RAND Arroyo Center was asked by U.S. Army Cyber Command's G35 office to develop and document an Army strategy for providing cyber support to corps and below, which is synonymous with tactical cyber operations. This report describes how the Army should use available resources to achieve the mission objectives inherent to tactical cyber operations. Cyber operations are increasingly important to the Army and other services' ability to seamlessly incorporate actions in cyberspace with activities in traditional warfighting domains (land, air, maritime, and space). This report proposes a strategy for tactical Army cyber operations, enumerating overarching goals, objectives, and associated activities. As part of this strategy, the authors describe what the Army, as an institution, needs to do to realize a vision for tactical cyber operations. In addition, this report discusses the incorporation and use of offensive cyber operations, specifically at the tactical level.
Key Findings For cyber operations, the Army will need to build trust and operate with JIIM partners. The Army must be able to employ cyber capabilities at all echelons, including tactical echelons. The Army must be able to operate with existing authorities and prepared to operate with increased authorities it might gain in the future.
Recommendations The Army should plan to coordinate with these higher echelons and partner agencies/nations to plan and conduct tactical cyber operations. Relationship building takes time; the Army should not ask for more than a cyber partner can reasonably be asked to give, especially in the case of new relationships. Operations (i.e., "doing cyber") give relationships a chance to grow and mature and provide opportunities to demonstrate the utility of relationships and willingness to serve partner. With military partners, the Army might find that exercises at command posts and at combat training centers afford opportunities for "doing." The Army should make a cyber partnership a "good deal" for a partner up front, which might mean initially subordinating the Army's goals and interests to those of the partner. As the Army considers how best to embed a cyber capability at tactical echelons, it should identify how to establish and maintain a relationship between the personnel who will serve at those tactical echelons and the partner agencies and organizations with which they will frequently interact.
Table of Contents Chapter One
Understanding the U.S. Army's Need for Tactical Offensive Cyber Operations
Chapter Two
Case Study One: Joint Interagency Task Force — South
Chapter Three
Case Study Two: U.S. Marine Corps Tactical SIGINT
Chapter Four
Case Study Three: The Use of Armed Drones
Chapter Five
An Approach to Army Tactical OCO: Tethering
Chapter Six
Choosing Practical Types of Tactical OCO
Chapter Seven
Best Practices, Goals, and Strategy
Research conducted by RAND Army Research Division
This research was sponsored by U.S. Army Cyber Command and conducted by the Forces and Logistics Program within the RAND Arroyo Center.
This report is part of the RAND Corporation research report series. RAND reports present research findings and objective analysis that address the challenges facing the public and private sectors. All RAND reports undergo rigorous peer review to ensure high standards for research quality and objectivity.
Permission is given to duplicate this electronic document for personal use only, as long as it is unaltered and complete. Copies may not be duplicated for commercial purposes. Unauthorized posting of RAND PDFs to a non-RAND Web site is prohibited. RAND PDFs are protected under copyright law. For information on reprint and linking permissions, please visit the RAND Permissions page.
The RAND Corporation is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.