Air Force looks to zero trust in securing its financial management network

Air Force Chief Information Officer Lauren Knausenberger may be leaving in June, but she still has ambitious goals for the year, including shoring up cybersecurity and pushing the department closer to zero trust. Moving to a standardized system remains a top priority, but the service also has pilots in place to implement zero trust on its financial management systems.

Knausenberger said the last six months brought significant innovation to the department, and put it much closer to the goal of implementing zero trust by 2027.

“I think that before I punch out we’ll be able to have a central image employing our zero trust end point solution and have a lot of automation that comes with that,” Knausenberger said at a recent Billington cybersecurity event.

Knausenberger said as she looked at what still needs to be accomplished, the department was about 99% finished with employing automation to patch its endpoints. That process still needs to work its way through multiple firewalls and systems before it can be completely automated. She said she also wanted to get a “device for life” program up and running. Under the current system, devices are given out and returned for different duty stations and frequently involved different processes.

“We fragment and we give out equipment in different places, and then we turn it in and you move in two or three years and we give you something new, we have a lot of fragmentation,” she said.

Another area Knausenberger expects to show significant progress is with Identity, Credential and Access Management (ICAM). It needed priority as a focal point because of Financial Improvement and Audit Readiness (FIAR) guidance for the Air Force’s financial management systems. She said it’s one area where the department moved out ahead of schedule.

“Our ICAM solution for FIAR, we are deploying what I’ll call a pilot, but it’s way more than a pilot. We’re deploying the stack. We’re starting small, we’re scaling fast,” Knausenberger said.

The FIAR guidance calls for a separation of duties in the financial and financial feeder systems. The protocols are part of control over finances and transparency that ultimately show Congress how the Air Force manages its money.

Jay Bonci, the Air Force’s Chief Technology Officer, said it’s a great starting point for zero trust because it sets a standard for bringing other applications into zero trust compliance.

“It is a group of about 70 or 80 applications. However, separation of duties is the same thing as inside of zero trust. So it’s a good place to start. It is very much a clarifying use case. And it’s going to help us develop our governance and our application onboarding that we are going to be able to generalize to the rest of the Air Force,” Bonci said in an interview with Federal News Network.

He said a large part of ICAM involved simple processes. Services need to be accessible, and have easy ways to verify security. Different activities within the financial network need different types of questions to verify identity.

“We are working through them systematically to help them identify where they need to separate duties inside those applications. And then also the application has to do the work to come on board. And so we’ve provided the services necessary to do that. And we’re providing support to help coach those applications through that transition,” Bonci said.

In addition to integrating new ICAM approaches into the Air Force’s applications, the department needs staff trained to run the program. Bonci said they are still trying to get enough staff for this year’s ICAM initiatives, and to onboard the applications. At this point, a large part of the work will be done by contractors.

“We are still working on a path to production for our ICAM enterprise. Again, this will play into what our concept of operations on concept of implementation is for zero trust broadly, but there is a defined path to production for that. And we’re going to be helping to get our operators up to speed and smart on that. So when it hands over to them, they’ll be able to take and run with it,” Bonci said.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.