Zero trust, EMS top Air Force cyber priorities

NOTE: This article first appeared on FCW.com.

The Air Force's cyber and information warfare command is ready to lean into zero trust.

Lt. Gen. Timothy Haugh, the commander of the 16th Air Force (Air Forces Cyber), said zero trust was "foundational" to securing Air Force networks to expand and improve data use.

"We view this as really one of the foundational technologies that will allow us to ensure that as we continue to grow our reliance on being able to bring in data from any sensor, and be able to use that to our ability to gain advantage," Haugh told reporters Sept. 20 at the Air Force Association's annual Air Space Cyber conference in National Harbor, Md.

"We've got to be able to secure that. And from our standpoint, many of the things that we operate today, the weapons systems that we operate weren't built with the China threat in mind."

The commander said the 16th Air Force has executed zero-trust pilots and is working with U.S. Cyber Command and the Defense Department CIO on implementation.

"I think we've found a really good balance of where we can now push into accelerating zero trust, but doing it in a way that also recognizes that we're ensuring that we're not going to bring any risk while we're making this transition," Haugh said.

"It's critical for us to be able to do that, so that we are able to operate in contested environments and trust our data. So we're pleased with the progress, but it's got to go faster in terms of our ability to accelerate."

The 16th Air Force is charged with securing the Air Force's networks and weapons systems and also the networks the Space Force uses.

Information warfare capabilities are also in the mix. The 16th Air Force completed two tabletop exercises on information warfare, one focusing on the Russian threat and the other geared toward China.

"We have also really spent a lot of time [building] out our infrastructure to create cyber ranges, as well as areas where we can do tests, to be able to integrate our electromagnetic spectrum activities with our [intelligence, surveillance and reconnaissance] operations," Haugh said, adding that he's been pleased with the progress so far.

"This has also been a significant year where we've done training for our ISR airmen -- so our intelligence airmen, and our reconnaissance crews -- where they were the training audience for one of our exercises. All of that comes back to the same theme: how do we bring in the right data that allows us to either answer a hard problem, or to contest an adversary in the information environment."

Haugh said cyber threats to weapon systems in the electromagnetic spectrum have been "pretty aggressive," and "those are areas that we're learning" from how to secure the weapons, use data more effectively and then testing that in a contested environment with a peer adversary, such as China.

"Something we know is a part of what competition looks like today -- making sure that our cybersecurity of our weapon systems, and the ability for us to get data from those weapon systems, is essential. That's what competing looks like for us every single day," Haugh said.

Securing the supply chain

Haugh noted supply chain vulnerabilities as a "significant threat" that zero trust can help resolve.

"The homeland isn't a sanctuary in cyberspace," Haugh said. "If we have a zero-trust-based network, those threats, as they're discovered, look different to us because that gives us freedom of maneuver within those networks."

Supply chain network vulnerabilities take "a significant amount of resources to mitigate," including time to assess the threat and removing software, Haugh said. But those challenges are heightened with defense contractor companies.

"They're feeling the same thing that we are without ... the same set of resources," Haugh said. "You have a nation state targeting an individual business. That is a longer term threat for us. It's more difficult for that company to defend, which is why we are seeing the partnerships grow at the National Cyber Director, CISA [the Cybersecurity and Infrastructure Agency], Cyber Command/NSA are focused on getting that information to our industry and to our critical infrastructure."