Your risk tolerance in critical communications will guide your security solution – Breaking Defense Breaking Defense
In this question-and-answer session with Dave King, CTO and Principal Investigator for Cyber ââSystems at General Dynamics Mission Systems, we discuss: the importance of evolving data protection systems; the advantages and disadvantages of type 1 versus commercial solutions for classified products (CSfC) versus high-value crypto products; and the role that encryption will play in the competition of the great powers.
Breaking Defense: What, in your opinion, are the military’s critical information security needs, especially in light of competition from great powers and operations in all fields? Where are the gaps?
King: Information is a strategic asset, and its protection from adversaries and cyberattacks is critical to the security of the American people and the protection of our nation’s intellectual property. On the one hand, you have the need to know, on the other hand, the need to share – the two are sometimes contradictory.
To ensure the integrity and security of critical information as attacks become more frequent and complex, the solutions you integrate for network or storage protection, as well as user access, must be based on standards and modular. Gone are the days when you can deploy an encryption solution for more than 10 years to protect yourself against adversaries of nation states.
Our security solutions must be modernized to integrate properly into new weapon systems in order to give us a competitive advantage. An example would be strong data protection for new unmanned systems or the explosion of telecommuting environments. Solutions from five years ago may not meet the needs of evolving missions. We need continuous adaptation and improvements to stay ahead of the adversaries of nation states.
Another essential element is military interoperability not only between the US Department of Defense, but with Five Eyes and coalition partners. The ability to enable secure communications and data sharing with partners and allies in a dynamic and modular fashion allows us to make decisions faster and act at the speed of mission relevance.
And finally, the most important critical need is to ensure a reliable supply chain. Hardware and software products used to protect classified data must adhere to highly reliable development requirements and processes. A secure supply chain should include safety and interoperability standards to ensure that components only come from trusted and validated sources.
This is something inherent in traditional Type 1 cryptographic solutions as opposed to other commercial products or even layered commercial solutions such as Commercial Solutions for Classified (CSfC).
Breaking Defense: For our readers who may not be familiar with Commercial Solutions for Classified Security (CSfC) vs. Type 1 Security, what are the considerations for high assurance in corporate and tactical missions? ? Please explain and also log in to the missions and applications used by the military. Why should they care?
King: High assurance CSfC and Type 1 solutions can be used to protect classified data and voice communications, but the security approach and lifecycle cost differ significantly. Choosing the right security solution should really be based on all of the needs of your mission, which can be difficult to balance; there are many considerations to be weighed.
The first thing is to accept the risk. What risk are you prepared to take based on your mission and the level of security of the information you are protecting? Type 1 is National Security Agency (NSA) certified for wide use, while CSfC is an NSA approved way to create a solution with the layering of different products. This tends to make the CSfC application specific and therefore your local Designated Approval Authority (DAA) will need to assess and manage any residual risks.
A key point from earlier is the supply chain. As I mentioned earlier, the supply chain for commercial products is not as rigorous as Type 1. Configuration management for Type 1 is government regulated, which is not. for purely commercial security products; this tends to add additional supply chain risks to CSfC solutions. Type 1 is certainly more reliable.
Another factor is interoperability. NSA certified products ensure end-to-end interoperability with government specifications (for example, HAIPE or EDE-CIS), regardless of the product vendor. The government requires that all Type 1 network encryption vendors pass a well-defined series of interoperability tests.
There are other features commonly found in Type 1 that are not built into commercial off-the-shelf (COTS) products. First, there are environmental concerns that dictate the need for MIL-STD ruggedness and TEMPEST protections.
Second, there are mission-oriented features like Render Useless Zeroize for unmanned or left-behind applications. Finally, the overlay approach associated with CSfC can often degrade performance and add size, weight, power and cost to tactical solutions.
I think there is a lot of confusion in the market about the cost comparisons of the two solutions. Network administrators, users, and contractors really need to look at both capital and operating expenses throughout the solution lifecycle to get a realistic view. I know we have had customers surprised by how much the costs of designing, implementing, patching and annual registration of CSfC solutions add up. There is a perceived benefit of COTS devices and that is the handling.
To fill these gaps, the government has introduced high-value crypto products or CHVP ciphers. These products aim to close the mission gap – joining the high assurance security of Type 1 products so that you get the security and supply chain you trust, but with the reduced management and liability offered by COTS products. I would recommend your readers to check out the GD Live webinar on this topic by visiting gdmissionsystems.com/chvp.
Breaking Defense: What are the ideal data protection solutions to meet the needs of combatants in current tactical scenarios with respect to JADC2 and distributed operations, as well as ongoing operations related to counterterrorism?
King: Many of the same key points discussed earlier relate to great power competition. The benefits of Type 1 high assurance protection for classified data also apply here. The goal of JADC2 and all related programs, including ABMS, Project Convergence and Project Overmatch, is to establish an interconnected tactical network that enables the sharing of sensor data between all military branches in all areas – land, air , sea, space and cyber.
These programs prepare to deliver the right information to the right people in a secure manner. Secure access to this information will certainly give us a competitive advantage, but again, security and interoperability are essential and must be transparent to consumers of information on this network.
It must be interoperable with multiple systems and multiple users in multiple countries. We need fighters focused on the decisive actions of the mission, not on the logistics behind a secure network or whether security is a bottleneck to performance.
Another important element of common programs where the internal and external attack surface is enlarged is the end-to-end encryption and strong authentication present at critical entry points. Network security and privacy remain an important part of today’s network architectures, including micro-segmented zero trust frameworks.
I would also say that tactical edge security solutions such as TACLANE network encryption or cross-domain tactical solutions need to be tailored to the individual user application and be interoperable down to the enterprise and cloud-like infrastructures. Providing this range of security is imperative as our nation’s adversaries will attack the weakest link in the chain.