Cyber readiness--does it really matter?

  • Published
  • By Lt. Col. Nathaniel Osborne
  • 509th Communications Squadron commander
The Command Cyber Readiness Inspection (CCRI) is coming! It may seem like Whiteman Air Force Base has turned into Winterfell, the last bastion of hope against invaders from the North under constant threat that “Winter is coming”. This is especially so since the Department of Defense transitioned to a no-notice construct in the fall of 2016. However, while CCRI’s are a critical piece to ensuring we are postured appropriately in cyberspace, they are only part of the puzzle that is cyber readiness.
So what is Cyber Readiness? It is a timely patch that remediates a vulnerability, maintaining good network hygiene, physically protecting our infrastructure, complying with higher headquarters directions, embracing a culture of cybersecurity and applying new technologies to tie it all together. Each of these important aspects can be difficult especially in a domain that is ever changing, ever expanding, and ever proliferating. Cyberspace as a domain is cheap meaning the cost of entry is very low for our adversaries. Enemies that are still dreaming of developing air and space technologies that our Air Force has employed since Vietnam can, with very limited resources immediately, access the internet from nearly anywhere on the planet with a reasonable expectation of delivering cyberspace effects on the United States and our allies.
Now, imagine a day without your iPhone or your computer or both. Imagine a day where no one on the base had access to either one. It’s not hard to do as each of us has felt the effects of a bad network policy push or a fiber cut. The access provided by these devices has become integral to the way we communicate, make decisions, and go to war. Therefore, these devices have become targets. Further, cyber readiness goes beyond delivering information technology (IT) as a service. IT delivery is only a first step. Once access is provided to information, that information must be protected and that’s where everyone at Whiteman has a role to play.
How can you help? First, leave your computer on. There are 6,600 users and over 4,500 systems on base. In order to scan for vulnerabilities and effectively patch them our team depends heavily on automated processes that simply don’t work when your computer is turned off. It’s important to comply with mandatory uptime from 9 a.m. - 3 p.m. on Tuesdays and Wednesdays. Additionally, as we transition to a mobile workforce and deploy laptops throughout the base you will need to ensure your laptop is connected to its base station as often as possible. Second, remove your Common Access Card (CAC) when you leave your computer. Many of us have wondered how important this step really is. Insider threats are the #1 threat to our networks and leaving your CAC in place removes an important barrier to entry. More importantly any malicious activity conducted with your CAC in the system will be attributed to you. Last, work with the communications squadron. Cyberspace isn’t easy and neither are many of the missions on this base. Sometimes special software, unique equipment or program managed systems are required to get the job done. Our team is here to help. Please contact us so we can help ensure these special needs are met and applied appropriately to the network.
Cyber Readiness is about mission assurance. It’s not just the Geek Squad coming out to fix your computer, it’s a team of cyberspace professionals working diligently to ensure mission systems are ready, access is provided to decision quality data and tangible attack vectors are protected. At the end of the day, cyber readiness is about delivering effects in, through and from cyberspace while assuring B-2’s, A-10’s, and MQ-9’s can deliver lethal combat power through the air anytime, anywhere.