Early Experiments with Microsegmentation
Adams’ squadron is also experimenting with some of the zero-trust tools ACC is introducing, and a small pool of airmen and civilians have started addressing the microsegmentation requirements of the strategy.
Microsegmentation involves allowing certain software and applications to access specific resources on designated servers within the zero-trust environment and then isolating that activity. Once that’s engineered and deployed, the 561st NOS must ensure it can repeat the process.
“What’s the management structure going to look like over time as we start migrating more and more applications or have new requirements for this specific data endpoint?” Adams said.
Protecting the endpoint is a key mission of the 561st because the squadron can’t afford to hunt for its adversary after a cyberattack has occurred, Adams added.
The Air Force simply doesn’t know all the cyber capabilities its foreign adversaries, including China, have. This is why raising awareness of the ongoing war in cyberspace and proper cyber hygiene practices is so important, said Col. Jessica Haugland, chief of the Current Operations Division at Joint Force Headquarters-Department of Defense Information Network.
EXAMINE: How space force CTIO Lisa Costa Is leading technical advances.
Investing in Zero Trust with Limited Budgets
Equally important is leveraging contractors for IT and cyber products and services the military can’t develop, operate or maintain organically, Haugland said.
While squadrons don’t have billions of dollars at their disposal, they still have the budgets for some zero-trust capabilities.
“I don’t have the opportunity to get after critical technologies the unit needs,” said Lt. Col. Shane Villanueva, 87th Communications Squadron commander. “I can get money.”
Squadron commanders are also encouraging their airmen to innovate, with 561st leadership telling them to “automate yourself out of a job,” Adams said.
Adams supports automating mundane tasks so airmen can focus on higher-level ones, which his squadron has the training budget for.
“Find a way so you don’t ever have to click this button again; it just does it on its own,” Adams said. “We’ll invest in that.”
EXPLORE: How a cybersecurity maturity assessment can improve your approach to security.
A ‘Phenomenal’ Zero-Trust Learning Opportunity
The Air Force has a “long road” ahead in transitioning to zero-trust security architectures and needs an “exceptionally large pool” of knowledgeable airmen today to implement the strategy when deployment begins, Adams said.
While certifications in specific zero-trust areas may be offered to airmen in the future, one concern is that they won’t take advantage of the learning opportunity already available to them with the 561st at Peterson Space Force Base, waiting instead for a zero-trust training course at Keesler Air Force Base that may be a long time coming.
“You’re going to miss out on a phenomenal opportunity to educate yourself right now, using things like Digital University or the O’Reilly books that are available on the Air Force portal,” Adams said. “So that you understand not just the concepts but how these technologies really work.”