Civil engineers implement cybersecurity for Air Force infrastructure

  • Published
  • By Veronica Kemeny
TYNDALL AIR FORCE BASE, Fla. – Today’s civil engineers are leading the way with cybersecurity implementation for the Air Force.

From Tyndall, a team of 40 civil engineer information technology certified professionals are traveling the globe to implement the Air Force-wide Industrial Control System, or ICS, cybersecurity program.

Cyber threats and vulnerability impact the security of Air Force infrastructure and, according to Dr. Ivy Bates, the Air Force Civil Engineer Center’s ICS branch chief, her office is ready to help installations become compliant with new Air Force guidelines.

Once a risk assessment has been completed, the team generates a report which allows installation leadership to see if they have met the standard or if more work is needed. It may take six months to a year to become compliant.

“Our staff can help with any items that come up. We help mitigate risks and work to get you to an authority to operate,” said Bates.

For Bates and her team, the goal is protecting every installation from ICS cyberattacks.

“We are trying to keep the bad guys out so they do not bring down the grid by turning off power,” said Chris Correll, electrical engineer with AFCEC’s civil engineer maintenance and inspection repair team. “What if someone deliberately shut off the airfield runway lights to the flightline when our pilots were trying to land? We are providing ‘checks and balances’ to keep the cybercriminals out.”

To provide better solutions to fight the cybersecurity risk, Air Force civil engineers are working outside of the service, partnering with other Department of Defense agencies as well as industry.

“We can’t solve this by ourselves,” said Edwin Oshiba, deputy director of civil engineers and deputy chief of staff for logistics, engineering and force protection. “We are going to need industry to help us. This is a team sport. We are doing a lot of things with industry, our sister services and Office of the Secretary of Defense. We are trying to shape the policy as it unfolds.”

The AFCEC cybersecurity team has visited numerous installations with many having different needs. To date, 455 systems have gone through the risk assessment process. Installations must become ICS compliant by fiscal year 2019.

For more information about ICS compliance, contact the AFCEC Reach Back Center at or call 850-283-6995.