October kicks off National Cybersecurity Awareness Month, a collaboration between leadership from the U.S. Department of Homeland Security and the National Cyber Security Alliance, to educate and raise awareness for keeping data and systems safe from security threats. In the spirit of the month, we are examining how security plays a role in protecting data for military and defense, particularly for operational training realism.
Military leaders recently testified before the Senate Armed Services Committee regarding encryption and cyber security issues. Among the leaders were Marcel Lettre, Undersecretary of Defense for Intel and Navy Admiral, who testified that the department was seeking more “robust encryption standards and technology [which is]vital to protecting warfighting capabilities and insuring that key data systems stay secure and impenetrable to adversaries today and into the future.“
Lettre went on to say that it is the commercial sector, partners and government contractors that offer the commercial encryption technology solutions that are critical to protecting national security systems, research and development data related to weapon systems and other classified data.
Mike Rogers, commander of U.S. Cyber Command and the Director of NSA, also testified to the importance of encryption, which he refers to as protecting data access for anyone authorized to use it. He told the Committee in his testimony that, “we have a challenge before us. We’re watching sophisticated adversaries change their communication profiles in ways that enable them to hide information relating to their involvement in things such as criminal behavior, terrorist planning, militia cyber intrusions and even cyberattacks.”
This ever-growing sophistication requires a change in protecting data at rest, or data on the move. It is even more critical in military training scenarios, where classified data needs to stay only in the hands of the authorized user.
Military training, whether live or simulation or a combination, requires a high level of data security, particularly, as Wes Naylor pointed out in his recent piece, because we don’t want adversaries to know about new and emerging military capabilities. Unfortunately, in many cases, those security requirements impact the realism of the training exercise, so some vendors have created military training solutions that incorporate Multiple Independent Levels of Security (MILS), which is a security architecture designed to separate and control information and data flow.
Vendors, such as Rockwell Collins, are incorporating MILS to provide secure interoperability for data in-flight in a simulated, high-threat combat environment.
Higher levels of security are necessary in today’s threat environment, but shouldn’t deteriorate levels of data performance. National Cybersecurity Awareness Month is a great time for military training vendors to pause and determine whether their security measures are up to the levels needed today and for the future while they continue to offer the most realistic and effective training for the warfighter.