Cybersecurity

The work of APG organizations ensure communications stay safe and uninterrupted, and raise the security stance of the military as a whole. These organizations are working on the research, development, and implementation of cybersecurity technology that specifically meets the needs of the Army and other services. Some projects take existing commercially available products and extend or tailor them for Army use, while others are designed from the ground up to provide cybersecurity, software assurance, and heightened network availability.

The Army Research Laboratory (ARL) focuses its efforts on helping the Army maintain safe and reliable communications throughout the entire spectrum of its channels, ranging from mobile adhoc networks to office LANs and everything in between. ARL works to add layers of security to innovative technology enhancements, such as the capabilities offered today by handheld devices that render them extremely useful to the military, but at the same time pose new security and privacy concerns. Currently under development at ARL are projects such as enhancing malware detection and intrusion detection so that these technologies have a maximum effect across the Army’s Global Information Grid.

Another APG organization working to enhance cybersecurity is the Communications-Electronics Research Development Engineering Center (CERDEC), which, like ARL, is part of the Army Research, Development and Engineering Command (RDECOM). CERDEC’s mission is to develop and integrate Command, Control, Communications, Computers, Intelligence, Surveillance, and Reconnaissance (C4ISR) technologies for warfighters.

Information assurance, the practice of managing risk related to the use, processing, storage, and transmission of information and the systems that data traverses, is an area of focus for CERDEC. One example of such technology currently under development is a cross-domain solution that allows information to be passed between users with different security levels while filtering out classified data that may not be appropriate for viewing by an unclassified user. Taking the perspective of an adversary to determine whether systems under development could be penetrated is another aspect of cybersecurity development at CERDEC, as is taking an architectural approach to security so that protections are integrated into information systems at the design phase.