110 likes | 121 Views
Gain insights into the operations and mission assurance in cyberspace from the perspective of the 24th Air Force. Explore the integration of cyber operations across domains, joint C2 relationships, AFCYBER capabilities, and upcoming strategies.
E N D
24th Air Force(AFCYBER) Col Robert Skinner Commander, 688th Information Operations Wing OVERALL CLASSIFICATION OF THIS BRIEFING IS UNCLASSIFIED 11 Jun10
24 AF Perspectives on Cyberspace • Only operational domain that is man-made • Physical Domain (A place, Not a mission) • Where Operations are conducted (Like Land, Sea, Air & Space) • Integrate operations conducted across domains (don’t integrate domains) • About Mission Assurance (not Network Assurance) "Cyberspace is not a mission, it is a place where operations are conducted … and is about assuring the mission, not about assuring the network” –Maj Gen Dick Webber, AFNS, 20 Nov 09
Joint C2 Relationships COCOMs STRATCOM JFCOM As Required USCYBERCOM CSE AF CYBER LNO? USCYBERCOM ACC AFSPC C-MAJCOM ACCE ACCE – Support to: - Joint planning - Targeting - Weaponeering - Interagency coord - Synchronization - COCOM/OPLAN CCIR - Joint effects - Deconfliction - Other cyber components AEF Tasking AFCYBER (24 AF*) C-NAFs Lead MAJCOM MOU As Required Desired AOC 624 OC COLE COCOM OPCON DELEGATED AUTHORITY ADCON COORD SUPPORT • COLE– Provides support to: • - Theater planning • - Joint effects coordination • - Mission assurance • - Synchronization • DAL • CC Intentions • CC Priority • Hunter Team AF CYBER FORCES Combat Communications Forces ACCE: Air Component Coordination Element COLE: Cyber Operations Liaison Element CSE: Cyber Support Element DAL: Defended asset list
AF Cyber Force Capabilities 8 AF AFSTRAT 24 AF / AFNETOPS AFCYBER 14 AF AFSTRAT AFISRA 608 AOC 624 OC* 614 AOC • Cyber C2 • Operational planning • Mission integration • Cyber fusion Operational Integration Direct Support 659th ISRG 689th CCW 67th NWW ARC Forces 688th IOW • Combat Comm • Engineering and Installation • Blue Team • assessment • Full Spectrum • Cyber Ops • MCCC • 3x(CACS) • Full Spectrum • NetOps • Net Control • ESSA • CORA • AFCERT* • Hunter teams • TTPs • Cyber OT&E • Rapid tool development • Blue Team assessment • Engineering and installation • Combat Comms • Hammer Ace • Global Net extension • SIGINT support • Threat analysis • NTI • Threat warning • Target development OPCON ADCON OTHER • Law Enforcement/AFOSI Presence • ESSA: Electronic System Security Assessment • CORA: Cyber Operational Risk Assessment • Hammer Ace: Rapid deployable comm • NTI: National Tactical Integration
Unclassified Acquisition & Development Process • Increasingly dynamic environment • Streamline acquisition processes • Rapid capability delivery • Meet warfighter needs • Leverage DISA/NSA tools and capabilities Ops & Innovation AFMC ESC AFSPC Current Rapid (UON/JUON) Foundational Unclassified
Mission Assurance vs. Network Assurance Our Mission Is To Make Sure The Warfighter Can Perform The Joint Mission
Priorities Real time situational awareness Filter mountains of data for relevance Be proactive with vigilant monitoring Standardize network architecture Fight through an attack Reroute critical traffic Kill malicious traffic Respond with active forces Build The Foundation For The OODA Loop
Challenges • Cyber: High demand, low density • Command and control at the speed of war • Real-time situational awareness • Size and complexity of the network • Heterogeneous networks • Time to build Cyber capabilities • Advanced adversaries
Services Working Together • CJCSM 6510.10 directs services to: “share and corroborate [incident info] for validation and situational awareness.” • Accomplished through incident reporting process • Response actions directed by USCYBERCOM via TCNOs, IAVAs or OPORDS as needed • Joint Exercise BULWARK DEFENDER • Annual CND exercise, all services participate • Robust scenarios developed by services and USSTRATCOM • Services attend valuable lessons learned conf. POST-EX • Service Liaison Officers • 688 IOW has LNOs from all services and NSA • Ensures valuable exchange of tactics and lessons learned
Teaming with Industry/Academia • Working on partnerships with large enterprise-focused commercial companies • Academic Partnerships: • Saint Mary’s University Cyber Security Conference • Defense Technological Cluster (DTC) • Air Force Institute of Technology • UTSA • Vanderbilt • George Mason “We must establish close & continuing relationships with our joint partners, industry and academia” - Secretary of the Air Force, “Air Force Cyberspace Mission Alignment”, 20 Aug 2009
24 AF Way Ahead • Build cyber situational awareness • Create mission assurance paradigm • Normalize NetOps and defense • Complete Ops Center transformation • Operationalize cyber C2 • Space and Cyber integration • Mature joint relationships • Partner with industry • Increase capacity • Total Force Integration • Grow component-NAF staff Crawl Walk Run