US Air Force allocates nearly $50 million to improve its cybersecurity

On November 15, the US Department of Defense (DoD) announced that it awarded an additional $47.9 million contract to Ball Aerospace & Technologies Corp., a Boulder, Colorado-based spacecraft and payload developer. The contract modification allocates $41.5 million more to expand research and development efforts, to better secure US Air Force weapons systems from cyber attacks.

According to the DoD announcement, funding will go toward “research and development to provide […] methodologies, tools, techniques, and innovative solutions to identify susceptibilities and mitigate vulnerabilities in Air Force weapon systems, and protect those systems against cyber-attack.” The expected completion date is March 2023.

Contract part of a bigger Air Force cybersecurity initiative

Earlier this year, the Air Force announced that it would implement several cybersecurity measures to help mitigate risk and manage data breach events. The multi-faceted implementation, which, in June 2017 was in the acquisitions stage, includes:

  • Hardware updates for quick, real-time security patches
  • Computer automation for cyber crime tracking and detection
  • Weapons and technology development
  • Cyber resilience for legacy weapons systems
  • Uniform risk mitigation and cyber crime event management

The Air Force also instated the Cyber Resilience Office for Weapons Systems (CROWS). The response team will be accountable for conducting forensic analysis following cyber incidents. According to Lieutenant General Arnold W. Bunch, Jr., military deputy of the Office of the Assistant Secretary of the Air Force for Acquisition, CROWS will assess the agency’s cybersecurity weaponry for effectiveness and flexibility.

CROWS will analyze weapons systems weaknesses and address likely events, including intrusions, malicious activities, and other cyber attacks. For example, emerging and existing defense platforms such as the F-16, F-15, and F-35 are computer-dependent in at least one or more of their capabilities, rendering them in need of cybersecurity measures.

Part of the Air Force’s initiative is to design and implement systems that take an “open architecture” approach, whereby technology systems are dynamic – not fixed – and able to integrate with new, emerging technologies. This could include a system that can easily adjust to evolving cyber threats.

One of the most important Air Force initiatives involves standardizing its cybersecurity strategy across the agency with classification guides. By the 2020s, General Ellen Marie Pawlikowski, commander of the Air Force Materiel Command, anticipates that cybersecurity will be hardwired into every Air Force base.

IT Governance Newsletter Signup