To achieve modern cyber survivability, the Air Force must transition to an integrated model of Cyber Threat-Based Mission Assurance as a Service, delivering end-to-end cyber surety by combining penetration testing, vulnerability patching, and active defensive cyber operations into a single, unified unit of action. To operationalize this framework, what specific authorities, responsibilities, and resources would need to be realigned across the enterprise, and where would that command realignment best be suited?
Crucially, this active defense pipeline must be paired with a model that clearly depicts operational mission risk reduction in relation to the resources expended (such as cost, time, and man-hours) on administrative security mitigation efforts, including STIGs, software patches, and configurations. How can we build a defensible framework that empowers mission owners and Authorizing Officials to confidently defend decisions to monitor rather than immediately mitigate low-impact risks—especially those with no demonstrated adversary activity or those that clearly do not impact overall mission security if implemented? Ultimately, how can the Air Force merge these risk-informed trade-offs with an end-to-end threat-mitigation pipeline to optimize active defenses and prevent operators from wasting finite man-hours on endless, low-value administrative compliance?
- Anderson, Lt. Col Steven, "Air Force, Cyberpower, Targeting: Airpower Lessons for an Air Force Cyberpower Targeting Theory," SAASS thesis, 2013, 162 pgs.
- Welcome, Erick O. Lt Col (USAF) "Air Force Mission Defense Teams: Not Your Grandparents Communications Squadron" 2019 AWC PSP, 20 pgs.
- Wittmaack, Capt. Philipp M., "Mission Defense Team Training Gap Analysis," SOS AUAR Paper, 2021, 9 pgs.
- Ferringer, Lt. Col. Matt, "Beyond Blame: Learning from Jack and Fortifying our Digital Security," AF Fellows paper (SECDEF Executive Fellow, Barclays), 2024, 3 pgs.