April 25, 2024

Cybersecurity: ‘We’re Inventing It’

Posted by on Monday, June 27, 2016 · Leave a Comment 

cybersecurity

The 28th Patuxent Partnership and ANA briefing, “Cybersecurity for Navy Weapons Systems,” drew a standing-room-only crowd and panelists made short work of conveying the urgency to rapidly develop and fully integrate globally superior cybersecurity throughout every element of the United States military.

The task, many made clear, is nearly inconceivable in its vastness, but the imperative is greater. The inability to rapidly cut through bureaucracy to reach solutions could cost the US military’s technology its global supremacy.

The Navy, they also made clear, is a leader in the Herculean effort.

At Pax River it “feels real, you’re doing things,” panel moderator Troy Johnson, SES/DISL, Director of Navy Cybersecurity Division, OPNAV N2/N6F4 opened the briefing. “There is a growing Navy understanding,” he said, of the extent cyber must be integrated, but there’s a difference between “understanding,” and getting the funding and developing the necessary implementation strategies.

“NAVAIR gets it,” said Pete ChristensenOSD, Test Resource Management Center: Director of the National Cyber Range. “The Navy gets it,” he said. The challenge he faces is the need for a full, all-out, virtualization testing of everything, to find where the vulnerabilities exist. “I can replicate cyberspace,” he said of the NCR, “I can make it look like the real thing.” There is a reluctance to test at this all-out level, he said. The NCR doesn’t “need your money,” he told the audience of defense and contractor workers. “But you need to invest in your program.”

Neither reluctance nor funding pose the largest hurdle. “The most critical challenge is people. Encourage young people to pursue cyber security as a discipline. We need to get them excited about this area,” said Mr. Christensen.

Stu YoungSES, NAVAIR Director of Systems Engineering (AIR-4.1), and Director of NAVAIR’s Cyber Warfare Detachment, concurred. “Key young people” are the first of the “three major pillars” he says that are needed to integrate cybersecurity into every process and system and to develop technology of immediate value to the warfighter.

To begin working “horizontally,” Mr. Young credits NAVAIR with “sending key young people in a rotation … that has brought knowledge [across programs and sites] and developed personal relationships” that are helping implement cybersecurity and integrated technology horizontally, across all programs and systems.

This co-matching and co-dependence of the effort is its third pillar, Mr. Young said, the ability to “look across all sites and make best use” of time and effort. The second pillar, the tools and methodologies, included one of numerous references from panelists of how important it is that every proposal, program, plan must include an “end to end cyber risk analysis.”

That’s where CAPT Craig Grubb, Major Program Manager, H-60 Aircraft (PMA-299), PEO(A), NAVAIR, described his position in the effort as one with a unique vantage point. His piece of naval aviation, the H-60, “the end of the helicopter master plan,” is “out of production. We’re a little late in the game.” There isn’t an end-to-end, there is just today’s helicopter and how to merge it into a completely coalesced cybersecurity plan. The last H-60s were ordered in fiscal year 2016, this budget year, and will be delivered in calendar year 2018.

The benefit to this position, CAPT Grubb said, is the reduction of the “risk challenge and no funding.” While it sounded a bit tongue in cheek, he was insistent. The aircraft is well understood, he explained. There are “well defined drawings and configurations. Deep intimate knowledge [of its technology] … the opportunity is to look in our own [aircraft]. Can we find problems with helicopters?”

“Number one,” wrapped up RADM Jeffrey Penfield, Commander, Operational Test and Evaluation Force (OPTEVFOR), “this is a we problem. This is a national problem. This is a big deal problem. It is absolutely critical. We’ve got to have a fully collaborative program … to figure out who, what, how about this cyber.”

“Number two: Process. We are creating process, how to do cyber security. Nobody is telling us how to do it. We’re inventing it.”

To learn more about The Patuxent Partnership and its programs visit its Leader Page.

Filed under Leader Exclusives, Pax River News · Tagged with , , , , , , , ,

Leave A Comment