More than 40 members of a congressional staff delegation got a close look at cyber education offerings at the National Defense University and U.S. Army Cyber Command and Second Army's role in defending cyberspace during a recent presentation at NDU's facilities at Fort McNair in Washington, D.C.

Ret. Rear Adm. Janice Hamby, chancellor of NDU's iCollege, told the group that cybersecurity is one of DOD's greatest challenges.

"Our adversaries are nation-states, non-state actors, criminals and individual hackers. We are protecting data," said Hamby.

She described the student's role in cybersecurity education as an opportunity "to walk the terrain on which the battle is fought" before they are engaged in the fight. The iCollege helps by educating and preparing military and civilian leaders and advisors to develop and implement cyberspace strategies and leverage information and technology to advance national and global security.

Col. Maureen J. O'Connor, director of ARCYBER's operations division (G-3), joined by several Soldiers from the 780th Military Intelligence Brigade, provided an overview of the command's mission and its development since its activation.

"U.S. Cyber Command was created in 2009," said O'Connor. "Army Cyber was activated in 2010, and we are growing as we go. Our focus has been on developing individuals, identifying key cyber terrain, databases that may be located anywhere."

Developing cyber forces has compelled military leadership to ask hard questions, said O'Connor. "What does 'the cyber domain' mean? What do we need to do to protect it? How do we integrate cyber teams into an operation with an ever-changing environment?

"The reality is that the threat is growing more disruptive and destructive. We owe it to our nation to provide trained and ready forces."

780th MI Brigade Command Sgt. Maj. William M. Rinehart talked about growth in the cyber forces and the challenges of training and retaining Soldiers in Army cyber Military Occupational Specialties.

"In the early days, we started with a force of about 88 Soldiers and civilians, which we've now grown to 1,500," said Rinehart.

"It takes about two years to produce trained [enlisted Soldier] operators, from the time that they enlist, undergo basic training, MOS training, and develop as they perform in their initial unit. That leaves about two more years of service in an initial enlistment.

"Retention starts with a Soldier's desire to serve, coupled with professional development and most recently, incentive and special duty pay," said Rinehart. "We have some of the most highly trained operators."

"The Soldiers have a passion for what they do," said O'Connor. "It's important for the Army to be able to provide the tools and the infrastructure. This is a force we need for our nation."
Rinehart admitted, though, that keeping Soldiers in the cyber ranks can be difficult. "It is a challenge. The competition from U.S. government agencies and from private industry is tremendous," he said.

Rinehart and Hanby stressed to the congressional staffers that cyberspace operations are a joint military effort.

"We are moving to the joint information force," said Rinehart. "We provide forces for the combatant commander. We also have to defend our own networks."

"That this is a joint fight is extremely clear," added Hamby. "Education is one of the most powerful means to bring diversity of thought."

From the overview, the group moved to the exercise labs.

Dr. Dan Chen, a professor in cybersecurity at NDU, led a simulation that underscored the importance of understanding the threats, risks and vulnerabilities of cyberspace. The demonstration showed how a hacker can breach a network and gain information through keystroke logging, which lets the intruder install a malicious application on a targeted computer.

All systems have vulnerabilities, Chen told the congressional staff members, and the exercise allowed the group to experience the types and levels of risks systems face. Putting themselves into the role of a hacker, they were challenged to determine the greatest threats and the best solutions to mitigate them.

Dr. John Saunders, also a professor in cybersecurity at NDU, gave the group a demonstration of supervisory control and data acquisition, a system of coded signals over communication channels that allows equipment to be controlled remotely.

Using the example of a municipal water supply system, Saunders showed how a network intruder could alter the water flow and control a drawbridge remotely to disrupt marine traffic.