The morning of 29 August 2018, three dozen cryptologic warfare (CW) officers convened at Fort Meade, Maryland, to revamp the Cryptologic Warfare Officer Basic Course (CWOBC). During the process, the group identified something deeper: The Navy is failing its cyber operations forces.

In the Navy, there is no dedicated cyber operations officer career path. In the cryptologic warfare (CW) community, cyber operations is a billet title, but it is not a subspecialty with the training and career path the Navy needs. Solving this problem is integral to the lethality of the Navy operational team, and without a paradigm shift, the service will continue to hemorrhage talent and produce CW officers who are unprepared for war in the 21st century.

Community Failures

CW officers have three core mission areas: signals intelligence (SigInt), electronic warfare (EW), and cyber.(1) Officers develop SigInt expertise in tours at Navy Information Operations Commands and the National Security Agency (NSA) and by embedding with maritime and expeditionary units. Tactical tours with these units also provide fundamental EW expertise. To develop cyber proficiency, CW officers complete operational tours with U.S. Cyber Command’s (USCyberCom’s) Cyber Mission Force and with NSA’s Directorate of Operations.

Like other warfare communities, CW careers follow an established progression. To meet promotion requirements, officers must complete an early “CW tactical” tour. Four additional qualification designators (AQDs) meet the CW tactical requirement—airborne, surface, subsurface, and naval special warfare support—but none of these tours incorporates cyber. Cyber tours do not meet the CW tactical tour requirement.

Therein lies the rub. The CW officer career progression does not acknowledge tactical cyber operations. The fiscal year 2019 lieutenant commander promotion board convening order  declares that CW officers assigned to cyber billets “operate 24/7 at the cyber tactical edge and integrate tactically and operationally with fleet and joint forces in planning and executing operations worldwide.”(2) However, that same convening order also reiterates a CW tactical AQD requirement. Without the tactical AQD, there is no hope for promotion. Yet, with no tactical cyber AQD, CW officers cannot remain within the cyber operational domain for a tactical tour. This career interruption causes cyber-skill atrophy.

In addition to the misalignment between stated goals and promotion requirements, the Navy also lacks a cyber training pipeline for officers. Unless CW officers have specialized experience related to cyber operations, they will not be assigned to a cyber job for their first tours. This policy is a de facto standard established by the CW community detailers, because there is no training pipeline for cyber operations officers.

CWOBC is only six weeks long, with just one week serving cyber topics. This training is inadequate for future cyber operations officers. In contrast, the Air Force has a separate cyberspace operations officer designator and career path, and its officers undergo six months of training prior to their first assignments.(3) Without extensive technical knowledge, first-tour naval officers will not have the skills to succeed in cyber billets. Without specialty degrees, most naval officers will never have the requisite skills to be successful cyber operations officers because the Navy provides no means to develop those skills.

The CW officers tasked with reviewing the CWOBC curriculum discovered these facts and identified comprehensive training requirements. The subset of naval officers serving in cyber billets compiled a list of critical knowledge and skills. Developed independently from outside sources, this basic cyber curriculum requires a six-month training pipeline. While the Navy intends to expand CWOBC to roughly six months, the course still will split focus between SigInt, EW, and cyber. This partial solution will not meet operational needs.

The Impact on Navy Cyber

The Navy’s two functional cyber weaknesses—a misaligned career progression and an inadequate training program—already have affected the CW community. The lack of a career path means the Navy hemorrhages talented officers who want a career in cyber operations. During the curriculum review, the cyber working group comprised only junior officers, 50 percent of whom intended to resign their commissions within the year. They want to serve within the operational cyber domain. The Navy does not allow it.

Compared to the working groups representing national SigInt and fleet operations, the demographic differences were stark. The other groups were staffed by warrant officers, limited duty officers, senior officers, and junior officers. Most had at least a decade or two of experience. These officers pursue careers in the Navy aligned with their warfare expertise. But the Navy’s cyber professionals are forced to abandon their warfare expertise because they lack a career path. Until the Navy addresses this shortfall, it will continue to lose technical expertise.

The lack of career progression and a training pipeline also means CW officers serving in the cyber domain often are unprepared to fight and win in cyberspace. Within USCyberCom’s Cyber Mission Force (CMF), naval officers must dedicate most of their tours to learning how to plan and direct cyber operations. At NSA, naval officers often are sidelined from operations, relegated to administrative functions while better prepared government civilians or Air Force officers plan and direct cyber operations. This is because the Navy is not training its cyber officers to be lethal. The Navy is not training its cyber officers at all.

The Problem

The CW community needs a paradigm shift that challenges these three conventional beliefs:

  • Cyber operations are not tactical.
  • Cyber operations fit within the SigInt/EW model.
  • Naval officers are more effective as generalists and not specialists.

All three beliefs constrain the adaptability and lethality of cyber warfare, and all three are false.

Cyber operations are tactical.

Just like drone missions with remote operators thousands of miles away, cyber operations are tactical. They occur within adversary-controlled territory. Squads of highly trained operators and analysts execute clandestine missions within specialized operations teams. Led by commissioned team leaders, elite units venture deep into enemy territory. They conduct missions to gain a foothold or advantage within that territory. They exfiltrate information, develop targeting data, and when called on, deny and degrade the enemy’s systems and capabilities. The structure and purpose of the cyber force is more synonymous with a combat team than anything else.

Cyber operations do not fit the Sigint/EW model

To say cyber fits the SigInt/EW model is operationally myopic. All three rely on the electromagnetic spectrum, but the similarities end there. A distant cousin at best, cyber operations require different technical skills. During a cyber operation, the level of requisite knowledge is profound. An O-2 responsible for missions deep inside an adversary network lives with daily concerns of detection that might place a four-star in front of the Senate Select Committee on Intelligence. A synonymous burden does not exist within the SigInt/EW realm. Not only is cyber technology strikingly different from that of SigInt and EW, but so are the operational foundations. Cyber operations do not fit within the SigInt/EW model because they provide a combat capability beyond support functions. That is why the Department of Defense declared cyberspace a separate warfare domain when it established USCyberCom in 2009, equal in status to the traditional sea, air, and land domains.

Naval officers are more effective as specialist.

When fighting in a unique technical domain, the specialist always will be more lethal than the generalist. Just consider the naval aviator who specializes in a specific warfighting platform. Cyber officers at the CMF and NSA spend years cultivating skills to plan and direct cyber operations. These skills are steeped in complex technologies, capabilities, tactics, law, policy, and strategy. However, after officers develop cyber expertise, the CW community sends them to ships to conduct SigInt/EW, causing cyber-skill atrophy. In a field where technologies become obsolete within a single tour, skill atrophy compounds exponentially. By requiring officers to be generalists in all three CW mission areas, the Navy dilutes its cyber capability.

The Solution

The Navy must develop a dedicated cyber career path within the CW community or create a standalone cyber operations officer career designator separate from the community. The first approach provides a timely solution to operational problems. By institutionalizing a cyber operations career path, the Navy acknowledges the cyber mission’s specialized tactical nature.

To develop this career path, the Navy first should establish a new tactical cyber operations AQD. Next, CW community managers must update career progression documents—including promotion board convening orders, community vision and guidance, and community briefs—to match the changes. Dozens of CW milestone billets already support such a career path.(4) If a new cyber operations milestone category that captures these billets is created, the career path will reveal itself.

Creating a new career-length training pipeline will be resource-intensive, but it is critical to operational success regardless of which path the Navy chooses. By analyzing the knowledge and skills necessary for accession and milestone cyber operations billets, the community can identify critical training requirements that define the training pipeline.

The second approach involves designing and implementing a cyber operations officer designator. This approach is time-consuming and expensive. It also has the greatest potential for operational success. It ensures the Navy’s cyber forces have the tools, training, and resources to meet urgent and emerging future threats.

A new designator also satisfies Vice Admiral Timothy White’s call for distributed lethality within the Navy’s cyber forces. When accepting command of U.S. Fleet Cyber Command, he observed that “we must and will embrace the notion of distributed lethality and embrace a ‘scene of action commander’ mind-set.”(5) This mind-set requires officers with technical expertise who are trained operational professionals.

The Navy is falling behind in the cyber domain. Naval officers who want to dedicate their careers to cyber operations are leaving the service, and those who remain are forced into jobs that degrade their technical skills. Worse, others are left to ride the operational bench. Two things are certain. First, the Navy’s cyber operations officers must be trained as operational specialists. Cyber lethality derives from technical expertise. Second, the Navy needs to ensure these officers can apply their expertise for maximum effect through uninterrupted career paths in the cyber domain. Lacking a dedicated training pipeline and career path, the service will never develop and retain officers who can plan, direct, and lead its cyber forces. The Navy must make rapid changes today to cultivate cyber expertise that will secure its operational cyber capability for the future.

  1. U.S. Navy, “Order Convening the FY-19 Promotion Selection Boards to Consider Officers in the Line on the Active-Duty List of the Navy for Permanent Promotion to the Grade of Lieutenant Commander,” 1 May 2018.
  1. U.S. Navy, “Order Convening the FY-19 Promotion Selection Boards to Consider Officers in the Line on the Active-Duty List of the Navy for Permanent Promotion to the Grade of Lieutenant Commander,” 1 May 2018.
  1. U.S. Air Force, “AFSC 17X Cyberspace Operations Officer Career Field Education and Training Plan.” 1 June 2015.
  1. Commander, U.S. Tenth Fleet, “Designation of Cryptologic Warfare Milestone Billets,” 1301.
  1. U.S. Navy, “U.S. Fleet Cyber Command/10th Fleet Holds Change of Command.” 19 June 2018.

Lieutenant Karpf is a cryptologic warfare officer in the U.S. Navy. A 2015 graduate of the U.S. Naval Academy, he holds a master of science degree from the Massachusetts Institute of Technology, where he studied computer networks and cyber policy.

This paper can be found at: Proceedings Magazine – February 2019 Vol. 145/2/1,392