About

Mission: To assure the effectiveness of the U.S. Air Force’s five core missions by increasing the cybersecurity and resiliency of systems and information.

Vision: To facilitate risk management decisions within the cyber domain, across the five core missions of the Air Force, by:

  • Creating policy for enterprise cybersecurity risk management
  • Overseeing the implementation of cybersecurity controls
  • Enforcing compliance of US, DoD, and Air Force policies
  • Advocating cybersecurity issues within the Air Force corporate process

The Office of the CISO (A6Z) is comprised of three divisions: Cybersecurity Program (A6ZC), Mission Assurance (A6ZR), and Special Projects.

A6Z is tasked with transforming the Air Force from reactive to proactive cybersecurity through policy, processes, and strategic communications. A6Z implements and enables a cybersecurity governance structure to inform senior leaders of cybersecurity challenges leading to agile, effective, and informed decisions regarding cybersecurity risk mitigation.

A6ZC provides oversight and policy guidance using the Risk Management Framework to ensure Cybersecurity across the five Air Force core mission areas. A6ZC partners with AF, DoD, Joint, and Federal agencies to support an integrated approach to Cybersecurity that effectively manages community risk while meeting AF needs.

A6ZR serves as the central integrator for cybersecurity activities in weapons and mission systems across Information Technology, Operational Technology, and platforms. A6ZR creates, sustains, and operates an Enterprise Risk Management system that enables the Air Force to understand cybersecurity risk and prioritize cybersecurity mitigations.

The Special Projects Division implements innovative Air Force cybersecurity initiatives through internal and external stakeholder collaboration and the prioritization of tasks that increase resiliency and improve the identification and management of risk throughout the lifecycle of all Air Force IT systems.

History

The Office of the Chief Information Security Officer (CISO) was established on September 23, 2016 by the former Chief Information Officer (CIO) of the Air Force, Lieutenant General William J. Bender. Spurred to action by the recommendations of an internal cybersecurity task force, the establishment of the CISO reiterated the importance of continuously prioritizing cybersecurity in the way the Air Force thinks, plans, and operates to fulfill its core missions.

Timeline:

  • SEPTEMBER 2016 – Lieutenant General Bender announces the establishment of the AF CISO.
  • SEPTEMBER 2016 – Mr. Peter Kim is hired to lead the CISO in oversight, development, and execution of the Air Force cybersecurity program.
  • OCTOBER 2016 – The CISO launches a year-long Cyber Secure campaign to stress the importance of focusing on cybersecurity throughout the service.
  • JUNE 2017 – Lieutenant General Bradford Shwedo took office as the presiding CIO.