Strengthening Foreign Infrastructure Resilience for U.S. National Security

U.S. Combatant Commands seek to create partnerships that support U.S. strategic objectives and national security policy. The SEI’s approach to building relationships through cyber capacity building (CCB) is helping to realize their aim.

CCB helps to achieve a national priority to secure access, basing, and overflight (ABO) by protecting foreign critical infrastructure and ensuring the uninterrupted flow of U.S. forces and equipment. Rick Luz, the SEI technical manager for Cyber Mission Readiness, illustrates the importance of CCB with a scenario. “Suppose that U.S. aircraft are flying over the Philippines on a mission to a bad actor nation-state in the area. If we help Philippine armed forces learn to protect their cybersecurity and information environments, they will have the willingness and capability to allow our aircraft to land and refuel.”

In recent engagements with Indo-Pacific Command (INDOPACOM) in the Philippines and Taiwan and with Central Command (CENTCOM) in Bahrain, the SEI applied its Integrated Multinational Cyber Information Sharing and Training Environment (IMCITE) program. Founded on the SEI's open source Crucible technology, this program leverages automation and infrastructure-as-code to provide a high-fidelity, realistic environment for training and rehearsing cyber operators.

SEI engineers Josh Hammerstein, Adam Welle, Nuria Pacheco, and Rick Luz performed an IMCITE engagement with the defense forces of Bahrain. The nation has prioritized cyber capacity building programs, including training on cyber attribution and the framework of responsible state behavior, to strengthen U.S. international partnerships, promote rights-respecting best practices, and defend the stability of cyberspace.

Tailored Cyber Ranges

Standing up a training environment with IMCITE begins with listening and understanding strategic and operational needs. Armed with that insight, SEI experts tailor Crucible, the institute’s open-source application framework for operating a cyber range, to create hands-on cyber training labs, scenario-based rehearsals, and information-sharing capabilities. Whether training an individual, a small group, or a larger cadre, the SEI configures Crucible modular technology to accommodate the need. For example, at an April 2025 readiness event in Bahrain, the SEI provided secure computing resources from its controlled cloud account to provide temporary compute resources for the virtual machines used in a large, table-top event for representatives from Israel, Saudi Arabia, Bahrain, Kuwait, Qatar, and Morocco.

Crucible is a product of continual SEI research and development. Its modular design can be configured for individual, team, or large-scale readiness requirements. As it has evolved, Crucible’s suite of applications has fueled multinational Department of War cyber rehearsals such as Cyber Flag in the 2010s, empowered team-based readiness events that increase the probability of mission success in military organizations, and supported individual and team training for more than 5,800 participants through the President’s Cup challenge series (2019-2024).

Building Relationships

IMCITE team-based rehearsal events build relationships around CCB. In fiscal year 2025 events in the Philippines, Taiwan, and Bahrain, more than 175 people in cybersecurity operator and leadership roles forged relationships that promote cyber and infrastructure resilience. Those readiness rehearsals align SEI CCB events with the congressionally approved Southeast Asia Significant Security Cooperation Initiative (SSCI) requirements calling for high-priority security cooperation activities with partner nations.

Host nations expressed their enthusiasm for the IMCITE program. Generals in the Philippines remained engaged with the platform after the event was completed. Taiwanese participants reported, “We are excited to integrate the IMCITE platform as part of our training organization.” In Bahrain, a colonel in the host country’s defense force noted, "We look forward to integrating the capability into the Combined Middle East Cyber Center.” At the same event, an Israeli Defense Force major commented, “We appreciate the innovative technology of the Crucible platform. We see the potential to emulate portions of our military capabilities to enable hands-on training.”

Left photo: The SEI’s Matt Kaar (second from left) and Dave Tileston (far right) facilitated an IMCITE engagement with the Philippine defense forces. Right photo: Members of the Philippine armed forces gathered with SEI engineers to build the nation’s cyber capacity.

Keeping Ahead of Cyber Priorities

Cyber mission readiness must remain dynamic in an ever-changing threat environment. The IMCITE team keeps ahead by automating infrastructure-as-code technology, integrating its technology with artificial intelligence and learning engineering, and extending IMCITE to other key priorities for advancing allies and partner nations.