Cyber Mission Ready

Virginia's proximity to the federal government and the wealth of private technology leaders headquartered in the Commonwealth have helped its workforce rise to the forefront of the cybersecurity industry. It boasts the second largest cybersecurity workforce in the country, with approximately 80,000 cybersecurity professionals operating within the Commonwealth. Yet Virginia is also home to a unique asset that provides its businesses with a secure operating environment and access to singular skill sets that they can’t develop in-house.

The 91st Cyber Brigade, the Army National Guard’s first and only cyber brigade, has a footprint that spans 31 states, but it is headquartered at Fort Belvoir in Fairfax County. From this location, the brigade oversees training and readiness oversight for cyber units in support of the U.S. Cyber Command, operated by the U.S. Department of Defense (DoD) and Army Cyber Command. Both of these missions — training and readiness — benefit businesses across Virginia.

From Punch Cards to Firewalls

The brigade was stood up formally in 2017, but traces its roots to the Virginia Data Processing Unit, which provided support for the National Guard Bureau Computer Center in the 1970s, when punch cards were state of the art. The unit evolved as risks shifted into the digital world. Today, the 91st Cyber comprises:

• Cyber security companies, which perform vulnerability assessments and offer cybersecurity support

• Cyber warfare companies, which prioritize cyber operations support and pen-testing simulations to evaluate system security

• Cyber protection teams, which protect priority missions and prepare forces for combat

As with any role in the National Guard, participation in the brigade demands part-time service, typically one weekend each month, with the potential for additional training and service. Lt. Col. Melissa Messare, 91st Cyber Brigade officer in charge and battalion commander for the 123rd Cyber Protection Battalion, noted that anyone with interest in cybersecurity is eligible to join the brigade. “We have a number of people in civilian roles, such as software developers or network engineers, who have come into the unit, but you don’t have to have a cybersecurity job in the civilian world in order to join our brigade,” she said. 

For employers working to strengthen their team’s cybersecurity skills, the training that soldiers receive through the Guard can be a tremendous asset. Upon joining the Guard, soldiers receive 10 weeks of basic combat training, as well as 19 weeks of cybersecurity-specific training. “Then they come back and they’re one weekend a month, two weeks a year, part-time soldiers — but they’ve learned skills that are hugely beneficial, both for the Guard and for a civilian company that needs cybersecurity,” Messare said.

“That’s the great thing about the Virginia Army National Guard,” said Col. Gerald Mazur, commander of the 91st Cyber Brigade. “Soldiers can get highly sought-after industry certifications and take those skills back to their employer.”

Developing In-Demand Skills

Through their service, soldiers have an opportunity to gain industry-level certifications such as CompTIA’s Network+ and Security+ and others offered by the SANS Institute. These certifications, in combination with the background checks and security clearances required in some areas of service, make the brigade’s soldiers valuable assets for local businesses.

“Many soldiers are able to align their military career with their civilian skill set,” said Command Sgt. Maj. Scott Rivera-Wenger of the 91st Cyber. Rivera-Wenger holds responsibility for developing the noncommissioned officer corps within the brigade. He added, “If somebody is doing technical work in their civilian job, it makes sense to allow them to pursue that specific specialty within the military and hone their expertise. We get an overall more technical soldier, and on the civilian side, they’re getting certifications that help them.”

Yet an advantage to serving in the Guard is that soldiers don’t gain training solely on technical skill sets. They also gain leadership development.

“One of the challenges I’ve had within Cyber is that everybody wants to focus on technical areas,” Rivera-Wenger said. “That’s very different from the way other branches work. So, part of my work is to develop technical leaders who can lead troops.” Through the Army’s leadership development programs, Rivera-Wenger helps soldiers grow into leadership roles that prepare them for management roles in their civilian life.

The Army National Guard also leads a more intensive training event each summer. The Cyber Fortress exercise in Virginia brings guardsmen together with the professionals who manage critical infrastructure. The two-week exercise provides an opportunity for decision makers to meet and strengthen partnerships as they test the Commonwealth’s cyber response plan in preparation for a real-world cyber incident.

he Virginia National Guard hosted Cyber Fortress 3.0 in Virginia Beach in 2024, bringing together state & federal organizations, including the 91st Cyber Brigade, to conduct an exercise based on historical malicious cyber incidents on U.S. water systems.

Practicing Collaboration 

More than 40 organizations were represented at the 2024 event, with delegates from other states’ National Guards, the U.S. Federal Bureau of Investigation, the U.S. Cybersecurity and Infrastructure Security Agency, the U.S. Marine Corps, federally funded laboratories, and event representatives from Finland, the Virginia National Guard’s (VNG) official partner under the State Partnership Program. The VNG signed a memorandum of understanding with Finland in 2024 to build a partnership focused in part on interoperability defense, including defense against cyber threats.

This broad representation is a key part of what makes the exercise so valuable, Mazur explained. “The most important part about incident response is forming partnerships and knowing who to call and when to call,” he said.

The first week of the event typically features a tabletop exercise targeted toward decision makers. Members of academia and vendors attend to provide insight and training on emerging technology. For example, private companies have brought internet intrusion detection devices, AI-driven monitoring solutions, and microgrids to the event for participants to evaluate. The second week is a “live fire exercise” during which participants practice the response to an attack on state infrastructure. By integrating a hardware-in-a-loop system into the simulation, teams can simulate real-world impact within a virtual network environment.

In the third iteration of the Cyber Fortress in 2024, seven water authorities from across Virginia participated in the exercise. The red team, led by the brigade’s cyber warfare company, based their attack on historic malicious cyberattacks on U.S. water infrastructure, while the blue team defended its network.

Previous iterations of the event have brought guardsmen together with electricity, telecom, and 5G utility providers. Mazur notes that some partners, like Verizon, have participated in multiple events. “A cyberattack on one element of a critical infrastructure sector doesn’t mean there wouldn’t be multiple or simultaneous events affecting others,” he said. As an added bonus, “We actually have folks in the unit in the Virginia Guard who are from Verizon to help facilitate this.”

All this training comes together to make a major impact on state operations and federal missions. At the federal level, soldiers typically are mobilized every five years as part of their mission to support the U.S. Army Cyber Command’s Joint Force Headquarters-Cyber at Fort Eisenhower in Georgia.

“Soldiers who go on those missions are immersed in cybersecurity jobs for the Department of Defense for a one-year period. They gain valuable skills that they may not have access to in the civilian sector,” Messare said. “The feedback we’ve gotten is that it’s been hugely beneficial for civilian employers.”