Equipping Airmen and Guardians for the Digital Battlespace

Ms. Lauren Knausenberger, SESChief Information OfficerU.S. Department of the Air Force3 August, 2021

2

We are at an inflection point

Boldly go where no one has gone before.

Accelerate Change, and win

Send in your TPS Report

And lose…

3

Proactively provide infrastructure, data, tools, and AI enabled systems to compete in the digital fight through JADC2 and machine-driven insights

DAF CIO Priorities

In order to meet the demands of the future digital fight, we must enable seamless JADC2 and AI-Human teaming, speed our OODA loop and maintain consistent agility to adapt to an ever changing battle space. Our mission is to deliver the rock solid digital foundation on

which our future competitive advantage relies, and to equip our Airmen and Guardians with the knowledge, tools, and data they need to fight. Consistent Agility = Consistent Advantage. Accelerate Change or Lose!

Rock Solid Digital Foundation

User Experience for Warfighter Effect Enabling Digital Talent Ruthlessly Attack Manual

Process, Outdated Policy, & Redundant IT

• 21st Century Network• Cloud-based services• DevSecOps platform• Zero-trust framework• Cybersecurity that works

• Tools & data warfighters need• Improve user experience• Measure and improve

performance and experience data• IT driven capability insertion

• Digital U• Incentives for retention• Right warrior | Right mission• Diversity and Inclusion• Recruit, manage, and develop

the civilian workforce

• Sunset legacy systems• Operation FLAMETHROWER• FY23 budget that works• Find our IT spend• Policy for the 21st century• Automate where possible• Disrupt ourselves

4

Maslow’s hierarchy of technology needs

Connectivity / Network

Cloud/Edge Computing

Meaningful Data

Sensor Net / IoT

AI/ML stack

AI ready tech stack at scale

Right apps for the fight

Digitally savvy Airmen and Guardians

5

How it Fits Together

In order to meet the demands of the future digital fight, we must enable seamless JADC2 and AI-Human teaming, speed our OODA loops and maintain consistent agility to adapt to an ever-changing battle space. We must proactively provide infrastructure, data, tools, and AI enabled systems to equip our Airmen and Guardians with the machine-driven insights they need to fight. Consistent Agility = Consistent Advantage. Accelerate Change or Lose!

EIT capabilities support the

warfighter and the mission

That data requires a reliable network

Advanced Applications require usable data

R o c k S o l i d D i g i t a l F o u n d a t i o n ( E I T )

T H E D E V I C E S

T H E N E T W O R K

T H E C L O U D

T H E E D G E

T H E T O O L S

Programs such as:

D A F D a t a F a b r i c

A d v a n c e d A p p l i c a t i o n s

A i r m e n & G u a r d i a n s & M i s s i o n s

Mission Critical Tasks

Airmen & Guardians

Data feeds into advanced applications

Enterprise IT delivers the data that is needed to operate in a contested battlespace

Airmen & Guardians & their missions are the core of the DAF

Connect Cyber

Unified Data Library (UDL)

VAULT Data Platform

Core Data Service

Cloud Hosted Enterprise Services (CHES)

Digital Talent

6

Cloud One ‘At a Glance’

1,458ACTIVE PRODUCT DEVELOPERS

2,557MICROSERVICES

43APPS IN PRODUCTION

210PRODUCT TEAMS

BIG BANG

COLLABORATION TOOLS

12,934DAILY

24,587MONTHLY

ACTIVE USERS

CNAPUNIQUE IPSIL2 - 93kIL4 - 239k IL5 - 330 DNS - 56kKeycloak - 77k Other - 8k

DORA49 COMMITS PER DAY• <2 DAYS FOR LEAD TIME

• 15 MIN TO RESTORE

• <5% CHANGE FAILURE RATE

414

225+25+34

ORGANIZATION

MILITARY

CIVILIAN

CONTRACTORS

COMPANIES

TOTAL CONTRACTS

JUNE 2021

DEPLOYMENT PACKAGESGBSD F-35ARMY INSCOM UNIFIED PLATFORM GPS OCX EDGEONE76TH SWEG WEAPON ONEU2 FEDERAL LABS JAICSHOC – ABMSNCCT

IRON BANK701 CONTAINERS

Platform One ‘At a Glance’

PARTY BUS

A.I. Vignettes

9

Digital University

Build the Airmen and Guardians We Need -- https://digitalu.af.mil/

§ Access to over 7,000 training courses, including Python, Cyber Security, Web Development, and more!§ Certifications/badges members can use to apply for positions and Commanders can use to find digital talent§ Gives Commanders / Senior Leaders analytics to identify top talent and digital skills inventory

Leveling the Playing Field

1§ Path to upskilling the entire force§ Anyone from any background, job series, etc. has access to the same training content§ Anyone who has been left behind can catch up through hard work and mentorship

Investing in Our People

2 § Smart, agile business means upskilling the current workforce§ With increased pressure on our budgets, it becomes more important to reskill our existing workforce

Digital Competence as a Part of Our DNA

3§ Agile combat employment requires Airmen and Guardians with digital skills force-wide§ Digital U helps the DAF maintain it’s technical edge and lead the joint community

10

Operation FLAMETHROWER

Source: USMC-090606-M-1739M.2009

MO

RE

CO

ST &

RES

OU

RC

ER

EDU

CTI

ON

10

2.2 Account and Access Requests2.3 S Access Control Processes(DNS, Whitelist, PPS and Routine Access Requests)

1.2 Data Center Consolidation

1.1 Endpoint Security Stack Simplification

1.7 AFNet Ops Tool Redundancy Elimination

1.8 Collaboration & File Storage Redundancy Elimination

2.4 Patching & Upgrading Process

1.9 ITSM Redundancy Elimination

3.1 Identify DISA Services That Could Replace Services Acquired by USAF

3.2 Joint Enterprise License Agreements

2.5 Request Fulfillment Process

3.3 Assess Comply to Connect

1.3 Accelerate Decommission of AF Gateways

1.6 IPN Pathfinder Dissolution

2.6 Policy Limitations(Starting with Commercial ISP Policy)

3.4 Vendor Support

LOWER EFFORT and/or RISK

Ongoing Air Force EffortTo be accelerated through Flamethrower prioritization, coordination, resources, visibility

Flamethrower Focus Team Kicked Off

1.4 VPN Redundancy Elimination

1.5 Legacy Exchange Server Retirement

11

How do we get there?

Re-Think Our Limits

Forge Non-traditional partnerships

Engender Innovative Values and Culture

Adopt and Adapt the Best of Breed Commercial Technologies

‘For our United States Air Force, “We need to get this right. We may only have one shot, no do overs.” Accelerate Change or Lose.’

- Captain America quote (End Game) within General Brown quote (AFA 2020)

‘Each avenger has its own superpower. Each of our key stakeholders has a vested interest. We need to come together to use our superpowers for good.’

- General Brown quote (AFA 2020)

Captain MarvelSpider-Man

Captain America Gen Charles Q. Brown, Jr.Air Force Chief of Staff

We need you in the fight…

Let’s Build the Enterprise Together

14

Tron Software Ecosystem – Working Together

● Tron builds collaborative partners to drive connected technology

● Software & industry embedded in the warfighting units

● Scaled cohort & mentorship model results in significant savings to the US taxpayer

● Open source promotion benefits both the government and industry

● Learn more at tron.dso.mil

Growth Community

SUPRA CODERS

Technology ConstrainedDisconnected Intelligence Silos

Inadequate Data Sharing

Zero Trust Journey

Sophisticated Cyber ThreatSwiftly Evolving Cyber Adversaries

Diminishing Warfare AdvantageCapable and Motivated Cyber Adversaries

Impose Cost to AdversaryDisrupt Cyber Adversaries

Enhanced Cyber Readiness & Lethality

Freedom to OperateAccess Anytime – Anywhere

Synchronize People & ProcessesCollapse Warfighting Environments

Cyber Enabled Warfare AdvantageAdaptable, Resilient, and Secure Data Transport

Fuse Sensor Data, AI/ML Force Multiplier

Zero Trust Journey

S E C U R I T Y

ZERO TRUST

DIGITAL EXPERIENCE TODAY DIGITAL EXPERIENCE TOMORROW

S I M P L I C I T Y

A C C E S S I B I L I T Y

ENABLES

Zero Trust = Application & Workloads + Data + Identity (ICAM) + Device + Network & Environment

Zero Trust Maturity

How advanced are the capabilities

within each pillar?

Application & Workloads

Data Identity (ICAM) Device Network & Environment

BasicSecurity & Access

IntermediateAutomated

Management

AdvancedCyber Ops Integration

ZERO TRUS

T

Application Security and Access (Anytime,

Anywhere)

ABAC

DLP encryption and tracking

Fully-automated Data Tagging via ML/AI

IoT Segmentation

Service-layer Security

Application/hostSegmentation

Cloaked applications

Data Center Segmentation

RBAC

Data Loss Prevention

Semi-automated Data Tagging

Cloaked data

Critical Data Tagging Basic Cybersecurity Access Policy

Fully encrypted traffic

NPE Integration

Transparent authentication to all

services

In-session monitoring

Continuous and adaptive authentication and

authorization

Alt. MFA

Single Identity Platform

Enhanced Cybersecurity Access Policy

CAC MFA On premise and off premise

Software Defined Perimeter (Access to

Applications and Data)

Fused multi-source intelligence for endpoint

response

Cloud-based Software deployment & management

Cloud-based automatic detection and response

(SOAR/EDR/XRD)

Domain-less environment

Compliance enforcement

HW & SW Inventory

Cloud-based baseline enforcement

External Federation

Cloud Management & Control (CASB)

Common service access

API Integration

Cloud Migrations

Mutual TLS

Cloud hosted & Globally

V i s i b i l i t y & A n a l y t i c sA u t o m a t i o n & O r c h e s t r a t i o n

G o v e r n a n c e

Maturity of

17

21st Century IT Showroom

EIT Storefront: Fully integrated web enabled dashboard to request, provision, purchase & pay for all enterprise offerings.

The desired end state is to collapse all the many organizations, processes, links, and websites into a single EIT Storefront interface. The storefront provider runs the end-to-end service management aspect of the EIT environment, increasing speed of delivery.

Single Pane of Glass: Provides a one-stop shop that offers an efficient and consistent user experience when procuring services

Consistent User Experience: Users from across the Air Force utilize a common process, resulting in a consistent and improved user experience

Single Service Delivery Organization: Utilizes a single service delivery organization for end-to-end request fulfillment, agnostic of service provider

Connected State: Single service delivery organization unifies vendors and leverages commercial best practices to streamline end-to-end request fulfillment

Enterprise Funding: Transitions to a common funding approach for commodity services across the Air Force

Single Storefront & Pane of Glass

Commercial Tools You NeedThe Mission Apps You NeedThe Environment You Need

The Devices You NeedThe Service You Need

And the integrated experience you deserve

18

VAULT Platform Capabilities Today

Ingest Manage Storage Manage MetadataData Manipulation,

Cleansing, and Experimentation

Visualize AnalyticsIngest Manage Storage

Manage Metadata

Data Manipulation, Cleansing, and

Experimentation

Visualize Analytics

AxonEnterprise Data Catalog

Custom Applications- Aircrew Crisis Task Force- Swimlane- Rshiny- Plotly Dash

AWS S3 Bucket SharingAWS RDSHadoop File StoreSQL, Hive, Parquet

• ATO: IL-5, & PII• ATO: IL-6 SIPR-connected

AWS SC2S• Multi-Tenant & Self Service • Group/Role Access on Data/Apps• DISA CAP Connection• User Autoprovisioning• User-unique Webtop

Palantir Foundry

NNDataNNCompass

Features:

Rhombus PowerGuardian Framework

Equipping Airmen and Guardians for the Digital Battlespace

Ms. Lauren Knausenberger, SESChief Information OfficerU.S. Department of the Air Force3 August, 2021