Mark Pomerleau
AFA 2025 — The Air Force’s primary cyber unit is developing a new strategy to better synchronize the work of different groups of cyber defenders, with a particular focus on critical infrastructure and networks, according to the unit’s commander.
“Prior to this, we’ve always kind of looked at them [cybersecurity teams] in separate missions, but they’re really doing the same thing in a different way. We want to harmonize that better,” Lt. Gen. Thomas Hensley, commander of 16th Air Force, said during a panel presentation at the annual Air and Space Forces Association conference at National Harbor, Md.
Currently, cyber defense missions are undertaken by at least two different sets of teams. There are the local defenders, known as cybersecurity service providers or CSSPs, which perform persistent defense of systems. Then there are cyber protection teams, defensive teams focused on hunting adversaries within the network. They have been described as cyber SWAT teams that have specialized kits to eradicate adversary intrusions on networks.
The move for greater harmonization between the two groups, a spokesperson for the 16th said, came out of work the 16th has already done on what they called “mission thread defense.” That refers to an overarching strategy and process flow of information and focuses on protecting critical operational sequences that can span multiple systems and components — to include hardware, software, open vulnerabilities programmable logic controllers, data dependencies, sub systems and architecture.
“In the increasingly complex and competitive global security environment, mission thread defense protects our systems from any cyber threats, disruptions, and failures at any time. It ensures that essential capabilities, [such as] things that keep America safe, remain functional even under attack, protecting both our homeland and operational success by focusing on endurance and integrity of mission-critical operations,” the spokesperson said. “Mission thread defense safeguards critical operations from the beginning to the end of a mission. It enhances system resiliency, mitigates threats, and safeguards steady operations even under cyberattack or system failure.”
No comments:
Post a Comment