The organisation responsible for special operations effects around the globe shouldn’t struggle to deliver a simple email to desktops.
“Charting cyberspace is all about people, processes and technology.”
Colonel (Retired) Joseph Pishock knows more than most about the topic of Cybersecurity Manoeuvrability. Presenting to a packed out auditorium at MilCIS 2023 in Canberra, he discussed the challenges of managing a regulated and compliant (DODiN) network that had had “25 years of building one thing on top of another.”
Pishock spent 25 years in the United States Army before becoming the Director of Global Networks & Services in US SOCOM (Special Operations Command) in August 2020. At the time, Pishock considered cyberspace effectively uncharted, guided only by Visio diagrams (that may or may not have been accurate) that made it difficult for his team to troubleshoot effectively.
Pishock’s military experience meant he was very familiar with the saying, “move, shoot, communicate”, which is all about being in control and manoeuvring on the battlefield. However, when it came to supporting SOCOM, Pishock discovered that although he had a “wall of plasma”, he had no control. He knew he’d have to delve deeper into why a simple email couldn’t be delivered in a timely manner and why this had become a problem in the first place.
When it comes to managing cyberspace, there are three main considerations:
- People
- Processes
- Technology
Pishock had highly intelligent people from top universities (including MIT and Columbia) in his team. But he realised that while they were great at reading checklists and following processes, they lacked the right tools and data to make decisions. True manoeuvrability would be impossible without this, which led to a collaboration with Riverbed to begin the process of mapping cyberspace.
“It’s important to provide the right tools to the right people and empower them to make decisions.”
Pishock and his team worked closely with Riverbed to deploy the latter’s Riverbed software and hardware, including Network & Infrastructure Performance Management, to instrument SOCOM applications and services. To create visibility across the network and empower decision-making, data visualisation was key. It was important that information be as consumable as possible for the intended audience, as different data means different things to different teams.
Infrastructure tooling collected detailed information about the network to build out a visual representation of the assets and the connections between them – known as a service map. Sensors also recorded temperature and other environmental data so that trends could be established.
Network tooling enabled SOCOM to visualise where communications were moving across the network and how efficiently it could do it. SOCOM could now also see who was consuming each service, where the service was, and how it was performing.
On September 23, 2022, Hurricane Ian hit Tampa, Florida, where SOCOM headquarters is located. Being just 11 feet (3.3 metres) above sea level and 100 feet (30.5 metres) from the coast, the threat required a complete site evacuation and a move to COOP (Continuity of Operations) locations, including hotels and alternate bases to keep people safe. If all of this wasn’t enough, Pishock faced the challenge of supporting a live mission and maintaining services with the data centre located about two feet (600mm) above seawater.
In a crisis there are always single points of failure and in this case, it came down to a rat chewing through an air conditioning system power cord in the on-premise data centre. The air-conditioning failed and the temperature in the data centre rose to a dangerous level. It was not safe to send people into an evacuated site during a hurricane, so a decision had to be made as to which services were essential for the live mission and which services could be turned off.
Fortunately, they were about six months into the Riverbed deployment, and Pishock felt in control for the first time. He was able to see which services were located where, and his team were able to determine which services could be turned off to slow the steadily rising temperature. They had a map of cyberspace and were able to save the data centre infrastructure from damage caused by overheating, successfully supporting the mission during the crisis.
Riverbed’s expertise ensured a speedy implementation that worked first time. After facing some initial pushback from team members who saw change as a threat to their role, he addressed this by creating a sense of security and camaraderie amongst his staff and building a blameless culture. He leveraged the Burke Lewin model for organisational change to embed the solution into the fabric of SOCOM and ensure that the solution was maintained and supported into the future.
“The team at Riverbed blended into the project and became integral to the success of the project.”
After the hurricane, Pishock focused on further improving services within SOCOM and enhancing the organisation’s ability to support customers, which included end-user experience management. Device Mobility became a priority to understand what delays occurred from the point a CAC card was inserted into the laptop to opening the first email.
Prior to the end of the session, Pishock fielded questions about data and customer centricity versus network centricity and how shared infrastructure can help reduce the amount of technology that needs to be sent into the field during a mission.
“Email is not a crisis. Make the real crisis the new crisis.”
Colonel (R) Pishock featured in Australia’s Defence Connect Podcast where he discussed his experience of moving past the linear concept of PACE in order see well enough to actually manoeuvre through cyberspace.
An article was also published after an interview with Colonel (R) Pishock.