The inspectors from the Defense Information Systems Agency arrived Monday to test the Thunderbolt cyber rigor. It’s the day our Command Cyber Readiness Inspection began. Many of you may have heard the phrase “CCRI,” but may not understand what it is. Think it’s just a “Communications Squadron” thing? Read on.
The enemy works tirelessly to find a weak link in our cyber defenses. With the declaration of the Air Force Network as a weapon system, it is vital we protect it. The CCRI is a holistic look at everything cyber-security here at Luke Air Force Base. The DISA team, on behalf of U.S. Cyber Command, inspects how well we are doing. They look at several facets of our cyber operation to include our network security through computer patching compliance, as well as end-user security practices.
The 56th CS works hard to “patch” systems when users are not using their computers. Our goal is to minimize impact to daily ops.
After all, the net is here for the mission, not the other way around. However, there are times when we have to request the user’s permission to remotely access their computer while in use because a critical patch didn’t take for some reason. For example, when a user turns off their computer, we cannot push patches. When a user takes their laptop home, we cannot push patches. Other times the user’s client stops talking to the patching system or simply refuses to accept a patch. In those instances the only remedy to get your machine “healthy” is to have it reimaged. The 56th CS has published an aggressive schedule to have those users bring their systems in and will continue working extended hours until every last computer is healthy. It is important to meet your scheduled time but if you can’t, simply contact the patching team and other arrangements will be made.
This is where you come in. First, at the end of the day, log off your computer, but do not turn it off. If your computer is off, the patching system cannot see your computer. Second, if you have an Air Force laptop at home, bring it in once a week and physically connect it to the network. Clients will not receive updates when connected by VPN. Lastly, if you have a Secret Internet Protocol Router Network machine, SIPRNet for short, ensure it is connected to the network and booted up during the duty day every Thursday. Thursdays are SIPR patch days so if your machine is not booted up, it will miss critical updates.
In addition to patching, the team will inspect our security practices. Again here’s where you play a vital role. They will visit many units on base, this may include yours. During these unit visits, the inspectors will look at how well users follow common security rules. Do you remove your Common Access Card when you leave your workstation? Do you properly mark all removable media? Are closets that contain communications equipment neat and orderly? Do you know and practice Information Protection security rules? If you can answer “Yes,” then your area is well on its way.
The CCRI is not an inspection of the 56th Communications Squadron. It is an inspection of the entire wing and how well everyone follows security procedures. If you have any security questions, call your wing information assurance office at 623-856-3560 or the wing information protection office at 623-856-3734.