HomeNewsArticle Display

AF revolutionizes cybersecurity risk management ensuring mission assurance

WASHINGTON (AFNS) -- The Air Force Chief Information Security Office continues to lead massive change to the way the entire service manages cybersecurity and risk across the five core missions.

The latest innovation is the roll-out of the completely redesigned Risk Management Framework – the formal policies and processes designed to empower Airmen to assess, manage and validate the cybersecurity risks of the tools and systems they operate, from computer programs to major weapons platforms. The new policy realigns the approval processes necessary to certify cyber tools and systems away from singular authority to a functionally aligned model.

This transformation places the risk decision where it belongs: with the experts utilizing those systems and tools to get the mission done. The policy adjustment also moves the Air Force from the antiquated compliance mandates to true risk awareness, mitigation and mission assurance.

The Air Force codified RMF in Air Force Instruction 17-101, “Risk Management Framework for Air Force Information Technology.”

"This policy is the first of my initiatives that hardens cybersecurity, protects the Air Force's key cyber terrain, and reduces the cyber threat footprint,” said Pete Kim, the chief information security officer.

The new process also adds clarification to the wide array of tools that fit under the cyberspace umbrella. No longer is the sole thought process about what constitutes a cyber system centered on the desktop computer and the network it connects to. As innovation drives formerly inert equipment to “smart” internet-enabled devices in an exponential way, so does the growth of the threat landscape expand exponentially.

This growth includes pieces of mission-critical and mission support programs from fighter aircraft to building's heating and cooling units. Formalization of a standard governance framework for cross-functional engagement is another key piece of the new policy enabling a truly integrated decision-making process.

The new framework decentralizes the risk assessment and authorization to authorizing officials with a defined cyber area of responsibility delegated by the Air Force chief information officer, Lt. Gen. William Bender. The Air Force has AOs assigned to key mission and functional areas from aircraft and weapons systems to logistics and finance.

This, combined with the vast functional area knowledge, allows the AO to compare the system's cybersecurity risk to the system's mission capability to authorize operations within cyberspace. The cyber threats may grow larger every day as more devices become internet enabled, but the Air Force's policy implements a framework that minimizes the threat landscape to mission assurance, making every Airman capable to fly, fight and win in air, space and cyberspace.

Engage

Facebook Twitter
The 6 finalists of @SecAFOfficial’s #SparkTank initiative will showcase their ideas to #USAF senior leaders at… https://t.co/5CDsmaW2aD
A setback just may have been the perfect setup to this #Airman's success. #KnowYourMil https://t.co/sCl0o7PTQj
A #USAF #F22Raptor is parked on the flight line on Feb. 11, 2019, @JBLENews. The jets were staged as part of a rout… https://t.co/jLVo8vgGeh
The @35thFighterWing & the Korat Royal Thai Air Base improve security & unite the #multinational force to accomplis… https://t.co/tw86O89624
Find out why these @455thAEW #Airmen must race against time in order to 'detect' and 'protect' in their deployed en… https://t.co/jzSl24cxZ2
.@USAFReserve Chief recently approved changes to the Active Guard Reserve program & plans to grow the program by si… https://t.co/at2UBLEa7q
"Without our @DeptofDefense and the components of it, & @FEMA, these #islands would not have been able to recover i… https://t.co/Zu25GmCMQC
We’re using #augmentedreality tech to provide more realistic training for our #maintainers, cutting time & breaking… https://t.co/kzfErH8tmP
RT @SecAFOfficial: Strong words from @SenFischer: The face of 21st century warfare is changing. We must meet this challenge head on. The U.…
Thanks to the partnerships #Airmen built within their community, the @Dodgers hosted the first Los Angeles “Enlistm… https://t.co/B6dYDIfVvB
Election to the @theNAEng is among the highest professional distinctions afforded to an #engineer. For one #USAF en… https://t.co/iCL59ciOxD
.@HQ_AFMC modernizes aircrew safety with new technology. https://t.co/eBpCF3gk33
What would you do if you witnessed a severe car accident? This @MacDill_AFB #Airman's quick thinking ultimately sav… https://t.co/K1cacCZAab
An #F16 flies over the coast of #Florida during a training sortie during a deployment @45thSpaceWing, Feb. 4. (Air… https://t.co/XgQEIpNI4p
RT @SecAFOfficial: We make it real. Fielding solutions faster & smarter. @usairforce https://t.co/n4kCs4WvPi https://t.co/EyZgqgpd9M
RT @AirmanMagazine: This hands-on training exposes Flight Nurse and Aeromedical Technician Course students to various types of wartime inju…
RT @AFThunderbirds: #blackhistorymonth: In 1964, Lloyd “Fig” Newton’s interest peaked when he saw the #afthunderbirds demonstration perform…
Meet Eden. She's not just a therapy dog; she’s a liaison of information between the #USAF and the @USArmy.… https://t.co/hVXFubZws7
The #USAF's partnership w/ the #RoK continues to build through joint training. Find out how this #pilot's training… https://t.co/Qb12jUdTHr