Weapon and Space Systems Cybersecurity

Close

Mitigating risk for defense and intelligence missions

Cyber adversaries are constantly targeting U.S. weapon and space systems: At every turn, they look to undermine the missions and capabilities of the Department of Defense (DOD) and the intelligence community (IC). To get ahead of these threats, the program offices that develop, buy, field, and sustain the platforms must make urgent cybersecurity improvements.

Program officials need to increase protection for both fielded systems and new ones in development. Legacy military systems were never designed to meet current cybersecurity standards. What’s more, new acquisition programs have their own issues: The Pentagon’s director of operational testing and evaluation (DOT&E) reported some programs are not survivable against cyber threats and lack the capability to detect, monitor, or alert operators of a potential cyberattack.

“U.S. weapon and space systems must be secure and resilient. Analyzing cyber risks to missions can enable system owners and operators to effectively and cost efficiently mitigate these risks to the greatest extent possible. In addition, acquisition programs need to research how they might apply zero trust principles to outpace emerging threats.”

Booz Allen's Approach

While there are existing processes to assess and authorize weapon and space systems for operation, these processes alone are not sufficient to characterize and address the threats to missions posed by a nation-state cyber adversary. In addition to a Risk Management Framework (RMF) process, programs need a more robust risk assessment regime that focuses on potential attack paths, threats, and how a cyber effect could degrade or disrupt mission capabilities. Our mission-based cyber risk assessments bring together program officials, developers, operators, and defenders to discuss risk and how it can be mitigated or monitored to ensure mission success.

DOD is determining how zero trust will be implemented when it comes to weapon and space programs. Cyber assessments of military exercises have shown zero trust principles can help protect critical DOD missions. Applying the principles to weapon systems, however, is particularly challenging for multiple reasons. Also, before introducing security technologies, programs must ensure they won’t inadvertently expand the attack surface. A balanced approach considers engineering, cyber operations, and assessments of likely threat tactics. Organizations that must implement zero trust can use a maturity assessment to gain insights, set targets, and move ahead.

Booz Allen stands ready to help strengthen cybersecurity for critical programs and missions. We help DOD and the IC:

  • Identify mission risks through threat-informed mission-based cyber risk assessments of systems at every phase of the weapon and space systems lifecycle
  • Identify threats by applying a deep understanding of adversary threat systems and tactics, techniques, and procedures (TTP)
  • Demonstrate the vulnerabilities, impacts, and mitigations using cyber digital twins, cyber-physical test beds, and wargaming
  • Detect cyberattacks with cutting-edge data bus monitoring capabilities
  • Prioritize and remediate mission-relevant vulnerabilities to improve mission success
  • Conduct cutting-edge research in resilient architectures, technologies, and zero trust

Learn More About Our Weapon Systems Cyber Solutions

Mission-Based Cyber Risk Assessments
 
Download Factsheet
Cyber Digital Twin Framework
 
Download Factsheet

Meet Our Experts

Click to view Dave Forbes
Dave Forbes
Click to view Ann White
Ann White
Click to view Rob Miller
Rob Miller