{"id":202229,"date":"2026-03-31T17:26:00","date_gmt":"2026-03-31T21:26:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/31\/commanders-now-responsible-for-cybersecurity-training-after-army-cuts-online-course-requirement-to-once-every-5-years\/"},"modified":"2026-04-04T12:40:42","modified_gmt":"2026-04-04T16:40:42","slug":"commanders-now-responsible-for-cybersecurity-training-after-army-cuts-online-course-requirement-to-once-every-5-years","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/31\/commanders-now-responsible-for-cybersecurity-training-after-army-cuts-online-course-requirement-to-once-every-5-years\/","title":{"rendered":"Commanders now responsible for cybersecurity training after Army cuts online course requirement to once every 5 years"},"content":{"rendered":"

Commanders now responsible for cybersecurity training after Army cuts online course requirement to once every 5 years<\/a><\/p>\n

https:\/\/defensescoop.com\/2026\/03\/31\/army-cybersecurity-training-policy-change\/<\/a><\/p>\n

Publish Date: 2026-03-31 17:26:00<\/a><\/p>\n

Source Domain: defensescoop.com<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n

The Army reduced the frequency of mandatory cybersecurity training to once every five years, according to a policy that went into effect late last month, axing an annual requirement and making individual commanders responsible for preparing their personnel for digital defense.<\/p>\n

The move followed a Sept. 30 memo by Defense Secretary Pete Hegseth directing the military to reduce the time personnel spend on cybersecurity training, with the aim of \u201cenabling our warfighters to focus on their core mission of fighting and winning our Nation\u2019s wars without distraction.\u201d<\/p>\n

Five months later, the Army codified its reduction for training it said was ineffective. Now,\u00a0commanders are responsible for preparing their soldiers and civilians on cybersecurity, according to a senior service official who said the change was intended to give unit leaders more flexibility.\u00a0<\/p>\n

\u201cCommanders are now responsible for assessing the specific cyber risks to their mission and tailoring their unit\u2019s training accordingly,\u201d said Army Chief Information Officer Leonel Garciga in an emailed statement to DefenseScoop Friday. \u201cThis allows them to integrate cybersecurity into their operational training plans in a way that is relevant and effective for their soldiers.\u201d\u00a0<\/p>\n

Cybersecurity experts who DefenseScoop spoke to, both of whom are veterans, said greater command responsibility over digital protection was positive, but they varied on how the Army\u2019s new tack would be implemented. One warned that leaders not already focused on the digital domain likely won\u2019t dedicate time for cyber training beyond their unit\u2019s primary mission.\u00a0\u00a0<\/p>\n

Without a yearly requirement, continuity between leadership changes becomes increasingly vital. Both emphasized how critical cybersecurity has become given a changing, high threat environment during the Iran war, and amid constant digital incursions from other state actors such as China and Russia.\u00a0<\/p>\n

The annual Defense Department training, called the Cyber Awareness Challenge, would not have adequately prepared troops for those threats, according to one of the cyber experts. The success of the Army\u2019s new program \u2014 which also leans on web-based training \u2014 remains to be seen, and hinges on commanders\u2019 ability to implement it effectively.<\/p>\n

The service publicized the Feb. 27 memo about the initiative on Thursday as the U.S.-Israeli war with Iran marked its fourth week. The conflict has set off multiple digital attacks on American entities from Tehran-linked proxies and heightened warnings from experts over cybersecurity.<\/p>\n

Retired Rear Adm. Mark Montgomery, senior director of the Center on Cyber and Technology Innovation at the Foundation for Defense of Democracies, said that a once-every-five-year cyber requirement \u201cis unusual and probably a little riskier than one would expect in an agency that\u2019s under constant foreign adversary attack.\u201d<\/p>\n

Top officials have said military operations under the Trump administration over the last year have ushered a \u201ccultural shift\u201d for the digital domain as U.S. cyber entities become increasingly involved in those missions. Iran, regarded by federal agencies as having a capable \u201chacktivist\u201d network, has wrought its own cyber turmoil against the U.S. in recent weeks.\u00a0<\/p>\n

Medical device manufacturer Stryker reported a cyberattack earlier this month that wiped company data, and a Tehran-affiliated group said it carried out the strike. The same Iran-linked hackers reportedly accessed FBI Director Kash Patel\u2019s personal email last week, posting some materials online. The bureau is offering a $10 million reward for information that leads to information about the group, known as the Handala Hack, or Handala.<\/p>\n

Beyond direct attacks, the war has flushed the online space with confusing or outright false information that can directly affect service members. Experts said that cybersecurity is often viewed too narrowly, but is closely tied to information warfare by adversaries that\u2019s been made increasingly easy with AI and cryptocurrency.<\/p>\n

Just days after the conflict began, DefenseScoop reported about a suspicious message circulating in units across the force and on social media. The message purported to be from U.S. Cyber Command, warning troops to turn off location services and that multiple commercial apps were compromised.<\/p>\n

While the origin of the message remains unclear and has not been tied to nefarious actors, officials told the publication that the command never sent it. It spread through various official and unofficial military channels, causing confusion over its authenticity within the ranks.<\/p>\n

Garciga said that the service\u2019s latest approach to cyber training is geared toward the slew of complex threats emanating from the war.\u00a0<\/p>\n

\u201cThe Army\u2019s new approach is specifically designed to be more agile and effective in heightened threat environments like the one surrounding Operation Epic Fury,\u201d Garciga said. \u201cRather than relying on a one-size-fits-all annual training model, empowering commanders allows for a more rapid and tailored response to emerging threats.\u201d<\/p>\n

He said that, for example, if intelligence detects increased phishing attacks or social engineering threats related to the operation, commanders can \u201cinstantly direct their unit to conduct targeted training on that specific threat.\u201d<\/p>\n

Moving away from the \u2018butt of all jokes\u2019\u00a0<\/p>\n

While the baseline requirement for the military\u2019s Cyber Awareness Challenge \u2014 which has long been the \u201cbutt of all jokes\u201d among troops, according to one cybersecurity expert \u2014 is every five years for the Army, Garciga said, commanders can decide to employ \u201cmore frequent or specialized\u201d training based on their units\u2019 situation, systems or \u201cthreats they face.\u201d<\/p>\n

Montgomery said units already focused on cyber may embrace the new directive to tailor such training for their own personnel and operations, but those that aren\u2019t likely won\u2019t. Infantry or armor units, for example, are already busy with tasks related to their core roles.<\/p>\n

\u201cThat\u2019s not going to happen,\u201d he said. \u201cIf you have extra training time, you usually apply it to your primary mission.\u201d<\/p>\n

Many soldiers who have been forced to click through online training will likely welcome slashing the Cyber Awareness Challenge, which for years saw virtual avatars named Tina and Jeff quiz troops through various scenarios related to phishing scams, ID protection and network security, for example.<\/p>\n

Garciga said the change shed a \u201ccompliance-based, check-the-box exercise\u201d for a program that \u201ctrusts our leaders on the ground to make informed decisions, ensuring our soldiers\u2019 time is spent on training that directly contributes to their readiness and lethality, rather than on redundant administrative tasks.\u201d<\/p>\n

Retired Col. Sarah Cleveland, a former Air Force cyber officer and senior director of federal strategy at ExtraHop, said yearly online courses couldn\u2019t keep up with how quickly digital threats are forming, and a new generation of tech-savvy troops is likely more attuned to the cyber risks they\u2019ve grown up around online compared to older counterparts.<\/p>\n

\u201cThe threat vectors and the threat surface are so big and changing so quickly that to think annual training is going to prepare somebody for that is crazy,\u201d she said. \u201cI think this is part of the whole work smarter, not harder [philosophy] \u2014 use the smart people that you have, empower them to do their job.\u201d<\/p>\n

For its part, the Army \u201cfound no relational improvement difference in cybersecurity outcomes between the annual training and other less burdensome forms of awareness,\u201d according to Garciga. He said the new method means cyber training is not separate, but \u201cbuilt into the fabric of our operational readiness.\u201d\u00a0<\/p>\n

How commanders work cyber training into that fabric, how they standardize it after they leave leadership, and how the Army will track outcomes of this new program down the line could prove consequential.<\/p>\n

Garciga pointed to \u201ca robust catalog of cybersecurity resources that commanders can leverage at any time to meet their specific needs,\u201d but did not specify which resources he was referring to. Army spokesperson Maj. Sean Minton said that catalogue included cyber courses on the Joint Knowledge Online, or JKO portal. That training is also web-based, as the name suggests.\u00a0<\/p>\n

Montgomery said the annual course had the opportunity to be effective, but online training in general doesn\u2019t work well without hands-on instruction from dedicated staff.<\/p>\n

\u201cWith online training, the effectiveness is in the hands of the customer,\u201d he said. \u201cThat\u2019s always a risk, whether it was a five-year periodicity, one-year periodicity, whether the [commanding officer] is responsible or the big Army\u2019s responsible \u2014 in all cases, there is a risk with online training that people who just aren\u2019t interested remain not interested.\u201d\u00a0<\/p>\n

Both Montgomery and Cleveland noted that continuity could prove to be a difficult factor under the new program. Commanders rotate out of leadership often (more frequently than the five-year online training requirement), meaning one leader might view cybersecurity as less important than the previous one and therefore not prioritize it.<\/p>\n

And while ineffective at combatting evolving cyber risks, according to Cleveland, annual training provided a semi-frequent touchpoint for services to assess a level of cyber readiness and its correlation to digital threats. How the Army intends to track the outcomes of the new program was unclear.<\/p>\n

\u201cThis strategy ensures that our cybersecurity posture is not static,\u201d Garciga said. \u201cIt is an active, operational function of command that is directly tied to the mission. By giving commanders the autonomy to manage cyber risk, we enable them to better protect their formations and increase their lethality in any environment, especially when the cyber threat is high.\u201d<\/p>\n

\t\t\tWritten by Drew F. Lawrence
\n\t\t\tDrew F. Lawrence is a Reporter at DefenseScoop, where he covers defense technology, systems, policy and personnel. A graduate of the George Washington University\u2019s School of Media and Public Affairs, he has also been published in Military.com, CNN, The Washington Post, Task & Purpose and The War Horse. In 2022, he was named among the top ten military veteran journalists, and has earned awards in podcasting and national defense reporting. Originally from Massachusetts, he is a proud New England sports fan and an Army veteran.\t\t<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Commanders now responsible for cybersecurity training after Army cuts online course requirement to once every…<\/p>\n","protected":false},"author":1,"featured_media":202230,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/defensescoop.com\/wp-content\/uploads\/sites\/8\/2026\/03\/armycybertraining-e1774987700909.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,29,25],"class_list":["post-202229","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-network-security","tag-phishing"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/202229"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=202229"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/202229\/revisions"}],"predecessor-version":[{"id":202231,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/202229\/revisions\/202231"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/202230"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=202229"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=202229"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=202229"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}