British Army pulls up its SOC: New regiment to do infosec work even civvies will recognise
That's Systems Operating Centre to you. Chuffed with that, says Royal Signals brigadier
The British Army has raised a new regiment that will take charge of its in-house security operations centre, a move calculated to make cyber defence a more mainstream part of all things armed and camouflaged.
The 250-strong 13th Signal Regiment was formally "stood up"* on 1 June at Blandford Forum, the Dorset HQ of the Royal Corps of Signals.
Defence secretary Ben Wallace said in a canned statement: "Cyber-attacks are every bit as deadly as those faced on the physical battlefield, so we must prepare to defend ourselves from all those who would do us harm and 13th Signal Regiment is a vital addition to that defence."
The Ministry of Defence stated that 13 Sigs will "provide the basis of the new Army Cyber Information Security Operations Centre, focusing on the protection of Defence's cyber domain."
As well as bringing together IT-skilled soldiers from other Army regiments and corps, Royal Navy and RAF personnel are also part of 13 Sigs' order of battle.
Brigadier John Collyer, Commander 1st (UK) Signal Brigade, praised the expansion of the Royal Signals as "an exciting step forward" in the military's drive to boost its "potency and resilience in the information environment and cyber domain."
13 Sigs joins an ever-expanding roster of military units with "cyber" in their job descriptions, not least the infamous and slightly odd 77 Brigade.
Among other things, 13th Signal Regiment will focus at least part of its output on the CyISOC with the Royal Signals' existing 233 (Global Communications Networks) Squadron being transferred to 13 Sigs' command. That sub-unit, according to a Facebook description from a couple of years ago, is "at the forefront of the development of Legacy Blue Sustain (LBS) rollout and the introduction of the Army Cyber Information Systems Operating Centre (CyISOC)."
An old job description for a civilian CyISOC events manager reveals that it shares a fair bit in common with civilian Security Operations Centres.
Along with 233 Sqn will be 259 Sqn, making up another third of 13th Signal Regiment. A "Level 3" support outfit, this sub-unit also has the job of testing proposed new Army network infrastructure kit; one of its three troops is the Communication and Information Systems Trials and Development Unit, which sounds far less exciting** than the Royal Armoured Corps' equivalent, the Armoured Trials and Development Unit.
13 Sigs' third squadron will be a new formation, taking the identity of a former sub-unit with links to GCHQ. 224 Sqn was last on the Army's books between 2003 and 2009 as a tri-service organisation concerned mainly with collecting signals intelligence on behalf of Britain's national eavesdropping agency, doing its business in Iraq, Afghanistan, Bosnia, Sierra Leone and other notable places from recent UK military history.
The new regiment builds on moves last publicly made in 2018, when then-defence secretary Gavin Williamson called upon techies to join the Army. With a unit now squarely dedicated to traditional infosec organisational defence with a smattering of IT support plus grey hat work, perhaps the well-known shortage of skilled infosec personnel in the Army might become less of a problem in coming years. ®
* In days of yore, one spoke of "raising" a unit of soldiers. Through good old linguistics that verb is now to stand up, which makes it sound like several hundred of Her Majesty's finest have missed out on a high school date.
** El Reg is, of course, quite aware of what happens when untested kit is deployed into live production environments full of people who tend to all say "what does this button do?"