Air Force seeks to redefine cyberspace
The rapidly evolving landscape of cyberspace, cyber operations and cyber warfare can make it difficult to adequately define and plan for, especially in comparison to the older domains to which the military is accustomed. Unlike air, sea, space and land, cyberspace and its requirements have changed considerably over the years. Now the Air Force is looking to make adjustments to how it is operationalizing cyber.
Top officials speaking Oct. 11 at AFCEA Air Force IT Day in Vienna, Va., said the service is reconsidering how it defines, equips and trains for operations in cyberspace.
“In 2006, the Air Force published a forward-looking document on cyber, but I think we’d all agree now that we started out too big and too ambitious, so we had to narrow our definition,” said Gen. William Shelton, commander of Air Force Space Command. “In hindsight, I think this breadth had the unintended consequence of confusing everyone, including ourselves. And as a service charged with organize, train and equip responsibilities, this kind of definition is especially unhelpful.”
Shelton said the first step is more narrowly defining the domain and the Air Force’s role in cyberspace – including whether to be “full-spectrum,” responsibilities in offense and exploitation and distinguishing top priorities. He also acknowledged that the ways the military delivers mission assurance and buys and equips for cyber operations must evolve from traditional models.
“Just as the environment has changed, I believe our approach needs to change,” he said. “Our industrial-age acquisition system, designed to buy large hardware elements, like ships, airplanes, and vehicles, places cumbersome and, quite frankly, inappropriate requirements on our cyber acquisitions.”
To that end, Shelton said the Air Force is in the process of formally establishing a number of the service’s cyber programs as office Air Force weapon systems, a move he said will help normalize cyberspace operations and improve the system support structure. The service is also working to update science and technology development and investments, as well as reforming acquisition processes to better keep up with cyber speed, he noted.
“We’re working on a multi-tiered approach as an initial strategy. At the base of this strategy, traditional system program offices will be used for foundational capabilities and systems as well as big modifications to existing Air Force network infrastructure,” he said. “We’re also establishing rapid cyber acquisition means for satisfying urgent taskings on the timescale of weeks to months…and developing processes to address gaps or needs that demand attention within hours or weeks.”
Training, education and cyber workforce also is a top issue for the Air Force, and Shelton admitted the Air Force needs to make some changes to the ways it originally staffed for cyber operations.
“Just as we spooked the herd with our DC-to-daylight original definition of cyber, I believe we’ve correspondingly confused ourselves when we transitioned all of our legacy communications professionals into the cyber operations career field,” he said. “With the importance of the cyber domain as a whole, and the critical nature of the technical talent and aptitudes required, the importance of [science, technology, engineering and math] education, in particular, cannot be overstated.”
Shelton wasn’t the only one at the Air Force event to address training and education. Earlier in the day, Air Force CIO Lt. Gen. Michael Basla also said the service must overhaul how it recruits and prepares airmen and reservists for 21st-century operations.
“The way we delivered capabilities in our Air Force in the past was through a [major command-centric] approach, because each [major command] had unique requirements. We can’t afford to do that now for a couple of very important reasons,” Basla said. “Number one, we don’t have the dollars that we’ve had in the past…but most importantly, number two, you can’t achieve the synergistic capabilities of cyber if you’re going to do that from a number of different approaches.”
Shelton acknowledged that with a dearth of skilled cyber professionals in the market, the military has to compete with industry to attract talent – at the same time as the services must work side-by-side with the private sector to develop and field cutting-edge capabilities.
“To sum up in this area of recruiting and retaining, we continue to seek the technical talent, provide them the best initial and advanced training we know how, and also give them superb continuing education along the way,” Shelton said. “My question is simple: will this be enough?”