La expansi\u00f3n del trabajo remoto a causa de la pandemia de COVID19 ha generado preocupaciones sobre las vulnerabilidades de la ciberseguridad. La tendencia est\u00e1 impulsando a los servicios a desarrollar nuevas tecnolog\u00edas de ciberseguridad. Con suerte, tambi\u00e9n se alentar\u00e1 a las fuerzas armadas a seguir buscando formas de operar de forma remota y continuar reclutando nuevos miembros del servicio que sean competentes en actividades de ciberseguridad que se integrar\u00e1n en forma remota.<\/p>\n
The COVID-19 pandemic has forced the military to put a renewed emphasis on cyber training as servicemembers increase their use of teleworking.<\/p>\n
The expansion of remote work has raised concerns about cybersecurity vulnerabilities.<\/p>\n
\u201cIt has shined a light on it,\u201d said Dani Charles, a fellow with the New America think tank\u2019s cybersecurity initiative. New \u201cedge devices\u201d that are outside of the Defense Department enterprise or that are connecting back into the enterprise are also increasing cyber vulnerabilities, he noted.<\/p>\n
The trend is prompting the services to develop new cybersecurity technologies, he said.<\/p>\n
\u201cIt\u2019s forcing … the military to really accelerate focuses on technology and push forward a number of things that otherwise might have been delayed for traditional contracting reasons,\u201d Charles said.<\/p>\n
Hopefully the military will also be encouraged to continue looking at ways it can operate remotely and continue to recruit new servicemembers who are proficient in cyber activities, he noted.<\/p>\n
\u201cIf we can be in a situation where we can leverage talent anywhere inside the United States and allow them to work within an enterprise that is both secure, but also reliable and fast and functioning \u2026 then I think that\u2019s an advancement that really lends itself to a much more agile force,\u201d Charles said.<\/p>\n
The Army has seen an increase in its use of its persistent cyber training environment training platform, which transitioned from prototyping to production in March 2020, Col. Corey Hemingway, project manager for cyber test and training, said in a recent interview. There were previously three major prototype releases, then two versions were released in the production phase. It is intended to help connect users from all of the services and NATO to work on both defensive and offensive capabilities. The Army kicked off the effort in 2018.<\/p>\n
\u201cOne of the major things that we\u2019ve seen from [U.S. Cyber Command] is that the transition, because of COVID, increased the utilization of the system,\u201d Hemingway said.<\/p>\n
\u201cWe\u2019re starting to see that transition occur across all of the services in order to maintain cyber readiness across the force.\u201d<\/p>\n
The effort will be advanced with Cyber TRIDENT, or Training Readiness Integration Delivery and Enterprise Technology, which is a contract vehicle that will refine the integration factory processes for the training platform, according to the service. The Army plans to pick award winners in the fourth quarter of fiscal year 2021.<\/p>\n
\u201cCyber TRIDENT \u2026 is an estimated $957 million contract that we are putting together to support [Cybercom] and the cyber mission force in delivering a cyber training platform,\u201d he said.<\/p>\n
The persistent cyber training environment was in the prototype phase with several vendors, and a request for proposals under Cyber TRIDENT was released in June. Hemingway said the contract period of performance will be eight years and the service has yet to decide how many contracts will be awarded.<\/p>\n
\u201cThe capability is providing new insights into a collaborative environment supporting the cyber mission force,\u201d he said. \u201cNow we have the ability to see ourselves and be able to maneuver in cyberspace in ways that we haven\u2019t been able to do before.\u201d<\/p>\n
Graham Fleener, product lead for the persistent cyber training environment in the Army, said the first version of the product was a core portal which gave users the ability to plan, execute and assess cyber training events. The second version includes improvements such as an enhanced workflow and master calendar and scheduler.<\/p>\n
The platform is giving the services and military commands the ability to procure, develop and share content at a faster pace than before, he said.<\/p>\n
The product has transitioned out of the prototype phase, Hemingway noted.<\/p>\n
\u201cWe\u2019ve got over 4,000 users that are on the platform that have used this capability,\u201d he said. \u201cWe have already been in development of nearly … 144 terabytes of training content.<\/p>\n
That means all of the services are developing and adding content that can be utilized for their training events across the board.\u201d<\/p>\n
Charles said the interoperability of the persistent cyber training environment is one of its most important features. The platform\u2019s ability to easily connect with other users allows servicemembers to share and analyze data in real time.<\/p>\n
\u201cTraditionally, the way systems have been designed have not been for that interoperability,\u201d he said. \u201cAnd that\u2019s fundamentally what has to change. … Going forward, when acquisition [officials] look at bringing new systems online, interoperability has to be among the top considerations.\u201d<\/p>\n
Don Bray, Raytheon\u2019s director of cyber initiatives in the company\u2019s global training and logistics division, said one of the biggest challenges of cyber training is that the domain is always evolving.<\/p>\n
\u201cThere\u2019s really two perspectives there,\u201d he said during the Association of the United States Army\u2019s annual meeting in October, which was held virtually this year due to the COVID-19 pandemic. \u201cFirst, the enemy continues to evolve their tactics and the ways they try to get around our defenses. But also, technology evolves \u2026 and the technologies that will be leveraged by the enemy as well.\u201d<\/p>\n
It is also difficult to recruit people for the cyber industry, said Ryan Bagby, the company\u2019s director of cybersecurity academy, cybersecurity, training and services. A Raytheon case study found that it is very challenging to find qualified individuals to fill these roles. Because of this, the company has focused on training its current employees in cybersecurity, he noted.<\/p>\n
\u201cThe global cyber talent gap that we\u2019re seeing in the projections next year [is] expected to be 3 million \u2014 that\u2019s how many employees are going to be needed in this field that aren\u2019t available right now because there aren\u2019t enough people to do those roles,\u201d he said.<\/p>\n
Additionally, the military will likely continue to compete with private industry for cyber talent, Charles noted. Some steps the services are taking to combat this challenge include putting more focus on its reserve forces, which may have people who already possess the necessary technical skills.<\/p>\n
On the civilian side of its cyber workforce, the Air Force\u2019s retention rate has been steady, service spokesperson Capt. Clay Lancaster said in an emailed statement. Over the last seven fiscal years, information technology and management losses had an average retention rate of 91.2 percent, he noted. Generally, retention of the Air Force\u2019s uniformed cyber personnel has been sufficient, though this varies with pay grades.<\/p>\n
\u201cRecruitment remains a challenge given competition with the private sector and the high demand for cybersecurity professionals,\u201d he said. \u201cGreater use of hiring incentives and other compensation flexibilities will facilitate continued progress toward higher retention across all cybersecurity disciplines.\u201d<\/p>\n
One of the Air Force\u2019s top efforts to train its cyber personnel is the Digital University, which provides 33 different cybersecurity courses. Since June, more than 3,500 Air Force and Space Force professionals have completed over 6,000 hours of training in areas such as cyber operations, machine learning, software development and data science, he noted.<\/p>\n
\u201cRight now Digital U is a top focus area for cybersecurity initiatives,\u201d he said. \u201cDigital U is our digital transformation effort and really gets after how we train, assess and certify digital skills\u201d within the Air Force.<\/p>\n
The switch to widespread remote work and use of commercial communications systems has also changed the focus of the service\u2019s cybersecurity training, he noted.<\/p>\n
\u201cGreater emphasis is being placed on cybersecurity topics applicable to both government and personally owned IT systems and capabilities, through multiple message channels such as the AF Portal and social media in addition to the standard command channels for information distribution like email notices to airmen on cybersecurity topics,\u201d Lancaster said.<\/p>\n
The service is using its nascent 16th Air Force group to glean lessons learned about the cyber environment, he noted. Last year, the service created the new information warfare group to focus on such capabilities that combines cyber, global intelligence, surveillance, reconnaissance, electronic warfare and information operations. Under Air Combat Command, the organization was activated at Joint Base San Antonio-Lackland, Texas, in October 2019, and became fully operational in July of this year.<\/p>\n
\u201cThey are at the \u2018front lines\u2019 to see what the latest cybersecurity threats are and how they are evolving,\u201d Lancaster said. \u201cThese valuable insights can be turned into lessons learned and training opportunities for airmen across the force.\u201d<\/p>\n
Training is expected to remain on the forefront of the Air Force\u2019s mind, with cybersecurity training being a top priority.<\/p>\n
\u201cThe Department of the Air Force has realized that if we fail to aggressively expand our digital talent, we will be faced with an insurmountable knowledge gap compared to our peer adversaries \u2014 particularly with cybersecurity training,\u201d he said.<\/p>\n