ARLINGTON, Va. – More than 140 National Guard members from six states worked alongside international partners in a cyber training exercise to expand interoperability and track and eliminate cyber threats.
“It helps develop advanced threat-hunting capabilities while ensuring awareness of the network environment and building those skill sets with other nations in a collaborative setting,” said Lt. Col. David Cutler, the head of cyber operations with the Colorado Army National Guard and deputy director of the Adriatic Regional Cyber Coordination Exercise.
The two-week exercise, which ran through July 5 in Postonja, Slovenia, was split into a training phase and an exercise phase.
Cutler said that during the first week, the teams trained on the tools they used to defend a virtual network during the exercise.
Attacks to the virtual network came “at various skill levels from the obvious or unsophisticated to advanced techniques to allow teams with varying skill sets to learn new defensive cyber techniques,” said Cutler.
On the final day of the exercise, participants implemented their response plan in what Cutler described as a “cyber knife fight.”
“You’re validating the information you see, and then coming up with an execution plan for the last day of the exercise to basically do all those actions you’d requested during the week to, hopefully, kick out the aggressors.”
The exercise focused on collaboration among teams.
“We’re not executing this exercise as a competition, but more as collective learning,” said U.S. Air Force Lt. Col. Erik Howg, with the Iowa Air National Guard and the exercise director. “We’re trying to work on kind of a common mission platform that we all can use, if called to defend our networks in this type of environment.”
Working with partner nations was an integral part of the exercise, said Cutler, adding that the Department of Defense National Guard State Partnership Program, which pairs Guard elements in each state with partner nations worldwide, played a key role.
The exercise included international teams from Slovenia, North Macedonia, Kosovo, Bosnia and Herzegovina, Croatia, Albania and Montenegro. The seven SPP partner nations and Guard teams from New Jersey, Colorado, Maine, Maryland, Minnesota and Iowa worked hand in hand with those from their respective partners in the program.
“Focusing on the SPP program has been awesome,” Cutler said. “Us stepping in with our SPP partners, it’s kind of a continuation of what they’re building out in the region as their active defenses. So, we’re just one part of a layered structure they’re already building.”
And the exercise provided a platform to develop those relationships further.
“We learn from each other on the SPP piece,” said Cutler. “I think that just helps to reinforce what the SPP program is all about.”
Guard members brought an added element to the exercise, as many have civilian IT and network experience.
“It really is just showcasing the amount of expertise we have in the Guard because we have that bleed-over from civilian life,” said Cutler. “We have a lot of subject matter experts in the Guard that have specialized training that you wouldn’t normally see in an active component unit that we kind of bring to the fight.”
That expertise was an essential asset during the exercise.
“That’s super helpful when you’re doing these kinds of exercises with other countries to have those experts that can kind of look over your shoulder,” said Howg. “As well as being participants, they’re kind of secondary instructors.”
He said that helped develop cybersecurity teams.
“Cybersecurity just takes a long time to really develop the skill set for, from my observations, and it’s not something that can be rushed,” he said.
Planners are already looking toward those taking part in subsequent iterations of the exercise, slated for every two years.
“Come ready to learn,” said Cutler. “It’s tough with that jet lag sometimes, but you have to play through it and then be willing to learn from others and to be able to apply what you know.”