Securing Golden Dome: tackling cyber vulnerabilities in a ‘system of systems’

Golden Dome intends to provide defense against ballistic, hypersonic, advanced cruise missiles, and other next-generation aerial attacks from peer, near-peer, and rogue adversaries.

Adversaries willing to challenge the US, even in the face of Golden Dome’s capabilities, will look for openings across every domain and cyber will be one of the first they press.

When industry considers cyber defenses for Golden Dome, the starting point is simple: its scale and interconnected systems introduce new cyber risks. Any proposed defense must account for that complexity from the outset.

How “Complex” Are We Talking About?

Complex is vague on its own, so it helps to define what that means in this context. Goldent Dome is inarguably as complex a national security endeavor as the US has ever undertaken, with Gen. Michael Gutlein, Golden Dome’s program manager, having compared the effort’s scale to the Manhattan Project.

This is in part to be measured by the scale and variety of networked systems that ultimately will come to make up Golden Dome.

Some examples include:

• Nineteen performance areasto be worked by industry under the SHIELD IDIQ.

• Nineteen areas of interest under the NOBLE vehicle.

• Multiple classes of Golden Dome systems that are funded just in the initial $25 billion reconciliation act.

• These will require accelerated development, integration, and demonstration with several legacy systems and still-to-be-funded additional systems.

• Near global scale over which Golden Dome must operate.

• Diversity of threats it must counter.

• Long- and short-range multi-attack, multi-domain operational scenarios that Golden Dome’s operators will face.

Just in terms of number of systems, let’s dig in a bit more on that $25 billion in reconciliation funding. The line items in that funding include:

• Space-based and boost-phase missile interceptors.

• Non-kinetic missile defense effects, such as electronic warfare tools.

• Missile Defense Agency special programs.

These three alone, along with others on that list of nine, likely involve multiple new systems. And this list does not yet include existing systems that will contribute along with these newly developed capabilities such as sea-based systems, ground sensors, networks, battle management/command and control systems. The bottom line here is Golden Dome only becomes reality by building legacy systems while developing entirely new capabilities across domains on land, sea, air, space, and cyberspace.

Further, this demands integration across domains to work together as a single cohesive enterprise involving all branches of the military and tens of thousands of users. That’s the level of complexity this initiative must overcome to make Golden Dome a reality, rather than another ambitious program that failed in execution. 

Layering in Cyber Considerations

Gen. Stephen N. Whiting, commander of US Space Command, cites cyber-attacks on space systems as one type of threat that is “rapidly emerging and changing.” Cyber threats against Golden Dome’s complex system of systems can exploit an extensive number of attack surface vectors including:

• Weaknesses inherent in integrating legacy and new systems.

• Existing vulnerabilities that have been identified but not yet exploited.

• New and emerging vulnerabilities in newly developed Golden Dome systems

• Nation-state attacks, from countries such as China that already possess strong cyber capabilities and continue to drive investment into the domain;(this threat was specifically cited by Whiting.)

• Cyber threats can leverage the inherent connectivity involved in Golden Dome to use cyber as the foundation of an attack that would spread across Golden Dome before the U.S. can counter it.

• Multi-pronged cyber-attacks evolving at rapid speed can surgically take down, even briefly and reversibly, key capabilities and networks at just the right times to disrupt Golden Dome’s response.

• Operators, who will be spread geographically while controlling different functions in Golden Dome’s integrated whole, will need to respond at great speed; their distributed nature increasing risk that cyber threats go undetected until it is too late to counter them.

A specific, well-designed cyber capability can bring value to Golden Dome, or at least to one of its component systems or its network. But a truly well positioned, effective offering will bring cyber capability to the system in a way that contributes cyber domain awareness in the context of Golden Dome’s complexity and full domain awareness. Golden Dome operators need domain awareness of a cyber threat in full, integrated context for it to operate through the inevitable cyber domain threats coming along with other multi-pronged attacks.

Effective Golden Dome Cyber Solutioning and Positioning

Organizations who want to differentiate themselves amongst competitors trying to win on Golden Dome must go beyond just common cyber capability attributes. Detection of threats, countering threats, learning from incidents and how to rapidly deploy at scale are essential. A few key cyber needs for Golden Dome include:

• Full integration and not “bolted on” Cyber cannot be an afterthought. It is a central pillar that will define whether the system works when called upon. Awareness of the cyber domain is integral to Golden Dome.

• High performing detection  Cyber detection, awareness, and response tools and capabilities must be readily integrated with overall Golden Dome operations, including domain awareness, system availability/readiness, and response options. 

• Do not impede capabilities but work in a symbiotic fashion Cyber capabilities must complement, rather than further complicate. Operators must be able to understand cyber threats and impacts in the context of all that Golden Dome will be facing in a real-time, rapidly evolving scenario. 

When a Golden Dome capability or system is under cyber-attack, the tools that detect and respond must enable rapid course of action assessment and decision-making to help continue effective Golden Dome operations. They need to enable operators to realize the attack is happening, to understand the threat level of the attack, and then aid in defeating/containing the threat without having to refer to some isolated cyber operations cell. Any attack can create a window for a threat in the physical world to succeed in the adversary’s purpose. Cyber capabilities must operate within the overall domain awareness and response workflows. They need to integrate with tools that generate course(s) of action associated with operating through that threat and effectively countering whatever Golden Dome is having to defend. Also, they need to be readily integrated within training/simulation tools so that operators can experiment and become confident in using those tools in practice in the event they need to rely on those tools in a real-world scenario. 

What can you do next? 

Successful capture in Golden Dome is going to require a company’s best efforts. Now is the time to start building and executing your capture strategy. Cybersecurity solutions must emphasize how they contribute to overall Golden Dome resilience vs. any siloed cyber capability. We encourage cyber innovators to avoid thinking narrowly about how your solution can contribute to Golden Dome. Teams need to prepare to communicate with these customers with a holistic understanding of how every piece of Golden Dome contributes within the context of the overall system of systems. This lens of understanding is a key step toward positioning a winning offering that resonates with the Golden Dome decision makers.

Jennifer Namvar is the founder of the Peerless Group, and TIm Cunningham is the founder of Cunningham Strategy.