Exercise Cyber Shield 2022, and what the Guard brings to cybersecurity.

Friday, June 17th, marked the last day of the National Guard’s annual Exercise Cyber Shield, an unclassified cyber training exercise bringing together National Guard soldiers and airmen as well as partners from government agencies and the private sector. This year’s exercise met in Little Rock, Arkansas between June 5th and 17th. The exercise, conducted since 2007, is intended to “develop, train and exercise cyber forces in the areas of computer network internal defensive measures and cyber incident response,” the National Guard explains.

A transcript provided by the National Guard describes the scenario for this year’s Cyber Shield, which focused on the role the Guard plays in protecting the US Department of Defense computer networks. Designed after the December 2020 SolarWinds breach that infiltrated the U.S. departments of Homeland Security, Treasury and Commerce, the exercise highlights how the supply chain was disrupted and involves both DoD personnel and members of the private sector.

The CyberWire sat down with Illinois National Guard Lieutenant Colonel Jeffrey Fleming, Kentucky National Guard Major Dayna Sanders, and Massachusetts National Guard Lieutenant Colonel Chris Elgee. Fleming, the exercise officer-in-charge, told the CyberWire that the aim of the exercise is to “train the basic tenets of cyber, so that whatever network our operators end up on, whether it’s wearing a uniform to support the Governor, active-duty-side, or taken back to their civilian careers, they have the knowledge and experience to do that wherever we need to operate.” He highlighted the unique position of National Guard soldiers and airmen, stating that most of them are not full-time members of the military and have “significant levels of experience and crazy skill sets,” and this, he said, makes them poised to be great cyber defenders, as they often have field knowledge and experience that gives them considerable subject-matter expertise. Elgee also noted that the nature of the National Guard allows for longstanding relationships more easily than other components. “When you’re active duty, you’re at one post for maybe three years and you move on and that’s it, but with the Guard, we see the same people year after year.”

The exercise is conducted on a cyber range, and Elgee noted that the biggest challenge with creating a cyber range is making them as realistic as possible. “It’s easy to have a bunch of computers, a bunch of instances found from the cloud, but the trick is making it something that’s realistic to the environment you’re trying to simulate.” He also notes that it is safe and completely segmented off from the actual Internet, and that any interconnections it has with the wild Internet are closely monitored and controlled.

Cyber Shield is run almost exclusively by volunteers, with the exception of one or two people working full-time, Sanders said, noting that the passion behind the work the volunteers do is what makes the program so successful. Fleming added that “The reason this exercise is as good as it is and continues to grow is because the folks are here, and they want to be here, and they’re giving their extra time to do it.”