Adding layers of security can help make computer networks more robust to prevent attacks, but it can also make it harder for legitimate users to gain access. The United States Air Force has sought to find a critical middle ground with a platform that can consolidate security-related data.
The Air Force Research Laboratory (AFRL), the scientific research and development detachment of the United States Air Force, announced this week that it has developed a new platform that could help streamline the service’s security operations, reduce data isolation and redundancy, and optimize resource usage across the security enterprise.
The Security Enterprise Communication and User Reporting Environment (SECURE) consolidates security-related information and data from multiple systems and users into a single platform, enabling security professionals to attain an enterprise risk picture more efficiently and stay ahead of adversaries.
“Within our security community, we have different mission areas that we each support, and the data is generally not shared between them. These sub-communities each have their own processes, though much of the data collected is common among all,” said Lucas Wellman of the Information Protection team at the Air Force Materiel Command (AFMC). “This tool captures the requirement and connects the communities, ultimately resulting in a more holistic mission risk picture for professionals across the enterprise.”
Advancing From a Pilot Program
SECURE is the first Total Air Force digital security enterprise system, and it includes a suite of tools for security process reporting, with the ability to build customized workflows and analytic reports. It began as a pilot program with the United States Air Forces in Europe – Air Forces Africa, with the initial release of SECURE’s foreign travel and foreign contact monitoring module providing the ability to accurately track the data required to meet reporting requirements for employees with security clearances.
According to AFMC, SECURE has already eliminated manual data entry processes, consolidated the data into one system, and ensured compliance with Security Agent Directive 3 – Reporting Requirements for Personnel with Access to Classified Information or Who Hold a Sensitive Position.
“Using SECURE allows USAFE-AFAFRICA to accurately track foreign travel and foreign contacts to meet reporting requirements that otherwise would be unmanageable due to the amount of travel reporting by personnel in our region. The manual process is cumbersome and time-consuming. With SECURE, once a profile is built in the system, the process is seamless,” explained Joel Alaimo, director of information protection at the USAFE-AFARICA Headquarters.
User Accessible Tool
Enoch May, strategic advisor for integration and operations at AFRL noted that security remains a top priority, but the research, development, and funding of new security tools has not been. One notable aspect of SECURE is the ability for users at all levels to input data into the system, which rapidly integrates information to generate an enterprise sight picture.
“I wanted to develop a tool that was specifically designed and created alongside the actual users,” said May. “The goal was to be able to empower the security professionals to be able to provide leadership with recommendations based on actual data trends.”
At the same time, security communities have different missions and processes for generating and analyzing data, even as much of the collected data is common among all of them. With SECURE, this data can be shared among the communities.
“We collect and have so many data points and useful information within the collective security community, but it often remains at the local level for action,” said Wellman. “This tool helps make the information widely accessible and actionable. It also greatly reduces the task time, alleviates inconsistencies in data and format, and helps us provide greater value to our customers.”
RISC and Reward?
The AFRL also announced that its Risk Identification and Security Countermeasure (RISC) module is currently in the final stages of deployment, with the goal of augmenting science and technology information protection through greater awareness of research partnerships to mitigate technology compromise on a global scale.
Moreover, two additional SECURE modules will begin pilot testing in early 2024.
The first is the Security Classification Management module, which will enable accurate and consistent classification levels and support classification management across the life cycle. SECURE will automate the development of the Security Classification Guide and help identify inconsistencies in common classification areas to ensure information is not over or under-classified.
The second, the Security Incident Management module, will help report and manage security incidents. With it, SECURE will review loss and trends across a portfolio and help security professionals better understand what technology, systems or capabilities are compromised, generating decision data to support tailored countermeasures.
“SECURE remains at the forefront of security digital innovation, continually adapting to new challenges and refining its capabilities. As a grassroots idea within the security community, it quickly gained traction and support as a necessity in today’s ever-evolving security and threat landscape,” added Wellman. “As the tool continues to evolve, the community remains committed to its ongoing enhancement and the collective goal of a safer digital landscape.”
This technology could eventually be adopted by other branches of the U.S. military said KnowBe4 security awareness advocate Erich Kron.
“The ability to coordinate and combine information from multiple systems into a single reporting system should allow for quicker responses to active threats and allow for a holistic view of what is going on across the various systems across the branch of service,” Kron told ClearanceJobs, adding, “For cyber defenders, the Security Incident Management module should be very useful for tracking various potential areas of compromise and determining where countermeasures or remediation steps will be most effective. Having better coordination of security-related information is a great step forward, although care will have to be taken to ensure the system itself remains secure, as the information it contains could also be very valuable to our adversaries.”