JOINT BASE SAN ANTONIO-LACKLAND, Texas —
24th Air Force – Air Forces Cyber (AFCYBER) recently declared initial operational capability (IOC) of its newest cyber weapons tool, the Automated Remediation Asset Discovery (ARAD) Dec 15, 2016. ARAD is a modification to the AF Cyber Security and Control System (CSCS), a cyber weapon system declared IOC by Air Force Space Command (AFSPC) A/2/3/6 Oct. 20, 2014.
Early in fiscal year 2015, Lt. Gen. William J. Bender, Secretary of the Air Force chief information officer, directed 24th Air Force to perform a military utility assessment (MUA) on Tanium, a commercially available technology, regarding its operational utility. This MUA resulted in 24th AF updating operational requirements establishing the baseline need for ARAD.
Subsequent to the initial MUA, 24th AF recognized this type of commercial technology held the potential to radically improve endpoint baseline control, maintenance, health/hygiene, security and defense. Working through AFSPC, 24th AF updated the requirements for vulnerability management and defensive cyberspace operations (DCO) initiating the need for ARAD.
The objective of the ARAD system is to leverage leading-edge technology to comprehensively modernize and efficiently improve vulnerability management execution, DCO, system health, asset management, and situational awareness capabilities.
“ARAD brings improved speed and precision across the enterprise. We are excited about the potential ARAD holds to improve our situational awareness and cyberspace defense,” said Brig. Gen. Mitchel Butikofer, 24th AF vice commander.
The ARAD Team won the 2016 Department of Defense Chief Information Officer Team Award for Cyber and Information Technology Excellence for implementing this endpoint management technology.
“The team drove an unprecedented eight-month acquisition schedule to deliver tools that enable operators to identify and fix network vulnerabilities in seconds instead of weeks and the ability to detect, track, target, engage and mitigate adversarial activities in near real time. This solution can be leveraged across the federal enterprise,” noted a DOD article, "DOD CIA awardees excel in cyber, IT," by Shannon Collins, Defense Media Activity (https://www.defense.gov/News/Article/Article/1017250/dod-cio-awardees-excel-in-cyber-it).
What does this mean for the Air Force and CSCS?
ARAD will dramatically improve the management of discovering vulnerabilities and automatically remediate them within seconds to minutes, verses days or weeks across the entire enterprise. ARAD has the ability to discover and identify adversary activity and actions within seconds; alerting at the point of the infiltration and exploitation significantly improving AFCYBER DCO ability to respond more quickly and implement response actions more effectively.
With this concept to improve AFCYBER capabilities, the Air Force Life Cycle Management Center (AFLCMC), in close collaboration with AFSPC and 24th AF initiated a full and open acquisition resulting in the integration and employment of ARAD. This effort required AFLCMC, AFSPC, 24th AF, 688th Cyberspace Wing, 67th CW and Air National Guard to coordinate and implement ARAD on systems across the Air Force control portions of the DOD unclassified information network.
AFSPC and 24th AF are working with SAF, AF major commands, and DOD Services and Agency to implement ARAD capabilities across all Air Force networks and ultimately all DOD networks.
“This is the cyber platform we will fight from in the future,” stated Bender during his most recent visit to 24th AF.
As 24th AF-AFCYBER continues to balance cyber operations based on its six lines of effort, “Build, Operate, Secure, Defend, Engage and Extend,” it is evident advancing cyber tools and technology, such as ARAD, become a game changer for operations and defense. We are only at the beginning to understand its full, long-term potential.