HUNTSVILLE, Alabama – The U.S. Army Space and Missile Defense Command/Army Forces Strategic Command’s chief technology officer and cyber integration director dove deep at the 21st Space and Missile Defense Symposium discussing cyber resiliency and mission assurance, Aug 7.
Dr. Steve Pierce, USASMDC/ARSTRAT’s chief technology officer joined the command’s director of cyber integration, Rob Goldsmith, to speak about Army and SMDC efforts toward cyber resiliency and how it relates to mission assurance.
Pierce led the presentation on defensive cyber by providing background perspective, the environment faced today, how it differentiates from past warfighting, and the direction the Army and SMDC are moving to face the threat in the future.
“The time it takes to complete critical operations is approaching zero,” said Pierce, and at an age when data moves across the globe in nanoseconds, “Distance is no longer the significant factor.”
Pierce said many other organizations did not fully grasp that all networks have vulnerabilities; even networks considered closed and/or hardened could be vulnerable to insider threat or at their “ports.”
Expounding on the concept of ports, Pierce said that militaries understand the necessity to secure their ports. Airports are the transition between land and air domains while seaports are the transition points between the maritime and land domains, he explained.
Today and in the future, cyberports are the link for users and systems to the cyber domain. As such, it is imperative, he said, to secure cyber ports with the same emphasis as airports and seaports.
Goldsmith followed Pierce and highlighted recent and future objectives to ensure cyber-based mission assurance. He told the group “We are actively pursuing non-standard systems to look into our [often also non-standard] mission networks and systems.”
To help mitigate the cost of Army cyber resiliency, Goldsmith indicated SMDC’s willingness to proactively share the Cyber Situational Awareness Tool, developed initially in partnership with Army Materiel Command, with other government organizations at no cost. This developmental tool will be used on the SMDC classified network and is being constructed in a way that makes it easy for other organizations to configure the tool based on their unique requirements.
One of the projects led by Goldsmith is the establishment and operation of the command’s Cyber Mission System Fusion Cell, or CMSFC. The CMSFC consists of a cell leader from operations who is deeply familiar with the command’s critical mission systems and has the ability to determine mission impact of a cyberattack. The cell leader is supported by an intelligence analyst and several defense cyberspace operations analysts who bring advanced red team-level expertise to emulate the techniques real-world attackers might use. Combined, the CMSFC continuously assess and monitor the command’s key networks and systems by actively hunting for advanced cyber threats and rapidly addressing any issues they discover.
The CMSFC assesses risk to mission by “fusing” potential mission impact with vulnerability and intelligence input to maximize SMDC network resiliency. This is done not only by hardening networks to prevent attack in the first place, but proactively ensuring the networks and systems continue to operate if attacked. A key output of the CMSFC’s process is the “Leader Cyber Risk Dashboard” that summarizes risk to critical missions for senior leaders in an easy to use quick-reference decision tool.
Goldsmith told the group that SMDC’s Future Warfare Center, Army Test and Evaluation Command’s Redstone Test Center, and other key partners have established Proactive Readiness Environment Against Cyber Threats, or PREACT. PREACT is a persistent, distributed environment that enables advanced cyber testing of critical mission systems without introducing risk to the [actively running] operational system or the limited assets managed in the developers’ system integration labs. PREACT enables SMDC to test their critical mission systems in a realistic, stressing cyber environment that eliminates the restrictions placed on red teams when they assess systems in operation.