About AEA-ITT

In 1999, the US Army Europe and Africa (USAREUR-AF G6) established the AEA-ITT Program to provide cost-effective, theater-wide CS and IT training under the Title 10 responsibilities for USAREUR-AF G6 in their Army Service Component Command (ASCC) role to be the executive agency for US Code Title 10 basic services relating to theater communication infrastructure (Network, Telephone, Satellite), and the safeguarding of these services.

Additionally, in 2016, the USAREUR-AF G6 was designated as the Designated Authorizing Official (AO) to assume responsibility for operating systems at an acceptable level of risk for the European Theater. The AEA-ITT program facilitates the ability of the AO to assume acceptable risk for operating systems by improving the technical capability of the workforce. The AEA-ITT was primarily designed to be used by USAREUR-AF G6 and all Department of Defense (DoD) commands/units that are geographically dispersed across the USAREUR-AF G6 Area of Responsibility (AOR).

This included, but was not limited to, the following significant Commands:

  • U.S. European Command (USEUCOM)
  • U.S. Africa Command (USAFRICOM)
  • Special Operations Command Europe (SOCEUR)
  • Network Command (NETCOM)
  • Installation Management Command (IMCOM)
  • U.S. Forces in Europe (USAFE)
  • U.S. Naval Forces Europe (NAVEUR)
  • U.S. Marine Corps Forces Europe (MARFOREUR)
  • North Atlantic Treaty Organizations (NATO)
  • Other individual Commands, activities and tenant organizations that have a presence in the USAREUR-AF G6 AOR

The AEA-ITT Program uses Contractor personnel with appropriate subject matter expertise and certification to provide hands-on training. The training solutions enable the U.S. military to develop and maintain a skilled, competent, and certified Cyber Security professional workforce.

One of the primary goals of the program is to provide virtual training in the USAREUR-AF G6 AOR to reduce CUI // SP-PROCURE Army Europe – Information Technology Training (AEA-ITT) Program III Page 8 of 88 RFP 47QFMA23R0003 Source Selection Sensitive (see FAR 2.101 and 3.104) CUI // SP-PROCURE Temporary Duty (TDY) travel costs. The AEA-ITT Program is a force enabler for personnel to learn new skills, improve existing capabilities, enhance personal and professional development, and provide access to the necessary courses and virtual certification tests which allow personnel to meet Department of the Army (AO) and Department of Defense (DoD) mandated training and certification requirements.

The AEA-ITT Program consists of two training areas:

A. Information Technology Training Program (ITTP): Includes commercially available, DoD-specific and Career Program (CP) 34 career developmental training courses.

B. Cybersecurity Training Program (CSTP): Includes commercially available courses and industry standard certifications that map to the Army’s Cybersecurity requirements under Department of Defense Instruction (DoDI) 8140.02, “Cyberspace Workforce Management,” and applicable U.S. Army Regulations.

AEA-ITT Mission

To Train and Certify the Cybersecurity and Cyberspace Information Technology Workforce in Army Europe by providing DoDD 8140.01 (Cyberspace Workforce Management) Baseline and Computing Environment Training and Certification Services.

Cyber threats are evolving and increasing in complexity as hacking, identity theft, malware, phishing e-mail messages, social engineering, and other sophisticated attacks continue to challenge our national security. We have improved our network defense with the addition of increased hardware and software tools, but complacency  and some indiscipline in our formations still cause an unacceptable number of network-security violations. These violations include connecting unauthorized devices to computers, placing classified information on unclassified networks, and abusing trusted, elevated privileges.

Resilience to cyber incidents begins with the user. Many cyber incidents occur when users fail to comply with AR 25-2 and with the Acceptable-Use Policy (AUP) Agreement they sign to acknowledge their obligation to protect our networks. Commanders  must take personal responsibility for counseling and retraining users when they fail to uphold this obligation. In some instances, violations may result in administrative or punitive action.

The “Commander’s Quick Reference Guide to Defending Cyberspace” (AR 25-2, app F) highlights prohibited network practices, but does not list the consequences  of confirmed network-security  violations. These consequences are outlined in the enclosure.

Cybersecurity  is everyone’s responsibility. We must improve out network defense and remain vigilant. Although the USAREUR-AF G6 is responsible for the technical aspects of defending our networks, commanders of all units at all echelons are responsible for the network security of their units. Simply put, defending our network requires command emphasis and discipline throughout the command at all levels.