Air Force officials focus on information protection

  • Published
  • By Tech. Sgt. Amaani Lyle
  • Secretary of the Air Force Public Affairs
The recent spate of cyber attacks against government systems has gotten the attention of the administration and the DOD. Just as flight altered the way the Air Force operated in the 20th century, the information explosion promises to shape the way the nation fights and wins its wars. 

In a recent directive memorandum, Air Force Chief of Staff Gen. Norton Schwartz wrote, "Our capability to protect information is a key enabler to sustain air, space and cyberspace dominance.  This capability is essential to the success of the Air Force mission and warrants special attention by every echelon of command." 

Because critical data is invaluable, cyber security remains among the new administration's top priorities. Today's warfighter faces persistent adversaries that present irregular, disruptive and potentially catastrophic challenges to U.S. information and security. 

As the cyberspace battlefield broadened, Air Force leaders created a new organization to effectively protect information across the enterprise. In 2007, the Information Protection directorate was formed to develop effective and efficient IP policies and processes to protect Air Force information and systems. 

"Our goal is not only to protect sensitive information, controlled unclassified information and classified information, but to ensure that the total force understands and can perform IP responsibilities" said Dan McGarvey, Information Protection director. 

IP refers to the collective policies, processes and use of risk management and mitigation actions instituted to prevent the compromise, loss or unauthorized access of information over its life cycle, regardless of physical form or characteristics. Mr. McGarvey also explained that as part of this effort the Air Force Security Advisory Group and Security Policy and Oversight Board were chartered to craft an information protection concept of operations that helps maintain and foster information superiority. 

Mr. McGarvey explained that IP touches every Air Force active-duty member, reservist, guardsman, civil servant and contract employee. 

"Regardless of rank or position we all have IP responsibilities," he said. 

To further this effort, the IP directorate hosted an IP workshop at Eglin Air Force Base, Fla., to exchange best-practice ideas about guarding information through the convergence of the various functional authorities responsible for IP programs. 

Attending the workshop were more than 130 IP team members from various major commands and installations that included directors, chiefs and support staff from international affairs, law enforcement, medicine and nuclear integration. The workshop's objective was for attendees to return to their duty locations with the same knowledge base to impart to their colleagues. 

"We want to change the culture of the Air Force to correctly protect information on behalf of the warfighter," said Jim Shamess, Air Force Security Policy and Oversight senior advisor. "We know vital information and systems are under attack and this gives us insight into the capabilities of our adversary to debilitate the Air Force without firing a shot." 

"The research and development community intends to stay ahead of the rest of the world with our technology, and when we compromise information, we, in a very thrifty way, give that advantage to the adversary," Mr. Shamess said. 

Air Force security experts emphasized the importance of ongoing transformation. 

"We have come so far, and yet have so much further to go," said William Davidson, administrative assistant to the secretary of the Air Force.  "Success requires an unending cycle of improved countermeasures against capable and changing enemies and their tactics, techniques, procedures and technologies." 

Mr. Davidson described the program as being on the "fast track for a converged organizational change about how we do security business." 

"When the Air Force fully implements the IP concept of operations, there will be a single entity that will safeguard all levels and types of information and institutionalize an enterprise-wide approach to IP policy development, implementation and oversight," Mr. Davidson said.