Lieutenant Colonel Angie Waters, representing the US Air Force, is a National Security Affairs Fellow for the academic year 2019–20 at the Hoover Institution.
In this interview, Waters discusses her career as a cyber operator in the US Air Force, her work to establish a cyber curriculum at US Air Force Weapons School, and the role of defensive cyber operations in US military strategy.
Why did you join the US Air Force?
I was born and raised in Humboldt, Nebraska, a small town of about a thousand people in the southeast corner of the Cornhusker State.
At an early age, I knew that I wanted to study science and technology. During junior high, I was selected to participate in Women Investigating Science and Environment (WISE) at the University of Nebraska–Lincoln. WISE promoted women’s participation in STEM, and as part of the program I received my first computer, a Macintosh Classic. I was hooked. I graduated from Humboldt High School and continued my studies at Nebraska, majoring in both computer engineering and electrical engineering.
At the time, I had no plans to join the military. But I applied for a number of scholarships and received a three-year Air Force ROTC scholarship. This gave me the opportunity to be a ROTC cadet without a commitment. Almost immediately I loved the team-oriented atmosphere in the program and I was inspired to earn my commission.
After graduating from Nebraska and receiving my commission as a communications and information officer, the Air Force sent me to complete a master’s degree in electrical engineering at the Air Force Institute of Technology (AFIT), located at Wright-Patterson Air Force base near Dayton, Ohio.
What is the role of an Air Force communications and information officer?
Communications and information officers are tasked with securing and ensuring functionality of the communications infrastructure at Air Force bases, including internet, satellite, and telephone networks. They also keep a detailed paper trail of all network operations and troubleshooting.
In 2005, the Air Force updated its mission to include cyberspace: to fly, fight and win . . . in air, space, and cyberspace. The service then converted all of its communications and information officers into cyberspace operations officers in 2010. Cyber operations continues to evolve; my official specialty has changed four times during of my career. However I have always been substantively focused on defensive cyberspace operations.
What are defensive cyberspace operations?
The Air Force executes defensive cyberspace operations to strengthen the security of our networks, to preserve the ability to conduct missions, and to defend mission systems. This includes not only our computer networks but also the defense of air and space weapons systems. For example, defensive cyber operators can assess the vulnerabilities of the communication components in F-35 or F-15 fighters and help protect these aircraft in future combat situations.
Cyber operators are deployed to a number of organizations throughout the US military. In 2012, US Cyber Command directed the creation of the Cyber Mission Force, consisting of 133 Cyber Mission Teams including 68 Cyber Protection Teams (CPTs). The Air Force has 14 of these teams focused on defending “enclaves,” small sections of networks, including fighter aircraft, missile systems, and satellite control systems. These teams are also a quick reaction force for responding to intrusions in the network.
In addition to the CPTs, the Air Force is also building Mission Defense Teams (MDTs) to provide localized enclave defense. These specialized teams give Air Force commanders additional resources to defend critical mission tasks from cyber actors. How these networks are defended is ultimately based on the commanding officer’s decisions, as he or she is limited in personnel and resources against a whole variety of cyberattacks. There is an old adage that is used in cyber defense that explains this scenario well: “If you defend everything you defend nothing.”
In addition to the enclave defense, there are also squadrons that defend the Air Force’s “enterprise” network. These units monitor, secure, and protect the Air Force information network necessary to execute daily operations. These squadrons protect the network from numerous threats, whether from sophisticated cyber actors such as China, Russia, and Iran or from script kiddies.
Where have you been deployed?
Following my master’s studies at AFIT, I was stationed at Minot Air Force Base in North Dakota, where I was the executive officer to the operations group commander. He basically oversaw the B-52s missions on base. I learned a lot about flying operations in the Air Force and how it integrates into how we fight. This experience paid dividends in my later assignments.
The Air Force regularly conducted what was called the “Continuous Bomber Presence” at Andersen Air Force Base in Guam, a mission that has recently concluded. In 2006, I deployed to Guam for five months with a number of pilots and aircraft. And believe it or not, that’s been my only deployment.
Do lessons from the traditional canon of warfare apply to cyber operations?
I think so. As a student at the School for Advanced Air and Space Studies, we studied the classic writings such as those by Sun Tzu, Thucydides, and Carl von Clausewitz, all of whom wrote from a perspective of land and naval warfare. However, these writings have been applied to the three-dimensional battlespace of air and space for years, and I think that cyberspace fits in as well. Some of the classic writings on warfare are timeless, regardless of the domains or tools of warfare in use. For example, that “old adage” I mentioned earlier was from Frederick the Great.
Why did you decide to become a National Security Affairs Fellow at the Hoover Institution?
When I applied for Air War College, I wanted to expand my experience outside of military education. The National Security Affairs Program at Stanford University offered the opportunity to not only study with technology experts but to also be immersed in Silicon Valley and all that the area has to offer. I love the variety of classes, and it has been amazing to engage with the fellows.
I really enjoyed Alex Stamos’s Hack Lab class, because it reinforced and complimented much of what I’ve learned in the Air Force. It was also an opportunity to have enriching discussions about cyber warfare issues in an unclassified environment.
Each quarter, I’ve taken at least one class at the Stanford Graduate School of Business in which every session included a guest speaker from Silicon Valley’s C-suite. Each of these senior executives discussed cutting-edge technology and their company’s path of innovation. It was incredible just to listen.
What is your research focus at Hoover?
Throughout my year at Hoover, I’ve spent time researching cyberspace, innovation, artificial intelligence, national security, strategic, management, leadership and more. Recently, my research has focused on enhancing Air Force acquisitions by utilizing academic ventures such as Hacking for Defense (H4D). I was fortunate to mentor two H4D teams this quarter; one focused on identifying political influence disinformation and the other was working to enable remotely piloted vehicle operation in GPS-denied environments. The teams are given a Department of Defense tough problem to solve. They use Steve Blank’s Mission Model Canvas to frame their hypothesis and then they “get out of the building” and talk to beneficiaries. Even with the restrictions of COVID-19, the teams were able to get out via phone calls and videoconferencing to better understand the problem and to search for a mission solution fit. Each of the eight teams created a minimum viable product and presented their findings at the end of quarter. Steve Blank posts all the presentations on his blog. I believe that the Air Force could better utilize the H4D teams at universities across the country to help solve some of our toughest problems.
Is there anyone at Hoover who has made you think differently?
I have really enjoyed the series that Secretary George P. Shultz has hosted on Governance in an Emerging New World. He brought together experts on various topics, and it’s remarkable to see how Secretary Shultz synthesizes information and provides holistic perspectives on global issues.
Hands down, Alex Stamos is my favorite person to listen to for a number of reasons. One, his research interests are the same as mine, and we are both about the same age. Whenever he made a pop culture reference, I was one of the few people in class who actually understood him!
Stamos has shared really remarkable experiences from the various companies that he's worked for in Silicon Valley including Facebook and Yahoo. He is also doing amazing work at Stanford’s Cyber Center.
What does leadership mean to you?
Leadership means uniting a group of people toward a common goal. It also means motivating people to accomplish feats that they previously believed they could not. I have always been inspired by leaders who are dedicated to maximizing performance and making everyone better, versus those who have the shortsighted and finite goal of just getting the job done.
What do you like to do for fun?
I enjoy spending time with my family. We love traveling and hiking. On our way from Florida to California last summer, we visited six national parks, and we hope to add many more to the list.