Beyond Bolt-On Cyber Security

Air Force Secretary Deborah Lee James, in her speech on Monday at AFA’s Air & Space Conference in National Harbor, Md., said the service needs to increase its focus and investment in cyber security. In particular, she said, the Air Force needs to build in cyber defense requirements for its networks and platforms rather than performing security patches after the fact, which she referred to as “bolting something on.” Brig. Gen. Sarah Zabel, the Air Staff’s head of cyber operations and information dominance, echoed James’ point, when she told reporters on Monday this means making security requirements unambiguous up front. Information and cyber security is a paramount concern especially since most of the Air Force’s major acquisition programs, such as the F-35, are heavily dependent on the development of secure information systems to be effective. When a major system is acquired, and it takes years to work through requirements, cyber security is all too often brought up at the end, she said. “I think in the past, we haven’t done as good a job articulating those requirements up front,” said Zabel.