General Dynamics Mission Systems to Provide Search and Rescue Prototype Radios to the Joint Force

Sur le même sujet

• 

  30 septembre 2020 | International, C4ISR, Sécurité

  The DoD needs data-centric security, and here’s why

  Drew Schnabel The U.S. Department of Defense is set to adopt an initial zero-trust architecture by the end of the calendar year, transitioning from a network-centric to a data-centric modern security model. Zero trust means an organization does not inherently trust any user. Trust must be continually assessed and granted in a granular fashion. This allows defense agencies to create policies that provide secure access for users connecting from any device, in any location. “This paradigm shift from a network-centric to a data-centric security model will affect every arena of our cyber domain, focusing first on how to protect our data and critical resources and then secondarily on our networks,” Vice Adm. Nancy Norton, director of the Defense Information Systems Agency and commander of the Joint Force Headquarters-Department of Defense Information Network, said at a virtual conference in July. How does the Pentagon's AI center plan to give the military a battlefield advantage? The Pentagon's artificial intelligence hub is working on tools to help in joint, all-domain operations as department leaders seek to use data to gain an advantage on the battlefield. Andrew Eversden To understand how the DoD will benefit from this new zero-trust security model, it's important to understand the department's current Joint Information Environment, or JIE, architecture; the initial intent of this model; and why the JIE can't fully protect modern networks, mobile users and advanced threats. Evolving DoD information security The JIE framework was developed to address inefficiencies of siloed architectures. The goal of developing a single security architecture, or SSA, with JIE was to collapse network security boundaries, reduce the department's external attack surface and standardize management operations. This framework helped ensure that defense agencies and mission partners could share information securely while reducing required maintenance and continued infrastructure expenditures. Previously, there were more than 190 agency security stacks located at the base/post/camp/station around the globe. Now, with the JIE architecture, there are just 22 security stacks centrally managed by the Defense Information Systems Agency to provide consistent security for users, regardless of location. “This paradigm shift from a network-centric to a data-centric security model will affect every arena of our cyber domain, focusing first on how to protect our data and critical resources and then secondarily on our networks,” Vice Adm. Nancy Norton, director of the Defense Information Systems Agency and commander of the Joint Force Headquarters-Department of Defense Information Network, said at a virtual conference in July. To understand how the DoD will benefit from this new zero-trust security model, it's important to understand the department's current Joint Information Environment, or JIE, architecture; the initial intent of this model; and why the JIE can't fully protect modern networks, mobile users and advanced threats. Evolving DoD information security The JIE framework was developed to address inefficiencies of siloed architectures. The goal of developing a single security architecture, or SSA, with JIE was to collapse network security boundaries, reduce the department's external attack surface and standardize management operations. This framework helped ensure that defense agencies and mission partners could share information securely while reducing required maintenance and continued infrastructure expenditures. Previously, there were more than 190 agency security stacks located at the base/post/camp/station around the globe. Now, with the JIE architecture, there are just 22 security stacks centrally managed by the Defense Information Systems Agency to provide consistent security for users, regardless of location. Initially, the JIE was an innovative concept that took the DoD from a highly fragmented architecture, in which each agency managed its own cybersecurity strategy, to an architecture in which there is a unified SSA. However, one of the early challenges identified for the JIE was managing cloud cybersecurity as part of the SSA. The components in the JIE — the Joint Regional Security Stacks family's internet access points and cloud access points — have traditionally focused on securing the network, rather than the data or user. As more DoD employees and contractors work remotely and data volumes increase, hardware cannot scale to support them. This has created ongoing concerns with performance, reliability, latency and cost. A cloud-first approach In response, the DoD leverages authorized solutions from the Federal Risk and Authorization Management Program, and it references the Secure Cloud Computing Architecture guidance for a standard approach for boundary and application-level security for impact Level 4 and 5 data hosted in commercial cloud environments. The purpose of the SCCA is to provide a barrier of protection between the DoD Information Services Network and the commercial cloud services that the DoD uses while optimizing the cost-performance trade in cybersecurity. Defense agencies are now exploring enterprise-IT-as-a-service options to move to cloud, and reduce the need for constant updates and management of hardware. Through enterprise-IT-as-a-service models, defense agencies will be able to scale easily, reduce management costs and achieve a more competitive edge over their adversaries. Before the pandemic hit, defense agencies were already moving to support a more mobile workforce, where employees can access data from anywhere on any device. However, a cyber-centric military requires security to be more deeply ingrained into employee culture rather than physical protection of the perimeter. The next evolution to secure DISA and DoD networks is to embrace a secure access edge model with zero-trust capabilities. The SASE model moves essential security functions — such as web gateway firewalls, zero-trust capabilities, data loss prevention and secure network connectivity — all to the cloud. Then, federal employees have direct access to the cloud, while security is pushed as close to the user/data/device as possible. SP 800-27, zero-trust guidance from the National Institute of Standards and Technology, provides a road map to migrate and deploy zero trust across the enterprise environment. This guidance outlines the necessary tenants of zero trust, including securing all communication regardless of network location, and granting access on a per-session basis. This creates a least-privilege-access model to ensure the right person, device and service have access to the data they need while protecting high-value assets. As the DoD transforms the JIE architecture to an as-a-service model with zero-trust capabilities, defense agencies will experience cost savings, greater scalability, better performance for the end user and war fighter, improved visibility, and control across DoD networks — and ultimately a stronger and more holistic cybersecurity capability moving forward. https://www.c4isrnet.com/opinion/2020/09/29/the-dod-needs-data-centric-security-and-heres-why/

• 

  10 janvier 2020 | International, C4ISR, Sécurité

  How tensions with Iran could test a new cyber strategy

  Mark Pomerleau In 2018, the Department of Defense began following a new philosophy for cyber operations to better protect U.S. networks and infrastructure. Known as “defend forward,” the approach allows U.S. cyber forces to be active in foreign network outside the United States to either act against adversaries or warn allies of impending cyber activity that they've observed on foreign networks. After the U.S. military killed an Iranian general in a Jan. 2 drone strike and after national security experts said they expect Iran might take some retaliatory action through cyber operations, the specter of increased cyber attacks against U.S. networks puts Cyber Command and its new approach front and center. “This Iran situation today is a big test of the ‘defend forward' approach of this administration,” James Miller, senior fellow at Johns Hopkins Applied Physics Laboratory and former undersecretary of defense for policy, said at a Jan. 7 event hosted by the Council on Foreign Relations. “Will [Cyber Command] take preventative action? Will they do it in a way that our allies and partners support and that can be explained to the public?” While Iran fired several missiles Jan. 7 at a base in Iraq where U.S. troops lived as an initial response to the drone strike, many national security experts expect Iran could continue cyber actions as further retaliation for the strike. Iran could also ratchet up its cyber operations in the United States following the collapse of portions of the 2015 nuclear deal between the United States, Iran and five other nations to curb Iran's nuclear weapons capability in return for sanctions relief. Over the past 12 months, the White House and Congress streamlined many of the authorities used to conduct cyber operations to help cyber forces to get ahead of threats in networks around the world. One such provision in last year's annual defense policy bill provides the Pentagon with the authority to act in foreign networks if Iran, among other named nations, is conducting active, systematic and ongoing campaigns of attacks against the U.S. government or people. Cyber Command declined to comment on what, if anything, they were doing differently since the drone strike. Some experts, however, have expressed caution when assessing how well this defend forward approach has worked thus far given it is still relatively new. “The jury is very much still out here,” Ben Buchanan, assistant professor and senor faculty fellow at Georgetown University, said at the same event. “We don't have a lot of data, there's been a lot of hand-wringing ... about these authorities and about how Cyber Command may or may not be using them. I just don't think we've seen enough to judge whether or not ... [it is] meaningfully changing adversary behavior.” Others have also expressed reservations about how effective Iran can even be in cyberspace toward U.S. networks. “Iran is a capable cyber actor, Iran is a wiling cyber actor. That means Iran will conduct cyberattacks,” said Jacquelyn Schneider, Hoover fellow at the Hoover Institution at Stanford University. “It's not like they have this capability and they've been deterred in the past and maybe now they're going to turn it on. I think they've been trying this entire time.” Complicating matters further could be other actors trying to take advantage of U.S.-Iran imbroglio for their own interests. Priscilla Moriuchi, senior principal researcher and head of nation-state research at threat intelligence firm Recorded Future, said over the past several months, there have been reports of Russian state-affiliated actors hijacking Iranian cyber infrastructure to conduct operations masquerading as Iranians. “That creates its own uncertainty,” she said at the same event. “Another level of potential what we call inadvertent escalation if a country perceives that they are attacked by Iran but in reality, it” wasn't. https://www.fifthdomain.com/dod/2020/01/09/how-tensions-with-iran-could-test-a-new-cyber-strategy/

• 

  9 janvier 2020 | International, Aérospatial

  US Air Force demonstrates increasing F-35 capabilities

  A little more than four years after receiving their first combat-coded F-35A Joint Strike Fighter aircraft, Hill Air Force Base's fighter wings have achieved full warfighting capability – shedding light on the future of the RAAF's future air combat capability. The term describes a set of focus areas within the 388th and 419th Fighter Wings: fully trained pilots and maintainers, a full complement of 78 aircraft and the mission and support equipment needed to fly. While the designation of full warfighting capability is an important milestone, the wing has been combat capable since the Air Force declared initial operational capability in August 2016. Since then, the wings have participated in several large combat exercises, deployed twice to Europe and once to the Pacific and supported two Middle East combat deployments, including one short-notice tasking. Colonel Steven Behmer, 388th Fighter Wing commander, explained, "Every training opportunity, exercise and deployment we've completed over the past four years has been a key stepping stone in reaching full warfighting capability. "This is just the beginning of sustained F-35A combat operations and we will remain focused on staying ready to deploy whenever, wherever we're needed." The first F-35As arrived at Hill AFB in September 2015 and the final aircraft arrived in December 2019. In the intervening years, airmen at Hill AFB have been training and developing tactics as the aircraft systems and capabilities have matured. Reaching the right balance of qualified manning can be a challenge when activating a brand-new weapon system. The first squadron to stand up, the 34th Fighter Squadron, started with a core of pilots who had some level of F-35A training and experience in other platforms. As the wing began to grow, that experience level was diluted, and each squadron has been through a period where a majority of pilots could be considered "inexperienced wingmen". When the first jets arrived at Hill AFB, about 50 per cent of the maintainers were fully-trained, seasoned F-35 maintainers from Eglin Air Force Base, Florida, and Luke Air Force Base, Arizona. That number decreased due to PCS, retirements and separations. Since then, there has been an influx of new manning with less experience, and every other maintainer has been “homegrown”. "We really relied on our more experienced personnel, and as we received more aircraft, spread them throughout the group to train and equip the next F-35A aircraft maintenance units the right way. When you have the right mix of leadership, with the right focus, they can empower their people and everyone develops maintenance capability quickly," explained Colonel Michael Miles, 388th Maintenance Group Commander. When the first aircraft arrived in 2015, the goal was to fully equip each squadron with 24 primary assigned aircraft and six backups by the end of 2019. That was realised in December with the delivery of the 78th jet. Over that four-year period, the wings received roughly two jets every month and immediately began putting them to use. In the spring of 2016, the 34th FS deployed six jets to RAF Lakenheath, UK. In some cases, the delivery process became so streamlined that the aircraft were able to fly combat training missions within 24 hours of arriving at Hill AFB. This was more than just convenient. It meant that it was possible to deliver a jet from the factory straight into combat if necessary. Fifth-generation technology on the F-35A requires more specialised equipment than legacy aircraft. Every system on the F-35A has an associated piece of equipment to keep aircraft loaded, fueled and flying. There are more than a dozen critical pieces of heavy equipment, from the standard – power generators and weapons loaders, to the unique – 5.8 ton air conditioners to cool the jet's advanced avionics. There's also other equipment – like the high-tech, personalised helmets that integrate with the jet's mission systems – and computer and network systems to support flying and maintenance. COL Miles explained the importance of the milestone: "At IOC (initial operational capability), we had the equipment to support one squadron that could do some semblance of combat operations. Now, as each squadron has progressed, and we're on track to have all the required assets, we demonstrated that we can rely on the program for the technical support and weapons system parts we need while we deployed all our squadrons last summer." In 2019, the wings proved that they could balance the equipment requirements to support all three squadrons away from home station – the 4th FS was deployed to the Middle East, the 421st FS was in Europe and the 34th FS spent two months at Mountain Home AFB, Idaho. In a seven-day span, the wings had aircraft, equipment and personnel operating out of nine different countries. "Through hard work, providing programmatic feedback, and developing new processes and procedures, we shaped and pushed the program. Each airmen can look back with pride and see their contributions over the last four years standing up this wing, and enabling F-35A combat capability for our country," COL Miles added. https://www.defenceconnect.com.au/strike-air-combat/5388-us-air-force-demonstrates-increasing-f-35-capabilities