MISSION:
Rapidly deliver innovative and dominant cyberspace capability, and tailored information technology solutions and provide a decisive, warfighting information advantage.
VISION:
Be recognized as the leader within the cyberspace domain delivering innovative, integrated, and cost-effective solutions.
DESCRIPTION:
Defensive Cyber Operations (DCO) rapidly delivers innovative and dominant cyberspace capabilities, as well as tailored information technology solutions for our national, joint and allied partners. These capabilities provide a decisive warfighting information advantage through rapid prototyping, deployable and cloud-based defensive cyber solutions, cyber analytics and detection for cyber threats, and Command, Control, Communications, Computers & Intelligence (C5I) acquisition services. We are the leader within the cyberspace domain, delivering innovative, integrated and cost-effective solutions.
Mr. Robert Zoppa
Mr. Robert Zoppa assumed the Project Manager with Defensive Cyber Operations role in July 2023. In that capacity, he leads the organization that rapidly delivers innovative and dominant cyberspace capabilities for Army global networks and tailored information technology solutions for national, joint, and allied partners. As the project manager, he is the milestone decision authority for acquisition category IV cyber programs. He is responsible for the execution of Army funding across the program objective memorandum.
Before assuming this role, Mr. Zoppa attended Senior Service College at the Eisenhower School for National Security and Resource Strategy at the National Defense University, where he earned a Master of Science in National Resource Strategy.
Previously, Mr. Zoppa served as the Deputy Project Manager for PEO EIS’s Defense Integrated Business Systems (DIBS) portfolio in Arlington, Virginia, from 2021 to 2022. His responsibilities included assisting the project manager with managing seven major enterprise business solutions across the financial, logistics, acquisition, and environmental domains, supervising the civilian workforce assigned to the project management office, and providing advice and guidance to the project manger on all aspects of portfolio management. DIBS is accountable or standardizing, streamlining, and sharing critical data across the Army, DOD, and industry partners.
Before that, Mr. Zoppa served as the Deputy Project Manager for the Global Combat Support System–Army (GCSS-Army) at Fort Gregg-Adams, Virginia, from 2010 to 2021. His responsibilities included assisting the product manager with the overall management of the GCSS-Army project, supervising the civilian workforce assigned to the product management office staff, and providing advice and guidance to the product manager on all aspects of the project’s management. GCSS-Army is an enterprise resource planning solution that comprises the tactical component of the Army’s logistics enterprise.
From October 2003 to June 2007, Mr. Zoppa served as Project Manager, GCSS-Army, while on active duty with the U.S. Army. Before that, the Army assigned him to the Strategic and Advanced Computer Center, G-6 at the Pentagon from August 2000 to September 2003, where he oversaw several web-based projects. From July 1998 to July 2000, he served as Assistant Product Manager, GCCS-Army, within the Program Executive Office, Command, Control and Communications – Tactical at Fort Belvoir, Virginia.
From 1987 to 1998, Mr. Zoppa served in various assignments in the Army, including deployments to Saudi Arabia in support of Operations Desert Shield/Storm. His awards and decorations include the Bronze Star Medal, Meritorious Service Medal, Army Commendation Medal (x2), Army Achievement Medal, National Defense Service Medal, Southwest Asia Service Medal, Army Service Ribbon, and the Kuwait Liberation Medal with Palm.
In addition to the Master of Science in National Resource Strategy, Mr. Zoppa holds a Master of Science in Systems Technology from the Naval Postgraduate School, Monterey, California, a Master of Business Administration from Golden State University, San Francisco, California, and a Bachelor of Science from the United States Military Academy, West Point, New York. He is a certified Project Manager Professional through the Project Management Institute. He is also a graduate of the Defense Acquisition University and holds an advanced Defense Acquisition Workforce Improvement Act certification in Program Management.
 |
 |
Dr. Linda Jones
Dr. Linda Jones was named as the Deputy Project Manager, Defensive Cyber Operations, in March 2024. Dr. Jones has a long history of key assignments throughout the Army’s Program Executive Office Enterprise Information Services (PEO EIS). Before becoming the acting Deputy Project Manager in December 2023, she served as the Deputy Product Manager at Cyber Analytics Detection (CAD), she was acting Operations Chief at Product Manager, Army Data and Analytics Platform (ARDAP), where she was responsible for the overall planning, direction, execution, evaluation, and success of day-to-day operations. Before her work at ARDAP, Dr. Jones served as the Assistant Product Manager at CAD. In this role, she was responsible for satisfying the cost, schedule, and performance requirements for two major programs: Cyber Analytics, which manages the Army’s Big Data Platform, and User Activity Monitoring. She oversaw all aspects of the programs including acquisitions, development, testing, systems security, and integration, as well as fielding and sustainment.
In 2016, Dr. Jones was a Project Management Specialist at PEO EIS’s Installation Information Infrastructure Modernization Program (I3MP) where she designed, developed, implemented, and provided oversight and management of the Schedule Management Program. She also served as I3MP’s Integrated Master Schedule Team Lead and Risk Manager. In this role, she led the effort to build the MS Project Server and SharePoint interface capability that served as an authoritative tool for collecting, storing, compiling, integrating, and reporting cost, schedule, and performance data. Additionally, she managed and refined the MS Project Server and SharePoint interface to support the program office’s oversight requirements.
Before coming to PEO, Dr. Jones was Deputy Program Manager at IPKeys, a critical partner for PEO EIS programs. In this role, Dr. Jones provided oversight of the Defense Logistics Agency support team and worked closely with Program Manager to ensure operational efficiency and success. Earlier in her career, Dr. Jones was a Master Scheduler/Team Lead/Acquisition/Program Analyst at Engility Corp and a Program Analyst at Jacobs Technologies.
Dr. Jones has a Bachelor of Arts in Political Science and a Bachelor of Arts in Business Management from Virginia Wesleyan College, a Master of Arts in Management from Regent University, and a Doctorate in Education from Walden University. She currently holds certifications in Security +, Information Technology Infrastructure Library, and Defense Acquisition Workforce Improvement Act Level II Program Management. She is also a Certified Scrum Master and Project Management Professional.
|
 |
PM DCO SOCIAL MEDIA
Cyber Analytics and Detection (CAD)
Cyber Platforms and Systems (CPS)
Programs
Cyber Analytics and Detection (CAD)
Castel Keep (CK)
MISSION:
Develop new cybersecurity capabilities through development and integration of defensive cybersecurity solutions.
DESCRIPTION:
Castel Keep (CK) develops the Special Security component of the capabilities detailed in the Land War Net Intelligence Community Directive to support the Army’s intelligence warfighting function force generation and special security requirements. CK supports the Army Special Security Office oversight and management of the Army Sensitive Compartmented Information program through compliance reporting, standardization of processes, and collection and availability of program information.
SYSTEM INTERDEPENDENCIES:
- N/A
PROGRAM STATUS:
- Continuous Modernization
PROJECTED ACTIVITIES:
- FY24: Awarding of Task Order 3 and attaining FOC with release of v1.4
Castel Keep (CK)
Cyber Analytics (CA)
MISSION:
To broaden cyberspace analytic capability to allow for the comprehensive collection, analysis, and visualization of data stemming from all tiers of the Army’s network enterprise
DESCRIPTION:
Gabriel Nimbus (GN), the Army’s Big Data Platform, is an integrated technology solution that enables data to be aggregated, accessed, and delivered to users via applications and analytics that drive decisions, enhance situational understanding and drive automation while enabling commanders to achieve objectives in and through multi-domain operations. GN provides a common computing solution capable of ingesting, storing, processing, sharing, and visualizing multiple petabytes of data from the DoD Information Network and publicly available commercial and open sources.
SYSTEM INTERDEPENDENCIES:
- None (can deploy on bare metal or cloud)
PROGRAM STATUS:
- Continuous Modernization
PROJECTED ACTIVITIES:
- FY24: This program is in continuous modernization, plan to field Lower Echelon Analytic Platform (LEAP) and LEAP Tactical (LTAC) regional instantiation of GN to the edge
Cyber Analytics (CA)
Threat Emulation (TE)
MISSION:
To identify threat trends, behavior patterns, and tactics, techniques, and procedures associated with relevant portions of the designated network
DESCRIPTION:
Threat Emulation (TE) improves the Army’s security posture by emulating the tactics of our adversaries in a passive manner without causing actual harm to identify gaps in our tools, process and safeguards, and to identify and address potential vulnerabilities.
SYSTEM INTERDEPENDENCIES:
- N/A
PROGRAM STATUS:
- Continuous Modernization
PROJECTED ACTIVITIES:
- FY24: Perform market research to stay informed of new capabilities in this space
Threat Emulation (TE)
User Activity Monitoring
MISSION:
Enable the Army’s Insider Threat (InT) Program to assess, deter, deny, defend, defeat, and evolve against the insider threat.
DESCRIPTION:
The User Activity Monitoring system (UAM) is a software-based, scalable solution that identifies internal risks associated with the theft or misuse of critical, mission essential data. It facilitates the ability to identify insider threats based on evaluation of policy violations and the capture of certain risk behaviors that rate the likelihood of an incident caused by a trusted insider.
SYSTEM INTERDEPENDENCIES:
- None for UAM on-premises; BDP for UAM Cloud & UAM SAP
PROGRAM STATUS:
- Continuous modernization and maintenance of UAM solutions
PROJECTED ACTIVITIES:
- FY24: Transition from an on-premise solution to a cloud environment
User Activity Monitoring
Cyber Platforms and Systems (CPS)
Counter Infiltration (C-I)
MISSION:
Provide mission assurance in support of multi-domain operations against near-peer adversaries to support cyberspace operations at corps and below. This enables cyberspace defenders to continuously monitor, detect and respond to the deception tactics and techniques utilized by adversarial advanced persistent threat (APT) malicious cyberspace activity.
DESCRIPTION:
The Counter Infiltration (CI) capability provides decoy systems, files, credentials and other baits/lures in order to provide early warning and detection. Cyber defenders will use the capability to detect, identify, and respond to adversary interactions with deception countermeasures in defense of the Department of Defense Information Network (DODIN) and the Army (DODIN-A) network.
SYSTEM INTERDEPENDENCIES:
- DODIN-A
PROGRAM STATUS:
- Continuous Modernization
Counter Infiltration (C-I)
Defensive Cyberspace Operations Tools Suite (DCO Tools)
MISSION:
The DCO Tools Suite will facilitate unified land and cyberspace operations across the full spectrum of conflict – from shaping and deterrence to redeployment. It will enable cyberspace defenders and others within the cyberspace workforce to deliver effects within a designated friendly network by executing DCO and cybersecurity tasks as defined in the DOD Cyber Force Concept of Employment and joint/army policies, directives, and instructions.
DESCRIPTION:
The DCO Tools Suite is comprised of prepositioned and tailorable software packages that are integrated and available at all echelons (strategic to tactical) based on mission and threat. Leveraging Commercial-off-the Shelf, Government-off-the-Shelf and Open-Source Software, this capability is essential to Cyber Protection Teams in effectively conducting missions on Cyber Platforms and Systems. The Tools Suite offers economy of force by arming regional and global cyberspace defenders with the ability to augment local cyberspace defense operations organic to supported units.
SYSTEM INTERDEPENDENCIES:
- N/A
PROGRAM STATUS:
- Continuous modernization and prototyping with enhanced technology, and improvements
PROJECTED ACTIVITIES:
- FY24: Operationalize Security, Orchestration, Automation and Response (SOAR) capability; Work with RCCs to establish a baseline of DCO Tools to expand Tools Suite to cover RCCs for SW, Training, Testing and Professional Services; Identify and delivery Supervisory Control & Data Acquisition (SCADA) capability
Defensive Cyberspace Operations Tools Suite (DCO Tools)
Deployable Defensive Cyberspace Operations System (DDS)
MISSION:
Provide operational capability to the Army Cyber Command’s Cyber Protection Brigades allowing for rapid evaluation and response to unexpected and dynamic cyber threats
DESCRIPTION:
The Deployable Defensive Cyberspace Operations System (DDS) is a deployable kit with dedicated compute and storage resources designed to be transported in the overhead compartment of a commercial aircraft. The system has a modular build concept that allows customization by the cyber protection teams to meet mission requirements.
SYSTEM INTERDEPENDENCIES:
- COMPO 1 units connects to DCO-MN to allow remote operations. It also needs a network connection to upload data to Gabriel Nimbus (GN). Now depending on the mission, it will have either one-way ingest from the target network for traffic and network analysis or bidirectional communication to allow certain data to get forwarded to the kit.
PROGRAM STATUS:
- Continuous Modernization
PROJECTED ACTIVITIES:
- FY24: Conduct Operational Assessment of next generation of DDS and prepare for production
Deployable Defensive Cyberspace Operations System (DDS)
Forensics and Malware Analysis (F&MA)
MISSION:
Provide the ability to rapidly triage an incident and place the impacted system back in service. A portable capability enables cyberspace defenders to quickly review information stored on deployed computers in real-time – without altering, damaging, or corrupting the data to support forensic investigations.
DESCRIPTION:
Forensics and Malware Analysis (F&MA) provides the ability to perform forensics analysis locally and remotely in order to detect, identify, and respond to attacks. The capability pushes forensics analysis forward to the Regional Cyber Centers and below in order to perform live box forensics. Live box forensics allows the capture of volatile memory critically needed during an incident response.
SYSTEM INTERDEPENDENCIES:
- AESS, DODIN-A, DDS-M, GDP, GEF
PROGRAM STATUS:
- Continuous Modernization
PROJECTED ACTIVITIES:
- FY24: Continued maintenance and training on F&MA capability, conduct deployment activities to field capability to Cyber Protection Brigade Advanced Threat Analysis & Mitigation cell
Forensics and Malware Analysis (F&MA)
Garrison Defensive Cyberspace Operations Platform (GDP)
MISSION:
Provide operational capability to the Army Cyber Command’s Cyber Protection Brigades allowing for rapid evaluation and response to unexpected and dynamic cyber threats
DESCRIPTION:
The Garrison DCO Platform (GDP) provides the ability to collect, analyze, and store data at line speed (40Gbps+) for use in garrison environments to support remote DCO. The platform also hosts DCO tools/software to allow for analysis to be completed by the Cyber Defender, such as Lower Echelon Analytic Platform (LEAP) and the Unified Security information and event management (USIEM).
SYSTEM INTERDEPENDENCIES:
- GDPv3 and GDPv4 interoperate with the NETCOM Global Enterprise Fabric system
PROGRAM STATUS:
- Continuous Modernization
PROJECTED ACTIVITIES:
- FY24: Implementation of a cloud integrated system capable of reaching down to locations
Garrison Defensive Cyberspace Operations Platform (GDP)
