The firefight is now in cyberspace, and Army forces are gearing up to throw down.Army leaders emphasize, however, that the technology used to fight the battle is not as important as the people who use it. Attracting, keeping and “growing” smart, mentally agile soldiers, civilian employees and leaders are the keys to achieving U.S. military overmatch in cyberspace.The idea, expressed in October at an Institute of Land Warfare panel discussion on building Army cyber forces by BG(P) George J. Franz III, “is to encourage a forum where an E-1 with a good idea can trump an O-6 with a bad idea.” Frank is director of current operations and the Cyber National Mission Force at U.S. Cyber Command.Getting to the rank-trumping point involves creating an environment in which there is a free exchange of ideas, much like at top technology companies (Google is usually mentioned somewhere in the reference). Absent, of course, are six-figure paychecks, game rooms, sundae bars and facial massages, and it must be achieved while keeping to the military standards of discipline, respect, physical fitness and the like.COL Jennifer G. Buckner agreed with Franz, adding, “This is a mission space which really does afford a unique opportunity within the Army.”She commands the 780th Military Intelligence Brigade—the Army’s first cyber brigade, considering the unit’s decade-long, cyber-oriented lineage—and said a soldier’s skill set can trump rank in her unit in regard to the mission assignment, calling cyber organizations on the whole “as close to a meritocracy” as there can be in the Army.“We have specialists who are performing missions today of national and strategic significance because they are very good at what they do,” Buckner said.To get the most out of her soldiers and keep them, Buckner employs a decidedly non-military concept and term: “talent management.” Part of that means crafting specialized training and education opportunities, often to meet the aspirations of an individual soldier, while playing for long-term benefits to the Army.Based on advice she received from a previous 780th commander, she likened the process to creating “a Google-like atmosphere in a military unit,” adding an important cyber battlefield distinction: “We’re in contact every day; we’re in the fight every day.”Within the Army, a hybrid military intelligence-signal-information operations headquarters is leading the overall effort: U.S. Army Cyber Command/Second Army (ARCYBER). Throughout DoD, network defenses and other measures have been taken to protect against cyber attacks, but the U.S. military’s broad objective is not to hunker down and fend off attacks. It is to become the hunter, not the hunted. New weapons and skills are being crafted. Reinforcements for the fight are being assembled in deployable teams.Think of the current cyber force in terms of the Army’s Tank Corps that emerged from World War I: astonishing new and powerful weapon capabilities (which, to the horse and foot soldiers of the time, were misunderstood and threatening) with the core of doctrine and tactics development ahead of it and a relative handful of converts and experts assembled in the cause.Culturally, a major challenge is expressing cyber doctrine in ways that commanders and soldiers can understand it. According to Franz, cyber doctrine must “translate into military terms.” The four primary military cyberspace actions correlate with traditional missions, he said: defense, attack, intelligence, surveillance and reconnaissance (ISR); and operational preparation of the environment.The translation correlation can go further by encouraging soldiers to envision cyber security in familiar, applicable ways. They should look at cyber defense as they would an established base defense situation—for example, seeing it as a layered defense in an environment where every cyber connection is an avenue of approach.Surrounding the base is a perimeter fence, the network defense—theater level, in this instance—to illustrate cyber defenses that put up a substantial barrier (software defenses and hardware firewalls) with guards in the towers keeping watch around the clock. Farther out are trip wires to detect an incoming threat, perhaps with minefields to divert a massed force into a trap where it can be counterattacked.Far over the horizon are scouts, special operations forces and long-range ISR assets (at the combatant command or national level) to detect hidden threats—even rumors of threats found in Internet chatter—by gathering intelligence, infiltrating their lines and eliminating those threats in a shadow cyber war.With all that support, however, the base commander still needs defenses inside the perimeter (router security, local firewalls, strong passwords and the like) with soldiers trained, individually and collectively, in cyber defense for the close fight.Plans call for U.S. Cyber Command to create, equip and train 133 cyber teams among the services. More than two dozen of them will be earmarked for joint combatant command headquarters duty. The rest will be established within the service component, specialized to degrees but able to operate in a joint environment under common standards.Regardless of service affiliation, commanders should consider cyber team employment in the same way they came to view and use joint terminal attack controllers in Iraq and Afghanistan—able to hammer an enemy with a bevy of call-in assets to quickly gain tactical control of a dangerous situation.While tactical battlefield cyber support teams can save your butt, the 1st Information Operations (IO) Command (Land) is an example of capability diversity and specific mission capabilities. Operating under ARCYBER, the command has two battalions and a U.S. Army Reserve element. Its 2nd Battalion specializes in exercise training support, fielding a cyberwar opposing force (Red Team) element that directly challenges units in IO force-on-force exercises. Its Blue Team (friendly force) checks units’ vulnerabilities and specializes in delivering operational security (OPSEC) assessments while providing IO planning support and OPSEC officer certification.The command’s 1st Battalion also has a training function, primarily specializing in unit vulnerability assessments, and it also employs a Red Team—but its Red Team is sneaky. According to the command’s website, 1st Battalion’s Red Team assessment support comes “in the form of emulating adversaries’ information operations against the organization [by conducting] open source research [and] Dumpster diving.” Think about cyber “dumpster diving” as looking for information scraps that soldiers throw away or leave around—bits and bytes that add up to a larger haul. The Red Team also conducts social engineering scenarios and “surreptitious entry to facilities of friendly forces.”Other teams within ARCYBER provide direct support for defensive and offensive action, and many of them will serve as deployable teams attached to Army organizations. (Teams have been working alongside units in Afghanistan through a cyber-force “surge” effort to provide them with requested support.)Most soldiers and civilian technicians come to ARCYBER from the Military Intelligence and Signal branches, signifying support and cooperation from the U.S. Army Intelligence and Security Command and the U.S. Army Network Enterprise Technology Command in organizing the cyber-committed force structure—which, under different circumstances, could have been a prolonged turf battle. In turn, the importance of upgrading and enlarging the Army’s cyber force is signified by the fact that manpower, operations and maintenance funding is generally being taken out of hide with no funding increases to cover those costs in a time of budget anxiety and austerity.ARCYBER currently is colocated with U.S. Cyber Command at Fort George G. Meade, Md. In addition to the 1st IO Command (headquartered at Fort Belvoir, Va.), it has the 780th Military Intelligence Brigade at Fort Meade and elements of the 7th Signal Command (Theater) at Fort Gordon, Ga., under operational control.Army officials recently announced a decision to shift ARCYBER to Fort Gordon with plans to break ground for a new headquarters in 2016 to consolidate staff and support elements from several locations around the Washington, D.C., area, primarily Fort Meade and Fort Belvoir, and colocate with 7th Signal Command while getting its people into modern, purpose-built facilities. When the move is finished, ARCYBER is expected to have approximately 1,200 soldiers and civilian employees at Fort Gordon who will oversee and support about 21,000 Army cyber personnel around the world.It has been a quick trip. ARCYBER only became operational in 2010.DoD’s sprint to create cyber forces stems from a U.S. national security determination made public in 2009, which asserts that the laws of armed conflict apply to the cyber world as they do to the physical world. An attack on the United States’ cyber infrastructure, causing mass casualties and widespread damage, would be considered the same as an aerial bombing with similar effect. A finding as to what specific degree of attack would constitute an act of war is ongoing, accepting the tact of “we’ll know it if we see it” in the meantime.Taking down the East Coast’s power grid would fit into the general construct. Goofing up a city’s website? Probably not. There also is the unanswered question: When could an attack on a civilian commercial entity, such as a financial institution, elevate to a national security concern?The precise position of America’s line in the silicon remains murky, but depending on the severity of an attack, America’s response would remain flexible, ranging from condemnation or economic sanctions to missile launches.The national security finding covers only traditional nation-states to which traditional diplomacy and war acts apply, not cyber terrorists, criminals or individual nut cases.With cyber defense and territorial defense intertwined, however, President Obama directed establishment of U.S. Cyber Command in 2009, placing it under U.S. Strategic Command, which also commands the bulk of America’s nuclear arsenal.U.S. Cyber Command is headed by Army GEN Keith B. Alexander, who also is the director of the National Security Agency (NSA) and chief of the Central Security Service. The administration recently decided to keep that multi-hat command structure despite the highly charged political and public atmosphere in the wake of Edward Snowden’s NSA leaks.The decision confirms the basic reasoning for setting up the national Cyber Command that way—that the threat is so high and is coming from so many directions that the United States must present a consolidated defense and bring all guns to bear.