A Mission Assurance Strategy Built for 2020 (and Beyond)

Ten years ago, the lion's share of America’s cyber threats were narrowly aimed at penetrating government software perimeters. Consequently, the U.S. government responded by introducing targeted security measures focused on protecting IT and networks. Today, cyber threats are inherently connected to the physical homeland—rendering critical digital and physical assets powering everyday American lives vulnerable. More devices, applications, vehicles, wearable devices and people go online every day in the United States and around the world. Our connected reality presents massive challenges to military and commercial entities working to safeguard networks from diverse, emerging and growing threats to information and physical security.

It’s important to note that mission assurance (an umbrella term for protecting all physical assets critical to performing U.S. missions globally), national resilience, critical infrastructure protection and cybersecurity figure prominently throughout the current administration’s 2017 National Security Strategy. Likewise, the Defense Department’s 2018 National Defense Strategy stresses the changing character of warfare and an evermore lethal and disruptive battlefield that reaches all the way back to the homeland on a daily basis. The forward-looking documents also suggest that technological advancement and the sheer speed of operations—especially cyber operations—needed to mitigate risks that require more adaptive and innovative strategies.

In practice, the world’s new security environment calls for government leaders to:

• Work with senior leadership across defense, intelligence, national security and government agencies to develop coordinated mission assurance plans. All efforts must be built to respond to asymmetric threats to digital and physical infrastructure. Senior government leaders must focus efforts on protecting domestic energy grids piping directly into American homes, international weapon systems protecting the U.S. interests here and abroad and global telecommunications networks connecting people and systems around the world from evolving threats.
• Focus mission assurance plans on resilience and preparedness to keep digital and physical assets working before, during and after attacks in any form. In short, it’s complicated. In reality, strategic plans to mitigate wide-ranging risks to American assets must be inclusive, comprehensive and tailored to specific situations.
• Optimize mission assurance plans for interoperability between agencies, departments and private sector partners working to protect the homeland—and American assets in partner countries. The Defense Department has been working tirelessly with partners to assess evolving threats to homeland security and U.S. assets around the world. Their multifaceted goal: to determine how to prevent attacks, keep missions running during unpreventable attacks, protect American interests in harm’s way and inform potentially impacted communities.
• Develop staff training programs and risk-oriented surveys for officials at every level that raise awareness of the expansion of national security threats into the real world. Develop surveys and other resources of information that clearly outline evolving risk profiles of a world connected by smart devices and wifi, specific critical digital and physical infrastructure vulnerabilities and targeted mission assurance protocols. People are crucial to America’s homeland security and the prevention of attacks on assets in the field. Government officials from every agency and department need to be aware of the associated risks, response processes and gravity of mission assurance to overall national security.

Modern attacks from state and non-state actors bombard military, government and civilian assets in search of pathways to data, system operations and connected physical infrastructure. In response, the Defense Department, in partnership with agencies spanning America’s public sector, need to intensify their efforts to evolve and adapt efforts to ensure mission assurance persists. They need to expediently craft a coordinated mission assurance strategy that keeps physical and digital assets under constant threat of attack safe, operational and resilient. The security of our country, our people and, frankly, the world depends on it.

Randy James is a senior vice president at ICF, where he leads the global firm’s cybersecurity and resilience practice.