In today’s digital age, responding to multi-national threats, peacekeeping missions, and combat operations, all with numerous stakeholders involved, requires the twin challenges of information security and information sharing to be confronted and successfully addressed. This is especially true when sharing sensitive or classified information on military operational plans and supporting intelligence data seamlessly. Safeguarding sensitive and classified unstructured data, no matter where it resides, is an important objective for building a secure data-centric environment to enable secure multinational coalition collaboration.
The Problem
Over the past two decades, multinational coalitions have worked together to address global conflicts, including NATO, Five Eyes (Australia, Canada, New Zealand, the United Kingdom, and the United States) and AUKUS (Australia, the United Kingdom and the United States). These coalitions have partnered together on countless military operations and training exercises that require the exchange of sensitive information between the participating nations to coordinate operations and share intelligence.
However, this is often hindered by the fact that members are using disparate technology environments without advanced tools for secure, real-time collaboration because of the challenges associated with the systematic integration of legacy systems and networks. Therefore, command and control (C2) for these operations typically involves working within the individual computer networks of each of the participating nations. Unfortunately, this array of disparate networks only contributes to the greater challenge of securing and executing on the information necessary for effective multinational operations.
It is critical that leaders address the enormous risks that can evolve from complacency within the operational mission partner environment (MPE). At the heart of this is enabling immediate and secure information sharing with multinational coalition partners and other stakeholders. Without this capability, NATO and Five Eyes allies are at a major disadvantage when it comes to responding to current and future global issues. The timely, secure sharing of intelligence is no longer a luxury; it’s now a military advantage.
The Solution
The ability to share information across military branches, with government agencies, and with coalition partners in a timely and secure manner is paramount to national security. In today’s operating environment, a day late is unacceptable. As situations emerge, stakeholders need to be able to plug and play together in real time. But unfortunately, it’s often easier said than done.
Coalition members need a means to safely integrate, share and protect information across many partners and missions. The key to improving cross-member collaboration and thus military advantage lies in newer technology advancements that leverage a zero trust architecture to secure information access at the granular or data level while also considering the user’s credentials and their security posture.
The U.S. Department of Defense (DOD), in close collaboration with its NATO and Five Eyes mission partners and allies, is on a path to enabling a mission partner environment (MPE) that enables this type of data sharing amongst coalition partners. This is where rapid, secure information sharing and operational efficiency are value-adds to the beneficiaries. It also forms the basis for the development of a partner roadmap complying with standards that enable seamless communications within the operational setting.
Real-Time Communication with Coalition Partners is a Must
No matter which nation is leading the mission, what makes command and control of multinational coalition operations so difficult is that each participating country has its own communication protocols, technological systems, and information hierarchies. As such, using traditional methods to facilitate the movement of information among coalition partners via those disparate networks and systems can be extremely challenging. And the complexity only increases when the sharing of information requires a data-centric, zero-trust environment. But no matter how difficult, this type of information-sharing environment is a must in today’s military environment.
In addition to being frustrating and dangerous, the inability to communicate efficiently with coalition partners puts joint operations at a significant disadvantage. Mission success is dependent on military forces that can communicate, coordinate and act together across all domains. Observing, planning, and acting together quickly and efficiently gives allies a significant advantage over their adversaries. That’s why technology investments are vital to the future of any coalition effort.
JADC2: A Framework for Mission Partner Environments
This is an issue that all defense organizations are facing and actively working to address. For example, the U.S. DOD has created the Joint All-Domain Command and Control, or JADC2, a multibillion-dollar initiative to reimagine the U.S. military’s command and control infrastructure.
JADC2 is a concept that establishes a tactical network for the integration of technology with all mission stakeholders, the military services, coalition partners, and industry, globally. The value add is to increase the likelihood of mission success by enhancing collective situational awareness and by creating a common operating picture across joint forces. In essence, this program is establishing a network that ideally enables real-time and seamless decision-making across the MPE of sea, land, air, space, and other warfighting domains.
It’s important to note that the JADC2 program is still being incubated, with development, testing, and implementation activities ongoing. Each branch of the U.S. military has its respective JADC2-associated initiatives, where the Air Force’s Advanced Battle Management System (ABMS) and the Army’s Project Convergence offices lead their program objectives.
In addition, there are discussions about bringing NATO and our Five Eyes allies into the JADC2 mix, a discussion point shared by Col Corey L. Brumsey during a recent panel entitled, JADC2 and the Future Warfighter. Col Brumsey is a member of the Joint Staff’s JADC2 cross-functional team, which addresses interoperability issues associated with JADC2.
Securing Classified Information
When programs like JADC2 are operational, military commanders will gain the ability to make better decisions quickly, processing the data collected at the tactical edge with responsive recommendations. The ability for U.S. warfighters and coalition commanders to make key decisions quickly based on timely access to critical, all-domain mission data will be an important determinant in their conflict success.
What has clearly been missing from the blueprint is the technology that enables the real-time, secure sharing of multi-level classified information between coalition partners. Historically, this has been a slow, step-by-step process. A faster, more integrated and secure approach to multi-domain, multinational information sharing is a critical military advantage.
In order to effectively secure sensitive or classified information, a data-centric, zero trust approach is required. Put simply, zero trust is a security framework that requires all users, whether in or outside the network, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted access to applications and/or data.
Within zero trust, networks will be local, in the cloud, or a combination (hybrid) with resources as well as workers residing in disparate locations. Having a zero trust architecture will uniquely address these military data challenges by securing remote operators, hybrid cloud environments, and cybersecurity threats where they reside.
Furthermore, most technologies that are zero trust-focused don’t address information at the data level. Instead, the focus is on securing the perimeter and access to applications, and not the data that sits beneath them. They do not address the need-to-know or the security-level dynamics of military communication. This is where archTIS and its data-centric attribute-based access control (ABAC) and security policies dominate.
The U.S. DOD CIO John Sherman has even acknowledged this need. At a recent FedTalks conference, Sherman noted that: “What we’re aiming for is by 2027 to have zero trust deployed across a majority of our enterprise systems in the Department of Defense. Five years. That’s an ambitious goal… but the adversary capability we’re facing leaves us no choice but to move at that level of pace.”
archTIS’ Secret Weapon: Dynamic ABAC Secured Information Sharing
archTIS’ mission is to unlock the potential of an information-driven world by developing and applying new security models that empower government, defense, allies, and the defense supply chain to share and collaborate on their most valuable and sensitive information. The company’s data-centric information security solutions are trusted to protect the world’s most sensitive information in government, defense, supply chain, enterprises, and regulated industries through ABAC policies.
ABAC enforces operational user access to individual pieces of data based on policies that are based on attributes. It extends the zero trust approach of “verify and validate everything’ to each and every request to access and share an individual file.
archTIS products include Kojensi, an Australian government accredited platform for the secure access, sharing, and collaboration of sensitive and classified information; and NC Protect for enhanced information protection for file access and sharing, messaging, and emailing of sensitive and classified content across Microsoft 365, Government Community Cloud (GCC) and GCC High, Dropbox, Nutanix Files, and Windows file shares.
Read the white paper to further explore the advantages of dynamic ABAC-secured information sharing for Mission Partner Environments.