How is the Air Force doing at cyber?
To answer the question, a new task force is working to map the service’s networks.
Cyber is in virtually everything the Air and Space forces do, from high-flying weapons to barracks thermostats. But if you asked how well the department’s cyber efforts were going a year ago, no one person had the answer—including the services’ then-brand-new principal cyber adviser.
“On day three, the [Air Force] secretary asked me a question: ‘What is the cybersecurity and cyber defense posture of the enterprise?’ And he was talking [about] everything: weapon systems, critical infrastructure, our networks, our supporting business systems. That's a huge question,” Wanda Jones-Heath told Defense One.
But it is one of the questions that Congress aimed to help answer when it created the military branches’ principal cyber advisor positions in the 2020 National Defense Authorization Act. The advisors are also meant to coordinate cybersecurity efforts in the armed services and advocate for spending changes when needed. But one of the more basic functions of the role is to be able to answer: What is the cyber status of the systems needed to go to war?
In January, the Air Force created Sentinel Stand, a multi-disciplinary task force led by Jones-Heath and dedicated to securing the service’s cyber networks. But first, the group of 100-plus people needed to understand just what those networks consisted of. They decided to focus on the most urgent task: mapping out which bases, systems, networks, assets, and infrastructure would be necessary to fight a war with China.
“We looked at our critical infrastructure on those particular bases in the Indo-Pacom region. We looked at systems that we will need to prosecute the war,” Jones-Heath said, including weapons and operational systems.
Over the next year, Sentinel Stand will work its way through the combatant commands with an eye on mobility challenges in the U.S. Transportation Command and U.S. European Command areas of responsibility.
“The first focus was China and the Indo-Pacom region. We do recognize that we have a lot of COCOMS fighting in a lot of different spaces,” she said, and the goal is to take that model and “replicate that and get a true picture of the rest of the story.”
The task force will keep working on cybersecurity and cyber defense posture, she said, while addressing other areas, including Space Force needs.
“Our satellites are very old, and…in order to win the war, you have to have space superiority along with air.”
The goal is to find and mitigate problems with systems relied on ahead of a conflict because there isn’t much that can be done during a war. For the principal cyber advisor, part of the job is to “certify the adequacy of the cyberspace budget and investments” and make sure money is going to the right programs and not wasted on duplicated efforts.
Jones-Heath said operational technology, including some smart devices like thermostats, and business systems, like the ones that process personnel pay and benefits, will be featured in future budgets as part of cyber defense funding.
The Air Force has older thermostats as well as some that are network-connected or “smart”, as are some of the gas pipelines that lead into bases. As a result, the service is identifying critical operational technology nodes, adding sensors and working to separate them into separate physical networks.
“The adversary will use every possible vulnerability as an attack surface,” she said, noting that it's crucial to understand how those systems connect to the military services’ infrastructure and networks as well as “how the adversary could use that to change the way we react to what they're doing.”
NEXT STORY: DISA faces down procurement challenges