The National Guard is standing up cyber warriors to protect the vulnerable critical infrastructure in the communities where they serve.
A team of 10 Ohio National Guard cyber warriors has been selected to participate in a pilot program designed to protect critical infrastructure that services military installations. The Ohio National Guard Cyber Mission Assurance Team (CMAT) participated in a network and industrial control systems threat assessment exercise as part of Cyber Shield 19 at Camp Atterbury, Ind., from April 5-19, 2019.
“The Cyber Mission Assurance Team we’re piloting was designed to fill a gap in mission assurance for Department of Defense critical infrastructure outside the gate,” said Col. George R. Haynes, Chief of Cyberspace Operations, National Guard Bureau. “Inside the post we’re able to do a pretty good job. But once we get outside the post, we don’t really have a person that’s focused on the area of responsibility outside the post with our mission partners.”
The focus of the CMAT will be those companies that provide vital infrastructure to military installations like electricity, telecommunications and water. It is these aging industrial control systems that are vulnerable to cyber-attacks.
“By and large, the suppliers and mission partners that are providing services to these Department of Defense facilities use industrial control systems,” said Army National Guard 1st Lt. Jeff Archer, Ohio National Guard CMAT, Deputy Team Lead. “Anything from power to water treatment would be considered an industrial control system and would be in scope of our vulnerability assessment process.”
The team reflects recent initiatives by the Department of Defense to develop partnerships with industry and local and state government to address vulnerabilities in our nation’s critical infrastructure.
“We work primarily in the civilian space,” said Capt. Scott Jackson, Ohio National Guard CMAT Team Lead. “We engage with the civilians to do vulnerability assessments and control reviews to ensure mission effectiveness. A good example of would be a utility company that provides a service like power to a Guard base or an active-duty base. We would provide assessments in scope of the service that they provide to the base. If there were a vulnerability we could detect that vulnerability and partner with that company to ensure that the risk is mitigated.”
The National Guard has the unique opportunity to partner with some of the more vulnerable infrastructure partners in the nation. With armories located across smaller city and rural communities, National Guard installations have many infrastructure support mission partners.
“The CMAT partnership will be great for those medium to small-scale companies that might not have the resources for threat and vulnerability management,” said Christopher Pitts, Duke Energy, Charlotte NC. “It would be perfect for those quick-hit scenarios where we might not be able to deploy in a timely fashion. We would be able to partner with our government friends to ensure that we are mitigating threats quickly.”
The National Guard CMAT team are citizen Soldiers and Airmen, one of its greatest strengths. The team are professionals that also work in the security and utility sector.
“We do have full-time people in the CMAT,” said Archer. “But we mostly have traditional Guardsmen and they bring a rich background of different skills. We have several civilian and government employed security analysts. We have infrastructure professionals that, while they don’t work in security, the knowledge that they bring to the team provides us a whole new and invaluable perspective.”
Effective communication between military and civilian partner agencies will be a primary focus of the team.
“It takes a unique skillset in this mission as opposed to our traditional cyber mission,” Said Jackson. “Up until now, all of our engagements have been military to military. This is engaging directly with civilian entities so there may be a different approach. We might have to retool a little bit to be more approachable and civilian friendly. And so that is something we will focus on with our reporting and our engagement.”
The CMAT team gained experience with civilian partners at Cyber Shield 19, where they were paired with industry-provided network owners. The event provided the opportunity for the team to get comfortable with members of the industry that it will soon be serving. It also provided an opportunity for infrastructure and industry partners to see the National Guard’s cyber defense plans for the future.
“I see a lot of value in the CMAT team,” said Pitts. “To strengthen the cyber posture of all of our states is in our best interest. I think CMAT is that next evolution of our infrastructure protection.”