Following large and costly breaches to federal agencies, including the breach of the OPM and the NSA, the federal government is focused on cyber security and protecting their networks. But for some federal organizations – especially the military – a cyber breach can mean much more than just some data has been compromised.
A recent Booz Allen Hamilton Thought Piece entitled, “Improving Cyber Risk by Managing Risk and Building Resilience,” takes a look at the incredible impact that a cyber breach can have on military networks, and the need for cyber readiness across the military.
In this Thought Piece, they discuss how today’s modern military views IT services and capabilities as more than simple, “nice to have” tools in their arsenal. In our modern military, IT networks and the capabilities they deliver are mission critical and instrumental in keeping ahead of adversaries.
Unfortunately, despite the increased importance of IT networks and the capabilities they deliver, they remain susceptible to cyber attacks and can be compromised, disabled and otherwise made unavailable by adversaries when they’re most needed by the military.
This is increasingly problematic now that virtually all military platforms are network enabled. A successful cyber attack can take away mission-critical systems and leave our military less ready to face their adversaries on the battlefield.
To combat this, the experts at Booz Allen Hamilton claim that it’s essential for the military to prepare for a situation where networks are attacked prior to – or during – military operations. This means that they need to start looking at network capabilities when considering and measuring military readiness.
Today, most of the established security initiatives do not look at cybersecurity in context of the mission, and commanders lack transparency into how cyberattacks can impact the mission and their warfighters in the field. To overcome this, the military needs to gain a better understanding of their risk. This can be done by testing the security risk of the network and its endpoints and working to strengthen them against attack. But that’s not enough.
The thought piece advocates for the military to focus on resiliency – baking in redundancy and rapid responses that can ensure capabilities are still available should networks or end points be compromised – and immediate actions that can be taken to bring them back online.