As DOD modernizes tactical communications, cybersecurity must remain at the forefront of planning and execution.
“Dominance” and “protection” are two words that sum up the Defense Department’s goals as U.S. armed forces begin to modernize their networks and communications systems. In an escalating struggle against near-peer adversaries, DOD is investing significant resources in providing troops with highly advanced technology that allows them to effectively communicate with each other and allies in even the harshest environments.
Seeing these plans to fruition will require the Pentagon to successfully traverse the divide that still exists between legacy communications networks and what the DOD hopes to ultimately achieve. Efforts like the Army’s ESB-E tactical network initiative, for example, represent an attempt to keep warfighters constantly connected -- with each other and allied forces -- through a unified communications network. These solutions will be built off of more scalable, adaptable and powerful platforms than those provided by older legacy systems.
As DOD commences its modernization efforts, cybersecurity must remain at the forefront of planning and execution. Ensuring sound security can be difficult even under a more modest form of digital transformation, but the Pentagon's ambitious plans are far from modest. Programs like ESB-E are being designed to provide wide-scale communications in hostile territory. It will be incumbent upon troops in the field to monitor, manage and secure the network to fulfill the “protection” part of DOD’s two-fisted battlefield domination strategy.
Moving forward to take this particular technological hill, DOD should keep these three considerations in mind.
1. The attack surface will increase exponentially
Over the years, the battlefield has become increasingly kinetic and dependent upon interconnected devices and even artificial intelligence. The Army Research Laboratory calls this the internet of battlefield things -- a warzone with different points of contact that, ultimately, results in everything and everyone being more connected and, thus, intelligent.
The Pentagon is looking to take the concept as far as possible to give warfighters a tactical and strategic edge. For example, the Army wants to network soldiers and their weapons systems, and the Navy plans to link its platforms across hundreds of ships. The armed forces expect warfighters to connect with satellite communications technologies as easily as they make a call on their smartphone back home.
Opening up these communication channels -- in so many different ways and directions -- will significantly increase the potential attack surface. The more connection points, the greater the threat of exposure. Securing a communications system of such complexity will prove to be a far more daunting challenge than what’s involved in monitoring and managing a traditional IT network. Armed forces must be prepared to monitor, maintain and secure the entire communications system.
2. Everyone must have systems expertise
The line between soldiers and system administrators has blurred as technology has advanced into the battlefield. Soon, that line will be gone. As communications systems expand, all service members in theater will need to understand how to monitor and maintain the network. They must be able to identify problems as they arise to ensure both unimpeded and uninterrupted communications and the security of the information being exchanged.
This will require continuous training on everything from equipment maintenance to use of network monitoring systems and simple best practices. All troops must be bought into the concept of protecting the network and its communications components and be highly skilled in managing and maintaining these technologies. This is particularly important as communications solutions evolve from the traditional legacy systems that have been in use for years.
The good news is that many traditional best practices will still be applicable in this new environment. All data and traffic should be encrypted, for example. Soldiers will need to quickly secure communications tools in the event they are compromised, just as they would any other piece of equipment harboring sensitive information or access points. And they will require clear visibility into the entirety of the network to be able to quickly pinpoint any anomalies -- regardless of how expansive and complex that network may be.
3. Staff must increase commensurate to the size of the task
The armed forces must bulk up on staff to support these expansive modern communications systems. Fortunately, the military has a wealth of individuals with network and systems administration experience. Unfortunately, they are lacking in other critical areas.
Security specialists remain in high demand, but the cybersecurity workforce gap is real even in the military. There are simply not enough cybersecurity experts to go around, and many with the requisite skills choose the highly lucrative pathways offered by the private sector. The Pentagon will have to make moves to close this gap. The White House’s National Cyber Strategy offers some good recommendations, including reskilling workers from other disciplines and identifying and fostering new talent. The actions highlighted in that plan coalesce with DOD's need to fortify and strengthen its cybersecurity workforce as it turns its focus toward relentlessly winning the battlefield communications war.
Whoever wins that war will truly establish dominance over air, land, sea and cyberspace. Victory lies in educating and finding the right personnel to protect information across what will undoubtedly be a wider and more attractive target for America’s adversaries.
NEXT STORY: A 5G future without Huawei?