The Future of Warfighting: Integrated Cyber Weapons

The Way Ahead

Evolve the baseline for requirements

The immediate challenge is propelling JCWA from its current state—the outcome of an initial attempt to acquire and field a cyberspace operations capability—to its future state: a fully integrated cyber weapons system accelerated by a partnership between the government and contractors who can demonstrate the rapid evolution of systems, utilization of new approaches for refactoring data, and extensive experience advancing information sharing across environments. Partnership with industry that provides for incentives and requires service-level agreements for outcome-based delivery against dynamic needs will provide alignment to the pace and complexity of the mission. Minimum viable solutions should be vetted in months, not years—and contractors should be utilizing parallel baselines, which mirror current delivery, to reduce risk. Contractors should be selected and maintained based on outcomes and responsiveness and held accountable for bringing the most recent capabilities in using scalable and secure infrastructure across mission needs. 

“Superior strategic effects depend on the alignment of operations, capabilities, and processes, and the seamless integration of intelligence with operations.”

Take a data-first approach

All domain operations require secure, ubiquitous access to data across multiple disparate networks, including non-defense networks and weapons systems. Sensors and weapons systems must employ open data standards to optimize data flow and advanced analysis. Data is the ammunition that feeds the entire weapons system, enabling the rapid execution of critical missions with advanced cyber solutions tailored to meet current and emerging needs.

Achieve security by design

The platform must protect sensitive data in real-time. Not unlike operators of software-centric 5G ecosystems, operators of the integrated cyber weapons system will need holistic protection that includes zero trust architecture (ZTA), continuous monitoring, development, security and operations (DevSecOps), and an expert workforce, as well as vulnerability research and embedded security. Analytics and automation, two of the seven pillars of zero trust, can rapidly drive security improvements—policy updates aligned to the other pillars—over time at scale through the entire ZTA. The same mindset can also accelerate the growth of JCWA’s arsenal. Just as the continuous development and deployment of new policies will be a critical enabler for secure and resilient cyberspace operations, so must the next generation of JCWA harness the power of automation and DevSecOps to develop full-spectrum cyber capabilities at scale rapidly. These software-based warfighting capabilities would be tailored to meet a wide range of specific mission objectives.

Be intelligence-driven and threat-informed

JCWA component programs must be ready for tomorrow’s cyber threats. Shadowing advanced threat activity via open-source and classified intelligence can help fill emerging knowledge gaps and sharpen the continuous development of JCWA’s defensive and offensive capabilities. Also, JCWA programs can make greater use of operational insights on adversarial tactics, techniques, and procedures (TTPs), including leveraging catalogs of the latest vulnerabilities concerning networks, hardware, and software. What’s more, stakeholders can gain further insights as DOD increasingly incorporates contested cyber environments in exercises and training for conventional and special operations forces (SOF): Capturing lessons learned could help support the acquisition of operationally suitable and effective cyber capabilities.

Gain advantage in the cloud

As JCWA moves increasingly to hybrid cloud environments to enable data sharing and other functions, stakeholders must make this pivot an advantage rather than a liability. Obstacles to avoid when moving to the cloud include mission-workload migration pitfalls, vendor lock, and rising infrastructure costs. In short, to achieve the interoperability envisioned, JCWA must enable warfighting software developers to focus more on their core missions and less on the IT infrastructure. Imagine how missions would benefit if JCWA components allowed users to develop applications, migrate data and manage infrastructure across multiple cloud service providers. What’s more, this data-driven weapons platform needs to be designed for real-time configuration management so the overall platform can rapidly reconfigure if one component changes.

Conquer cross-domain challenges

The software-enabled systems, sensors, and tools that make up the platform must incorporate novel ways of sharing data, enabling collective thinking, and distilling actionable insights, including harnessing the power of data analytics and AI/ML. In short, JCWA must rapidly manage and access data across multiple platforms and classification domains. Achieving permeability and agility across domains ranks among the top technical challenges for U.S. Cyber Command (CYBERCOM). JCWA systems will need to be designed and built to overcome three challenges that can impede the secure transfer of data across domains and among globally dispersed organizations:

  • Outdated data sharing processes: Missions often require cross-domain data flows moving up or down classification levels—typically across U.S. government unclassified, secret, or top secret/sensitive compartmented information (TS/SCI) networks. Yet the cross-domain solutions (CDS) and guard technologies that facilitate information sharing are proprietary appliances that are not designed for the breadth of data types, volume of data, rapidly evolving mission/partner environments, or the speed of information sharing required by today’s analysts and warfighters in evolving Joint All-Domain Command and Control (JADC2) environments. Also, many existing enterprise systems do not have a multi-level security (MLS) architecture to support data sharing, dissemination, and access to users with various security clearances and permissions.
  • Inability to meet AI’s insatiable need for data: AI/ML are essential for finding patterns, spotting anomalies, and moving toward predictive capabilities. However, enormous volumes of data are required to train and refine algorithms. That’s in addition to information that must be centralized for cross-domain imperatives such as cybersecurity and JADC2. Also, analytic infrastructure solutions are needed to provide computing power for developing, training, and deploying models/algorithms.
  • “One-off” software development: Software developers across DOD have been overloaded with workflows requiring custom applications to be developed and deployed in a complex operational environment, each undergoing separate security accreditation and authority to operate (ATO) processes. Also, custom software solutions may not follow modernized software design patterns.

Enable global partners

The 2023 DOD Cyber Strategy highlights the strategic advantage and imperative of protecting and reinforcing the United States’ global network of allies and partners. Increased collaboration with partners from industry and academia, foreign allies and partners, and interagency partners will bring significant advantages, and the future JCWA must address the challenges and opportunities presented by partner capabilities.

Learn how U.S. special operations forces can integrate training capabilities to strengthen future cyber warfighting tactics.

Next Steps

Above all, JCWA platforms must be designed and developed with a clear focus on the operational needs of warfighters who will use the technology to execute crucial missions. Simply put, the joint force must sense, understand, make decisions, act, and assess outcomes faster and more effectively than the enemy. Commanders must be able to see themselves, see the adversary, and see all other relevant actors, actions, and activities in the operations and information environments—all at mission-relevant speed. These “three sees” depend on secure and resilient networks, valid data, and predictable data flows. Here are a handful of recommendations for consideration:

  • Design, build, test, and maintain JCWA components with the security and resilience needed to deliver suitable and effective cyberspace operations, even in a degraded state, when facing tomorrow’s advanced unconventional threats. To understand and outpace emerging threats, take full advantage of open-source and classified intelligence, detection engineering, and reverse engineering.
  • Evaluate JCWA components with mission-based cyber risk assessments that include detailed functional thread analyses of the attack surface mapped to missions, system functions, and potential cyber vulnerabilities where cyber risk ratings and priority levels are determined for each point of entry into the system’s cyber boundary. Create attack-path vignettes describing potential operationally representative cyberattacks from source to target.
  • Focus on dynamic infrastructure provisioning to meet evolving mission needs and provide high scalability, availability, resiliency, and disaster recovery to support software, cyber, and AI/ML workloads.
  • Seek cross-domain solutions that are cloud-agnostic and provide an MLS solution to include supporting connections to networks that link to networks at the tactical edge. Also, such solutions should enable bi-directional flows to support needs like DevSecOps, JADC2 mission planning, and intelligence collection. Using an open platform built on government-owned off-the-shelf software can save costs without vendor lock. In addition, a modular architecture can provide flexible, reusable components that offer speed to mission, faster upgrades, and scalability for any complexity.
  • Consider proven, accredited cross-domain solutions to support analysis of capabilities for national security missions. Such accreditations could include Top Secret and Below Interoperability (TSABI), integrated with National Cross Domain Strategy and Management Office (NCDSMO) Raise the Bar (RTB) compliant guards. Leverage use-case models and lessons learned to inform the approach for discovering, accessing, disseminating, and effectively sharing data.
  • Use DevSecOps and machine learning operations (MLOps) to rapidly build, test, deploy, and operationalize capabilities at the speed of mission, including low-to-high (L2H) and high-to-low (H2L) delivery.

National security increasingly depends on full-spectrum cyber operations. Cyber forces need to uphold national defense, disrupt and dismantle emerging threats, and collaborate with international partners to advance shared goals in cyberspace. DOD and the industrial base have an unprecedented opportunity to make JCWA components a truly integrated weapons platform that is agile, scalable, interoperable, and resilient. Meeting these acquisition needs today will position the joint force to meet the operational needs of the nation tomorrow.

 

Learn more about Booz Allen's National Cyber solutions

1 - 4 of 8