Air Force paints a digital future where data from satellites play central role

Sur le même sujet

• 

  11 janvier 2021 | International, Aérospatial, Naval, Terrestre, C4ISR, Sécurité

  CEO of BAE Systems: Overcoming hardships for a better year

  By: Charles Woodburn The beginning of 2020 was an exciting time for our company; we had just announced we would acquire two high-performing new businesses out of the Raytheon and United Technologies Corporation merger. None of us could have predicted that just weeks later, the majority of our 88,000 employees around the world would be working from home as, like so many companies, we grappled with the unprecedented impact of a global pandemic. Like all businesses, we've experienced challenges this year, especially in the areas that support civil aviation. We've had to adapt and make difficult decisions, but thanks to the actions we've taken to enhance the resilience of our business and the remarkable fortitude of our people, we've continued to deliver on our customers' priorities while keeping our people safe. While COVID-19 clearly caused disruption in the second quarter, since then most of our defense businesses have been operating with well over 90 percent of employees working. The willingness of our customers to maintain cash flow into our businesses also enabled us to support our suppliers — including small and medium-sized companies — through the pandemic. Collaborative partnership with our customers has been essential to the defense industry's ability to press ahead over the past year. It remains essential as we move forward through 2021 and face an uncertain global environment with complex threats. It's only by industry and government working closely, understanding each other, and maintaining trust that we'll be able to innovate quickly to outpace the threats. As governments commit to increased spending on defense in countries such as Australia, the U.K. and several European nations, the defense industry must rise to the challenge. Our sector not only provides critical capability for a nation's security — we deliver real benefits to the economy by sustaining and creating highly skilled jobs through investment in research and technology and through exports. I strongly believe we can have a key role to play in restoring the economies of the countries in which we operate. For our part in 2021, we'll continue to invest in skills and in new technologies that are vital to maintaining our strong positions on next-generation capabilities across the air, maritime, land and cyber domains. In the U.S. market, we continue to stay well-aligned to the U.S. National Defense Strategy and are investing heavily in modernizing facilities and using new technologies. For example, we're deploying new virtual manufacturing and robotic welding in our combat vehicle production. While the new administration's priorities are not yet clear, we expect to stay well-aligned, given our work focused on combat vehicles, precision-guided munitions, naval ship repair and modernization, electronic warfare, hypersonics, space resilience, and security. In the U.K., the announcement of increased funding for the Ministry of Defence provides welcome stability. The submission of the outline business case for Tempest at the end of 2020 was another significant step in this hugely exciting project to deliver a next-generation future combat air system. Working with our partners and supply chain, we're using cutting-edge technologies to transform how we design, develop and manufacture, helping to reduce time and cost. We'll ramp up the number of people we have working on the program through 2021, including apprentices and graduates, as part of our commitment to recruit 1,250 trainees across the U.K., despite the pandemic. In Australia, we're excited to have begun work on the prototype for the Hunter-class frigate — an Australian version of the U.K.'s Type 26. We recently recruited the 1,000th Hunter employee and expect to recruit up to 1,000 more people, including apprentices and graduates, in 2021 as the program continues to ramp up. Working with our partners and customer, we're supporting Australia to develop its sovereign defense capability to deliver on the country's recently published 10-year defense strategy. It's been a challenging year of trying to stay connected while maintaining physical distance; the inability to travel to our businesses around the world and meet our people and our customers is something I've found frustrating at times. But if we continue working closely with our partners to use the lessons we've learned in 2020, particularly regarding our agility, resilience and efficiency, this industry can play an increasingly important role in restoring our battered economies, while keeping citizens safe and economies prosperous. Charles Woodburn is the CEO of BAE Systems. https://www.defensenews.com/outlook/2021/01/11/ceo-of-bae-systems-overcoming-hardships-for-a-better-year/

• 

  11 juin 2020 | International, Aérospatial, Naval, Terrestre, C4ISR, Sécurité

  Defense bill to include billion dollars for pandemic response and preparedness

  By: Joe Gould WASHINGTON ― A key House Democrat will propose a billion-dollar pandemic response and preparedness fund in the annual defense policy bill, Defense News has learned. The bill would help boost production of key medical equipment sought by states amid the country's fight against the coronavirus pandemic. House Armed Services Committee Chairman Adam Smith, D-Wash., will include the measure in his committee's version of the 2021 National Defense Authorization Act as a means to strengthen the Department of Defense and the country's ability to respond to a potential COVID-19 resurgence and other future infectious diseases, according to a House aide familiar with the proposal. The proposal comes as Smith and other Democrats have criticized President Donald Trump as neither sufficiently marshaling American industry to produce medical equipment like swabs, masks and ventilators, nor coordinating with states on their needs. Still, Trump has partially invoked the Defense Production Act, and the Pentagon has had a central role awarding millions of dollars in contracts to address shortages for these items. “Looking forward, I intend to include in this year's National Defense Authorization Act an effort to proactively look beyond the response to COVID-19 and increase preparedness and resilience for future pandemics,” Smith said in prepared remarks for Wednesday's HASC hearing on the DoD's efforts to mitigate the effects of the coronavirus pandemic. The U.S. military, Smith said, “has a unique ability to lead” in efforts to ramp up domestic production of key equipment, “given its experience in acquisition and stockpile management that has already been a deep resource to the federal government response.” At that hearing, Undersecretary of Defense for Acquisition and Sustainment Ellen Lord is expected to testify that the DoD's Joint Acquisition Task Force has executed $284 million of a planned $312 million for medical resources ― and that there have been challenges in reducing America's dependence on overseas suppliers. “Reconstituting domestic production or creating new production that shifted offshore years ago often requires capital equipment expenditures, retooling, and re-training of the workforce,” Lord said in her prepared testimony. “It can be months before a supplier is fully capable of producing components or end-items at scale, and these timelines are taken into account when reviewing projects to ensure production increases align to prospective needs of medical items.” Major elements of Smith's proposal will aim to strengthen the small business supply chain for essential gear like personal protective equipment; improve the DoD's ability to rapidly acquire and manufacture response supplies using the organic industrial base; and increase DoD research funding for infectious disease detection, treatment and response technologies. Details of the proposal are expected to be released publicly with the bill in late June. The billion dollars for the fund would come from unspecified, “lower priority accounts” in the NDAA, the aide familiar with the proposal told Defense News. (The House and Senate are each expected to propose a $740 billion bill, in line with the most recent bipartisan budget agreement.) “The monies in this fund were identified through routine reviews of [the president's fiscal 2021] budget requests. The COVID crisis has made clear the need for a more aggressive effort to prepare for and enhance resilience in the face of future pandemics,” the aide said. “The approximate $1 billion is less than one-seventh of a percent of the overall DoD budget [request].” If passed into law, the legislation would seem to hand the Defense Department a mission of supporting domestic health care, which falls outside of its traditional responsibilities, said Todd Harrison, a defense budget analyst with the Center for Strategic and International Studies. “It's not been a core area for DoD, but the reason people tend to turn to DoD in times like this is the military has the manpower and logistics infrastructure to mobilize and bring a lot of people to a problem very quickly: Do contact tracing, do testing, set up field hospitals,” Harrison said. “Plus, the NDAA is a must-pass piece of legislation every single year, so if you want something funded, you put it in and it will at least get a vote.” The Trump administration has been criticized for a delayed response to the outbreak and a lack of organization in providing tests and medical supplies. Smith, who steers the House version of the NDAA, has telegraphed for weeks that he might pursue action. He has already sent Trump a letter, signed by himself as well as House Energy and Commerce Committee Chairman Frank Pallone, D-N.J., and House Homeland Security Committee Chairman Bennie Thompson, D-Miss., calling for a clear federal strategy to procure medical supplies and the aggregation of the country's needs. “100,000 deaths in the U.S. from #COVID19,” Smith said in a May 27 tweet. “Yet we still do not have an adequate national testing plan. We are still failing to use the full force of the Defense Production Act to produce the supplies we need.” On July 1, HASC is expected to mark up its version of the NDAA. The Senate Armed Services Committee this week began closed-door consideration of its version of the NDAA, which is typically reconciled with the House's bill. Because the NDAA is the authorization bill, Congress would have to follow suit in appropriations bills for Smith's forthcoming pandemic response and preparedness proposal to receive funding. https://www.defensenews.com/congress/2020/06/10/defense-bill-to-include-billion-dollars-for-pandemic-response-and-preparedness/

• 

  13 juillet 2020 | International, C4ISR, Sécurité

  Making DoD Security Operations Centers More Effective: Security Automation

  Security orchestration, automation, and response (SOAR) software frees DoD analysts to apply cognitive skills to actually fixing problems. By SPLUNKon July 10, 2020 at 6:39 PM The Defense Department's most recent National Defense Strategy (NDS) describes a complex military environment characterized by increased global disorder, a decline in the long-standing rules-based international order, myriad threats from rogue states like Iran and North Korea, great power peers like China and Russia, malicious hackers, and terrorists in places like Yemen. One of the military domains where this dynamic is most evident is cyberspace, where bad actors arguably have comparable or better cyber capabilities than us. “This increasingly complex security environment is defined by rapid technological change, challenges from adversaries in every operating domain, and the impact on current readiness from the longest continuous stretch of armed conflict in our nation's history,” the NDS states. “In this environment, there can be no complacency—we must make difficult choices and prioritize what is most important...” More cybersecurity threats mean more cyberattacks on DoD networks. Essye Miller, former principal deputy for the DoD CIO, said recently that attacks on department networks are surging and that the attack surface is expanding as adversaries target DoD employees working from home during the coronavirus pandemic. This surge in cyberattacks means that analysts working in DoD information security operations centers (SOCs) are being bombarded with security alerts. With so many events, it's hard for them to differentiate true alerts from false ones, and to determine which events are priorities to address immediately. Through no fault of their own, they end up chasing their tail when their time could be better spent on mission-critical activities that directly support warfighters. The solution for this domain is automation. While popular in commercial software segments for years—including SalesForce automation, marketing automation, human resources automation, and IT automation—DoD security teams are just beginning to realize the benefits of what's known as security orchestration, automation, and response. The Value of Security Automation “Automation is nothing new to the military. The Defense Department is making great inroads into DevSecOps, for example,” explained Drew Church, senior security advisor at Splunk, referring to an agile software development process where software is quickly developed, tested, and improved over weeks and months rather than years. “A key, fundamental concept of DevSecOps is automation. The point of automation in DevSecOps is to bring together different technologies, tools, people, and processes to develop code and get it out to the war fighter more rapidly. “Automation provides that same capability inside IT operations procedures, security operations procedures, and other business processes,” said church. “It does this in a reliable and repeatable fashion every time, and at speed and scale.” Splunk's SOAR solution is called Phantom. It helps security teams work to identify, analyze, and mitigate threats facing their organizations. It can be used to improve efficiency, shorten incident response times and reduce the growing backlog of security incidents, even when there's a shortfall of DoD security personnel to analyze the volume of daily security alerts. Phantom does so by integrating teams, processes, and tools, and by automating tasks, orchestrating workflows, and supporting a range of SOC functions to include event and case management, collaboration, and reporting. In essence, it frees SOC analysts of the usual Tier I-type activities of gathering data from the security information and event management (SIEM) platform, prioritizing these alerts, performing triage to determine if an alert is real or a false alarm, configuring and managing security monitoring tools, and generating trouble tickets. Instead, Splunk Phantom lets them spend more time on the value-added work of Tier II SOC analysts. This includes actually investigating the trouble tickets, responding to incidents, and leveraging threat intelligence to better understand the threat and be proactive rather than reactive. “Focusing on the bureaucracy of security rather than the actual doing of security limits the effectiveness of security analysts,” said Church. “Better to free them of the tasks that can be easily automated like reviewing IP addresses, domain names, and URLs so that they can be force multipliers in conducting the thoughtful work needed to protect DoD networks. “That automation is done for them in Phantom. It let's analysts focus on investigating and taking remediation or mitigation steps as appropriate. Where humans excel is in actually thinking through a problem. Copying and pasting from websites, emails, and reports is not the most effective use of a highly paid, resource-limited talent pool.” Integration With Existing SOC Tools SOC analysts make their decisions by gathering information. They sometimes review classified military intelligence, but usually they look at a lot of open-source information and data from commercial off-the-shelf products from myriad providers of cybersecurity threat intelligence products. Some of the common ones that are relevant to the Defense Department include: McAfee's ePolicy Orchestrator, which the DoD refers to as Host Based Security Systems (HBSS); and Tenable's Security Center, which is known inside the DoD as Assured Compliance Assessment Solution (ACAS). Splunk Phantom has more than 300 out-of-the-box integrations with products like HBSS and ACAS. “Being integrated with each of those products permits the analyst to get the information they need without having to go to another browser window, or another tab, or a different computer,” said Church. “Phantom automatically brings all that data to the analyst. That takes somebody who spends most of their time copying information from page A into system B and lets them make more rapid and accurate determinations about the threat.” Through the use of APIs (application programming interface), that same integration is also found with government off-the-shelf (GOTs) solutions that haven't before been integrated with Splunk Phantom because there was never a request to do so. The same goes for a custom app created by a DevSecOps shop like the Air Force's Kessel Run project in Boston, for example. Automating these vital but drudgerous processes also pays dividends during both staffing shortfalls and times of surge, and brings consistency to SOC activities. Military service members are constantly rotating and changing duty stations; senior leadership turns over regularly. Contractors have to be relied upon to provide continuity from tour to tour. That means that SOC processes that were well oiled on a Monday may no longer be operating smoothly on Friday because of a change of command. Or maybe there is a compelling event that grabs everyone's attention. Or possibly there are legal or policy requirements that need to be addressed, and though they don't add mission value they still must be completed. Automation by Splunk Phantom smooths out the bumps associated with those all-to-common scenarios by keeping the flow of vital data moving to where it can be acted upon best. “The computer's running the marathon for you so that you are free to sprint and swarm on the problems that need the most resources at any particular time,” said Church. The Takeaway For security analysts, incident handlers/responders, IT operations managers, security operations managers, and forward-leaning business process experts, Splunk Phantom is all about removing barriers so people can get back to accomplishing the mission, maximizing productivity of skilled personnel and organizations. “For anybody that has a business process, a mission process, an IT operations process, or a security process and wants to free those skilled workers to get back to what you brought them onboard to do, we can help you with that,” said Church. “We do that through orchestration, we do that through automation. We bring in collaboration, and we're able to do that at scale because of the value that a company like Splunk brings to the table. By being able to have a rich ecosystem of partners and support across the board, we're able to do that even with differences from organization to organization.” Splunk Phantom addresses technology-based processes, and orchestrates and automates those processes to get people back to doing what they do best. https://breakingdefense.com/2020/07/making-dod-security-operations-centers-more-effective-security-automation/