Changing nature of warfare leads Air Force to get proactive

snagfilms-a.akamaihd.netairmen-cyber-malware-051c21c9a077f8bc69ef2fc0af192ee834f61271-1.jpg

The Air Force is expanding a program designed to bring cyber responsibility down the squadron level.

Last year 15 squadrons took part in the Cyber Squadron Initiative, which trains communications teams to manage cyber needs around mission activities. In fiscal 2017 Air Force headquarters will select 15 additional squadrons for the program. In addition, two major commands — Air Combat Command and Air Force Space Command — will together add 15 more to the program, said Maj. Gen. Patrick Higby, director of cyberspace strategy and policy for the Air Force.

“A communications squadron 10 years ago spent up to 90 percent of its time operating and sustaining IT services, and they spent very little time securing and defending those. We want to shift that balance of effort,” Higby said.

The changing nature of warfare is pushing the Air Force to get more proactive on cyber at the squadron level.

“All our weapons systems were designed to act in a permissive cyberspace environment, but we now know that cyberspace is contested and we need to secure the mission in that contested environment,” Higby said.

The 325th Communications Squadron at Tyndall Air Force Base, Florida, has been part of the initiative since 2016, and leaders there say the added cyber training makes a noticeble difference in their readiness levels.

“I had guys who know how to maintain radios, who know how to install software on PCs and work through trouble issues on telephones and routers,” said Capt. Terel Hayes, special missions flight commander for the the 325th CS.
“What I don’t have is people who understand network security monitoring, the boundary defenses. That wasn’t built into the local communication squadron, because those activities tend to be centralized at Air Force network operations centers an echelon or two above where we are,” he said.

The Cyber Squadron Initiative brings those activities down to the local level with training and a toolkit. At the 325th CS six individuals have been part of the cyber training.

The early participants also are helping to develop a master plan that will serve as a template for training for comms teams, introducing them to cyber issues at a high-level view and as a matter of local operations.

“They need an education and then they need actual training,” Hayes said. “That means they need to understand big picture Air Force defense, and they also need to understand how the base is defended by that. They need to know the underlying technologies; they need to know how an intrusion detection works and they need to be able to think like a hacker.”

Program organizers say the effort to mobilize cyber at the squadron level already is yielding substantial benefits, starting with a greater level of awareness around cyber issues. Comms operators already have a more solid understanding of the infrastructure surrounding

Air Force cybersecurity. This in turn leads to better decision-making.

“It’s an order of magnitude higher,” Higby said. “We have wing commanders who are asking the right questions: ‘What do I need to be concerned about in cyberspace? What do we do to secure an industrial control system? Who pays attention to these power feed and infrastructure systems that usually run in the open?’ There has been a dramatic increase in appetite for information about these complexities.”

Leadership at the highest levels of the armed forces has called for just such an expansion of the cyber skill base.

“We need to invigorate the cyber workforce to think creatively about challenges that do not ascribe to traditional understandings of borders and boundaries,” Commander of U.S. Cyber Command Adm. Michael Rogers told the Senate Armed Services Committee in January.

While the aim of the program is to shore up base cyber defenses overall, planners say they are especially eager to align those defenses with mission priorities to find the places where strategic use of cyber talents could help secure vital mission functions.

“With six guys I cannot defend a base network of 10,000 assets, so we really needed to focus on what was important,” Hayes said. “We went from working trouble tickets to doing things like functional mission analysis, focusing on the core mission of air superiority and looking at how the different groups can work together to fulfill the commander’s intent.”

Looking ahead, program participants say the Air Force will need to be highly selective in determining which comms experts participate in an expanded initiative.

“When you are picking your team you have to pick the right people and you have to invest in those people,” Hayes said. “We didn’t pick just any radio technicians.

We picked people with the assets and the interest to learn and to make it work. You have to get the right people on the bus.”