Cannon Air Force Base is fast approaching a pivotal inspection that will grade our ability to conduct special operations in the 21st century and May 10 is the date of that inspection. Not the oft-feared Operational Readiness Inspection, but an examination that focuses largely on the intangible, fourth dimension of combat: Cyber.
The Command Cyber Readiness Inspection is the Defense Information Systems Agency’s newest tool to ensure connections to the Global Information Grid are secure. DISA will scrutinize everything from the security of communication-lines to illegal wireless networks to unauthorized personal electronic devices connected to personal computers. Passing this inspection and keeping 27th Special Operations Wing connected to the GIG is the number one priority of the 27th Special Operations Communication Squadron for the next 30 days.
Failure to pass this inspection will result in Cannon Air Force Base’s disconnection from e-mail, Internet and many of the other network driven tools we rely on daily.
This inspection will primarily focus on physical security, network assurance, and information awareness. DISA will determine if there are any deficiencies or vulnerabilities on networks here. Such vulnerabilities will be classified into categories by DISA inspectors: CAT I, CAT II, and CAT III. CAT I vulnerabilities are considered disastrous and are the primary focus area for 27 SOCS between now and May 10th.
A CAT I is defined as a “vulnerability that may result in a total loss of information or that provides an attacker immediate access into a machine, grants privileged user access, bypasses a firewall, or results in a denial of service.” Fortunately, the most typical CAT I vulnerabilities are within the end-user’s control.
Things as simple as never plugging any personal electronic device into your computer, never writing down passwords, and never activating the wireless function on your laptop while plugged directly into the Cannon Air Force Base network, and making sure to log off at the end of every duty day will mitigate a large portion of CAT I vulnerabilities.
Together we can meet and exceed DISA’s security standards for GIG connectivity, ensure 27 SOW a passing grade and earn the right to continue operating in the cyber medium.