITH THE OFFICE OF NAVAL RESEARCH. Ms. Vera M. Carroll Acquisition Branch Head ONR BD 251

Report No. DODIG December 5, TRICARE Managed Care Support Contractor Program Integrity Units Met Contract Requirements

The Coalition Warfare Program (CWP) OUSD(AT&L)/International Cooperation

Report No. D-2011-RAM-004 November 29, American Recovery and Reinvestment Act Projects--Georgia Army National Guard

RESPONDING TO COMPOSITE FIRES: FIRST RESPONDER TRAINING MODULE

DEFENSE BUSINESS BOARD. Employing Our Veterans: Expediting Transition through Concurrent Credentialing. Report to the Secretary of Defense

Preliminary Observations on DOD Estimates of Contract Termination Liability

2010 Fall/Winter 2011 Edition A army Space Journal

Air Education and Training Command

Exemptions from Environmental Law for the Department of Defense: Background and Issues for Congress

Army Aviation and Missile Command (AMCOM) Corrosion Program Update. Steven F. Carr Corrosion Program Manager

Cold Environment Assessment Tool (CEAT) User s Guide

The Landscape of the DoD Civilian Workforce

Aviation Logistics Officers: Combining Supply and Maintenance Responsibilities. Captain WA Elliott

Unexploded Ordnance Safety on Ranges a Draft DoD Instruction

Quantifying Munitions Constituents Loading Rates at Operational Ranges

Technical Considerations for Alamo Lake Operation

711 HPW COUNTERPROLIFERATION BRANCH

For the Period June 1, 2014 to June 30, 2014 Submitted: 15 July 2014

Afghanistan Casualties: Military Forces and Civilians

Office of Inspector General Department of Defense FY 2012 FY 2017 Strategic Plan

DoD Corrosion Prevention and Control

Report No. DODIG Department of Defense AUGUST 26, 2013

uu uu uu SAR REPORT DOCUMENTATION PAGE 2014 QuickCompass oftricare Child Beneficiaries: Utilization of Medicaid Waivered Services

MILITARY MUNITIONS RULE (MR) and DoD EXPLOSIVES SAFETY BOARD (DDESB)

Transcription:

INSTITUTE FOR DEFENSE ANALYSES Staffing Cyber Operations (Presentation) Thomas H. Barth Stanley A. Horowitz Mark F. Kaye Linda Wu May 2015 Approved for public release; distribution is unlimited. IDA Document NS D-5472 H 15-000328 INSTITUTE FOR DEFENSE ANALYSES 4850 Mark Center Drive Alexandria, Virginia 22311-1882

About this Publication The views, opinions, and findings should not be construed as representing the official position of either the Department of Defense or the sponsoring organization. Copyright Notice 2015 Institute for Defense Analyses 4850 Mark Center Drive, Alexandria, Virginia 22311-1882 (703) 845-2000. This material may be reproduced by or for the U.S. Government pursuant to the copyright license under the clause at DFARS 252.227-7013 (a)(16) [Jun 2013].

Staffing Cyber Operations Western Economics Association International Thomas H. Barth Stanley A. Horowitz Mark F. Kaye Linda Wu June 2015 1

Briefing Outline Background Methodology Direct Participation in Cyberspace Hostilities Analysis of Staffing Plans Assessment of Inherently Governmental (IG), Commercial Activity, and Military Essentiality Costing Conclusions 2

Background U.S. Cyber Command asked the Services to create a Cyber Mission Force (CMF): >6100 personnel in 133 teams Five types of teams in all four Services: National Mission (NMT) National Support (NST) Combat Mission (CMT) Combat Support (CST) Cyber Protection (CPT) Service staffing paradigms differ include about 80% military personnel on average It is not obvious how many of the positions are really militaryessential 3

Objective Explore alternative staffing strategies that would accomplish the cyberspace operations-related functions in a cost-effective fashion 4

Project Methodology Assumed the Role of a Manpower Planner Analysis/study of DoDI 1100.22 Policy and Procedures for Determining Workforce Mix Reviewed current statutory, policy-based, and administrative law provisions, definitions, and declarations of inherently governmental functions in federal law and guidance Understanding of the Mission Requirement of the Cyber Mission Force Doctrine: JP 3-12 Cyberspace Operations U.S. Cyber Command s Cyber Force Concept of Operations and employment interviews with the four Services and representatives from CYBERCOM s J8 Developed criteria for determining direct participation in cyber hostilities Evaluated every billet in CMF; built alternative staffing structures Estimated the annual cost of each CMF Staffing Plan Followed DoDI 7041.04 on Manpower Costing Used CAPE s Full Cost of Manpower (FCoM) Costing Tool with modifications Only USAF provided requested Service training costing data 5

Summary of Service Interviews How Did We Get to Where We Are? These are military teams conducting Title 10 missions No time to build this requirement in the POM Requirement approved in FY13; first teams required in same FY; must complete requirement by FY16 No temporary end strength increase or additional funding for civilian personnel to build this force No consensus on which positions constitute Direct Participation in Cyberspace Hostilities (DPH) = Cyberspace Combatant Still a fair amount of uncertainty on the team composition and locations USCYBERCOM: we will make changes to team designs as we learn from use Concept of Operations and employment still requires development Civilians may not be able to help meet surge requirements Service staffing decisions based primarily on fielding what they believe is the most flexible force mix 6

Policy for Determining Workforce Mix DODI 1100.22 provides a decision framework These are the justifications for using government personnel We started with Category A leadership as militaryessential Added criterion of being DPH, but international law and practice are not well-defined Chose least expensive performer if criteria do not require a single source 7

Possible Litmus Test for Determining Direct Participation in Cyberspace Hostilities (DPH) Must Satisfy Three Criteria Threshold of Harm: The act must be likely to adversely affect the military operations of a party to an armed conflict or, alternatively, to inflict death, injury, or destruction on persons or objects protected against direct attack Direct Causation: There must be a direct causal link between the act and the harm likely to result either from that act, or from a coordinated military operation of which that act constitutes an integral part Belligerent Nexus: The act must be specifically designed to directly cause the required threshold of harm in support of a party to the conflict to the detriment of another (issue of intent) 8

Illustrative Application of DPH Criteria Cyber Activity Threshold of Harm Direct Causation Belligerent Nexus DPH Exploitation of vulnerabilities on a target state system by introduction of a hostile agent that damages it directly Yes. Introduction of the hostile agent is what causes the harm Yes. There is no intermediary between introduction of the agent and its activation Yes. Intention is clearly hostile Yes Dictation or written provision, to a combatant, of the precise set of commands needed to activate the hostile agent Yes. Harm would not occur but for provision of the commands Yes. Activation is caused directly by the input of the commands Yes. Intention is clearly hostile Yes Design/writing of a specific cyber program Yes. If the program is designed to cause the harm specified No. Any eventual harm that might result is too remote Yes. Potentially, if research takes place with a specific future target or conflict in mind No Provision of regular/routine operational maintenance for the cyber warfare equipment No. Any harm is too remote from mere maintenance No. Routine maintenance does not itself cause any direct harm No. System would require routine maintenance irrespective of its use in conflict No 9

Comparing IDA and Service Work Role Assignments Almost complete agreement on military performers in the following work role categories Team leadership roles Team military planner roles DPH Interactive Operators and Endpoint Exploitation Analyst Cyberspace Combatants (leaders also qualify as combatants) DPH Analyst work roles on the teams, especially on the support teams (NST and CST) IDA assessment positions IG but not DPH; do not justify a military performer USCYBERCOM staffing guidance concurs IG but no need for military performer Services predominantly manning with military performers, often all military Software Engineers/Tool Developers Not DPH. IG or Commercial function? Staffing plans vary from all military performers, to military and civilian performers, to civilian and contractor performers Not an existing military occupation in the Services, nor one commonly employed by the Services IDA selected government civilians as least expensive 10

National Mission Teams (NMT) National Mission Team Force Mix 100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0% Military Civilian Contractor National Security Agency (NSA) USA USN USAF USMC Alternative Cost Estimates All Cost Estimates are Cost to the Government Per Team Per Person % Saved USA NMT $ 8,449,731 $ 145,685 14% USN NMT $ 8,588,139 $ 148,071 15% USAF NMT $ 8,181,285 $ 141,056 11% USMC NMT $ 8,844,553 $ 152,492 17% Alternative NMT $ 7,302,170 $ 125,899 11

Combat Mission Teams (CMT) Combat Mission Team Force Mix 100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0% USA USN USAF USMC Alternative Cost Estimate Per Team Per Person % Saved USA CMT $ 8,365,541 $ 144,233 17% USN CMT $ 8,638,604 $ 148,941 20% USAF CMT $ 8,627,591 $ 148,751 20% USMC CMT $ 9,052,540 $ 156,078 24% Alternative CMT $ 6,915,816 $ 119,238 Military Civilian Contractor NSA 12

90% 80% 70% 60% 50% 40% 30% 20% 10% 0% National Support Teams (NST) National Support Team Force Mix USA USN USAF Alternative USMC is not required to build a NST Cost Estimate Per Team Per Person % Saved USA NST $ 5,185,898 $ 162,059 27% USN NST $ 4,922,250 $ 153,820 23% USAF NST $ 4,300,848 $ 134,401 12% Alternative NST $ 3,780,101 $ 118,128 Military Civilian Contractor NSA 13

100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0% Combat Support Teams (CST) Combat Support Team Force Mix USA USN USAF USMC Alternative Cost Estimate Per Team Per Person % Saved USA CST $ 5,002,729 $ 142,935 35% USN CST $ 5,367,682 $ 153,362 39% USAF CST $ 4,302,765 $ 122,936 24% USMC CST $ 5,740,090 $ 164,002 43% Alternative CST $ 3,273,497 $ 93,528 Military Civilian Contractor NSA 14

120% 100% 80% 60% 40% 20% 0% Cyber Protection Teams (CPT) Cyber Protection Team Force Mix USA USN USAF USMC Alternative Cost Estimate Per Team Per Person % Saved USA CPT $ 6,322,581 $ 162,117 16% USN CPT $ 5,705,727 $ 146,300 7% USAF CPT $ 5,332,282 $ 136,725 1% USMC CPT $ 5,736,964 $ 147,101 8% Alternative CPT $ 5,280,461 $ 135,396 Military Civilian Contractor 15

Summary of Staffing Alternatives Workforce Category Army Navy Air Force Marine Corps Total of All 4 Services Alternative Military 1428 1703 1271 373 4775 3047 Civilian 354 44 329 155 882 2776 Contractor 0 0 115 51 166 0 DoD Total 1782 1747 1715 579 5823 5823 NSA Augmentation 117 113 106 28 364 364 Grand Total 1899 1860 1821 607 6187 6187 The alternative replaces 36% of CMF military personnel and all the contractors with civilians Raises civilians from 15% to 48% of DoD employees 16

Cost Per Person by Personnel Category Cost to DoD Services Alternative Military - Officer $ 168,703 $ 167,594 Military - Enlisted $ 105,202 $ 110,654 Civilian $ 101,109 $ 80,315 Contractor $ 200,306 N/A Full Cost to Government Services Alternative Military - Officer $ 220,613 $ 219,009 Military - Enlisted $ 140,395 $ 146,740 Civilian $ 107,863 $ 85,672 Contractor $ 200,306 N/A Followed DoD Instruction 7041.04 on Manpower Costing Used CAPE FCoM Tool; adjusted some factors Substituted training cost estimate from USAF cyber community IDA alternative largely substitutes civilians for enlisted personnel and contractors Military are more expensive to DoD because of Base Allowance for Housing (BAH), retirement, and training costs Additional costs to the government are largely the tax advantage of benefits and veterans benefits 17

Summary of Potential Cost Savings Annual Cost under Service Staffing Army $ 272,748,940 Navy $ 259,181,088 Air Force $ 238,507,029 Marine Corps $ 87,637,975 Total Force Cost $ 858,075,032 Annual Cost under IDA Staffing Alternative Team Type Requirement Cost per Team Team Type Total Cost National Mission Teams 13 $7,302,170 $ 94,928,210 Combat Mission Teams 27 $6,915,816 $ 186,727,032 National Surport Teams 8 $3,780,101 $ 30,240,808 Combat Support Teams 17 $3,273,497 $ 55,649,449 Cyber Protection Teams 68 $5,280,461 $ 359,071,348 Total Force Cost $ 726,616,847 % Saved = 15% Savings to DoD = $76M = $131M 18

Conclusions Costs $131M in potential savings ($76M to DoD) are available from increased civilianization consistent with DoDI 1100.22 19

Conclusions Further Analysis Need information on team performance or mission success US Cyber Command or the Services should measure the performance and effectiveness of the teams so potential changes to the teams, including the workforce mix, can be assessed. Need to better understand how to support military and civilian career development Can the civilians on the teams be managed as part of a larger workforce rather than four Service civilian workforces? The NSA workforce would provide a useful point of comparison Need to understand whether the compensation systems for military personnel and government civilians attract and retain enough highquality cyber warriors 20

BACK-UPS

Average Military and Civilian Grades Army Navy Air Force Marine Corps IDA Officer O3/W2 O3 O3 O3 O3 Enlisted E5 E5 E5 E5/E6 E5 Civilian GS-12 GS-14 GS-10 GS-13 GS-11 Contractor N/A N/A N/A N/A N/A 22

Comparison of Army and Alternative Costs Army Team Type Requirement Cost per Team Team Type Total Cost NMT 4 $8,449,731 $ 33,798,924 CMT 8 $8,365,541 $ 66,924,328 NST 3 $5,185,898 $ 15,557,694 CST 6 $5,002,729 $ 30,016,374 CPT 20 $6,322,581 $ 126,451,620 Total Force Cost $ 272,748,940 Alternative Team Type Requirement Cost per Team Team Type Total Cost NMT 4 $7,302,170 $ 29,208,680 CMT 8 $6,915,816 $ 55,326,528 NST 3 $3,780,101 $ 11,340,303 CST 6 $3,273,497 $ 19,640,982 CPT 20 $5,280,461 $ 105,609,220 % Saved = 19% 23

Comparison of Navy and Alternative Costs Navy Team Type Requirement Cost per Team Team Type Total Cost NMT 4 $8,588,139 $ 34,352,556 CMT 8 $8,638,604 $ 69,108,832 NST 3 $4,922,250 $ 14,766,750 CST 5 $5,367,682 $ 26,838,410 CPT 20 $5,705,727 $ 114,114,540 Total Force Cost $ 259,181,088 Alternative Team Type Requirement Cost per Team Team Type Total Cost NMT 4 $7,302,170 $ 29,208,680 CMT 8 $6,915,816 $ 55,326,528 NST 3 $3,780,101 $ 11,340,303 CST 5 $3,273,497 $ 16,367,485 CPT 20 $5,280,461 $ 105,609,220 % Saved = 16% 24

Comparison of USAF and Alternative Costs Air Force Team Type Requirement Cost per Team Team Type Total Cost NMT 4 $8,181,285 $ 32,725,140 CMT 8 $8,627,591 $ 69,020,728 NST 2 $4,300,848 $ 8,601,696 CST 5 $4,302,765 $ 21,513,825 CPT 20 $5,332,282 $ 106,645,640 Total Force Cost $ 238,507,029 Alternative Team Type Requirement Cost per Team Team Type Total Cost NMT 4 $7,302,170 $ 29,208,680 CMT 8 $6,915,816 $ 55,326,528 NST 2 $3,780,101 $ 7,560,202 CST 5 $3,273,497 $ 16,367,485 CPT 20 $5,280,461 $ 105,609,220 % Saved = 10% 25

Comparison of USMC and Alternative Costs Marine Corps Team Type Requirement Cost per Team Team Type Total Cost NMT 1 $8,844,553 $ 8,844,553 CMT 3 $9,052,540 $ 27,157,620 NST 0 $0 $ - CST 1 $5,740,090 $ 5,740,090 CPT 8 $5,736,964 $ 45,895,712 Total Force Cost $ 87,637,975 Alternative Team Type Requirement Cost per Team Team Type Total Cost NMT 1 $7,302,170 $ 7,302,170 CMT 3 $6,915,816 $ 20,747,448 NST 0 $3,780,101 $ - CST 1 $3,273,497 $ 3,273,497 CPT 8 $5,280,461 $ 42,243,688 % Saved = 16% 26

REPORT DOCUMENTATION PAGE Form Approved OMB No. 0704-0188 The public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing the burden, to Department of Defense, Washington Headquarters Services, Directorate for Information Operations and Reports (0704-0188), 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA 22202-4302. Respondents should be aware that notwithstanding any other provision of law, no person shall be subject to any penalty for failing to comply with a collection of information if it does not display a currently valid OMB control number. PLEASE DO NOT RETURN YOUR FORM TO THE ABOVE ADDRESS. 1. REPORT DATE (DD-MM-YYYY) 2. REPORT TYPE 3. DATES COVERED (From - To) 4. TITLE AND SUBTITLE 5a. CONTRACT NUMBER 5b. GRANT NUMBER 5c. PROGRAM ELEMENT NUMBER 6. AUTHOR(S) 5d. PROJECT NUMBER 5e. TASK NUMBER 5f. WORK UNIT NUMBER 7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) 8. PERFORMING ORGANIZATION REPORT NUMBER 9. SPONSORING/MONITORING AGENCY NAME(S) AND ADDRESS(ES) 10. SPONSOR/MONITOR'S ACRONYM(S) 11. SPONSOR/MONITOR'S REPORT NUMBER(S) 12. DISTRIBUTION/AVAILABILITY STATEMENT 13. SUPPLEMENTARY NOTES 14. ABSTRACT 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: a. REPORT b. ABSTRACT c. THIS PAGE 17. LIMITATION OF ABSTRACT 18. NUMBER OF PAGES 19a. NAME OF RESPONSIBLE PERSON 19b. TELEPHONE NUMBER (Include area code) Standard Form 298 (Rev. 8/98) Prescribed by ANSI Std. Z39.18

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback