The Army is about to enter pilot testing on a new software system to help commanders in the field respond more nimbly to rapid variations in cyber threats.
Known as the Assured Compliance Assessment Solution (ACAS) Reporting Toolkit, or ART, this capability aims to provide commanders and program managers with the most up-to-date information available on their own cyber posture and to help keep those defenses current.
Designed by Army’s Program Executive Office Command Control Communications-Tactical (PEO-C3T), the ART solution addresses multiple challenges including a lack of centralized control over security in battlefield applications, known as clients.
“Right now every tactical unit has their own domain. We don’t have administrative privileges over those clients,” said Chief Warrant Officer 5 James Ebeler, who spearheaded the project for Army Network Enterprise Technology Command (NETCOM). “We want to be able to see all clients, to see the [security] compliance level within those clients so then we can patch those vulnerabilities,” he said.
To that end, NETCOM expects to launch a pilot of ART soon at the regional cyber center at Fort Huachuca, Arizona, with an expected rollout to tactical units in early 2017.
The Army has faced a number of challenges in recent years as it tries to address a cyber landscape that changes rapidly and constantly. To meet the threat, defenses must be kept current, but that doesn’t always happen when each unit is left to manage updates for itself, and to self-report on its security status.
“We rely on each unit to give us their compliance data, but there is always human nature in the way,” Ebeler said. The process of manually assessing and reporting security status can be time-consuming, inconsistent and prone to error. “We are looking to take that human element out of the equation, to get that information from the system itself.”
The ART solution can draw information from potentially hundreds of networked systems, can isolate vulnerable segments of software in minutes, and can rapidly implement needed security patches. Information on these updates is simultaneously fed into the Department of Defense Cybersecurity Scorecard, a tool for gauging how well different systems and units are protected against cyber threats.
Initial testing will evaluate the tool’s performance in battle command systems and intelligence platforms. Once fielded, the system might be used to secure fires control and a range of other systems.
Such a tool could be a significant enhancement to the Army’s sometimes fragmented cyber landscape, said Jim Christy, former director of Futures Exploration in the DoD Cyber Crime Center, and now vice president of investigations and digital forensics at cybersecurity provider Cymmetria.
“The Army does not have one homogenous network. The services have every kind of system and configuration imaginable to best serve the functional requirements of that specific unit,” he said.
The situation is analogous to that often seen in the private sector, he said, where a large company that has acquired many smaller firms may find itself saddled with that a diverse combination of operating systems, software and networks. ART could potentially help keep cybersecurity current, to the extent that it is able to identify and rapidly remediate specific configurations and vulnerabilities.
Pilot testing should help planners to address what Ebeler suspects may be the primary hurdle in ART’s eventual implementation: That is, the learning curve for field commanders as the new system is implemented, as units are tasked with making configuration changes to systems where vulnerabilities have been identified.
“We are in the process of writing the tactical techniques,” he said. “We want to get to the point where any soldier can take this and understand exactly what they need to do to their box.”