Study Highlights Untapped Potential of National Guard in Cyber Missions

National Guard cyber forces can support certain national defensive cyber missions under Title 32 authorities, according to new research, signaling expanded opportunities for reserve components in cyber operations.

The study examines a key question posed by the War Department and intelligence community: what role can National Guard forces play in cyber operations? The findings suggest few statutory or policy constraints limit Guard support to DOW cyber missions, David Schroeder, director of National Security Initiatives at the University of Wisconsin, told GovCIO Media & Research.

Title 32 Constraints

Title 32 of the U.S. Code is the authority Guard units operate under when they are in drilling status. This requires units to drill one week a month and two weeks a year to maintain skills and proficiencies.

National Guard cyber protection teams (CPTs) mobilize for active duty under Title 10. In this status, they have the same capabilities as federal active duty cyber forces. This allows guard cyber forces to serve as a surge force to augment active duty units.

However, cyber operations are more than just IT management or cybersecurity. Schroeder contended that cyberspace is its own warfighting domain with offensive, defensive and support components. To be effective, CPTs must train to the same readiness levels as active duty cyber teams.

Units operating under Title 32 are limited in their actions. They cannot go on offensive cyber operations against a foreign adversary in this status. But there are areas, such as defensive operations, where the guidelines are not clear.

“What about assisting DOW customers here in the United States with their missions?” Schroeder asked.

This would have add-on benefits such as providing guard personnel with real-world operational experience. It would also give personnel a sense of pride in contributing to the mission, which can help with important non-cyber issues such as recruiting and retention, he said.

Wisconsin’s Example

Schroeder’s study cites the Wisconsin National Guard’s Federated Cyber Program as a use case. It is based on the Federated Intelligence Program (FIP) used by Army National Guard intelligence units. FIP allows intelligence soldiers to conduct intelligence work for DOW entities, such as combat commands or combat support agencies, on their Title 32 mandated drill weekends.

“Instead of just doing practice intelligence briefings or products, you’re using your skills, your craft, to create real intelligence products responsive to a national requirement and then providing that to a national customer,” he said.

The program has been active since 2021 and has successfully served a federal customer by delivering cyber products similar to the FIP model, Schroeder explained.

Tapping Deep Expertise

The National Guard’s dual state and federal mission positions it as a unique cyber workforce, with more than 4,000 personnel bringing private-sector expertise into military operations. Many Guard cyber specialists hold civilian roles in cybersecurity and IT, allowing them to apply current, real-world experience to mission needs, Schroeder said.

Schroeder said one near-term application for Title 32 cyber forces includes state-led incident response. Governors can mobilize Guard units to defend against or recover from cyberattacks affecting state or local infrastructure.

Under existing policy, Guard units can support DOW operations ranging from incident response to training. One issue is that Title 32 does not specifically lay out cyber doctrinal issues, which is where the confusion about roles and responsibilities lies. That ambiguity has contributed to hesitancy in expanding operational use, Schroeder said.

Schroeder said change will move at its own pace because large organizations like the DOW are conservative about adopting new policies. But he added that many of the aspects highlighted in the study are already in place and being used by the FIP.

Congress is also examining broader cyber readiness questions. He noted that in the fiscal year 2026 National Defense Authorization Act discusses integrating reserve component cyber forces into the DOW’s broader cyber mission force.