Ensuring the Feasibility of Zero Trust
The 16th Air Force’s 688th Cyberspace Wing is making sure operational and engineering aspects of missions and base operations work with zero trust.
The U.S. Air Force is pursuing zero-trust architecture on a level not seen before with the lead command, the Air Combat Command, driving many initiatives with a comprehensive view to employ zero-trust architecture across the service’s bases, weapon systems and mission environments. Supporting the cyberspace and engineering side of the effort is the 16th Air Force’s 688th Cyberspace Wing. The breadth and depth of the Air Force’s effort on zero trust has even surprised the wing’s branch chief for Cyber Enterprise Engineering, Hunter Hodges, who has been working on the effort for the last few years.
“Zero trust is really promising to improve user experience, the availability of our networks and systems, and simultaneously, it is going to strengthen our cybersecurity,” Hodges told SIGNAL Magazine in a recent interview. “It is big, it is bold, and it is ambitious. In my career, I’ve never seen such great unity of action and effort toward a single problem set. It is one of those great stories about how the big Air Force has been able to come together and tackle this.”
Dual-hatted as also the section chief for Information Warfare and Innovation for the 38th Engineering Squadron, a tactical unit in the wing, Hodges, and wing and squadron personnel, have aligned underneath the 16th Air Force’s zero trust lines of effort. He is overseeing the wing and squadron personnel that are part of 16th Air Force Operational Planning Team (OPT) or are directly supporting the Air Combat Command (ACC) and the service’s zero trust task force. An electrical engineer who has worked in the cyber/information technology community for his entire career, Hodges has been at the wing for 12 years.
“Within the wing, we operate and defend the Air Force information environment,” the branch/section chief noted. “And in my role as branch chief within Enterprise Engineering, we work with our engineers at lead command and acquisition partners to really make sure that the designs, requirements and any sort of technical guidance, is actually what is coming out of the acquisition community and those solutions are valuable to the operational community.”
Hodges confirmed that the wing’s input to the Air Force’s zero trust task force—which has “participation from just about every organization in the Air Force,” according to Stephen Haselhorst, chief technology officer (CTO) at the ACC’s Directorate of Cyberspace and Information Dominance (A-6), who is leading the task force and the service’s zero-trust effort—is from a feasibility and operational perspective.
“Our role is really to ensure that our operators within our wing, whether they are in network operations or security operations, can fully embrace a zero-trust architecture, and [the related] technologies and capabilities that are being tested and deployed. We're collaborating directly with lead command and our Air Force acquisition community, which is allowing the Air Force to be very agile in implementing zero trust.”
Meanwhile, the wing and squadron personnel are “an active” part of the OPT, which is a supporting element to the task force. The OPT is led by the 16th Air Force A-6, first by Col. Rick "Rico" Johns, USAF, and now by Col. Christopher Robinson, USAF. The OPT is assisting in the design of the Air Force’s two main use cases of zero trust in development now, the pilot program at Patrick Space Force Base, Florida, which will apply zero-trust architecture to the launch enterprise and the pilot effort at Beale Air Force Base, California, to add the comprehensive cybersecurity measure across the base’s operations.
“Right now, the OPT is focused on two major use cases,” Hodges explained. “The first is Patrick, which is a U.S. Space Force installation. We are addressing how zero trust would work underneath a mission system. The second use case, at Beale, an Air Force installation, looks to experiment with more of a traditional base network and how we deliver enterprise information technology services in a zero-trust capacity. We're taking those installations, which we selected based on various criteria in collaboration with the ACC, and we are doing [the pilots] so that we can get really good at the basics. That is something that zero trust requires.”
Getting back to basics means improving network sensors, instrumentation and data collection as well as harnessing advanced analytical capabilities, Hodges shares. “We're hoping to gain insights into how our networks are working, what the airmen are doing on those networks and what technologies are [active] on the networks,” he said.
And while on the outset the launch enterprise is different than Beale’s traditional enterprise—“there are unique differences to each one of those,” he noted—Hodges sees more similarities in applying zero trust to both facilities. “In the 688th and really in the 16th Air Force, we are taking a much more operational approach to how we address zero trust, and when we look at security and defense of the networks, there's some interesting differences but there are also a lot of similarities,” he clarified.
In addition, Hodges is working to include the human aspect into the zero-trust efforts. “Our role is really trying to fuse in the human element,” he specified. “We have all the operators, so, we are looking at the people and the processes and how they fit into zero trust. This can be anything from training programs to refining our tactics, techniques and procedures. We're here so that in the future once this is all deployed and implemented, if there is a compromise and things start to escalate, we can respond in a very disciplined manner with a high degree of speed, precision and agility. It is really giving the commanders the options that they need to execute the mission.”
The branch/section chief acknowledged that one of the biggest challenges so far in implementing zero trust is “institutional inertia,” he said. “We've done things in a particular way for so long it's hard to change our thought process. Things that we thought were known truths are no longer considered true. But it is really great how our leadership within the Air Force is helping to break through those barriers.
"[Air Force Chief] Gen. [Charles Q.] Brown’s ‘accelerate, change or lose,’ is an excellent example of this,” Hodges continued. “Then we have the executive order on zero trust from the White House that shows us that we are on track. It is really a great feeling knowing our most senior leadership is supporting the effort, and so any uncertainty that we have from these challenges is all put to rest very quickly.”
Hodges also confirmed that the 688th Cyberspace Wing is going through a reorganization, which will provide a better support structure for their efforts.
“We're trying to maximize our time for our airmen by experimenting with moving support roles into traditional A-staff roles,” he said. “We've consolidated all of our tactical units underneath a single colonel, the A-3 director of operations, versus having all those units fall under different group commanders. This means our operators can really spend more time operating and training. So, those projects [like ZTA] are being executed at the staff level versus at the tactical unit, so it's using our economy of force to gain some optimization.”
The organizational structure, combined with support from the most senior officials down to the wing and squadron’s tactical airmen, sets their ability to drive change, but Hodges emphasizes that it must be a comprehensive mindset to adapt to a zero-trust information environment.
“Zero trust isn't just about changing technologies and architecture,” he stressed. “It's really an idealistic approach. We tend to look at it as more than just employing security stacks and technologies. We are really looking to create outcomes and not make this a thought exercise. Our operators, as I mentioned, are responsible for running and defending the network. We want to be contributing toward that architecture. And any sort of experience or lessons learned, we want that [to go] into the planning and design criteria so that when it does get deployed it is of value.”
This article is SIGNAL Magazine's third piece in a series about the U.S. Air Force's significant expansion into zero-trust architecture. The first article, Air Force Greatly Widens the Aperture on Zero Trust, examines the Air Combat Command's 18-month plan to implement zero trust and its comprehensive view to employ the cybersecurity measure across its bases, weapon systems and missions. The second article, Zero Trust Is Key Enabler of Air Force’s Agile Combat Employment, looks at the service's first main use cases in applying zero trust to support Agile Combat Employment.