The U.S. military depends upon its networks to carry out day-to-day operations throughout the world. The Air Force has perhaps the greatest need, as its forces need to remain connected over vast distances. Lt. Gen. Bob Elder headed the U.S. Air Force’s development of its cyberspace mission from 2006 till his retirement in July 2009. Elder served as commander, 8th Air Force, the senior operational Air Force organization with STRATCOM. Elder is now a member of the research faculty at George Mason University. The New New Internet recently had the opportunity to discuss with Elder the development of the cyberspace mission for the Air Force, balancing security and accessibility, and how the Air Force seeks to maintain skilled cyber professionals.
TNNI: I understand you led the development of the cyberspace mission for the Air Force. Could you tell us a little bit about the process, what that involved, what you were looking to do specifically?
Elder: The Air Force was committed to implement their part of the National Military Strategy for Cyberspace Operations. It was published in 2006 but the focus of that strategy was based on a much broader definition of cyberspace than the one currently in use. It looked at cyber as the domain that allowed virtually every operation in any domain to take place, and it required that we develop people who not only understood information technology, but also possess expertise in cyber’s physical and cognitive aspects as well. So our task was to implement the joint strategy by applying the Air Force competencies in global, regional, and tactical operations.
Our initial approach was to integrate network operations into our air operations and work to balance risk to mission with risk to the networks. For example, in some cases, what is best for the air mission might not be the best for protection of the computer networks or vice versa. And so we decided to work with them as one integrated mission. We were able to do some things that were cutting edge in terms of how we applied risk management to dealing with possible intrusions in the network. I say cutting edge, but we actually learned most of our approach by talking to experts in the banking industry. Before we implemented the risk-management approach our standard way to deal with a cybersecurity threat was to cut off whatever system was acting improperly. With a managed risk approach we worked to keep the systems up as much as possible without posing a risk to the network at large. We achieved some good results and I think many of those techniques are still being used.
TNNI: With the recent increase in deployments, how does the Air Force try to balance having effective security, but still ensuring everyone has access to the information they need?
Elder: Well, I’m no longer the Air Force person doing that now. But what we were looking at was approaches that would better control who had access to information. This is similar to what we do routinely with classified information; that is; only people with a need to know are provided access. In this case, we tried to give people access to information they need to perform their jobs, but restricted other access. Each of the services approach this issue a bit differently because of their needs and capabilities. As an example, the Air Force restricted access to entertainment sites on our deployed mission networks, largely to preserve bandwidth, but provided commercial Internet connections so that people who wanted to web surf in their off time could still do it. We said that essentially the mission network (NIPRNET) was for official business only, which is similar to the approach that many commercial businesses employ.
Consider this analogy: If you were in the trucking business, you wouldn’t use the company’s semi truck to go pick up bread and milk; you would use your own car. We just had to provide our members a relatively convenient alternative to the mission (or business) network. Once we had that set up, we could ‘white list’ the sites required for official business so our people could get unimpeded access to the information they needed to do their work. And we had a mechanism to add sites to the white list as the need arose. So basically, we differentiated using the mission network (NIPRNET) for business from using the Internet for entertainment. I’ve found that to be a useful way to think about this problem. But perhaps the biggest improvement to our network security came from implementing use of the common access card to control access the network and our key computer systems. This approach has been implemented DoD wide with great success.
TNNI: Looking to the modern battlefield, where would you say cyberspace ranks as a necessary operational environment?
Elder: The Air Force probably has the greatest need of the four services because we operate platforms that must work together over large distances where messages can’t be passed visually; instead we rely on use of electromagnetic spectrum to provide the connectivity that we need. From an Air Force perspective, if we lose our connectivity, which translates to loss of our cyber capability, our asymmetric advantage is gone. We depend on communications to mass at a given point quickly to overwhelm an adversary; you can’t do this without the ability to coordinate your actions and that’s what we do with cyberspace.
TNNI: In terms of joint force operations, how does the military look to ensure you still have the interoperability when conducting joint force operations?
Elder: All of the Services get their guidance from the Joint Task Force for Global Network Operations (JTF-GNO), which directs the security protocols and the port settings and all those things that allow us to operate interdependently. There are a lot of systems, and they communicate over different ports and channels, but we do have mechanisms such as gateways that allow the many different systems to interact with one another. The digital systems have been developed with interoperability in mind, and unlike some legacy capabilities such as analog radios, for the most part, it’s pretty easy to move information from one place to another. I think the DoD has gone a long way in that regard.