In this Q&A with Dave King, chief technical officer and senior fellow for Cyber Systems at General Dynamics Mission Systems, we discuss: the importance of evolving data-protection systems; the pros and cons of Type 1 vs. Commercial Solutions for Classified (CSfC) vs. Cryptographic High Value Products; and the role encryption will play in the Great Power competition.
Breaking Defense: What do you see as critical information security needs of the military, especially in light of the Great Power competition and all-domain operations? Where do the gaps exist?
King: Information is a strategic asset and protecting it against adversaries and cyberattacks is crucial to the security of the American people and protection of our nation’s intellectual property. On one hand, you have the need to know, on the other hand, the need to share – the two are conflicting at times.
To ensure the integrity and security of the critical information as attacks are becoming more prevalent and complex, the solutions you integrate for network or storage protection, as well as user access, must be standards-based and modular. We are no longer in the times when you can deploy a crypto solution for 10+ years to secure against nation-state adversaries.
Our security solutions must modernize to integrate cleanly into the new weapon systems to give us the competitive edge. An example would be strong data protection for new, unmanned systems or the explosion of telework environments. Solutions from five years ago may not meet the needs of evolving missions. We need continuous adaption and upgrades to stay ahead of nation-state adversaries.
Another critical piece is military interoperability not only between the U.S. Department of Defense but with Five Eyes and coalition partners. The ability to enable secure communications and data sharing with partners and allies in a dynamic and modular way allow us to make decisions faster and act at the speed of mission relevance.
And finally, the most important critical need is ensuring a trusted supply chain. Both hardware and software products used to protect classified data must follow high-assurance development requirements and processes. A secure supply chain must include security and interoperability standards to ensure components are only from trusted and validated sources.
This is something inherent to traditional Type 1 crypto solutions as opposed to other commercial products or even layered commercial solutions like Commercial Solutions for Classified (CSfC).
Breaking Defense: For our readers who might not be familiar with Commercial Solutions for Classified (CSfC) vs. Type 1 security, what are the considerations for high-assurance in enterprise and tactical missions? Please explain and also connect to the missions and applications used by the military. Why should they care about this?
King: Both CSfC and high-assurance Type 1 solutions can be used to protect classified voice and data communications, but the security approach and lifecycle cost differ quite a bit. Choosing the right security solution should really be based on all your mission needs, which can be difficult to balance; there are many considerations to weigh.
The first thing is risk acceptance. How much risk are you willing to take based on your mission and the security level of the information you are protecting? Type 1 is National Security Agency (NSA) certified for broad use, while CSfC is an NSA approved way of building a solution with the layering of different products. This tends to make CSfC application specific and thus your local Designated Approving Authority (DAA) will need to assess and manage all of the residual risk.
A key point from earlier is supply chain. As I mentioned before, the supply chain for commercial-based products is not as rigorous as Type 1. The configuration management for Type 1 is regulated by the government, which is not true for purely commercial security products; this tends to add additional supply chain risks to CSfC solutions. Type 1 is certainly more trusted.
Another factor is interoperability. NSA Certified products ensure end-to-end interoperability to the government specifications (e.g., HAIPE or EDE-CIS) regardless of product vendor. The government requires all Type 1 network encryptor vendors to pass a well-defined series of interoperability tests.
There are other features that are typically found in Type 1 that are not built into Commercial Off The Shelf (COTS) products. First, there are environmental concerns that dictate the need for MIL-STD ruggedization and TEMPEST protections.
Second, there are mission focused features like Render Useless Zeroize for unmanned or leave-behind applications. Finally, the layering approach associated with CSfC can often degrade performance and add size, weight, power, and cost to tactical solutions.
I think there is a lot of confusion in the market about cost comparisons of the two solutions. Network administrators, users, and contracting specialists should really look at both capital and operating expenditures over the lifecycle of the solutions to get a realistic view. I know we have had customers surprised at how the costs for design, implementation, patching, and yearly registration of CSfC solutions add up. There is a perceived advantage of COTS devices and that is handling.
To address these gaps, the government has introduced Cryptographic High Value Products or CHVP encryptors. These products aim to bridge the mission gap – joining the high-assurance security of Type 1 products so you get the trusted security and supply chain but with reduced handling and accountability that COTS products offer. I would recommend that your readers check out the GD Live webinar on this topic by visiting gdmissionsystems.com/chvp.
Breaking Defense: What are the ideal data-protection solutions to address warfighter needs in the present tactical scenarios as they relate to JADC2 and distributed operations, as well as continuing operations related to anti-terror?
King: Many of the same key points discussed earlier relate to the Great Power competition. The benefits of Type 1 high-assurance protection of classified data apply here, as well. The goal of JADC2 and all the related programs including ABMS, Project Convergence, and Project Overmatch aim to establish an interconnected tactical network that enables the sharing of sensor data between all military branches in every domain – land, air, sea, space, and cyber.
These programs are gearing up to drive toward the right information brought to the right people in a secure manner. Secure access to this information is sure to give us a competitive advantage but again security and interoperability are critical, and must be transparent to the consumers of the information on this network.
It must be interoperable with multiple systems and multiple users in multiple countries. We need warfighters focused on decisive actions of the mission, not the logistics behind a secure network or having security be a bottleneck to performance.
Another important element of joint programs where the internal and external attack surface is broadened is end-to-end encryption and strong authentication present at critical-entry points. Network security and confidentiality remains an important element of today’s network architectures, including in micro-segmented Zero Trust frameworks.
I would also say that security solutions at the tactical edge like the TACLANE Network Encryption or Tactical Cross Domain Solutions need to right size to the individual user application and be interoperable all the way back to the enterprise and cloud-like infrastructures. Providing this range of security is an imperative because our nation’s adversaries will go after the weakest link in the chain.