By LT COL Edmund Wunsch, CO 3 CSR
1. The Australian Combat Brigade (CB) should expect that all future operations will be conducted in a complex Information Domain where Cyberspace is congested, contested, connected and unconstrained, and similarly, manoeuvre in the Electro Magnetic Spectrum (EMS) will be uncertain and highly contested. Use of Cyberspace and the EMS is essential to enable decision superiority in a modern complex battlespace. Simply, this means the ability to protect and defend the CB's networks and mission systems to enable Command and Control (C2) and passage of information; provide some level of assurance for use of the EMS for C2 and Situational Awareness (SA); and disrupt our enemy's use of Cyberspace and the EMS to negate their ability to make the right decisions, at the right time.
2. Although this concept is common-sense, up until now, the Combat Signal Regiment (CSR) has not been designed with these functions in mind. Some would argue that we are already protecting and defending our networks and mission systems educated individuals would argue we are not. Likewise, our management and use of the EMS through Battlespace Spectrum Management (BSM) is haphazard and most don't realise the fragility of spectrum use outside of Australia, let alone the threat when fighting a near-peer enemy. These capabilities form the basis for the CSR to conduct Information Warfare (IW). 3. Scope - This paper is written as an original thought piece to inform future force design by suggesting how the CSR might be enabled to fight in congested, degraded and contested Cyberspace and EMS environments. The views detailed in this paper are the author's and capabilities described are aspirational and are in no way reflective of current capability or intent.
4. This paper will outline how the CSR might conduct Cyberspace Operations as part of the overall IW fight in support of the CB.
Cyber Space Operations Doctrine
5. Due to the relatively new focus on Cyberspace Operations, the lexicon and understanding of Cyberspace Operations functions is a problem in the ADF. To set a baseline for progression, the US Joint Publication 3-12 (R)1 is open source and is a good guide on Cyberspace Operations. The US considers Cyberspace as the 5th Domain, whereas Australian joint doctrine has Cyberspace and the EMS as environments within the Information Domain. For a better understanding of where Cyberspace Operations might fit within the Army setting, the US Army doctrine FM-38 Cyber Electromagnetic Activities 2014 (CEMA)2 describes the interaction between Electronic Warfare (EW) and Spectrum Management Operations.
Cyber Space Operations in the Comabt Brigade
6. Australia is still grappling with the concept of Cyberspace Operations, as are the majority of the world's militaries. We are yet to define our capability needs and requirements, and consequently have no defined path to realising a true Cyberspace Operations capability. It would be fair to say that Cyberspace Operations are actually not new and we have been doing components of the function for as long as we have been operating networks. What is abundantly clear, however, is that the threat and environment is changing such that we can no longer ignore the problem and expect to have unimpeded use of Cyberspace in future conflicts. One needs to conduct only a basic open source literature review of the Cyberspace threat from state, state-sponsored, and non-state actors to see the growth in capability investment and actual debilitating effects operations in Cyberspace can have on a fighting force. RA Sigs, and the CSR in particular, have a major part to play in enabling CB to protect and defend its networks and mission systems - this must be the priority. Without having these basic passive functions in place, the Combat Brigade will not be able to perform C2. The analogy to use is that the force will not even make it to the Assembly Area to conduct our core role of engaging with the enemy and warfighting. Clearly, the CB is only one part of the joint capability that may be operating in a coalition. The CB must therefore be integrated with Cyberspace Operations across Joint, strategic and coalition.
7. Cyberspace is a non-discretionary environment: operations in cyberspace will not exist in isolation and Cyberspace Operations will be a key component of all future conflict. Cyber Security forms the basis for overall Cyberspace Operations and is essential for the Defensive Cyberspace Operations (DCO). Army has the responsibility for the security and defence of its networks and mission systems including deployed nodes. In a CB setting, this responsibility falls to the CSR and all existing System Administrators would need to increase their role in performing the Cyber Security function. In order to manage, control and provide Subject Matter Expertise to the overall Cyber Security function within the CB, it is proposed that this function is overseen by the Cyber Security Section (CySS). This Section would manage and conduct Cyber Security tasks including: certification and accreditation; compliance and Vulnerability Assessments (VA); Information Assurance (IA - data confidentiality, integrity, assurance, as well as user/entity authentication and non-repudiation); cyberspace intelligence support; data recovery and basic forensics analysis. Key for the CySS is the ability to provide cyberspace incident response and management through 'Protect' functions for networks and mission systems, 'Detect' threats though vulnerability scanning, 'Respond' to threats and 'Sustain' and recover the capability.
8. Noting that the CySS will perform the Cyberspace Protect function for the CB, the Cyberspace 'Defend'
function should be performed by a Defensive Cyber Team (DCT) which initially would be force assigned to the CB in support of FORGEN or OPGEN. This DCT provides active defence capabilities and is linked with Joint,strategic and Coalition DCO capabilities. Key to the success of the DCT will be integration of the CySS and an understanding of the CB as it defends the CB's networks and mission systems against specific threats in support of the CB mission. Essential for this defence is integration with the CB and a clear understanding of the CB Scheme of Manoeuvre and how Cyberspace Key Terrain (CKT) may be defended in support of the mission. In addition to the passive Defend functions provided by the DCT, active Defend options could also be employed either organically or more than likely through Joint or Coalition capabilities in order to respond to an enemy's ability to disrupt our use of Cyberspace. The creation of the 3-4 person CySS would be new growth as there is no identified offset within the current CSR structure.
Battle Space Spectrum Management
9. Like Cyberspace Operations, BSM is not a new concept for RA Sigs. For example, the ideas behind counter - C2 were discussed amongst RA Sigs in the 2000's, but the capability to enable this function was never fully realised. A big push for the BSM capability was the threat posed by Remote Controlled Improvised Explosive Devices (RC-IED) and the increasing clutter in the EMS. Functions of BSM that are essential for a CB include: spectrum survey; spectrum deconfliction and management; Force Protection Electronic Counter Measures (FP-ECM); and Force Protection Operational Security (FP-OPSEC). At a basic level, the CSR needs the ability to provide an assured level of spectrum use in a foreign and contested battlespace. Like Cyberspace Operations, this function cannot be done in isolation and must be integrated with Joint, strategic, Host Nation and coalition spectrum organisations. As it stands today, a CSR has very little ability to monitor and provide spectrum assurance for the CB. One could argue that the CSR currently only has the ability to provide basic management of tactical RF used for communications. The problem of assured EMS use is exacerbated when deployed in a foreign, contested battlespace whilst potentially operating in a coalition environment.