Pentagon eyes 3-year cyber training requirement, overriding new Army policy

Utah Army National Guard Chief Warrant Officer Nate Kruse, cyber warfare technician assigned to the 174th Cyber Protection Team, analyzes data from a cyber attack during Exercise Wolverine at Roland R. Wright Air National Guard Base, April, 30, 2026. (Utah National Guard photo by Sgt. 1st Class Nathan Baker)

By Drew F. Lawrence • May 07, 2026

The Pentagon plans to require service members to complete cybersecurity training once every three years, DefenseScoop has learned, a move that will scrap an annual mandate and is set to upend the Army’s recent shift to a five-year requirement.

In a Sep. 30 memo, Defense Secretary Pete Hegseth directed the military to “restore mission focus” by reducing, consolidating or eliminating a slew of mandatory courses, such as cybersecurity training, that he said were distracting from the military’s core job of fighting wars.

Hegseth did not specify by how much the services should “relax the mandatory frequency” of cybersecurity training, and by February, the Army issued its own directive that required soldiers to take the course once every five years instead of annually, DefenseScoop reported.