The Elara Edge
The Elara Edge is a thought leadership forum of military and industry experts providing commentary and analysis on the latest news developments in national security - with an emphasis in space and aerospace applications.
The Elara Edge
Cyber Resilience On-Orbit a ‘Nervous System’ for Detecting Threats
In response to evolving cyber threats that can manipulate and compromise a satellite’s data, the United States Space Force is heightening its focus on “space cyber,” or the cybersecurity of space systems on-orbit. One emerging solution toward this effort is the Cyber Reslience On-Orbit tool (CROO), a software program that focuses on not just securing the data links between satellites and their terrestrial networks, but on the cybersecurity of the satellite itself. Funded in part by an AFWERX Small Business Innovation Research Direct-to-Phase II contract, the CROO tool will leverage innovative technologies like artificial intelligence, machine learning and digital twin modeling and simulation in a way that altogether demonstrates how the Space Force is adapting to a more dynamic and contested ‘space cyber’ environment.
In this episode of "The Elara Edge," Major General (Ret) Kim Crider, Founding Partner at Elara Nova, and Brigadier General (Ret) Chad Raduege, President of Elara Nova's Cyber, Data, and Communications sector, provide expert perspective on the significance of the Cyber Resilience On-Orbit tool and the broader emergence of the space cyber imperative. General Crider is the former Chief Technology and Innovation Officer with the United States Space Force and General Raduege is the former Chief Information Officer with Headquarters U.S. European Command.
"The Elara Edge" is hosted by Scott King and produced by Regia Multimedia Services. The full story can be found on Elara Nova's Insights page here. Music was produced by Patrick Watkins of PW Audio.
Host: Scott King
SME: Maj Gen (Ret) Kim Crider, Founding Partner at Elara Nova (KC)
Brig Gen (Ret) Chad Raduege, President of Cyber, Data & Communications at Elara Nova (CR)
00:02 - 01:17
In response to evolving cyber threats that can manipulate and compromise a satellite’s data, the United States Space Force is heightening its focus on “space cyber,” or the cybersecurity of space systems on-orbit. One emerging solution toward this effort is the Cyber Reslience On-Orbit tool, or CROO, a software program that focuses on not just securing the data links between satellites and their terrestrial networks, but on the cybersecurity of the satellite itself. Funded in part by an AFWERX Small Business Innovation Research Direct-to-Phase II contract, the CROO tool will leverage innovative technologies like artificial intelligence, machine learning and digital twin modeling and simulation in a way that altogether demonstrates how the Space Force is adapting to a more dynamic and contested ‘space cyber’ environment.
Welcome to ‘The Elara Edge.’ Our topic today is the Cyber Resilience On-Orbit tool and the broader emergence of the space cyber imperative. We have two guests returning to the show today.
First, we have retired Major General Kim Crider, the first Chief Technology and Innovation Officer with the United States Space Force and a Founding Partner at Elara Nova.
Ma'am, welcome back to the show.
01:18 - 01:20
(KC) Thank you. Scott. It’s a pleasure to be here.
01:20 - 01:48
It’s a pleasure to have you.
Also returning to the show, albeit in a different capacity than before, is retired Brigadier General Chad Raduege, the former Chief Information Officer at Headquarters U.S. European Command. While General Raduege has been with Elara Nova for several years, he joins us now as the President of Elara Nova’s new Cyber, Data and Communications business sector, which we’ll get into a little more later on in the show.
Sir, welcome back!
01:49 - 01:54
(CR) Yeah. Scott, it's great to be back and thank you for pulling together this important conversation.
01:55 - 02:12
Now, we’ll kick-off today’s discussion with the story at-hand, which is the Space Force has recently contracted with Proof Labs, a national security space startup, and two other industry partners to deliver the Cyber Resilience On-Orbit tool.
What is this software program and how is it designed to work?
02:13 - 03:38
(CR) Yeah. Thanks, Scott. I'll jump in and, and take this first question and come out of the chutes. The Cyber Resilience On-Orbit, what we would call CROO.
It's really one of those next generation cybersecurity tools specifically built for space systems that integrates in a very meaningful way - advanced AI and machine learning. And essentially what it does is it provides continuous monitoring, the ability to learn to detect cyber threats for the ongoing challenges of the on-orbit environment.
I think there's a couple of important aspects associated with CROO. One is the on-orbit monitoring. What CROO does - is it watches the operational behavior of what is going on in the satellites and instead of just protecting the terrestrial networks or those encrypted links that we think about, it actually monitors the actual system in space and so I think that that's a unique role of CROO.
It also provides what we would call intrusion detection and anomaly detection. And it does this by comparing what's normal versus some of those threats that can come in. So you're going to start hearing terms like digital twin technology. That's how it does it. It establishes a digital twin model to allow those systems to test how they behave. I think an important note for CROO is while it's being built for military application, it's certainly going to have some dual-use.
03:39 - 05:25
(KC) It really is, as Chad said, kind of the next generation of what we need to be doing in securing our space assets.
What's so powerful about it, is its application and use of artificial intelligence and machine learning and being able to understand and assess how a satellite system is supposed to be working and how it's supposed to be responding to contacts from the ground and then what some of the anomalous behavior signals might be indicating, some of the potential on-orbit system compromises. If that system is not performing as expected, if the responses to ground contacts and engagement are not as expected, or if there's an anomaly that occurs on orbit that creates some sort of alert, the system of CROO essentially acts as like a nervous system to provide an indication that something just isn't right. Something isn't performing the way it's supposed to.
And if we have a digital twin, as Chad described, and we can talk about that a little bit more, we can compare that on-orbit activity, that on-orbit behavior, to what normal behavior would look like and really start to pinpoint where the problem is in a way that is much more comprehensive than what we can do today.
And as Chad mentioned, the other thing that I think is very powerful about this capability, is its ability to be able to support both military applications, government applications, commercial applications across the board.
So I think it's going to be a very powerful capability and it's very exciting to see the Space Force getting behind this.
05:26 - 05:33
I’d like to dig further into the idea of a digital twin model. Can you speak a little bit more to what that means and why it presents an advantage?
05:34 – 06:36
(KC) The idea of a digital twin is that you would use artificial intelligence to be able to describe a digital version of an asset, whether it's a static asset where you wanted to create a digital representation of that asset, and you might use different sensors to understand what that asset looks like.
If there are certain operational parameters that you would expect or behavioral parameters, if you will, that you would expect that specific asset to accomplish and you would create a digital representation of the asset.
And that specific twin is then continuously updated and maintained to represent how that asset is changing in the environment within which it is operating.
And then in this case, of the CROO, might be compared to an anomalous activity of that asset that is outside of the norm, outside of the established performance parameters of the digital asset.
Let me turn it over to Chad for additional thoughts.
06:37 – 07:17
(CR) Yeah. Kim, I like the word that you used or the phrase that you used about operational parameters. And digital twins are being used to enable the operators to experiment a little bit to see what the art of the possible with the different sensors and tools and technologies and processes really would look like.
They're able to learn, they're able to apply different ideas, different hardware and software configurations to learn and really develop a best practice list of capabilities and how the live operational environment should look and so digital twins, as alluded to, have been around for a while, but I think we're going to see more and more of this because it's just such a powerful concept.
07:18 – 07:29
Now, the U.S. government has had assets on orbit for decades. But what does the continued development and maturation of artificial intelligence and machine learning technologies enable now that wasn’t possible before?
07:30 – 09:08
(KC) With artificial intelligence, we have so much more capability to create an understanding of a system in its environment without actually being there. We can capture data about the real world environment in space, and how a particular asset that we may have created a digital version of is performing, is responding to that environment with real world data.
But if we want to understand the possible scenarios, the possible attacks, the possible challenges that might impact an asset in the environment, we have to create synthetic data. We have to synthesize what that potential attack might look like, or what that potential reaction might look like in an environment that we might have to emulate through synthetic data and artificial intelligence can allow us to do that.
It can allow us to envision and establish: here is the asset. Here is the digital version of that asset in its established operational environment, and we would feed that synthetic version with realistic attack data once we have that in a range sort of scenario where it can be compared to what an attack might do to the asset. So it's a process of using data and models to not just represent what is, but to represent what could be and to represent responses and actions that could be taken if and when an anomalous behavior or an anomalous activity occurs.
09:09 – 09:14
And Sir, what are some of the anomalous behaviors or cyber attacks that CROO is being designed to detect and prevent?
09:15 – 10:54
(CR) I love the way that, that Kim described the use of data, both with what we currently have [with] the large data models that are out there of what does a normal operation look like, but also that infused with synthetic data of what might an attack look like so that you can you can look at that data and learn from that and anticipate.
And so, Scott, to your question specifically of what types of cyber attacks CROO is designed to look at and developed to prevent. There's a couple of things.
One would be intrusions and unauthorized access. So detecting when some sort of outside infiltration of the systems are taking place. It could be spotting malicious commands or any tampering or deviations in the code that are part of the normal behavior.
Kim used the term “the nervous system.” And I think that that's a very good grab on the type of thing the CROO is designed to prevent. It's looking at full signals and different spoofing techniques that an adversary or a hacker may be employing. It's looking for things like software compromise. What is actually on board and what corrupt software states come in. It could be kind of the engine light warning in your car that's popping up saying, ‘Hey, alert, there's something going on here.’
And then finally, I would say that it detects some of those anomalous operational patterns. So things like changes in real time, things that are outside the norm - going back to the data that it has been fed, things that create what a normal environment would look like and what would a simulated attack look like and it can pick up on that. So that's where I think CROO is going to help us prevent.
10:55 – 11:09
Now Charleen Laughlin, the Space Force's Deputy Chief of Space Operations for Cyber and Data, has noted in the past that there is an inherent difference between defending terrestrial networks and on-orbit networks.
Can you elaborate on the difference between the two?
11:10 – 13:57
(CR) Yeah. Scott, I love that question. And I'd like to start by just acknowledging it's great to have Char Laughlin, as the first stand alone S6, if you will, for our Space Force. I think her placement on the U.S. Space Force front office staff focused directly on cyber and data is a strong indicator of the type of talented leader she is.
She comes from a very strong joint and coalition experience in her previous role down in the Joint Staff, J6. And so she comes in and has been able to pinpoint in a very succinct way the difference between what you're talking about of terrestrial, where we think about focusing on the network and how you physically control it, how you regularly update it.
Whereas, space cyber defenses, what I'll call ‘space cyber,’ must protect things that we can't necessarily touch. Once you put that in orbit, it's operating in an area that we don't have direct access to. Often in a hostile environment and it's very complex given the distance that it is from us. So there's a couple of things that I think feed into that ‘space cyber’ definition, if you will.
One is just the complexity and the architecture. Think about this. You know, it’s not just the ground infrastructure and not just the data links that we're used to on the terrestrial side. But now you add in that orbital asset, and the interconnected ecosystem that that creates. So now you have different endpoints in different domains where you can get one by hand, but you can't get the other and so that creates complexity.
It also limits the physical access as you can't touch that once that's already been launched. So those satellites and those orbiting systems are really out of our control. It also creates a very distributed environment. There are vast differences. I mean, we're talking a long way up into space to even have that ability to work with it.
Final point that I will make is that there is a unique role that this ecosystem creates when you have those ground stations, those uplinks and downlinks and then all of those connections that are taking place. We're really seeing a real blurring of the terrestrial IT environment. So the things that we can touch. Now, it's on an asset that's in space and so that begins blurring in and bringing in the boundary of operational technology and that's really where the hardware and the software is processing. It's the control, it's the physical environment that is operating in space and so a real blurring of IT and OT and so that's unique as well. So Char Laughlin’s description I think is spot on. It's different and more complex.
13:56 - 14:13
And given these differences, the imperative to have the appropriate cybersecurity measures in place remains ubiquitous across operational domains.
So can you speak to how the government must take different defensive approaches to account for the cyber threat across these different operational domains?
14:14 – 16:00
(CR) I think there's a couple of things that come to mind when you talk about that defensive approach and the way that we're thinking about space cyber. One is that it's an imperative to be built in from the start. This is one of those things that cybersecurity is built-in by design, before it is even launched into space and so that's unique.
Different strategies are required beyond our traditional IT security. What we talked about with things like firewalls, or patching, or perimeter defense, all of those things that we are very involved in and very deliberate upon on the terrestrial side, once you get up into space that doesn't necessarily translate well.
Now you're having to think about things like remote detection and built-in resiliency. You can no longer just plug and play different assets like you could on the ground. You're now having to have built-in, redundant systems and resilient systems in the event that something happens.
You also happen to figure out, even before you deploy what sort of hardening activities, you put on those systems.
We spent quite a bit of time already talking about AI and ML and I think that that is another example of the types of defensive approaches that the digital twins and automating activities like CROO is doing. And then finally, I would just say that I think that there is a role in this of thinking about the whole of system and what that integration looks like.
Earlier I used the term the ecosystem, but I think that that is a foot stomp to this whole conversation. It's not just the exchange of data by way of uplinks and downlinks. It's the spacecraft, it's the ground systems. It's all of that and you can't treat those all individually. You have to think about the entire data flow, from ground to space and back.
16:01 – 18:31
(KC) You really do need to, more than ever, think about the engineering up front, and emphasizing the resilience up front, really working through the architecture of that entire space system as Chad's talking about not just the on orbit asset, but the the links and the connections and the ground system and how it all works together and where and how the resilience is going to be built-in and across that entire entity, that entire end-to-end system.
And this is where something like CROO becomes so important is when you're thinking about the end-to-end system [and] the monitoring of its behavior. How do you expect this system to behave across the board? And where are you going to be potentially seeing compromises in that system? We're talking about endpoints, these space satellite systems that are operating at thousands of miles, tens of thousands of miles away, whether they're in LEO about 1,200 miles away or in GEO 22,000 miles away. These assets are far away. They're moving around very, very quickly in space and they're entities that we can't afford to necessarily lose.
So we have to be really mindful, even before the asset is launched. How could that system potentially be compromised? And what are we going to do if it is, what's going to be the playbook on dealing with remediation? How are you going to get to the last normal mode of operation? And roll back in some manner to a level of operation that you can control and command the spacecraft with.
And so you've got to be able to think through how you're going to deal with potential compromises, potential delays, potential needs to rekey or reconfigure and remediate any potential anomalous behavior in that on-orbit system and the entirety of this system that it's connected to.
I'll add one more point. I mean, oftentimes, as much as we're concerned about the on-orbit asset and I'm glad that we're thinking through this and how to be able to understand it better and assess anomalous behavior - we can't overlook the ground system. The ground system is connected to the terrestrial network and it has so many potential attack vectors associated with it.
We need to be thinking about the entirety of the network, the entirety of the system, and the entirety of where the ground system could potentially be compromised as well, because quite frankly, that is still a very, very vulnerable point in our overall space end-to-end system.
18:32 – 18:53
Now, getting back to CROO. This software tool was partially funded through an AFWERX Small Business Innovation Research or SBIR, Direct-to-Phase II contract.
What does this demonstrate about SBIR as a contract vehicle for a capability the government is interested in? And further, what does this example signal about the government’s emerging cyber priorities?
18:54 – 20:37
(CR) I think what's unique about the Direct to Phase Two SBIR contract that was put in place: the government doesn't mess around on this stuff. Often, we'll have an idea. We'll get started with research by giving out some funds to allow researchers to go and be curious to look at the types of solutions that we could provide and then really bring it back to the government for us to evaluate.
I think in this case, when we're talking about directly to a phase two, what this is signaling is that the government already sees strong operational value and relevance and credibility in this CROO concept. And so that's a salute to CROO, that we've already bought into the idea. Now it's just bringing it to light.
From our innovation societies in general - AFWERX, the SBIRs program - those are explicitly designed to attract startups with great ideas, nontraditional defense contractors. We're looking for agile companies with innovative ideas. Innovation often is more important than anything. Speed matters. We're trying to close an operational gap that we are seeing.
In this case, I think the Department of War is probably saying, ‘Hey, we're willing to take some calculated risks on this.’ There's enough vulnerability to what we're seeing in space and down on the ground that we've got to get after this right now.
And so the whole idea about those phase two SBIRs is transitioning to a program of record as quickly as possible. And so for industry this is a real pipeline to real contracts. And so that's a little bit of the incentive and a little bit to your second question of how industry should look at this.
20:38 – 22:08
(KC) Yeah, I'll just add that I think that with what this signals, is that the Space Force in this particular case is very serious about space cyber. It's willing to put some money behind it. It wants to see what can be done. It really wants to see a real prototype of what can be done in this area of digital twin of a space asset and using artificial intelligence and machine learning as we talked about, to be able to not only build out the digital twin and understand its performance parameters under normal conditions, but be able to detect anomalous behavior and have a framework for doing that.
Have a framework for really, tooling the system, monitoring the system, assessing anomalies, and then being able to use that as a basis for: how do you really defend against those challenges? And providing a basis, as I said earlier, for what we might be able to do with any type of mission system. This becomes an opportunity to create a capability that's not just a one-off.
We can reuse these methods that are being built out here, to be able to expand and extend into all of the mission areas of the Space Force over time. So I think it's a very powerful way to use the Small Business Innovative Research program to have a capability developed, to get a real usable prototype that can be extended and expanded across a variety of different mission sets.
22:09 – 23:06
(CR) Yeah. Hey, Scott, if I can just piggyback on Kim's great response. Often the government is put in the role of integrator. We have stovepipe solutions that are delivered to us and then we in the government are forced to try and figure out how to bring those capabilities together.
In this particular case, with this SBIR, it's really forcing a higher level conversation about solving the system of systems problem set and and being the integrator. And so for the example of CROO, we had three different companies that came together and said, ‘We're going to take that integrator role off of you, and our engineers are going to tackle this and look at it from end-to-end and figure out how to how to bring in AI and ML and bring in cybersecurity aspects of things and bring in our engineering design, all of that together in a whole of system approach.’ And so that's just a real kudo in this case.
23:07 – 24:03
(KC) It's so interesting. In this particular case, you've got Proof Labs, Big Bear AI, and Redwire, all coming together. Again, the power of that collaboration, the power of that teaming of commercial innovative companies, a company very much focused on the application of AI and ML testing and assessing from a cybersecurity standpoint in Proof Labs. A leading AI company in Big Bear AI that is bringing modern AI techniques and machine learning.
And then a company that understands the space environment and the space components, and how satellite systems are developed and built out and the end-to-end system and particularly the on-board asset’s space components that RedWire brings to bear. So three really important capabilities coming together: cybersecurity, and the testing and analysis of it.
It’s a very powerful collaboration here.
24:04 – 24:30
CROO was also a topic of conversation at The Value of Space Summit, an event hosted last fall by the Space ISAC (or Space Information Sharing and Analysis Center).
The Space ISAC also recently announced that it’s expanding its watch center operations to the United Kingdom and other Allied countries. We’ve discussed the Space ISAC on the show before, but to briefly reiterate, can you share the role of the Space ISAC and its watch centers, particularly in context of the cyber threat?
24:31 – 25:41
(CR) I'll take a first go at this and I'll tell you that ISACs in general. So you described it: information sharing and analysis centers. These are stood up all over the environment. There's sector specific threat sharing organizations that are meant to improve the cyber resilience by indicating when there are compromises, sharing best practices, sharing information between each other, [and] getting stronger as a group.
Typically these are member-based organizations, as is the case of the Space ISAC, which is one of those again, specific sectors. So our Space ISAC is headquartered in Colorado Springs. It's a nonprofit industry consortium, but it's also a membership. And so you can choose to be part of this. And, when you come in, you're part of the broader space ecosystem that includes space companies, different government partners that are there. There are higher education research institutes and now, as you alluded to, there's some allied contributions, and it's all about sharing information about the security threats and vulnerabilities that are out there against our space systems.
25:42 – 27:25
(KC) Yeah, the Space ISAC has been around for a while now and I think they've really started to figure out ways to expand and grow into the international community with the expansion to the UK and Allied countries. They've found that it not only is important to bring those industry partners in, but as Chad mentioned, bring other countries in so that they can be able to leverage the information and insights, threat intelligence that Allied partners can provide around the globe on specific threats to the space domain.
What the Space ISAC does is it collects threat information. The members share information about vulnerabilities that they are observing to their space assets, threats to their space assets, and incidents occurring in space, whether those be cybersecurity incidents or environmental space anomalies that are impacting their systems.
And if you expand that to take advantage of the global reach of Allies and partners around the world, now you're starting to really understand, how those assets might be impacted anywhere, from any vantage point of those assets from the globe, and from the perspective of different types of members who have assets operated from their different countries.
It provides a much broader understanding of what's happening, much more potential threat vectors, against those space assets. And a lot of collaboration and coordination reinforcement, between U.S. commercial partners, international commercial partners, and U.S. and Allied government partners that are all interested in and collaborating on the Space ISAC.
27:26 – 28:29
(CR) You know, Scott, my last duty assignment was with European Command, so I had an opportunity to work quite a bit with our Allies and partners in the NATO environment.
We used to have a saying called ‘Stronger Together.’ And that was really a foot stomp of what these multinational Ally and partner cooperations look like. And so, thinking back to the Space ISAC and now that they're going global, I think there's some very easy takeaways for our audience to understand. Now you have more regions and more time zones that threat intelligence is flowing from and to, you have a ‘follow the sun’ monitoring model.
And so there may be something that you see happen in one part of the globe and through the interconnectivity of the Space ISAC they're able to see that and perhaps even get the word out for others to protect themselves. I also think that it helps from an international perspective of dialing in, not only the response for anything that's been detected, but building in some resiliency through some of the best practice programs that are out there.
28:30 – 28:46
Also at around this time, the Department of War announced a new cybersecurity framework, known as the Cyber Security Risk Management Construct, or CSRMC. Can you introduce us to this new construct and what does it aim to do differently from its predecessor: the Risk Management Framework?
28:47 – 31:13
(CR) Oh, Scott, you said the bad word of ‘risk management framework.’ RMF has been, one of those four letter words that I've known most of my career as I was in, different senior level jobs, near the end of my career, it was - I won't say the bane of my existence - but it was a tough environment, as innovative and agile leaders at the Pentagon were trying to drive us to be more cyber secure through RMF, which was just a tough model.
RMF had its role. It was based in industry standards and NIST standards. It provided a framework to get to your authority to operate or your authority to connect. And so it did have an important role. But what I like about this new cybersecurity risk management construct is this is a new framework that's built on a different set of values.
They have five different phases associated with this framework where they're designing, building, testing, on-boarding and then operating. And so what does this look like?
RMF used to be one that was more of a compliance focus, [whereas] the new model was one of continuous operational risk management. Exactly what our warfighters are looking for, exactly what commanders are looking for when they employ systems. The RMF model used to be one where you have periodic assessments. We used to be on a schedule every year or two years or three years, depending on your authority to connect and authority to operate.
Now, this new framework, this new construct is built on real-time monitoring and dashboards. So now it's not a static PowerPoint chart. Now it's a live operational dashboard that's showing you the true cybersecurity presence in real time.
What used to be a snapshot in time is now continuous and dynamic. It allows for real-time risk evaluation. It used to be limited and now there's a real central emphasis on coming together and thinking about and managing our cyber risk as a community. Those that are responsible for evaluating it and those that are responsible for fielding and operating it. And so, I'm excited to see where this is going to go. I think it's a real indicator that there is a shift, again, in the cybersecurity culture of our department. And I'm cautiously optimistic - how about that?
31:14 – 33:46
(KC) And Chad's exactly right in terms of everything he described with regards to what's different about the Cyber Security Risk Management Construct. [It] certainly puts us in a position to emphasize some of the things that we've been talking about here all along. The continuous assessment, the monitoring, versus, the sort of checking the boxes, paperwork-based approach that we had before.
And I think this is really what industry needs to think about when it comes to this new approach. That it really is about ‘show me the data,’ prove that there is a continuously measured security posture in place for a particular system or asset, and do that through evidence, through providing these digital twins that we talked about before that can really demonstrate how secure a system will be in the face of threats and how that system will be monitored and how that system will react in the face of threats.
It doesn't call specifically for digital twins, but that is one way to certainly present a continuously measured and secure posture for an asset that can be supported with some evidence, with some data, with some provability. Industry needs to ensure that systems are built for reciprocity, that they are providing information and evidence and controls that show how they're leveraging established controls and established secure methods for monitoring those systems that will reinforce its posture.
And then it's communicating specific risk to mission, not just specific risk from a cyber perspective, from a technology perspective. But what does that risk mean? What is that cybersecure vulnerability that that system is designed to protect against? How is that reinforcing the mission security? The mission posture? And so how does that system design understand, and account for protecting the mission and assuring that the controls that are in place are oriented around a mission focus, versus just a focus on a specific component of the system.
Those would be some of the things that I think industry should be taking away from this new approach, and be leaning into as it looks to seek to support the Cyber Security Risk Management Construct. Chad, what would you add to that?
33:47 – 34:11
(CR) I think mine would just be a footstomp. This is going to become the new norm and industry needs to understand that. I was just reading an article this morning where we now have a confirmed DoD CIO, who is very interested in this new construct and what that will look like for weapons systems across the Department of War.
So, it's going to be the norm, get used to the buzzwords and deliver accordingly.
34:12 – 34:32
So we’ve covered a lot of recent changes in the “space cyber” realm of national security. But here at Elara Nova, there have also been some recent developments.
General Raduege, you are now spearheading a new line of business for Elara Nova, the Cyber, Data and Communications sector, as its new president.
What are some of the goals and objectives of Elara Nova’s new CDC effort?
34:33 – 37:48
(CR) Scott, I'd be happy to. First of all, let me just say I've been with the Elara Nova team for several years now. Always been impressed with the way that they operate, the types of people that they have assembled as part of the Elara Nova family. I am just thrilled and honored to now pick up a more expanded role in this.
So we're calling it the Cyber, Data and Communications sector. I'm very excited to see how those three things interact.
First of all, I would tell you that I'm thinking in terms of multi-domain. There is, there's some real things that our warfighters are in need of, we have the terrestrial environment, we have air, we have space. And how do you tie all those things together to exchange data from one location to another through the communications nodes that we've assembled, and then make sure that you've got the right cybersecurity applications applied to that? So I mean, really, that's going to be the focus moving forward.
We really do have an objective as we initially get started to help industry and government alike cut through the complexity of everything that's out there. We've spent a lot of time today talking about systems of systems and architecture and cutting down on silos. This is a way of getting after that. We're really thinking in terms of creating a strategic edge for our warfighter.
We're focused in this new sector on industry: helping them understand really, what are the government requirements looking for? What are they asking? How do you interpret that? How do you enable your technology toward that? How do you message the capabilities that you have put together?
You have great tech, but it requires somebody that can help translate that great tech and that great vision into the requirements that the government is looking for. And then it's figuring out how to engage the right leaders at the right time. Where does the acquisition community fit in this? Where does the Combatant Commander fit into this? How about the services? Where are the authorities? Who are the right people to get visibility and get that capability recognized?
But we're also focusing on, on the government as well. How do we help them in the very demanding environment that they have? It's just a look across the environment right now to see all of the military operations that are ongoing around the world and those that are in uniform and serving in the Department of War currently have a lot to figure out how to employ the capabilities of today, while trying to envision the future.
And Elara Nova will have a role in that: helping them think about that future construct, aligning the right capabilities, with the right technology and helping figure that out, interpret what industry has out there and how that may plug into the current environment.
So I'll stop there, Scott, and just say, I'm really excited to see how this Cyber, Data and Communications play will all come together. You're going to be amazed at the type of experts that we've been able to assemble into this new sector and we're just really looking forward to making a difference for our nation.
37:49 – 38:07
And Ma’am, as one of the Founding Partners at Elara Nova, can you take us behind the scenes on what prompted the decision to stand up the CDC sector?
And how does expanding Elara Nova’s services in this way reflect the growing imperative to ensure government and commercial systems are cybersecure not only in space, but across operational domains?
38:08 – 41:14
(KC) These questions go hand in hand, really. You know, Elara Nova’s core focus from the start, is and continues to be: how do we as a company help advance the national defense and security capabilities of the United States and its Allies? And in doing so, how do we bring our team of experts who have deep and wide backgrounds and experience in and across specific domains of military operations, intelligence community operations, commercial operations, civil operations? How do we bring that expertise to bear so that we can ensure that the United States and her Allies have the absolute best capabilities that industry can bring forward and apply?
And in doing so, we recognize that those operations that I mentioned across the board are becoming more and more complex. They're becoming more and more interconnected. They're becoming more and more integrated. They're becoming more and more multi-domain across space, air, ground and cyber. And the application of technology has to be able to perform in those very complex environments. And what connects all of those environments is, in fact, software, networks, data, and the cybersecurity constructs that assure protection in and across those domains.
It's a natural outcome for us as a company to be thinking about having a sector that's going to focus on not only advancing space capabilities for our nation and her Allies, but the cybersecurity components that go along with that: the data architectures, the interconnected communication systems in space, from space, to space, and with all domains that goes along with that.
And the interconnectivity, if you will, across those three assets: cybersecurity, data and communications. It's only natural for us to think about the air domain and how air and space have to work well together to reinforce and enhance operations for each domain, across each domain, and with all the other domains of operation that our joint warfighting Combatant Commanders need to be able to assess and therefore also the cybersecurity data and network communications that needs to occur in the air, from the air, and between air and the other domains.
It's just a natural evolution of what we, as Elara Nova, bring to bear and the expertise that we want to assure can be brought forward to help our industry partners satisfy and meet government demands of operating in those complex environments and help our government think about what kinds of capabilities are needed and how to leverage those capabilities most effectively with and in support of, all the other capabilities that they're bringing forward.
41:15 – 41:54
This has been an episode of The Elara Edge. As a strategic advisory firm, Elara Nova is the trusted guiding partner that builds tailored teams to illuminate unseen opportunities and deliver impact across every domain.
With the trusted insight to deliver your decisive edge, Elara Nova is your source for expertise and guidance in cross-domain security.
If you liked what you heard today, please subscribe to our channel and leave us a rating. Music for this podcast was created by Patrick Watkins of PW Audio. This episode was edited and produced by Regia Multimedia Services. I’m your host, Scott King, and join us next time at the Elara Edge.