RADM Gretchen Herbert is commander of Navy Cyber Forces (CYBERFOR), with 500 sailors and civilians at its headquarters responsible for the Navy’s afloat and shore cyber and communications personnel and systems.
Navy Cyber Forces was established January 2010, with VADM Denby Starling dual-hatted as commander of CYBERFOR and the Naval Network Warfare Command. A realignment under then Chief of Naval Operations Gary Roughead made CYBERFOR a subordinate command to Fleet Forces Command with responsibility for manning, training and equipping all Navy forces work in signals intelligence, cyber, electronic warfare, information operations, intelligence, networks and space.
CYBERFOR is a Navy Type Commander at the same structural level as ships, submarines and aircraft, and is based at Joint Expeditionary Base Little Creek-Fort Story, Virginia Beach, Va. Herbert spoke to Defense Systems Editor-in-Chief Barry Rosenberg about modernization and the challenges of simultaneously operating new and legacy systems.
DS: So much of what Navy Cyber Forces manages is communications hardware and software, and other IT systems. But you don’t hear about the Navy resetting its systems after deployment like the Marines or Army do with their radios and other hardware when they return from deployment. So what does reset mean to Navy Cyber Forces?
Herbert: I am going to answer that in two ways, and I think that’s a great way of framing how the cyber domain is much like the other domains in the other services, and then also how it differs. So the first question: Is our equipment well used on a deployment, and does it need to be upgraded with new technology and new systems? Absolutely.
A lot of our major equipment upgrades and changes occur after units come back from deployment and are unavailable or in the shipyard. That said, there is also not a down period with many things when you are talking about communications and cyber.
Something my boss ADM John Harvey at U.S. Fleet Forces Command has really instilled throughout the fleet is the understanding that you are operating forward at the tactical edge, regardless of where you are in that fleet deployment cycle.
Whether you have just come back, whether you are still in the yards, whether you are just starting your basic training, or you are at that pointy end of the spear, you are really always at the tactical edge in the network and cyber realm.
And that’s the duality of it. Yes, we do have periods where we are able to groom and upgrade our systems, but if you are operating and if you are integrated with the network, quite frankly, you are operating right there in the same advance domain as if you are forward supporting combat operations.
DS: Sure, you can’t send out an e-mail asking to suspend tactical operations while the network is down for routine maintenance.
Herbert: Well, that’s one, and the other is the vulnerability part. You are not necessarily thinking you are vulnerable to antisubmarine warfare threats, or mine countermeasure threats or cruise missile threats here in CONUS.
Certainly as a unit goes forward into different contested areas their threat posture increases in parallel. But here with the network, quite frankly, right now I am just as susceptible or just as attractive to a determined cyber adversary than if I was out in the Arabian Gulf or in the South China Sea conducting operations in our forward deployed areas.
DS: Describe an equipping challenge for Navy Cyber Forces.
Herbert: One is the balance between C5I modernization that brings more current, capable and robust equipment to our units, and sustaining the legacy gear that we have until units are fully modernized.
That’s one of the more complex challenges we have in the Navy ... more so than some of the other services might recognize. Doing major network upgrades for a ship is not something that you can do when that unit is pier side for a couple of weeks. It takes a major shipyard availability to do some of the very significant modernization of C5I gear.
So across the fleet you have various stages of modernized equipment and legacy equipment that we need to maintain and sustain to ensure that, a ship with modern gear can still talk, communicate and interoperate with a ship with less-modern gear, and also still have that ability to interoperate combat systems and reach back to the shore. So one of our most complex and constant demands is balancing modernization versus sustainment for our fleets.
DS: Isn’t that what the Consolidated Afloat Networks and Enterprise Services (CANES) program is supposed to address?
Herbert: One of the great things about CANES is it is separating out the need to bring new hardware every time something is upgraded. It is part of the vision of having a computing backbone and a common computing environment.
New capabilities and software reside on that common computing environment. That allows for much more rapid and responsive upgrades than hard-wiring servers and boxes. So that is one of the objectives of CANES and it will help reduce the variations of different gear we have.
It will help ensure more configuration management across the fleet, and it will take less time and sweat equity for our sailors to operate and maintain.
DS: Sure, and applies to better cybersecurity, as well.
Herbert: It’s not just having the sensors and the software in the equipment to protect and defend our networks. It’s also the training for out folks all the way from the deck-plate sailor or those in charge of administering the network, all the way up to our senior leaders.
This is a domain that is fast changing, and we have a lot of people that did not grow up in this environment. So getting a better awareness and of not only the complexity, but also the importance of doing some of what might seem to be more rote network security practices is very important.
DS: Navy Cyber Forces is one of the few organizations to use the C5ISR term, instead of the more usual C4ISR. What’s your fifth C?
Herbert: Combat systems.