The U.S. Air Force is rewriting the risk equation for IT projects, making significantly more informed, and efficient, IT investments and decisions than ever before. It offers an excellent example of what’s possible for Federal agencies as they prepare to modernize their technology.
Congress and the White House have made modernizing the government’s technology a priority over the past 12 months. On August 30, the White House’s American Technology Council released a report outlining a path forward, recognizing the serious security risks of legacy IT systems and the opportunity to run government more cost effectively.
In many cases, the government’s IT modernization efforts still have a way to go. Legislation that could provide funding for such upgrades has been slow to make it through Congress, and many agencies are without permanent CIOs. But there’s at least one agency already making significant progress, which can serve as a model for the rest of the government: the U.S. Air Force.
We have been partnering with the Air Force since 2015 to help the agency manage and secure more than 620,000 endpoints. Through this partnership, the Air Force is simultaneously improving its security and also tackling bigger technology challenges—ones that that “weren’t even being dealt with before,” according to retired Air Force CIO, Lieutenant General Bill Bender. The agency is able to do these things because it can now make changes across its hundreds of thousands of endpoints with unprecedented speed.
As modern cyber attacks continue to evolve at an alarming pace, operating at this speed—seconds, not days—becomes critical. Tanium is giving the Air Force that capability. The Air Force’s IT Operations team can now gather critical endpoint data to quickly scope and fix issues, reliably pushing changes to all their endpoints. And the centralized platform lets multiple Cyber Operations groups conduct endpoint tasks while all using one pane of glass.
This level of speed, visibility, and control has allowed the Air Force to essentially rewrite the risk equation for IT projects. They can now make significantly more informed, and efficient, IT investments and decisions than before. Tasks that used to take hours, days, or even weeks are now completed in seconds and minutes.
This frees up resources to address bigger issues, while making the Air Force much more mission efficient than was previously possible. For instance, by using Tanium, the Air Force can accurately inventory endpoints, characterize usage, and begin rationalizing their applications—the first steps to consolidating data centers and moving to the cloud.
In December 2016, the Air Force announced that the Tanium technology enabling these newfound capabilities—dubbed the Automated Remediation Asset Discovery (ARAD) system— achieved initial operating capability as part of the Cyber Security and Control System (CSCS) Weapons System. Since then, the Air Force’s success with ARAD has been widely acknowledged.
The Department of Defense (DoD) awarded the Air Force the DoD CIO Team Award for Cyber and Information Technology Excellence for implementing Tanium’s technology in a matter of months, versus the years it usually takes to implement a capability at that scale. In its announcement, the DoD said, “This solution can be leveraged across the federal enterprise.”
And in May, Major General Chris Weggeman, Commander of the 24th Air Force and Air Forces Cyber, testified before the Senate Armed Services Committee Subcommittee on Cybersecurity. In his written testimony, he commented on the success of the ARAD program:
“The demonstrated potential of ARAD is truly revolutionary, and we are diligently experimenting, evolving, and developing operational concepts and applications to close key mission capability gaps in close partnership with the Tanium experts. The intrinsic operational value and potential of ARAD/Tanium was formally acknowledged by the Air Force CIO, Lieutenant General William Bender, who recently directed ARAD implementation across the Air Force network to include mission systems and enclaves.”
Federal agencies should start preparing now to modernize their technology. As they do so, the U.S. Air Force is a great place to look for an example.