Defense

Legacy systems, hygiene top Air Force 2017 cyber list

USAF CISO Pete Kim is working on instilling cyber hygiene and securing legacy systems.

The Air Force's cyber priority list for 2017 includes updating legacy platforms, hardening mission systems, building cybersecurity into new acquisitions and making Air Force personnel more cyber secure, the Air Force CISO told FCW.

After addressing the audience at the 2017 Institute for Critical Infrastructure Technology Winter Summit, Pete Kim told FCW that," this is the year of actually doing a lot of the work that we talked about last year."

In the fall of 2016, the Air Force announced a comprehensive, long term Cyber Campaign Plan with seven lines of effort. Kim said that the current focus, funding and authorities are in place to address legacy systems and mission thread analysis.

"I think we have a good idea of what to do and what to start on," he said about removing vulnerabilities from legacy systems. Without going into specifics, Kim said that there will likely be news in the coming months of progress on those efforts.

Kim said that those upgrades, along with eliminating vulnerabilities from mission systems are "easiest to knock out," this year.

"We're about to release some guidance on doing some cybersecurity hygiene basics on some of our mission systems that I think will increase the resiliency and bring down the operational risk that some of our systems have right now," he said.

Looking at future systems, Kim said that Air Force acquisition officials need "to make sure that industry knows what is expected of them and what they need to do to make their systems cyber resilient and cyber secure. It's going to be a coordinated effort across the department."

Another initiative in the works is the expansion of World Wide Technology's Tanium network defense system from the Air Force net to its secure network and support and mission systems.

Lastly, Kim said he will be focused personally on education, awareness and deepening cyber practices within the Air Force -- especially among the younger service members.

"The younger folks out there, I want them to be more cyber aware, that's probably my responsibility to make sure they have the education and are equipped with the tools for that deep cyber awareness," he said.