U.S. CYBERCOM’s Innovation and Acquisition Perspective

Published: September 13, 2018


The U.S. Cyber Command is embarking on creative ways to foster innovation, engage industry and rapidly acquire new capabilities.

As National Cybersecurity Awareness Month in October approaches in just a few weeks we are seeing a flurry of industry events occurring and planned where federal and industry leaders are outlining their current challenges, ongoing efforts and paths forward.

I recently attended the 9th Annual Billington CyberSecurity Summit, which featured keynote speakers and panel participants from a cross-section of the U.S. federal and international cyber-community – from military, national security and intelligence agencies to industry and academia. The topics addressed by government leaders and industry experts varied widely from international cyber-threats and cyber-related IT governance policy to critical needs and workforce development efforts.

CYBERCOM Priorities for FY 2019 and Beyond

One breakout session featured a panel discussing the future needs and priorities of the U.S. Cyber Command (CYBERCOM). Having been elevated to a Unified Combatant Command last year and having established its own acquisition arm within the Capabilities Development Group, CYBERCOM is focusing considerable effort on how to meet their Cyber Mission Forces’ need for the most advanced cyber technologies and increase the speed of acquisition of those technologies. The panel participants spoke to their respective areas of responsibility.

  • Michael Burke, Technical Director, Cyber National Mission Force (CNMF), described how CNMF accounts for about a quarter to a third of the overall DoD cyber force, with 39 teams of the total 133 teams of the joint CMF in his area. These are divided among 5 task forces. When asked to describe the task forces and their emphases he declined on security classification grounds. The NCMF’s core workforce skillsets include in-house rapid capability developers, plus capabilities from the services. Together, the NCMF is working on innovations that include both “use-once-and-throw-away” and those that may provide sustained use capabilities.
  • Captain Edward Devinney, Director, Corporate Partnerships and Technology Outreach, highlighted that his office is establishing a process that's more rapid than normal DOD processes for engaging industry for partnerships. The CPTO functions are twofold – to understand needs of CYBERCOM and to understand what capabilities are available within the relevant industries. He works with the Defense Innovation Unit (DIU) in Silicon Valley. Engaging with him and his office is a first step in initiating a conversation with the Command.
  • Karl Gumtow, Dreamport Director, and CEO of the Maryland Innovation and Security Institute noted that the Command set the up their partnership in less than 6 months, from solicitation to initiation, through a five-year Partnership Intermediary Agreement (PIA), which is sort of an Other Transaction Authority (OTA) avenue designed for non-profits. The goal of the partnership among government, industry and academia is to foster greater innovation for rapid development and prototyping of cyber capabilities of interest to CYBERCOM. The effort will focus on identifying innovation, supporting STEM education, and encourage community engagement.
  • Stephen Schanberger, Command Acquisition Executive at CYBERCOM provided perspective on the current and potential landscape for acquisitions and procurement at the Command. CYBERCOM received $75 million in acquisition authority through FY 2021. In FY 2017 they awarded 1 contract. In FY 2018 they awarded $40 million in contracts. In FY 2019 he expects that they will hit that $75 million cap. The Pentagon requested both more acquisition authority and a longer time horizon in the FY 2019 NDAA – $250 million through FY 2025. (In the final bill submitted and signed by the president they got the extension, but not more money.) Schanberger said that they are looking to the future and how they can put their own contract in place instead of using other agencies’ vehicles, as they are doing now. He wants an agency-specific IDIQ for cyber tools and another vehicle for analytics development. As they explore potential acquisition strategies they are working to identify capability gaps and needs between USCYBERCOM and the component CYBERCOMS and how to fill them. Congress also has them assessing how CYBERCOM operates acquisition-wise with respect to small business and the types of contacts they use. Congress also wants them to make a more detailed case for increased acquisition funding.


The emphasis on establishing creative avenues to engage cyber innovators in order to speed the development of very specialized and targeted cyber capabilities emphasizes the crucial need for more advanced technologies that CYBERCOM feels is necessary to meet the challenge before it. It reflects cyber’s prominent role within the larger National Defense Strategy.

Further, CYBERCOM’s combined effort recognizes that success is not just about the what, but also about the how, i.e. you have to address both the innovation of state-of-the-art technologies and techniques as well as the means to procure it quickly in a traditionally slow-moving acquisition environment.  

In a broader environment where the urgency of the federal cybersecurity challenge has often led to a free-spending mentality Congress’s unwillingness to increase CYBERCOM’s acquisition authority while extending their time horizon shows a degree of caution. It seems that the Command will have to prove itself and makes its case in this area and it might take until the FY 2020 NDAA or beyond before we know how much runway Congress is willing to grant.

The federal cyber market is changing in many ways. CYBERCOM (and other federal agencies) are working hard to add nimbleness to the development and acquisition of cyber tools and other offerings. Firms that can match that nimbleness with innovation and flexibility will stand to gain an advantage over others who approach this segment overly-wedded to traditional acquisition cycles and stove-piped solutions.