Enable breadcrumbs token at /includes/pageheader.html.twig

Mission Defense Teams Are ‘Not Going Away’

Air Force leaders dispel any myths about the end of use of the cyber protectors.

The U.S Air Force’s Mission Defense Teams, or MDTs, provide specialized cybersecurity to mission systems across the Air Force. Created in 2015, the MDTs are not going to be eliminated, despite rumors to the contrary, explained Air Force leaders speaking on February 21 at the AFCEA Rocky Mountain Cyberspace Symposium. The annual event is being held in Colorado Springs through February 23.

Over the last several years, the service’s Air Combat Command (ACC) endeavored to broadly put in place the defensive cyber teams to protect Air Force weapon systems. The MDTs offer a more targeted approach to persistent cyber defense, protecting the service’s most important warfighting components, such as an F-22 or an F-35, or key infrastructure like an air operations center, distributed common ground system or weather data.

The service also implemented a common weapon system and command-and-control structure for MDT operations. It added formal training at two bases, Little Rock and McGhee Tyson, supported by total force partners from the Air Force Reserve and Air National Guard. A cloud-based structure also gave the MDTs access to agile code that could be tailored for particular weapons systems. The effort also pulled the MDT-cybersecurity professionals, weapons systems maintainers and operators together as they built protections.

However, as the Department of the Air Force—including the Air and Space Forces—is pursuing a much-needed evolution in information warfare and a force design overhaul, skeptics warned that the MDT construct may not have a place. 

That all is just idle talk, confirmed Brig. Gen. Heather Blackwell, USAF, director, Cyberspace and Information Dominance, the A-6 for the ACC, who is oversees the MDT program. “No, the MDTs are not going away,” she said.

Instead, the teams are going to evolve with the environment and the technology shifts. And they are going to move from their starting point of just defending the Air Force Network, the AFNET, to protecting other infrastructure. “MDTs have been going on for a long time,” Gen. Blackwell said. “I remember back in 2015 when we started talking about these issues. And back then, the 688th [Cyberspace Wing], they have a hard job. There is a lot of AFNET terrain out there and there was terrain at that time that the 688th couldn't reach. So, establishing a team that could focus just on that terrain, get familiar with that terrain and make sure they knew how to defend it was greatly important.”

Under her predecessor, Brig. Gen. Chad Raduege, now the director of the Command, Control, Communications and Computers and Cyber Directorate and chief information officer, Headquarters U.S. European Command, the MDT concept was expanded. “Gen. Raduege took MDTs to the next level, seeing where else the threat vectors were coming from and what other sensors, we could use to detect people coming after not only our AFNET but also our SCADA systems or aircraft,” Gen. Blackwell shared.  

Image
Brig. Gen Heather Blackwell, the A-6 for Air Combat Command, sitting with Lt. Gen. Robert Skinner, director of DISA, emphasizes that the service's Mission Defense Team construct will continue. The leaders spoke at the AFCEA Rocky Mountain Cyberspace Symposium on February 21. Photo courtesy of David Marin, DISA
Brig. Gen Heather Blackwell, the A-6 for Air Combat Command, with Lt. Gen. Robert Skinner, director of DISA, emphasizes that the service's Mission Defense Team construct will continue. The leaders spoke at the AFCEA Rocky Mountain Cyberspace Symposium on February 21. Photo courtesy of David Marin, DISA

Cybersecurity capabilities and network sensors have now progressed to give the Air Force and its MDTs more tools to see cyber threats and provide protections. “The technology is changing as is our ability to sensor networks and our ability to onboard terrain into the CSSP [cyber security service providers] so that 16th Air Force can now actually see that terrain that they couldn’t see a long time ago, and we can feed data from those platforms so 16th Air Force can see that data wherever it is,” she explained. “So, MDTs are continuing to evolve with the terrain that they have access to and the sensors and the capability they have, along with our ability to do big data analytics.” 

Moreover, Gen. Blackwell would like to see the MDT concept applied to other areas. “I would argue that because the terrain constantly changes that team should not always just be cyber,” she ventured.

The idea for the ACC to use MDTs came from the old Air Force Space Command, which years ago stood up some MDTs and performed functional mission analysis to determine any cyber vulnerabilities of satellites. When Air Combat Command took over the cyber mission several years ago, they identified MDTs as an important protection piece. One of the original goals was to place MDTs across the entire Air Force, tying them into Air Force’s cyber protection teams.

Image
Lt. Gen. Kevin Kennedy
I think the key here ... is to design the capability, resource the capability and provide expertise and linkages to the greater cyber enterprise to our wings that are executing in and through the domain.
Lt. Gen. Kevin Kennedy, USAF
Commander, 16th Air Force

“I’m very passionate about MDTs,” Gen. Blackwell stated. “And we have to be open to the evolution that they are undertaking.”

However, before the MDT concept can even applied to other areas beyond cyber, Lt. Gen. Kevin Kennedy, USAF, commander of the 16th Air Force, would like to see that it does not impact what they have in place already.

“I think the key here, as General Blackwell mentioned, is to design the capability, resource the capability and provide expertise and linkages to the greater cyber enterprise to our wings that are executing in and through the domain,” Gen. Kennedy said. “The key for our commanders is ... that cannot come at the expense of your designed operational capability. The communications and cyber squadrons that we have at our bases are responsible for executing that designed operational capability. Anything that comes at that expense, we need to be very careful about and stepped in with that risk profile. It doesn't mean that we won't, but it just means that we need to take it deliberately as we go forward. And it's not a one size fits all.”

Enjoying The Cyber Edge?