CROWS partners with industry to bring focus to cyber resiliency Published Aug. 4, 2021 By K. Houston Waters 66th Air Base Group Public Affairs HANSCOM AIR FORCE BASE, Mass. – Cyber security professionals from across the Department of the Air Force joined industry experts virtually last month discuss critical topics in the field of cyber security. Members of the Cyber Resiliency Office for Weapons Systems, or CROWS, facilitated the event, which featured a program overview, a discussion of their Systems Security Engineering Cyber Guidebook, and a cyber resiliency roundtable between government and industry experts, which included representatives from Boeing, Northrop Grumman, Raytheon, FireEye, Lockheed Martin, and other companies. “I believe that cyber is a team sport and we need to have a relationship with the Defense Innovation Base to understand the art of the possible to ensure that we aren’t being overly prescriptive when we identify cyber requirements,” said Joe Bradley, director, CROWS. “We can’t do it alone and we really count on industry to assist us in making better choices to secure our systems for our warfighters.” CROWS is dedicated to advancing the cyber resiliency of weapon systems to maintain mission effectiveness. To assist in bringing additional focus to cyber resiliency and provide a common point of reference for training and best practices, the office released an updated version of its Department of the Air Force System Security Engineering Cyber Guidebook on July 26. “Our guidebook sets the foundation for distributing standard contracting language out to the acquisition workforce,” said Lt. Col. Zach Lehmann, materiel leader, CROWS. “This effort will kick start the diligence required for putting the right words on contract from the start of the process to ensure the security of our weapons systems.” The guidebook provides a holistic approach to sharing different aspects of system security engineering, like cyber security, trusted systems and networks, anti-tamper, information protection, and cyber resiliency. “It also outlines a workflow process to better integrate program protection and systems security engineering activities into the traditional systems engineering process,” said Katie Whatmore, systems security engineering lead, CROWS. By using the guidebook, program offices around the Air and Space Forces can ensure appropriate cybersecurity and cyber resiliency requirements are in place and verified throughout their program’s lifecycle, she said. During the roundtable, CROWS experts and industry leaders discussed a wide range of topics, including secure data sharing, networking, contracting, and knowledge management. “This roundtable provided a fresh approach to breaking down the over-application of protections so the government can learn from industry,” said Lehmann. “The Department of Defense has not traditionally put cyber on contract, and therefore it’s been treated as an afterthought. Working with industry like this is helping to change that culture and it goes a long way to help shift the focus in the right direction.” Lehmann believes that CROWS is an excellent resource for providing the nuanced knowledge necessary to address modern cyber threats to AF weapons systems, and he believes the roundtable went a long way in creating a dialogue to overcome obstacles in the acquisition process. “The event was a crucial element of our outreach strategy, and our guidebook is a cornerstone of cyber resiliency, which is why it was important to brief it to our industry partners,” said Roger Beard, CROWS chief engineer and host of the event. Contact the CROWS at CROWS@us.af.mil.