Cyberspace Operations

The CY01 - Cyberspace Operations program, managed by United States Cyber Command (USCYBERCOM), is a major equipment procurement line item within the Department of Defense (DoD) budget. Its overarching goal is to equip USCYBERCOM, its subordinate headquarters, and the Cyber Mission Force (CMF) with the necessary hardware, software, and licenses to execute cyberspace operations.

The program is structured around four primary objectives: defending the DoD Information Network (DoDIN), supporting global combatant commands, enhancing national resilience against malicious cyberspace activity (MCA), and increasing DoD cyber effectiveness through collaboration with allies and partners. These investments are critical for maintaining the security and operational readiness of DoD networks and for supporting the broader national defense strategy in cyberspace.

Cyber Threat Emulation System and Tools focuses on procuring hardware for operations centers and conducting network vulnerability inspections. This line item enables real-time situation monitoring and unity of command across USCYBERCOM, subordinate headquarters, and mission partners. The tools support 24/7 DoDIN operations and defensive cyber operations, including inspections across the Joint Worldwide Intelligence Communications System (JWICS), Non-classified Internet Protocol Router Network (NIPR), and Secret Internet Protocol Router Network (SIPR). The budget includes funding for technology refresh upgrades, ensuring that cyber threat emulation capabilities remain current and effective for ongoing and future missions.

Data and Sensors is a significant investment area, supporting Hunt Forward Operations (HFO), Enhanced Sensing and Mitigation, Deployable Mission Support Systems (DMSS), and Joint Cyber Hunt Kits (JCHK). These resources provide Cyber Protection Teams (CPTs) with deployable hunt and mitigation tools, robust compute and storage capabilities, and analytical support for host-based mission changes.

The data and sensors procured under this line item are essential for incident warning, mitigation, and defense of DoD network enclaves against unauthorized intrusion, corruption, or destruction. The program also funds Defense Counter Measures (DCM) to secure network boundaries and respond to MCA, with a focus on proactive and dynamic defense. The budget reflects a decrease due to contract reductions and efficiency initiatives aligned with Executive Order 14222.

Robust Infrastructure and Access includes the Joint Common Access Platform (JCAP), which provides a protected and managed environment for coordinating and executing cyber operations. This line item supports hardware and software procurement, recurring licenses, cloud services, and technical support for continuity of operations at classified locations.

The infrastructure investments enable tech refreshes, hardware enhancements, and updates to the Wide Area Network, as well as comprehensive support services for equipment procurement, installation, and provisioning at Joint Mission Operation Centers (JMOCs). The budget is reduced due to realignment of funding, consolidation of software licenses, and operational efficiencies gained by transitioning to cloud solutions and leveraging CHESS contracts.

Cyber Weapons and Tools previously funded the procurement of specialized software tools for cyber operations, but the budget eliminates this requirement, resulting in a decrease from prior years. This change reflects a strategic realignment and optimization of resources, with existing capabilities deemed sufficient for current operational needs.

Advance Cyber Training supports the procurement of hardware and resources for advanced cyber training initiatives within USCYBERCOM and the Air Force. This line item ensures that personnel receive the necessary training to maintain and enhance their cyber operational skills. The training investments are designed to keep pace with evolving cyber threats and technologies, thereby sustaining the readiness and effectiveness of the Cyber Mission Force.