WASHINGTON — The Army picked cloud and edge-computing giant Akamai to develop prototype cybersecurity software for its combat units, the service announced today.
The project, known as T-ICAM, or Tactical Identity Credential & Access Management, aims to bring modern “zero trust” cybersecurity techniques to the networks used by Army forces in the field. Combat units will field test early prototypes later this year and provide feedback for rapid upgrades, the service said, with a larger rollout in 2025.
Akamai isn’t a traditional defense contractor and this isn’t a traditional acquisition program, the Army pointedly noted in its release about the April 4 award. Instead, using the streamlined Software Acquisition Pathway and a flexible Other Transaction Authority contract, the Army aims to leverage Akamai’s quarter-century of experience accelerating internet connections for civilian consumers and Fortune 500 businesses.
The Army’s portion of the Pentagon’s all-encompassing approach to information age command-and-control, CJADC2, requires major upgrades to already extensive tactical networks. But that creates an ever-greater challenge to keep all those devices and wireless links secure — especially if a soldier’s digital radio, militarized smartphone, or tablet full of battle plans is captured, stolen, lost, or hacked.
RELATED: First version of all-service battle network is ‘real and ready now’: Hicks
Traditional cybersecurity deals with such threats, in essence, through perimeter defense. Users log in with a unique ID and password and, in more secure systems, must also physically insert an ID card into a reader, such as the military’s much-hated CAC, the Common Access Card. Once a user logs in, however, they typically have access to everything on the network — a potential bonanza for both turncoat insiders and outside hackers able to steal or fake credentials.
To stop such threats, modern “zero trust” cybersecurity assumes the perimeter is going to be breached and keeps track of users’ activity once they’re logged on, granting each individual user access only to what they personally need for their particular role. For example, it might require additional checks to access important data or use AI to detect anomalous behavior by seemingly legitimate users. This monitoring, however, only works if the cybersecurity software knows which user is doing what and what they’re actually authorized to do — a process known as Identity, Credential, & Access Management.
“ICAM provides critical insight to the Army on exactly who and what is operating on the tactical network and what data they are accessing,” said Lt. Col. Keith Jordan, the Army’s product manager for tactical cyber & network operations, in the service’s release. “This unprecedented level of insight and visibility has never existed on the tactical network.”
That’s because ICAM is much easier to implement in the Pentagon or on a military base than on handheld digital radios and other ruggedized devices that a soldier has to take to the field, which must endure not only a physical beating but bad network connections caused by enemy jamming, hacking, or simple physical interference.
So the Army looked first at ICAM for its “enterprise” (on base and back-office) systems, then moved on to study vulnerabilities in its tactical (battlefield) networks, explained Col. Michael Smith, the service’s zero-trust director, in an August interview with Federal News Network.
“We’re really in the beginning stages of just piloting with some tactical formations,” Smith said then. “[It’s] a nascent effort … to get away from Common Access Cards in a tactical space, and use something that’s more simpler and faster for soldiers in specific roles to use.”
Now, seven months later, the Army has announced this contract to prototype Tactical ICAM software, awarded to Akamai, a company with little military experience but a lengthy track record on civilian networks. The goal, the press release says, is “to demonstrate the technical and operational feasibility of extending commercial ICAM capabilities — including Army Enterprise (E)-ICAM capabilities such as authoritative identity directories — to tactical units in denied, disconnected, intermittent, and limited bandwidth (DDIL) operational environments.”
“We have to assume that malicious cyber-attacks and degraded network environments will be a constant threat in future Large Scale Combat Operations,” said Mark Kitz, the Army’s Pogram Executive Officer for tactical command, control, & communications (PEO-C3T), in the service’s release. “Tactical-ICAM will enhance our defenses by more securely and effectively providing network and specific data access only to authorized users, devices, applications and services, even in the harshest operational environments.”