We're building value and opportunity by investing in cybersecurity, analytics, digital solutions, engineering and science, and consulting. Our culture of innovation empowers employees as creative thinkers, bringing unparalleled value for our clients and for any problem we try to tackle.
Empower People to Change the World®
Abstract
In this four-part series, Booz Allen examines the four features of the digital battlespace—open, smart, at the edge, and resilient and secure. Here in part four, we detail “resilient and secure”: how to build secure warfighting systems that can be trusted in the face of adversarial attack.
The digital battlespace encompasses many systems-of-systems, ranging from handheld devices to enterprise-level intelligence and data architectures. As these technologies become increasingly connected to each other as part of modern warfighting systems, they provide more data and more mobility—both key to achieving overmatch.
While these systems grow more connected, it becomes more critical to make sure they are as secure as possible to protect the system as a whole. That’s because, in the digital battlespace, information superiority wins. But this influx of data comes with increased vulnerabilities for adversaries to exploit.
Making these systems secure and resilient requires a multifaceted approach that begins with understanding the threat landscape.
The digital battlespace makes more information accessible to warfighters than ever before. Ground station analysts, forward-operating warfighters, policymakers, and many others in the decision chain benefit from this multidirectional data mobility.
To support independent yet coordinated decisions and effective action, information needs to go where the warfighter is: on the battlefield, in the air, on or below the sea, in space—wherever the mission leads.
Information that was once available only to satellite data analysts, for example, is now increasingly being relayed directly to operators in the field, empowering them with more data and context for making critical mission decisions.
What makes this information available is the transfer of data between these disparate systems in various ways, ranging from wireless, to cellular, to more traditional wired networks. But each system, along with each transmission point, presents opportunities for an adversary to exploit the data or deny communications. Every time data moves from one system to another, the number of attack surfaces increases—giving adversaries more opportunities to compromise the data.
And these adversaries are bringing sophisticated techniques and methods to attack data on the battlefield. Their technology advances move quickly—in contrast with the sometimes slow acquisition processes followed by U.S. and allied militaries.
The result is compromised, untrusted, or degraded data—which can damage the warfighter’s understanding of the battlefield situation and limit their ability to make the most effective decisions.
As the attack surface grows with the number of devices, systems, and connections, so, too, should the focus on protecting them.
As adversaries look for new ways to infiltrate national systems, they often look to the third-party suppliers and vendors that provide services and equipment to the military. These third-party vendors follow varied security protocols—which may not be rigorous enough to protect critical defense data. Because their approaches to security differ, adversaries have a wider breadth of potential vulnerabilities to exploit.
With devices ranging from handheld cellular phones, thin client workstations, and small internet of things (IoT) sensors to multi-terabyte data servers, and even satellite or flight computers, there are thousands of devices in the nation's warfighting networks. Each of these systems’ electronic components were likely manufactured by a different vendor—possibly in different nations and to different standards.
Supply chain vulnerabilities extend beyond just hardware. Software as a service (SaaS) is a growing trend in the defense sector. SaaS systems are used in a variety of applications like network monitoring and even collection planning. These platforms, while powerful, are also vulnerable to compromise via backdoor attacks, insider threats, and more.
A critical component of securing the digital battlespace is securing the supply chain. The risks of supply chain attacks are greater now than ever before. Without visibility into your suppliers and their own security protocols—and into their entire supply chain—it’s difficult or impossible to understand how the service or hardware they provided may be compromised.
Protecting this complex and networked landscape of systems and actors requires an intentional approach to cybersecurity and electronic counter-countermeasures. Addressing cybersecurity as a component of mission readiness can help make a system more resilient by focusing decision makers’ attention on the impacts: what happens to my mission if this system or data is compromised?
It is virtually impossible to give any system 100-percent protection from attack. As a result, operating through the attack and successfully carrying out the mission—despite disruption—must be seen as a necessary attribute of any critical system in development.
Here are three key components to building more resilient warfighting systems:
The result is a system-of-systems with a more comprehensive approach to cybersecurity and electronic protection that anticipates attacks and provides mechanisms for resilient operations.
Making more secure and resilient warfighting systems requires more than a check-the-box approach to cybersecurity and electronic protection. By building systems that anticipate attack and can use the latest in AI and advanced analytics, Department of Defense organizations can move toward significantly reducing the threat surface—and create ideal conditions for system and mission resilience.