The 2nd Air Force, part of the United States Air Force, is responsible for training and preparing airmen in various operational specialties. As a key component of the Department of Defense (DoD), it faces unique challenges in maintaining cybersecurity and ensuring compliance with rigorous federal regulations.
In September 2023, the groundbreaking relationship with 2nd Air Force (2AF) / A6 Directorate with Ingalls entered via a Phase III Small Business Innovation Research (SBIR) contract to address their critical challenges in Authorization to Operate (ATO). This collaboration marks a significant milestone in enhancing the security posture of the 2AF mission-critical systems and operations.
Challenges Faced
In 2023, 2AF/A6, Air Education and Training Command (AETC), found themselves looking for innovative technology to meet the MAJCOMs Operational Command Tasks to incorporate digital-age technology across the command – Technical Training Transformation for the Digital Age. The desired outcome is to redesign AETC IT to support Force Development and Talent Management, support learning, advance learning applications, and data analytics so Airmen can obtain and exchange information on their device of choice.
Areas in which Ingalls achieves this Line of Effort (LOE) is to help 2AF/A6 to evaluate technologies and capabilities to reduce duplicities, enhance standardization for Phase 0 aka Prepare Step, and Enable consistency for stakeholders.
The 2nd Air Force encountered several significant challenges in its cybersecurity efforts:
Complex Compliance Requirements: Navigating the Risk Management Framework (RMF) and Authorization to Operate (ATO) processes was cumbersome, leading to delays in achieving compliance.
Resource Limitations: The existing cybersecurity team lacked sufficient personnel and expertise to effectively manage the increasing demands for security assessments and documentation.
Evolving Threat Landscape: As cyber threats became more sophisticated, the 2nd Air Force needed a proactive approach to risk management that could adapt to new vulnerabilities
Solutions Provided by Ingalls
Innovative Technology Coupled With Human-in-the-Loop Experts:
CSAR® Implementation
Ingalls introduced its Cybersecurity Assurance Readiness (CSAR®) tool, which employs an automation-driven modular approach while maintaining a human-in-the-loop model. This helped streamline the ATO process by providing an intuitive dashboard and expert guidance throughout the compliance journey.
The entire experience offered refined processes to reduce chance of errors, confusion, and fatigue and provided the following benefits:
Intuitive dashboard
Mapping of mandatory forms
Human-in-the-loop (Dedicated SME)
Cyber plans & playbooks
Conclusion: Benefits of an Ongoing Strategic Partnership
Enhanced cybersecurity readiness: The collaboration has strengthened 2AF's ability to identify and categorize IT systems entering the RMF process.
Automated compliance: Ingalls' solution automates mandatory Air Force ATO forms, enabling users to keep pace with RMF requirements more efficiently during the RMF Prepare Step.
Scalable and responsive services: The partnership has demonstrated the effectiveness of repeatable and sustainable Assessment & Authorization (A&A) services.
This contract highlights Ingalls Information Security's commitment to providing innovative and customized solutions that meet the dynamic challenges faced by the Department of Defense. By collaborating with the 2AF/A6 Directorate, Ingalls seeks to establish a new benchmark for cybersecurity excellence within the military and defense sectors.
The Results
3 of 17 applications completed CSAR® in just 3 months, reducing the ATO entry timeline by 3 to 6 months.
$500K saved by consolidating two systems into an Assess Only package, avoiding a lengthy ATO path.
$250K saved through proper system categorization & alignment with the appropriate Program of Record.
Help text was added for Program Managers and stakeholders, streamlining the IT Scoping Worksheet processing time.
Tasking Order (TASKORD) 24-005 established Ingalls' CSAR® to assist HQ 2AF Detachment 23 in evaluating applications and tools, ensuring optimal development resources are effectively scaled across the command.
Two systems finished CSAR® three weeks ahead of schedule, achieving a 20% reduction in ATO timeline.
Download the Case Study
Learn more about our partnership with the U.S. Air Force (2AF) to address cybersecurity challenges, including complex compliance requirements, resource limitations, and an evolving threat landscape. We implemented our CSAR® tool, combining automation and expert guidance to streamline the Authorization to Operate (ATO) process. This collaboration resulted in enhanced cybersecurity readiness, significant cost savings, and reduced timelines for compliance. The initiative underscores our commitment to innovative, scalable solutions that advance cybersecurity excellence within the Department of Defense.
