Army’s $15 million TMF award supports new strategy to secure warfighting technology

The Army operates 23 warehouses, arsenals and factories, and networked systems control machines that produce explosives, ammunition, weapons and other industrial materials critical to ground service combat operations.

But officials are concerned that so-called “operational technology” at those facilities and other critical infrastructure locations could be vulnerable to digital hacking, tampering and other cyber incidents.

The Army is now allocating $15 million from a technology modernization fund awarded just last week to close digital holes in these industrial sites and monitor the network for potential cyber intrusions.

Some of the Army’s “organic industrial base” facilities are especially important because they are the only places in the world where certain materials and equipment are produced, Army Chief Information Officer Raj Iyer said.

“However, the machine is controlled by today’s control systems, and we can’t protect it well,” Iyer said at a conference in October. Roundtable with reporters at the U.S. Army Association conference in Washington on the 11th. “So you can see from a readiness perspective how our adversaries are going after some of these assets.”

TMF funding from the Army Critical Infrastructure Cyber ​​Protection Program will help mitigate and repair cyber vulnerabilities at the facility. According to the description of the TMF award, there are an estimated 500,000 pieces of equipment at the Army Industrial facility.

“Any cyber compromise can disrupt production and potentially disrupt equipment, injure workers, and affect coordination with multiple partner agencies,” it said. “Any insecurity in the systems that support these OIBs could pose a serious national security risk.”

The Army said it will also use the funds to pay for “Security Operations Center-as-a-Service” at manufacturing sites. Such services involve third-party vendors actively monitoring the network for potential cyber threats.

New Army Cyber ​​Strategy

The Army developed its first operational technology cybersecurity strategy this year to help address concerns about digital threats to service infrastructure, Iyer said. The strategy is classified, but Iyer said the Army may release an unclassified version.

“If you look at the Corps of Engineers and all the dams they operate, you see a lot of critical infrastructure that the Army has in the civilian sector, and it’s clear that yes, the manufacturing base is a key stakeholder, but across the Army , we have other gaps,” he said. “If you look at the ports we operate, we’re actually shipping everything that’s going to Europe right now, and every single one of those things is controversial.”

While the service began by addressing Army Materiel Command’s industrial base facilities, Iyer said it was designed to take the critical infrastructure cyber protection program one step further.

“With the Internet of Things, all the sensors go into so many systems in the supply chain that we don’t know about the supply chain behind them,” Iyer said. “It’s a broader need. We’ll start with AMC and the industrial base. Then we’ll expand it.”

The cash infusion from TMF comes amid widespread concerns about the cybersecurity of critical infrastructure and a corresponding push by the Biden administration to set higher cyber standards for these systems.

“The reason we worked with the White House on this, they actually approached us, and they thought it was a good idea because it’s really a federally-wide issue,” Iyer said.

Partners in the project include the Cybersecurity and Infrastructure Security Agency and the Energy and State Departments, he said.

“We can see that we can share lessons and we can see from their perspective what they’re seeing and really work together,” Ayer said.