An official website of the United States Government 
Here's how you know

Official websites use .gov

.gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS

A lock ( lock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

‘Cyber Flag’ Exercise Tests Mission Skills

You have accessed part of a historical collection on Some of the information contained within may be outdated and links may not function. Please contact the DOD Webmaster with any questions.

Joint and coalition cyberspace forces completed Cyber Flag 15-1, a cyberspace force-on-force training exercise fusing attack and defense across the full spectrum of military operations in a closed network environment, at Nellis Air Force Base, Nevada, Nov. 7, U.S. Cyber Command officials reported today.

As Cybercom’s premier exercise, Cyber Flag 15-1 evaluated growing cyberspace capabilities within the Cyber Mission Force and joint headquarters elements, advancing Cybercom commander and National Security Agency and Central Security Service director, Navy Adm. Michael Rogers’ vision of operationalizing and fully integrating cyberspace operations into other military planning and operations.

Rogers has often emphasized that the Department of Defense must build operational capacity in cyberspace to generate military options for senior military leaders and decision makers. He has stressed that the U.S. cannot wait until a cyberspace crisis affects the nation or DoD’s ability to conduct military operations to develop partnerships, generate cyber capacity and capability, and ensure coordination processes are in place for national or military response.

Cyber Defense is Team Effort

“Cyber is a team effort, and given the resource constraints and capacity shortfalls, we need to partner in a way that optimizes operational outcomes. This exercise is an incredible opportunity to strengthen our relationships with critical partners,” said Rogers, noting that relationships are the key to success in the cyberspace domain.

The four main exercise objectives were to:

-- execute joint and coalition cyberspace operations that were fully integrated with other combatant command air, land and sea operations;

-- identify, prioritize and defend key cyber terrain against imminent or observed threats;

-- operate in a denied, manipulated or contested cyber environment; and,

-- rehearse how a coalition will conduct command and control of cyberspace forces at the tactical and operational levels in response to a regional crisis.

The exercise has evolved each year since its inception in 2011 by incorporating more participants from across DoD, other federal agencies, and allies in more sophisticated, realistic scenarios against opposing forces. This year’s scenario, devised by exercise planners, involved a simulated Combined Joint Task Force response to a notional regional crisis involving fictional state and non-state actors conducting significant activity in cyberspace.

Exercise Features Multiple Players

Teams from the Cyber Mission Force participated in the exercise, including the Cyber National Mission Force, which is responsible for, when ordered, the defense of U.S. critical infrastructure against sophisticated cyberattacks of significance to national security; the Cyber Combat Mission Force, which supports combatant commander requirements around the world; and the Cyber Protection Force, which is responsible for the defense of DoD information networks. Teams from allied nations brought comparable forces and capabilities, and integrated with U.S. joint forces into the coalition environment.

The exercise took place on a specially-constructed closed network designed to simulate the DoD and allied information networks and adversary networks. The event also featured an expert opposing force, which takes on the role of the adversary, using a range of tactics and weapons to provide a realistic training environment.

The opposing force simulated a range of cyberspace threat actors, testing the readiness and dynamic response capability of the CMF teams. Throughout the exercise, senior leadership stressed the importance of being able to continue military operations in denied or contested environments, fighting through degraded networks to achieve military objectives.

“The U.S. and allied participants dedicated a remarkable level of effort to participate in Cyber Flag 15-1,” said Coast Guard Rear Adm. Kevin Lunday, Cybercom’s director of exercises and training. “The coalition exercise environment was vital to generating insights into how to achieve military objectives by conducting operations in and through cyberspace. We will use the lessons identified here to improve joint training, tactics and readiness of the Cyber Mission Force as we continue to build capability and capacity.”

Cyber Flag is a critical exercise for DoD, but not all CMF personnel, teams or staff are able to participate in training events like Cyber Flag, said Lunday. A persistent training environment would meet a growing and urgent need for small team events as well as supplement individual training, incorporating physical locations for on-site or distributed training with live networks. A PTE would include a progressive and evolving curriculum tailored to individual and team-level training to complement larger exercises like Cyber Flag that focus on command and control and incorporating cyberspace into military operations.

In addition to testing command and control and meeting the other objectives, the exercise provided the opportunity for CMF teams, Joint Force Headquarters-Cyber for military services and Cyber National Mission Force Headquarters to demonstrate proficiency in mission tasks established in joint standards by U.S. Cyber Command.

Exercise Provides Tremendous Value

"Cyber Flag provided tremendous value for both the cyber mission teams and their headquarters staff,” said Army Brig. Gen. Paul Nakasone, commander of the Cyber National Mission Force. “It allowed the teams to practice, build upon, and validate their individual and collective skill sets. Likewise, it exercised headquarters staff elements to integrate and synchronize their command-and-control and planning responsibilities.”

Nakasone continued, “Cyber Flag also reaffirmed our need for a persistent training environment -- a world-class facility for on-location or distributed training that includes a ‘hot’ [live] network, an active and dedicated opposing forceadversary, and skilled assessors."

Through large training events and exercises like Cyber Flag, or smaller events that could be made possible through a persistent training environment, officials said DoD is learning how to better integrate operations in cyberspace with other domains, how to better defend DoD networks from attack, and how reliance on networks and technology creates both opportunity and vulnerability for the U.S. and allies.

“The purpose of a military exercise is to learn,” Rogers told participants. “Push the envelope, experiment, and take advantage of this opportunity by embracing controlled failure for the learning potential it has.”

Related Stories