Stories‎ > ‎

Cyber Leader Development Program: Developing Tomorrow’s “Cyber-Savvy” Officer Today

posted Feb 19, 2017, 3:14 PM by Clara   [ updated Feb 21, 2017, 12:46 PM by Michael Lenart ]

By Jason M. Bender

The establishment of U.S. Cyber Command (USCYBERCOM) and Army Cyber Command (ARCYBER) in late 2010 highlighted the necessity of understanding cyberspace as an operational domain and how to integrate it with traditional warfighting. Two of the most candid articles in the past six years – both published in 2015 – cite an article Small Wars Journal published for me in 2013, an article that voiced frustration by offensive cyber operations planners regarding a disconnect between the cyber and operational communities.1 In their articles, Martha VanDriel and Natalie Vanatta further emphasize that operations in the physical domains are heavily reliant on cyberspace and can be easily disrupted by ignorance of cyberspace operations basics. Further, operational staffs at all levels still need professional military education and self-study to better understand effects that can be brought to bear in the physical domains from cyberspace.2

A number of recent articles emphasize the need to develop expert and capable cyber operators – officer and non-commissioned officer alike – and discuss the necessity of where, which, and how much training is needed to do this. A recent article in Army magazine posits that many of the officers transferring into the cyber community from the operations branches do not understand cyber or possess any sort of operational background that might help the cyber community. The article further comments that “[g]iven the carryover from their legacy branches and the necessarily strong emphasis on technical versus tactical expertise, the vast majority of junior cyber officers are not prepared to assume such a role” without substantial preparatory professional education. This thus presents a transitional dilemma to both the branch and the community as these officers pass through education and training required to get them to the point of technical and operational proficiency.3

After publishing my original article I left the cyber operations community to be the Professor of Military Science at the University of Cincinnati, refocusing my professional efforts to recruit, develop, and commission Army Second Lieutenants. It did not take long to realize that, where the military services struggle to develop cyber understanding in their existing enlisted and commissioned ranks, an opportunity exists to develop some of that understanding at the pre-commissioning programs (i.e., service academies and Reserve Officer Training Corps (ROTC) programs). Rather than aiming solely to create officers whose formal branch is Cyber, the Army can more generally create cyber-capable, or “cyber-savvy,” officers who accede into a variety of branches. This realization led me to reach out to friends at the Army Cyber Institute (ACI) located at the U.S. Military Academy (USMA) to inquire about their creation of a Cyber Leader Development Program (CLDP).4

USMA’s CLDP design provides “800-plus hours of cyber-related education, development, and experience outside of the traditional classroom environment.”5 In other words, USMA’s CLDP goes above and beyond the standard academic education that West Point cadets receive to further broaden and develop these future Army officers, and this is done pre-commissioning. ACI’s CLDP provides USMA cadets with opportunities to participate in cyber-related internships, to attend cybersecurity-related symposiums and conferences, and mandates participation in a regularly meeting “student club” equivalent that reinforces skills and concepts learned and promotes curiosity and enthusiasm for things cyber. On top of all of this, each USMA CLDP cadet is the recipient of targeted mentoring by USMA faculty and ACI personnel. At accessions (i.e., branch assignment), USMA CLDP participants are considered for Cyber, Military Intelligence (MI), and Signal branches if that is what the cadet wishes. Just as many choose Infantry, Armor, or Aviation irrespective of their major. The point, however, is that regardless of what the USMA CLDP cadet branches at commissioning, they are generally “cyber savvy” and will likely remain that way for the remainder of their military career, whether that includes remaining in their branch, transferring to the Cyber branch at some point, or separating from the service.

USMA’s CLDP is matched by U.S. Army Cadet Command (USACC) at only a handful of senior ROTC programs. At best, a small handful of ROTC cadets are accepted annually to national cyber-related internships managed by USACC every summer, or they might participate in university sponsored co-operative internships if their major program incorporates it.6 Mentorship while on campus is at best hit-or-miss, and based entirely on whether ROTC detachment cadre have relevant experience in the cyber operations community. Given the mismatch of opportunities between USMA and ROTC, it makes sense to implement CLDP at those universities with robust cyber-related majors and better develop and prepare ROTC cadets to integrate cyberspace operations into the operational environment they will experience after graduation. Whether those ROTC cadets choose to branch Cyber, MI, or Signal, or are branched Infantry or Military Police, they will have a better understanding of cyber-related concepts than their non-CLDP counterparts who take nothing beyond their university core or major requirements. Despite recognition by a handful of senior ROTC program Professors of Military Science (PMS) who implemented CLDP at their respective universities, U.S. Army Training and Doctrine Command has yet to adopt basic cyber education in the Basic Officer Leader Course – A (BOLC-A) curriculum. Additionally, USACC has not implemented CLDP more widely, despite the obvious benefits to the Army in creating cyber savvy officers.7


Challenges faced with building cyber ‘savvy’ leaders

Army leadership struggled with the decision to create a new Cyber branch. However, after four years of fighting among the Army’s signal, intelligence, and operations communities, the Secretary of the Army established Cyber as a basic branch (Operations Career Field 17) on August 21, 2015. The branch was headquartered at Fort Gordon, Georgia at the U.S. Army Cyber Center of Excellence, where the Cyber School resided alongside the Signal School.

Despite the step forward in creating the Cyber branch, the Army continues to struggle with identifying and assigning personnel capable of operating under two masters – the cyber and operational communities. What’s more, this problem is compounded by cyber and maneuver personnel’s mutual lack of understanding of each other’s areas.8

At the most basic level, Army branches are designed to fulfill the needs of the Army from the point of accession to the point of separation and provide a steady stream of educated, experienced, and developed branch-specific specialists. These branch specialists are assigned at the tactical to strategic levels, to the operational to institutional parts of the Army, and even to enterprise, joint, interagency, and multi-national settings to bring their expertise to bear for the benefit of others. Yet it remains difficult to “[grow] competent, confident, self-aware leaders who are prepared for the challenges of the future in combined arms joint, interagency, intergovernmental and multinational (JIIM) operations.”9 Doing this requires an awareness and understanding of cyber operations and effects – which the basic branches rarely provide, as they remain focused on addressing branch-specific competencies.

Personnel assignments at both ARCYBER and USCYBERCOM continue to be top-heavy (i.e., senior company grade, field grade, and warrant officers, and senior non-commissioned officers). This forces recognition of a branch structure that represents a diamond standing upright on its tip rather than a pyramid like most Army basic branches. Where some argue that the existing branch structure and manning meets the Army’s readiness needs, this argument is contingent on the pyramidal basic branch structure where far fewer lieutenant colonels are needed than majors, far fewer majors are needed than captains, and fewer captains are needed than lieutenants. Attrition as officers progress up the basic branch pyramid is a result of self-selection, non-selection for promotion, or deliberate administrative separation.10 Some of this attrition will result in basic branch officers transferring to the cyber branch, but as already mentioned, some of them simply do not have the education or bona fides to qualify for selection.

Beginning its growth, the Cyber Branch accessed thirty cadets – fifteen each from USMA and ROTC – over the past three accessions cycles (Fiscal Years 2015 – FY 2017). Unlike infantry, armor or field artillery second lieutenants who face less than six months of Basic Officer Leader Course (BOLC-B) training before reporting to their first operational unit, the new cyber second lieutenants face a pipeline of training that in some cases stretches out to two years before they are considered qualified to perform their duties at their first assignment.11 Even with that, they will still not be the subject matter experts in offensive or defensive cyber operations at the operational levels for many years. This unavoidable delay in providing cyber expertise to the overall force underscores the need to improve the basic cyber savviness of non-cyber officers.

As mentioned previously, the Army Cyber Branch’s current structure makes it so that more captains and majors are needed than lieutenants. Given the minimal accessions as compared to the basic maneuver branches, it will be some time before Cyber Branch is fully capable of meeting the Army’s needs at the upper tactical and operational levels. It may be up to five years or longer before the Army reaches a minimum number of fully capable personnel (i.e., trained and experienced) who can effectively apply cyber capabilities to support field commanders’ needs, intent, and guidance. This, more than anything else, emphasizes the need for traditional maneuver and operational support basic branch officers to educate themselves on cyber basics and, once identified through assessment or self-identification, transfer the best candidates into the Cyber Branch at the captain and major ranks. It also speaks of a need for standardized professional military education at the basic branch schools and the Command and General Staff College to build a general understanding of cyber operations across the force, but especially in the operations career fields.12

As important as this is, however, something even more beneficial can be done.

 

Building a ROTC CLDP 

Army ROTC has produced nearly seventy percent of the Total Army’s second lieutenants over the past 100 years.13 With only half of the Cyber branch accessions over the last three fiscal years, though, ROTC is proportionally underrepresented. This indicates that USMA cadets have benefited from CLDP in a way that ROTC cadets – having no such program – have not.

Having learned of CLDP, a fellow PMS and I travelled to USMA to visit ACI in early 2015 to determine the best way to replicate CLDP at our respective university ROTC programs.14 Working with peers from ACI and the U.S. Army Cyber School, we collaborated and designed an ROTC CLDP concept easily reproduced at any ROTC program at which there are ROTC cadets pursuing cyber-related majors, related academic minors, or who have purely personal interest.15 Following USMA’s CLDP requirements, we recommended the following requirements for Army ROTC CLDP:

• Major or minor in a cyber-related discipline (e.g., computer science, information technology, computer or electrical engineering, systems engineering with focus on cybersecurity), or mathematical sciences (with a focus on cryptography and discrete math);

• Cyber-related internship of at least three weeks (e.g., at the Department of Defense, Army, intelligence community, private or public sector organization, or national laboratory);

• Participation in an extra-curricular cyber club or study group for two cumulative academic years (e.g., Association for Computing Machinery’s Special Interest Group for Security, Audit and Control (SIGSAC); Cadet Cyber Competitive Team);

• Attendance at a cybersecurity training opportunity or conference; and

• Participation in an ACI-approved cybersecurity capstone project or competitive event.16

We also recommended that USACC add a CLDP coordinator – an officer from Cyber Branch Proponent – in a similar fashion to the ROTC brigade nurse coordinators, and we identified opportunities for the Simultaneous Membership Program (SMP) employed by ROTC with the U.S. Army Reserve and Army National Guard. SMP cadets are paired with U.S. Army Reserve and Army National Guard (ARNG) units and are assigned a military occupational specialty as they pursue their commission through ROTC. The intent behind this is to leverage the professional military education and training opportunities in nearby MI, Signal, and Cyber units.17

 

Concept to Reality – University of Cincinnati Army ROTC CLDP

Putting all of this into play, University of Cincinnati (UC) Army ROTC instituted CLDP in the spring of 2015 with eight cadets pursuing cyber-related majors and minors. Partners in this effort included UC’s Department of Electrical Engineering and Computing Systems (College of Engineering and Applied Science (CEAS)); School of Information Technology (College of Education, Criminal Justice and Health Sciences (CECH)); School of Information Systems (College of Business; Department of Operations, Business Analytics and Information Systems); and Department of Political Science (College of Arts and Sciences). As it was, the National Security Agency (NSA) designated UC’s Department of Electrical Engineering and Computing Sciences in late-2014 as a Center for Academic Excellence (CAE) – Cyber Operations, and the School of Information Technology secured the NSA designation as CAE – Cyber Defense Education in the first half of 2016.18 Where only fourteen schools nation-wide hold both NSA designations as CAEs for Cyber Operations and Cyber Defense Education, University of Cincinnati remains the only university in the nation to hold both NSA CAEs and have a resident ROTC CLDP.

In implementing CLDP at UC, the immediate focus was to secure cyber-related internships for CLDP participants. Fortunately, the computing sciences (CS), electrical engineering (EE), and information technology (IT) tracks in UC’s CEAS and CECH benefit from integrated, experienced-based learning and career education programs (i.e., ‘co-operative’ internships), something that UC itself pioneered more than 100 years ago.19 In working to secure internships for the non-CS, -EE, or -IT CLDP participants, we relied at first on USACC centralized summer Cadet Professional Development and Training (CPDT) internship opportunities. In doing this, we quickly realized that rising third-year cadets were at a disadvantage in competing against the rising fourth-year cadets who attend Advanced Camp and then participate in follow-on training or internships at Army units and joint headquarters throughout the world. This led to developing relationships with the Ohio ARNG in spring 2015 and securing the first unpaid internship for a rising third-year CLDP cadet with the Columbus, Ohio-based Cyber Protection Team during the summer of 2015. In 2016, three rising fourth-year CLDP cadets were selected for the NSA’s ROTC Cyber Internship Program, while a number of others participated in co-operative internships organized by UC’s EE/CS, IS, and IT departments.

As the relationship between UC Army ROTC and the Ohio ARNG Cyber Protection Team matured, the opportunity presented itself to place three cadets with the Cyber Protection Team in an SMP status – a first in the nation. The Ohio ARNG Cyber Protection Team commander and state J-6 interviewed and vetted all three cadets before approving transfer from their existing Ohio ARNG units to the Cyber Protection Team. This relationship additionally led to professional training opportunities for two of the SMP cadets in the summer of 2016, and opened the door for stand-by selection of both cadets, along with a third CLDP cadet, to attend the U.S. Air Force Institute of Technology’s Advanced Cyber Education later the same summer. In addition to the “hands-on” experience the internships provide, UC CDLP cadets are also encouraged to pursue part-time employment (time permitting) with local IT or cyber-related companies. One non-scholarship CLDP cadet took a part-time job with the IT department at Kroger’s world headquarters in Cincinnati.

Collaborating with the ACI, all CLDP participants are added to a national distribution list overseen by ACI and ROTC CLDP mentors. Mentors routinely send out emails that highlight training opportunities or recent articles of interest. Cadets routinely ask questions of and seek advice from the mentors. ACI additionally sends out a monthly newsletter-type document that highlights recent activities in the cyber operations community, promulgates cybersecurity tips and tidbits, and promotes discussion between CLDP participants. ACI additionally facilitates quarterly video teleconferences hosted by the USMA Cyber Research Center’s SIGSAC, in which CLDP programs are able to connect, listen, watch, and participate in the discussion.20 Lastly, to satisfy the club participation requirement, UC CLDP cadets are encouraged to participate in UC’s Cyber Crime Cats student club, or to join a local chapter of the Association of Computing Machinery, National Cybersecurity Student Association, or the Military Cyber Professionals Association.21

As for the capstone project, all of UC’s colleges that host cyber-related majors and minors have fourth-year capstone classes that focus on synthesis of the student’s academic pursuits and serve as the culminating demonstration and validating event. UC’s Department of Political Science also partners with the School of IT and hosts a 5000-level Cyberattack Red Team Collaborative Seminar that crosses traditional computer science, IS/IT, and policy lines for a truly multidisciplinary approach to cybersecurity. The seminar culminates with student-teams developing and testing strategies for attack and defense scenarios in a “force-on-force” capstone to identify weaknesses and validate multidisciplinary theories. In addition to the university capstone options, other alternatives include local and national cyber defense exercises regularly advertised by ARCYBER, ACI, and NSA as part of the CLDP mentorship program, or through other local cyber-related organizations.

CLDP at UC Army ROTC today includes several cadets with non-cyber related majors or minors and is integrating UC Air Force ROTC cadets to grow the program further. These non-cyber and non-Army cadets, participating out of personal interest, are embarking down their individual path to cyber savviness. Growing to fifteen members in the fall of 2016, UC’s first four CLDP participants will graduate and commission in the spring of 2017. Of those four, one will branch active duty Infantry, two will branch active duty Signal Corps (with branch details to Field Artillery), and one is expected to branch Cyber with the Ohio ARNG. With the growth of UC Army ROTC’s CLDP to fifteen members during fall semester 2016, it is now the second largest CLDP in the nation behind USMA – modest for sure, but aggressively forging ahead in spite of the challenges faced.

 

Challenges to ROTC CLDP Sustainability

As much as was done at UC, CLDP faces two major sustainability challenges at the university ROTC detachment level. First and foremost is the issue of mentorship for the CLDP cadets by ROTC detachment cadre. Where USMA is able to provide each CDLP cadet with a specific mentor – some mentors cover two or three USMA CLDP cadets – the ROTC detachment cadre cannot in most cases mentor CLDP cadets unless the cadre member has cyber experience in their background- most of whom don’t.

In those ROTC detachments that do have a cyber savvy cadre member – most times one officer – that officer will mentor five or ten, or possibly fifteen CLDP cadets in addition to his or her normal mentorship responsibilities as a Military Science and Leadership instructor for an entire year-group cohort of cadets. In the case where the mentor happens to be the PMS – whose purview includes the entire cadet battalion – the mentor-mentee ratio becomes even more lopsided. Further complicating this is that it is highly unlikely that Cyber Branch officers will be assigned as Assistant PMS or PMS in the foreseeable future due to the nascent nature of the branch and its modest size.

Reassignment of ROTC cadre who provide CLDP mentorship further complicates things, when those reassignments are unanticipated and come as a result of promotion, selection for professional schooling, or retirement. In many cases, the only requirement for selection for assignment to an ROTC detachment, other than university requirements on advanced education or specific military occupational skill designations, is combat experience. In ROTC detachments where no mentorship exists due to a total lack of cadre cyber experience, CLDP is unlikely to flourish. Similarly, ROTC cadre with experience in cyber operations who successfully stand up a CLDP program at their university may see it crumble after reassignment when their replacement has no cyber experience, education, or understanding.

The second challenge is funding – USACC provides no funding whatsoever for CLDP and securing funding falls in the lap of the ROTC detachment PMS or Assistant PMS serving as the CLDP mentor. At schools with large, well-developed ROTC alumni programs and funds, funding is far less of an issue than at those schools lacking well-developed alumni programs, or where foundational or alumni fund income is nothing more than a trickle. UC Army ROTC finds itself in this latter category, and finding alternative sources of income becomes tricky due to the amount of time needed to network and investigate funding sources. In light of this, continuing to develop and maintain relationships with the colleges and the university IT sections becomes a critical path to gaining equipment needed to facilitate CLDP club activities.

While visiting the UC CLDP in spring 2016, the U.S. Army Cyber School Commandant commented on the Cyber School’s inability to promote and support ROTC CLDP programs, and he recommended that CLDP cadets and mentors adhere to a ‘grass roots’ mentality in seeking and securing funding and equipment from the local communities. While this encourages an innovative and creative mindset, ROTC cadets are first and foremost pursuing a university degree in order to commission. Requirements to self-fund or self-build a CLDP program, on top of all of the cadet’s other ROTC and academic and professional development requirements can get to the point of overwhelming cadets in similar fashion as those cadets who overextend themselves with Ranger Challenge, Pershing Rifles, cadet battalion leadership and administration, or other extracurricular activities (e.g., fraternities/sororities, student government, club sports).

 

Concluding Thoughts 

The original intent of USMA CLDP was to be a pilot program that ultimately expanded to ROTC.22 In only a handful of cases did this happen, and then only when championed by an ROTC detachment cadre member with knowledge of CLDP and awareness of resources and requirements at the university level. After the ACI visit in the spring of 2015, we wrote an information paper detailing how to implement CLDP at university ROTC detachments and recommended how to make it sustainable. USACC convened a planning session at Fort Knox, Kentucky in late September 2015 to assess the concept, and a team composed of members of USACC G3, ACI, NSA, and UC Army ROTC made the same recommendations to the commanding general. That concept was later assigned to USACC’s 6th ROTC Brigade for further development, but as of the time of this article’s publication nothing else appears to have come of the effort.

It is worth commenting, as a final aside, that while every Army ROTC cadet is required to take an American military history course, no such requirement exists for them to take any sort of computer science course or cyber policy-related course (e.g., political science) – if they are even offered at the university.23 If we are truly trying to create “cyber savvy” leaders, priming them in the pre-commissioning phase is optimal. What better place to incorporate cyber operations awareness and basic understanding than thru the BOLC-A pre-commissioning ROTC curriculum to ensure one hundred percent “touch and coverage” for all ROTC cadets? If nothing else, it is a step in the right direction in creating “cyber savvy” officers.

If CLDP is implemented, supported, and sustained in a more formal manner than just “grass-roots,” realizing the “cyber savvy” leader as a product of Army ROTC at the point of commissioning is a realistic goal. Unless ROTC cadre with the necessary cyber experience are assigned, and funding is provided by the university or USACC, CLDP at ROTC detachments will quickly become unsustainable. Here too, an opportunity exists for both Cyber Branch and USACC to institute a top-down mentor program at Cadet Command, or its subordinate brigades, similar to the already existing Nurse Counselor program where Army Nurses are assigned at the ROTC Brigades to mentor and track the progress of ROTC nursing cadets at the university levels.24 While opportunities exist, if CLDP is not formally supported and sustained, it will remain nothing more than an abstract concept or temporary local innovation.

Finally, where Cyber Branch seeks to create “competent professionals who… earn the trust of leaders from other operational branches,” the Army, and specifically USACC, need to focus on pre-commissioning requirements as the best place to create cyber-capable officers. Creating CLDP at ROTC detachments with robust cyber-related academic programs is the first step and is a “win-win” situation. Implementing CLDP needs to be quickly followed with adoption and integration of basic cyber education into all levels of the ROTC BOLC-A pre-commissioning curriculum and Cadet Summer Training, as USMA is already beginning to do.25 Given that the predominance of second lieutenant production over the past century belongs to USACC, this puts USACC and  ROTC detachments in a unique position to greatly affect the foundational cyber knowledge of future generations of officers – especially those who branch other than Cyber – and thus influence the Army’s long-term institutional knowledge and intellectual culture for decades.

 

 

About the author: Lieutenant Colonel Jason M. Bender is the Head of the Department of Military Science and Professor of Military Science for the Army Reserve Officers’ Training Corps (ROTC) detachment at the University of Cincinnati. A Regular Army field artillery officer, Lt. Col. Bender served at all levels from tactical to strategic, and most recently served with U.S. Army Cyber Command (ARCYBER)/2nd Army as ARCYBER’s first Chief of Fires and U.S. Cyber Command J35 Offensive Cyber Operations Planner; and later as an ARCYBER/2nd Army G5 Strategy and Policy Planner. He holds a bachelor’s degree in mathematics from Oregon State University; master’s degrees from Troy University and the U.S. Army School of Advance Military Studies; and is a graduate of the U.S. Army Command and General Staff College. He is also a recipient of the Armed Forces Communications and Electronics Association's Order of Saint Isidore and the U.S. Field Artillery Association’s Honorable Order of Saint Barbara.

 

Disclaimer: The views and opinions expressed here are expressly those of the author and do not reflect the official policy or position of any organization of the U.S. Department of Defense or University of Cincinnati.

 

 

End Notes

1. Jason Bender, “The Cyberspace Operations Planner,” Small Wars Journal, 05 November 2013, http://smallwarsjournal.com/jrnl/art/the-cyberspace-operations-planner. Coincidentally, I didn’t discover until drafting this article how many times my original article was cited since Small Wars Journal published it almost three years ago. The realization that others see value in what you’ve said and consider it worth repeating is humbling.

2. Martha S.H. VanDriel (Colonel, USA), “Bridging the Planning Gap: Incorporating Cyberspace into Operational Planning,” 04 May 2015,

http://www.strategicstudiesinstitute.army.mil/index.cfm/articles/Bridging-the-planning-gap/2015/05/04; and Natalie Vanatta (Major, USA), “A Year of Cyber Professional Development,” 23 January 2015, http://www.cyberdefensereview.org/2015/01/23/professional-development/.

3. Justin Considine (Lt. Col., U.S. Army) and Blake Rhoades (Capt., U.S. Army), “How to Grow a Capable Cyber Officer,” Army, January 2017: 19-21; see also Scott R. Gourley, “Closing the Capabilities Gap: Seven Things the Army Needs for a Winning Future,” Army, February 2017: 36-41.

4. ACI facilitated the implementation of CLDP with the intent of providing cadets “who are interested in cyber security studies… [an opportunity to] enhance their education with a wide range of broadening opportunities… as well as mentorship to guide them in their development within the field of cyber security.” United States Military Academy, “Memorandum for Record: Cyber Leader Development Program in the Army Cyber Center, USMA.” West Point, NY: USMA. 09 October 2013.

5. Ibid.

6. USACC’s centralized, annual summer internships normally include opportunities at USCYBERCOM, National Security Agency (NSA), U.S. Army Intelligence and Security Command, and the Army’s 1st Information Operations Command and opportunities to attend the U.S. Air Force Institute of Technology’s (AFIT) Advanced Cyber Education (ACE).

7. Army pre-commissioning leader development programs (i.e., USMA and senior ROTC) are designated by U.S. Army Training and Doctrine Command as BOLC-A. See U.S. Army Training and Doctrine Command, TRADOC Regulation 35-36 Basic Officer Leader Training Policies and Administration, Fort Eustis, VA: TRADOC, 01 September 2015; http://www.tradoc.army.mil/tpubs/regs/TR350-36.pdf.

8. Considine and Rhoades, “How to Grow a Capable Cyber Officer”; and Bender, “The Cyberspace Operations Planner”.

9. Department of the Army, DA Pamphlet 600-3 Commissioned Officer Professional Development and Career Management, Washington, D.C.: Department of the Army, 01 February 2010: 2; http://www.apd.army.mil/Search/ePubsSearch/ePubsSearchForm.aspx?x=PAM.

10. Candice Frost (Lieutenant Colonel, USA), “Ignorance and Arrogance: Misunderstanding the Officer Personnel Management System,” Military Review (Spotlight Article), 05 January 2015;

http://usacac.army.mil/CAC2/MilitaryReview/repository/spotlight/Frost-Jan-2015.pdf.

11. Cyber BOLC-B is thirty-seven weeks long, nearly twice the longest comparable basic branch BOLC-B. Length of follow-on post-BOLC training is dependent on the cyber officer’s first assignments (i.e., National Mission Forces, tactical unit Cyber and Electromagnetic Activities (CEMA) Element, etc.). Laura Levering, “Army Cyber School marks major milestone,” Army.mil, 17 August 2015;

https://www.army.mil/article/154001/Army_Cyber_School_marks_major_milestone.

12. See DA Pamphlet 600-3, Part II, which includes branch descriptions and requirements for Infantry, Armor, Aviation, Field Artillery, Air Defense Artillery, Engineers, Military Police, Special Operations, Psychological Operations, and Civil Affairs branches and the Information Operations functional area.

13. C. Todd Lopez, “ROTC has minted over 1,000,000 new lieutenants during its 100 year history,” 05 June 2016;

https://www.army.mil/article/169167/ROTC_has_minted_over_1_000_000_new_lieutenants_during_its_100_year_history/.

14. USACC oversees 275 Army Senior ROTC programs at more than 1100 universities and colleges across the United States and its territories, the majority of which have some type of cyber-related academic major or minor. “Army Reserve Officer Training Corps,” STAND-TO!, 02 December 2015; https://www.army.mil/standto/archive_2015-12-02.

15. Lt. Col. James Scrogin, PMS at Purdue University Army ROTC; ACI’s Lt. Col. David Raymond and Lt. Col. (then-Major) James Finocchario; and Lt. Col Robert Johnson, Assistant Commandant at the U.S. Army Cyber School.

16. Jason Bender, James Scrogin, David Raymond, Robert Johnson, Tim Groves, and James Finocchario, “INFORMATION PAPER: Establishing a Cyber Leader Development Program (CLDP) in United States Army Cadet Command (USACC) Senior Reserve Officers’ Training Corps (SROTC) Programs”, 05 May 2015.

17. Bender, et. al., “INFO PAPER: Establishing CLDP at USACC SROTC Programs”; see also Department of the Army, Army Regulation 145-1 Senior Reserve Officers’ Training Corps Program: Organization, Administration, and Training,” Washington, D.C.: Department of the Army, 22 July 1996: Chapter 3; Department of the Army, Army Regulation Regular Army and Reserve Components

Enlistment Program, Washington, D.C.: Department of the Army, 31 August 2016: Chapter 6; and Department of the Army, National Guard Regulation 600-100 Commissioned Officers: Federal Recognition and Related Personnel Actions, Washington, D.C.: Department of the Army, 15 April 1994: Chapter 13.

18. See “National Center of Academic Excellence in Cyber Operations: Mission and Purpose,” http://ceas.uc.edu/cyberops/mission.html; and “UC Becomes Leader in Cybersecurity Education,” http://cech.uc.edu/headlines/2016/it-nsa-cae-designation.html.

19. “Experienced-Based Learning & Career Education,” https://www.uc.edu/careereducation.html. See also Mary Niehaus, “University of Cincinnati Co-op: 100 years of success,” December 2005, http://magazine.uc.edu/issues/1205/success1.html; and Troy Onink, “College Co-Op Pioneer is Still Leading the Charge after 100 Years,” Forbes, 27 February 2012;

http://www.forbes.com/sites/troyonink/2012/02/27/college-co-op-pioneer-is-still-leading-the-charge-after-100-years/#29db89de5230.

20. See “SIGSAC – ‘Special Interest Group for Security, Audit and Control’”,

http://www.usma.edu/crc/sitepages/sigsac.aspx. Sponsored by USMA’s Department of Electrical Engineering and Computer Science, SIGSAC is an academic club focused on developing leadership applicable to the cyber domain through knowledge sharing and cultivation of technical skill sets.

21. See Cyber Crime Cats, https://www.facebook.com/groups/cybercrimecats/ and

https://twitter.com/cybercrimecats; Association for Computing Machinery, https://www.acm.org/; National Cybersecurity Student Association, http://www.cyberstudents.org/; and The Military Cyber Professionals Association, https://www.milcyber.org/.

22. USMA, “Memo: CLDP in the Army Cyber Center”.

23. U.S. Army Training and Doctrine Command, TRADOC Regulation 350-13 Instruction in Military History, Fort Eustis, VA; TRADOC, 05 March 2010: 14; see also U.S. Army Cadet Command (USACC), Cadet Command Regulation 145-3 Army Senior Reserve Officers’ Corps (SROTC) Basic Officer Leader Course – A (BOLC-A) – On-campus Training and Leader Development, Fort Knox, KY: USACC, 20 September 2011: 7. If the university or college does not have an American military history course, the ROTC detachment cadre is required to teach it to the cadets every semester themselves.

24. Bender, et. al., “INFO PAPER: Establishing CLDP at USACC SROTC Programs”.

25. Considine and Rhoades, “How to Grow a Capable Cyber Officer.” See also Matt Hutchison, Erick Waage, and Brent Chapman, “We Took West Point Cadets to (Cyber) War,” War on the Rocks, 21 June 2016; https://warontherocks.com/2016/06/we-took-west-point-cadets-to-cyber-war/


Photo credits (in order of appearance):  

U.S. Army ROTC

UC.edu

U.S. Army / Chuck Burden

U.S. Army / Bill Roche