GSAW Information Assurance in Government Space Systems: From Art to Engineering
|
|
- Robyn Cross
- 6 years ago
- Views:
Transcription
1 GSAW 2006 Information Assurance in Government Space Systems: From Art to Engineering Charles Lavine The Aerospace Corporation
2 Toward the Global Information Grid Toward the Global Information Grid and Net-Centric Operations And Network Centric Operations Past FY03-FY10 FY06-FY20 Graphics developed by DISA 2
3 Information Assurance is in Transition The Global Information Grid concept is changing the computing landscape DoD security policy and processes are changing Requirements (DoDI ) Certification and Accreditation Boundary Protection (Cross Domain Solutions) DoD IA for Space policy signed AFSPC/LC designated accreditor NSA changes (Space SPO) NSS Acquisition Management process has changed DoD NSS NSS Engineering has evolved Systems Engineering Software Engineering 3
4 Moving NSS IA From Art to Engineering What do we need to have: Well-defined role in system acquisition processes Well-defined role in system engineering processes Consistent Certification and Accreditation process Identify Capabilities Reasonable cost models Understandable Requirements Express Architecture in system perspective Agreed to verification procedures Well-defined roles and responsibilities Contracting mechanisms to support engineering Research to support future directions Appropriate training and expertise 4
5 Topics Discussed at IA Workshop Roles And Responsibilities Contracting for IA IA Research Directions IA Cost Modeling Key Management Architectures IA Requirements Interpretations 5
6 C & A Roles, Responsibilities, and Relationships User Representative Represent mission needs Contractor Build, test and document system System requirements, MAC and confidentiality levels System and IA documents, test plans, results Program Manager Acquire system Contractor documents Certification Authority Appraise system IA (e.g., write SSAA, perform vulnerability scans) SSAA, Risk description, Readiness recommendation DAA Assess risk and authorize system operation Roles and Responsibilities 6
7 IA Acquisition and Engineering in National Security Space Systems Acquisition National Security Space Acquisition Policy Certification and Accreditation Cross Domain Solutions DOD Information Assurance Policy Program Protection Engineering Capabilities Requirements Architecture Design Build Test Software and Systems Engineering Contracting 7
8 Research Challenges Software Assurance Dynamic Communities of Interest Cross-organization Network and system administration Dynamic, federated systems Trust management High assurance Higher assurance mechanisms needed for highly connected systems Security agility Respond to failures/attacks Confidentiality and integrity protection for data In transit and at rest Information availability Research 8
9 Network Security At What Cost? Establishing network defenses How much should you budget? Acquisitions? Labor? Licenses? Support? What are the cost tradeoffs? What would you do if you did not get enough money? Maintaining network defenses How much does it take to maintain your defenses? Acquisitions? Labor? Licenses? Support? How do you justify these costs in the POM? What would you do if you were short changed? Cost Models 9
10 Key Management Infrastructure (KMI) Support for GIG COMSEC Material Control System (Physical Products) IOC Rel 3 EKMS Ph 4 IOC Ph 5 IOC KMI Client/AKP replaces LMD/KP OTNK Pilot KMI CI-2 IOC KMI CI-3 IOC IOC Transform Key Provisioning from human intensive operations to Net- Centric operations Support infrastructure changes to enable direct delivery of keying material to End Cryptographic Units. Support network management of key provisioning services via the net. Support new Crypto Modernization Algorithm Suite (JTRS, WIN-T, TC, etc) Provide Seamless Foreign Interoperability and Releasability to enable Cross Domain Solutions and Allied and Coalition sharing. Key Management Infrastructe 10 10
11 Backup Charts 11
12 Security is Policy driven 12
National Policy Governing the Use of High Assurance Internet Protocol Encryptor (HAIPE) Products
Committee on National Security Systems CNSS Policy No. 19 February 2007 National Policy Governing the Use of High Assurance Internet Protocol Encryptor (HAIPE) Products This document prescribes minimum
More informationUNCLASSIFIED R-1 ITEM NOMENCLATURE
Exhibit R-2, RDT&E Budget Item Justification: PB 2014 Air Force DATE: April 2013 COST ($ in Millions) # ## FY 2015 FY 2016 FY 2017 FY 2018 Program Element - 0.000 0.000 5.853-5.853 5.961 6.181 6.290 6.404
More informationOSD RDT&E BUDGET ITEM JUSTIFICATION (R2 Exhibit)
Exhibit R-2 0605140D8Z OSD RDT&E BUDGET ITEM JUSTIFICATION (R2 Exhibit) APPROPRIATION/ BUDGET ACTIVITY RDTE, Defense Wide BA# 5 0605140D8Z - FY 2008 FY 2009 FY 2010 COST ($ in Millions) Actual Estimate
More informationUNCLASSIFIED. Exhibit R-2, RDT&E Budget Item Justification Date February 2007 Appropriation/Budget Activity RDT&E Defense-Wide, BA 7
Exhibit R-2, RDT&E Budget Item Justification Date February 2007 Appropriation/Budget Activity RDT&E Defense-Wide, BA 7 R-1 Item Nomenclature: Net Centricity PE 0305199D8Z Cost ($ in millions) FY 2006 FY
More informationDIACAP and the GIG IA Architecture. 10 th ICCRTS June 16, 2005 Jenifer M. Wierum (O) (C)
DIACAP and the GIG IA Architecture 10 th ICCRTS June 16, 2005 Jenifer M. Wierum (O) 210-9252417 (C) 210-396-0254 jwierum@cygnacom.com OMB Circular A-130 (1996) OMB A-130 required systems and applications
More informationCampus IT Modernization OPERATIONAL CONTINUITY FLEXIBLE TECHNOLOGY MODERNIZED SYSTEMS
Campus IT Modernization OPERATIONAL CONTINUITY FLEXIBLE TECHNOLOGY MODERNIZED SYSTEMS Managing the Complexity of IT Modernization Constructing and modernizing a new campus is a complex undertaking, requiring
More informationTest & Evaluation of the NR-KPP
Defense Information Systems Agency Test & Evaluation of the NR-KPP Danielle Mackenzie Koester Chief, Engineering and Policy Branch March 15, 2011 2 "The information provided in this briefing is for general
More informationStreamlined FISMA Compliance For Hosted Information Systems
Streamlined FISMA Compliance For Hosted Information Systems Faster Certification and Accreditation at a Reduced Cost IT-CNP, INC. WWW.GOVDATAHOSTING.COM WHITEPAPER :: Executive Summary Federal, State and
More informationAn Introduction to Department of Defense IA Certification and Accreditation Process (DIACAP)
An Introduction to Department of Defense IA Certification and Accreditation Process (DIACAP) Solutions Built On Security Prepared for The IT Security Community and our Customers Prepared by Lunarline,
More informationOSD RDT&E BUDGET ITEM JUSTIFICATION (R2 Exhibit)
Exhibit R-2 0605140D8Z OSD RDT&E BUDGET ITEM JUSTIFICATION (R2 Exhibit) APPROPRIATION/ BUDGET ACTIVITY RDTE, Defense Wide BA 05 FY 2010 FY 2011 FY 2012 FY 2013 COST ($ in Millions) Estimate Estimate Estimate
More informationSolutions Technology, Inc. (STI) Corporate Capability Brief
Solutions Technology, Inc. (STI) Corporate Capability Brief STI CORPORATE OVERVIEW Located in the metropolitan area of Washington, District of Columbia (D.C.), Solutions Technology Inc. (STI), women owned
More informationModular Open Systems Approach (MOSA) Panel on Standards
Modular Open Systems Approach (MOSA) Panel on Standards Ms. Phil Zimmerman Deputy Director, Engineering Tools and Environments Office of the Deputy Assistant Secretary of Defense on Systems Engineering
More informationUNCLASSIFIED. UNCLASSIFIED Office of Secretary Of Defense Page 1 of 10 R-1 Line #218
COST ($ in Millions) Prior Years FY 2013 FY 2014 FY 2015 Base FY 2015 FY 2015 OCO # Total FY 2016 FY 2017 FY 2018 FY 2019 Office of Secretary Of Defense Page 1 of 10 R-1 Line #218 Cost To Complete Total
More informationDefense Information Systems Network (DISN) Test and Evaluation Network (DTEN)
Defense Information Systems Network (DISN) Test and Evaluation Network (DTEN) Mr. Dan Knodle Strategic Planning and Engineering Division Joint Interoperability Test Command 16 June 2011 Background Proliferation
More informationNCES Program Overview. Rita Espiritu NCES Program Manager
NCES Program Overview Rita Espiritu NCES Program Manager Components of Net-Centric Warfare DoD Net-Centric Data Strategy Information Assurance Strategy Global Connectivity (Transformational Communications)
More informationForecast to Industry Program Executive Office Mission Assurance/NetOps
Defense Information Systems Agency A Combat Support Agency Forecast to Industry Program Executive Office Mission Assurance/NetOps Mark Orndorff Director, PEO MA/NetOps 29 July 2010 What We Do We develop,
More informationJoint Federated Assurance Center (JFAC): 2018 Update. What Is the JFAC?
21 st Annual National Defense Industrial Association Systems and Mission Engineering Conference Joint Federated Assurance Center (JFAC): 2018 Update Thomas Hurt Office of the Under Secretary of Defense
More informationDoDD DoDI
DoDD 8500.1 DoDI 8500.2 Tutorial Lecture for students pursuing NSTISSI 4011 INFOSEC Professional 1 Scope of DoDD 8500.1 Information Classes: Unclassified Sensitive information Classified All ISs to include:
More informationNational Information Assurance (IA) Policy on Wireless Capabilities
Committee on National Security Systems CNSS Policy No. 17 National Information Assurance (IA) Policy on Wireless Capabilities This document prescribes minimum standards. Your department or agency may require
More informationRapid Communications Deployment: Federated Service Management to Support Multi-National Preparedness in Crisis
Rapid Communications Deployment: Federated Service Management to Support Multi-National Preparedness in Crisis Marie Murphy, Product Manager, TM Forum October 21, 2011 2011 TeleManagement Forum 1 Who is
More informationNet-centric Characteristics
Net-centric Characteristics Heterogeneous Variety is essential and inevitable basis for healthy evolutionary growth and survival within dynamic threat environment Parallel Multiple implementation and concurrent
More informationDELIVERING MISSION BASED OUTCOMES TO THE INTELLIGENCE COMMUNITY SINCE 2002 MISSION-DRIVEN SOLUTIONS 1
DELIVERING MISSION BASED OUTCOMES TO THE INTELLIGENCE COMMUNITY SINCE 2002 MISSION-DRIVEN SOLUTIONS 1 MISSION-DRIVEN SOLUTIONS 2018 INTEGRATED INTEL SOLUTIONS ALL RIGHTS RESERVED MISSION-DRIVEN SOLUTIONS
More informationSecuring Content in the Department of Defense s Global Information Grid
Securing Content in the Department of Defense s Global Information Grid Secure Knowledge Workshop State University of New York - Buffalo 23-24 September 2004 Robert W. McGraw Technical Director IA Architecture
More informationTitle: Information Assurance (IA) Design Review Information Package (DRIP) Number: DI-MGMT Approval Date:
DATA ITEM DESCRIPTION Title: Information Assurance (IA) Design Review Information Package (DRIP) Number: DI-MGMT-81845 Approval Date: 20111108 AMSC Number: N9222 Limitation: N/A DTIC Applicable: N/A GIPDEP
More informationUNCLASSIFIED. FY 2016 Base FY 2016 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Defense Security Service Date: February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 7: Operational Systems Development COST
More informationFPM-IT-420B: FAC-P/PM-IT Planning & Acquiring Operations of IT Systems Course Details
FPM-IT-420B: FAC-P/PM-IT Planning & Acquiring Operations of IT Systems Course Details 2 FPM IT 420B: FAC P/PM IT Planning & Acquiring Operations of IT Systems FPM-IT-420B: FAC-P/PM-IT PLANNING & ACQUIRING
More informationDoD Information Technology Security Certification and Accreditation Process (DITSCAP) A presentation by Lawrence Feinstein, CISSP
DoD Information Technology Security Certification and Accreditation Process (DITSCAP) A presentation by Lawrence Feinstein, CISSP April 14, 2004 Current Macro Security Context within the Federal Government
More informationUNCLASSIFIED. FY 2016 Base FY 2016 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense : February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 7: Operational Systems Development
More informationUNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2013 Office of Secretary Of Defense DATE: February 2012 COST ($ in Millions) FY 2011 FY 2012 Base OCO Total FY 2014 FY 2015 FY 2016 FY 2017 Cost To Complete
More informationInnovate Integrate Standardize Improving the C&A Process to Deliver Today s Technology Tomorrow
Improving the C&A Process to Deliver Today s Technology Tomorrow Colonel Todd Whitlow Director, Modernization and Innovation Global Cyberspace Integration Center RDT&E Challenge 2 The Good Emerging RDT&E
More informationImplementing a Modular Open Systems Approach (MOSA) to Achieve Acquisition Agility in Defense Acquisition Programs
Implementing a Modular Open Systems Approach (MOSA) to Achieve Acquisition Agility in Defense Acquisition Programs Philomena Zimmerman Office of the Deputy Assistant Secretary of Defense for Systems Engineering
More informationDoD Internet Protocol Version 6 (IPv6) Contractual Language
DoD Internet Protocol Version 6 (IPv6) Contractual Language 1. Purpose: Contents of this document shall be incorporated in Government Acquisition Programs, Procurements, Services, and Contracts (including
More informationMobile Payment Security
Mobile Payment Security What it means and how to implement it Macroeconomics of Mobile Money Columbia University Apr. 2, 2010 Hadi Nahari Principal Security & Mobile Architect PayPal, Inc. an ebay Company
More informationRetrofitting Ground Systems to improve Cyber Security
Retrofitting Ground Systems to improve Cyber Security Michael Worden Security Engineer 25 February 2014 Copyright 2014 Raytheon Company. Published by The Aerospace Corporation with permission.. Customer
More informationGrid Technologies Panel
Grid Technologies Panel 12 November 2013 Susan Van Scoyoc, PMP Director, Power & Energy Solutions Pitt Electric Power Industry Conference Who We Are CTC s capabilities include: Advanced Engineering and
More informationIMPROVING CYBERSECURITY AND RESILIENCE THROUGH ACQUISITION
IMPROVING CYBERSECURITY AND RESILIENCE THROUGH ACQUISITION Briefing for OFPP Working Group 19 Feb 2015 Emile Monette GSA Office of Governmentwide Policy emile.monette@gsa.gov Cybersecurity Threats are
More informationDepartment of Defense INSTRUCTION
Department of Defense INSTRUCTION NUMBER 8551.1 August 13, 2004 ASD(NII)/DoD CIO SUBJECT: Ports, Protocols, and Services Management (PPSM) References: (a) DoD Directive 8500.1, "Information Assurance (IA),"
More informationExhibit R-2, RDT&E Budget Item Justification February 2004
PE NUMBER: 3314F PE TITLE: Information Systems Exhibit R-2, RDT&E Budget Item Justification Cost ($ in Millions) Actual 21.659 11.51 1.55 47.718 5.877 9.78.745 23.128 79.625 2.813 72.269 26 19.735 3.32
More informationENCORE II REQUIREMENTS CHECKLIST AND CERTIFICATIONS
ENCORE II REQUIREMENTS CHECKLIST AND CERTIFICATIONS This form is completed by the Task Monitors and forwarded to DISA/DITCO-Scott with a complete ENCORE II Requirements Package. (electronic signatures
More informationAppendix 12 Risk Assessment Plan
Appendix 12 Risk Assessment Plan DRAFT December 13, 2006 Revision XX Qwest Government Services, Inc. 4250 North Fairfax Drive Arlington, VA 22203 A12-1 RFP: TQC-JTB-05-0001 December 13, 2006 REVISION HISTORY
More informationAbout the DISA Cloud Playbook
Cloud Playbk About the DISA Cloud Playbk Cloud Adopters, As you attempt to help the department move more data into the Cloud, there will be many challenges to overcome and learning to be realized. We
More informationInformation Warfare Industry Day
Information Warfare Industry Day 20180510 RDML Barrett, OPNAV N2N6G TRANSPORT COMMERCIAL INTERNET DISN SCI Coalition Networks ADNS TELEPORT NMCI & ONE-NET JRSS MOC GNOC NCDOC USMC ISNS / CANES / SUBLAN
More informationWhat is milcloud 2.0?
What is milcloud 2.0? Caroline Bean DISA Jeffrey Phelan CSRA April 4, 2018 (DISA). CRSA is providing the milcloud 2.0 services to DoD customers 1 under Contract HC102817D0004. UNCLASSIFIED 1 All forward-looking
More informationThis is to certify that. Chris FitzGerald. has completed the course. Systems Security Engineering _eng 2/10/08
This is to certify that Chris FitzGerald has completed the course Systems Security Engineering - 206760_eng on 2/10/08 Systems Security Engineering About This Course Overview/Description To define the
More informationService-Oriented Architecture for Command and Control Systems with Dynamic Reconfiguration
Service-Oriented Architecture for Command and Control Systems with Dynamic Reconfiguration Raymond A. Paul Department of Defense Washington, DC raymond.paul@osd.mil 2004-5-22 1 Outlines Motivation Dynamic
More informationSystems Engineering Update/SD-22
Systems Engineering Update/SD-22 Presented to the Parts Standardization & Management Committee October 30 - November 1, 2012 IDA 4850 Mark Center Drive Alexandria, Virginia 22311 Outline News from the
More informationAppendix 12 Risk Assessment Plan
Appendix 12 Risk Assessment Plan DRAFT March 5, 2007 Revision XX Qwest Government Services, Inc. 4250 North Fairfax Drive Arlington, VA 22203 A12-i RFP: TQC-JTB-05-0002 March 5, 2007 REVISION HISTORY Revision
More informationDoD Mobility Mobility Product Security Certification Processes
DoD Mobility Mobility Product Security Certification Processes Greg Youst DISA Chief Mobility Engineer 25 May 2017 Agenda DoD Mobility Unclassified Mobility Certification Process Main DoD Approved Product
More informationU.S. FLEET CYBER COMMAND U.S. TENTH FLEET Managing Cybersecurity Risk
U.S. FLEET CYBER COMMAND U.S. TENTH FLEET Managing Cybersecurity Risk Neal Miller, Navy Authorizing Official December 13, 2016 UNCLASSIFIED 1 Some Inconvenient Truths The bad guys and gals still only work
More informationA Roadmap-Based Framework for Acquiring More Agile and Responsive C4I Systems. GMU-AFCEA C4I Symposium 19 May 2010 Eric Yuan
A Roadmap-Based Framework for Acquiring More Agile and Responsive C4I Systems GMU-AFCEA C4I Symposium 19 May 2010 Eric Yuan (yuan_eric@bah.com) Agenda C4I Acquisition Challenges Changing the Acquisition
More informationDepartment of Defense (DoD) Joint Federated Assurance Center (JFAC) Overview
Department of Defense (DoD) Joint Federated Assurance Center (JFAC) Overview Kristen Baldwin Principal Deputy, Office of the Deputy Assistant Secretary of Defense for Systems Engineering (DASD(SE)) 17
More informationUNCLASSIFIED. FY 2016 Base FY 2016 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense Date: February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: COST ($ in Millions) Prior
More informationInformation Systems Security Requirements for Federal GIS Initiatives
Requirements for Federal GIS Initiatives Alan R. Butler, CDP Senior Project Manager Penobscot Bay Media, LLC 32 Washington Street, Suite 230 Camden, ME 04841 1 Federal GIS "We are at risk," advises the
More informationTABLE OF CONTENTS. Page REFERENCES 5 DEFINITIONS 8 ABBREVIATIONS AND/OR ACRONYMS 18 C1. CHAPTER 1 - INTRODUCTION 20
1 2 FOREWORD TABLE OF CONTENTS Page REFERENCES 5 DEFINITIONS 8 ABBREVIATIONS AND/OR ACRONYMS 18 C1. CHAPTER 1 - INTRODUCTION 20 C1.1. BACKGROUND 20 C1.2. TECHNOLOGY OVERVIEW 21 C1.3. DITSCAP OBJECTIVE
More informationIntegrated C4isr and Cyber Solutions
Integrated C4isr and Cyber Solutions When Performance Matters L3 Communication Systems-East provides solutions in the C4ISR and cyber markets that support mission-critical operations worldwide. With a
More information(U) High Assurance Internet Protocol Encryptor (HAIPE ) JCMO
(U) High Assurance Internet Protocol Encryptor (HAIPE ) JCMO December, 2010 Mike Irani SPAWAR Systems Center Pacific irani@spawar.navy.mil (U) This information is not approved for public disclosure or
More informationDoD Software Assurance Initiative. Mitchell Komaroff, OASD (NII)/DCIO Kristen Baldwin, OUSD(AT&L)/DS
DoD Software Assurance Initiative Mitchell Komaroff, OASD (NII)/DCIO Kristen Baldwin, OUSD(AT&L)/DS Agenda Background Software Assurance Definition Guiding Principles for SwA DoD SwA Strategy Elements»
More informationUNCLASSIFIED. R-1 Program Element (Number/Name) PE D8Z / Software Engineering Institute (SEI) Applied Research. Prior Years FY 2013 FY 2014
Exhibit R-2, RDT&E Budget Item Justification: PB 2015 Office of Secretary Of Defense Date: March 2014 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: COST ($ in Millions) Prior Years
More informationUNCLASSIFIED. UNCLASSIFIED R-1 Line Item #176
Exhibit R-2, RDT&E Budget Item Justification: PB 2 36: Research, Development, Test & Evaluation, COST ($ in Millions) Element 67486: AF Electronic Key Management System (AF EKMS) 675: Cryptographic Modernization
More informationCyber Challenges and Acquisition One Corporate View
Sentar Inc 315 Wynn Dr Huntsville, AL 35805 256-430-0860 www.sentar.com Cyber Challenges and Acquisition One Corporate View Defense Acquisition University Conference Huntsville, AL February 22-23, 2011
More informationCloud-based Open Architecture Approach for Common Enterprise Ground Services
Cloud-based Open Architecture Approach for Common Enterprise Ground Services GSAW Conference Feb. 29-March 3, 2016 2016 by Booz Allen Hamilton. Published by The Aerospace Corporation with permission. Agenda
More informationService Vs. System. Why do we need Services and a Services Viewpoint in DM2 and DoDAF? Fatma Dandashi, PhD March 4, 2011
Service Vs. System Why do we need Services and a Services Viewpoint in DM2 and DoDAF? Fatma Dandashi, PhD March 4, 2011 1. Does DoD Need To Model a Service? Bottom Line Up front (BLUF) DoD has a requirement
More informationCyber Update Mr. Paul Phillips AFLCMC/WNSA (937) May 17
Cyber Update Mr. Paul Phillips AFLCMC/WNSA (937) 255-2328 Paul.phillips.12@us.af.mil 9 May 17 Disclaimer: The information provided herein represents the Government s best understanding of the procurement
More informationTRIAEM LLC Corporate Capabilities Briefing
TRIAEM LLC Corporate Capabilities Briefing 3/4/ 1 CORPORATE OVERVIEW CORPORATE VALUES MISSION STATEMENT SERVICES WORKFORCE EXPERIENCE CORPORATE CONTACTS 3/4/ 2 CORPORATE OVERVIEW TRIAEM is certified through
More informationGPS OCX BLOCK 1 NETCENTRIC INTERFACES. Walid Al-Masyabi Raytheon Company, Intelligence, Information and Services,
GPS OCX BLOCK 1 NETCENTRIC INTERFACES Walid Al-Masyabi Raytheon Company, Intelligence, Information and Services, Chuck Corwin, Sarah Law, Stephen Moran, Michael Worden Raytheon Company, Intelligence, Information
More informationProviding Cybersecurity Inventory, Compliance Tracking, and C2 in a Heterogeneous Tool Environment
Providing Cybersecurity Inventory, Compliance Tracking, and C2 in a Heterogeneous Tool Environment Joseph L. Wolfkiel Secure Configuration Management Lead Engineer May 2018 1 Disclaimer The information
More informationMINIMUM SECURITY CONTROLS SUMMARY
APPENDIX D MINIMUM SECURITY CONTROLS SUMMARY LOW-IMPACT, MODERATE-IMPACT, AND HIGH-IMPACT INFORMATION SYSTEMS The following table lists the minimum security controls, or security control baselines, for
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Key Management Key Management is a service and process that provides, controls, and maintains the cryptographic keys,
More informationAccelerating Cloud Adoption
Accelerating Cloud Adoption Ron Stuart July 2016 Disruption Disruption is the new normal Globally interconnected, convenient and more efficient than ever before NZ Government challenge is to use disruptive
More informationSystems Engineering for Software Assurance
Systems Engineering for Software Assurance Kristen Baldwin Office of the Under Secretary of Defense Acquisition, Technology and Logistics Systems Engineering Software Assurance Scope: Software is fundamental
More informationVirtustream Cloud and Managed Services Solutions for US State & Local Governments and Education
Data Sheet Virtustream Cloud and Managed Services Solutions for US State & Local Governments and Education Available through NASPO ValuePoint Cloud Services VIRTUSTREAM CLOUD AND MANAGED SERVICES SOLUTIONS
More informationTeam Capabilities and Specializations
Team Capabilities and Specializations X-Feds, The Small Business headquartered in San Diego, CA with satellite offices located in Virginia, Indiana, Charleston and the National Capital Region. Established
More informationNDIA SE Conference 2016 System Security Engineering Track Session Kickoff Holly Dunlap NDIA SSE Committee Chair Holly.
NDIA SE Conference 2016 System Security Engineering Track Session Kickoff Holly Dunlap NDIA SSE Committee Chair Holly. Dunlap@Raytheon.com This document does not contain technology or Technical Data controlled
More informationDepartment of Defense Fiscal Year (FY) 2013 IT President's Budget Request Defense Technical Information Center Overview
Mission Area Department of Defense Business System Breakout Appropriation All Other Resources 19.083 EIEMA 19.083 RDT&E 19.083 FY 2013 ($M) FY 2013 ($M) FY 2013 ($M) FY12 to FY13 Comparision ($M) FY2012
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Network Boundary and The Network Boundary and for an Enterprise is essential; it provides for an understanding of
More informationFISMAand the Risk Management Framework
FISMAand the Risk Management Framework The New Practice of Federal Cyber Security Stephen D. Gantz Daniel R. Phi I pott Darren Windham, Technical Editor ^jm* ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON
More informationBuilding an Assurance Foundation for 21 st Century Information Systems and Networks
Building an Assurance Foundation for 21 st Century Information Systems and Networks The Role of IT Security Standards, Metrics, and Assessment Programs Dr. Ron Ross National Information Assurance Partnership
More informationCIS 444: Computer. Networking. Courses X X X X X X X X X
4012 Points Courses * = Can include a summary justification for that section. FUNCTION 1 - GRANT FINAL ATO A. Responsibilities 1. Aspects of Security *Explain the importance of SSM role in (IA) 2. Accreditation
More informationCYBER SOLUTIONS & THREAT INTELLIGENCE
CYBER SOLUTIONS & THREAT INTELLIGENCE STRENGTHEN YOUR DEFENSE DarkTower is a global advisory firm focused on security for some of the world s leading organizations. Our security services, along with real-world
More informationTest Resource Management Center Directed Energy T&E Conference A Joint DEPS ITEA Event
Test Resource Management Center Directed Energy T&E Conference A Joint DEPS ITEA Event Mr. George Rumford Deputy Director Major Initiatives and Technical Analyses Test Resource Management Center January
More informationDavidson Technologies: A Medium Sized Business Experience with DFARS 7012/NIST
Davidson Technologies: A Medium Sized Business Experience with DFARS 7012/NIST 800-171 Davidson Technologies Founded in 1996 by Dr. Julian Davidson Father of Missile Defense in America Sen. Jeff Sessions
More informationInformation Sharing in the GIG Environment and the C2 Perspective
Information Sharing in the GIG Environment and the C2 Perspective 24 April 07 Precision Strike Conference People throughout the trusted, dependable and ubiquitous network are empowered by their ability
More informationRisk Management Framework for DoD Medical Devices
Risk Management Framework for DoD Medical Devices Session 136, March 7, 2018 Lt. Col. Alan Hardman, Chief Operations Officer, Cyber Security Division, Office of the DAD IO/J-6 William Martin, Deputy of
More informationForecast to Industry 2016
Forecast to Industry 2016 Cyber Portfolio COL Brian Lyttle Program Executive Officer, Cyber 17 November 2016 UNCLASSIFIED 1 Our Mission Develop, integrate, and assure cyber capabilities in order to enable
More informationUNCLASSIFIED FY 2016 OCO. FY 2016 Base
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense Date: February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 3: Advanced Technology Development
More informationFiXs - Federated and Secure Identity Management in Operation
FiXs - Federated and Secure Identity Management in Operation Implementing federated identity management and assurance in operational scenarios The Federation for Identity and Cross-Credentialing Systems
More informationAccelerate Your Enterprise Private Cloud Initiative
Cisco Cloud Comprehensive, enterprise cloud enablement services help you realize a secure, agile, and highly automated infrastructure-as-a-service (IaaS) environment for cost-effective, rapid IT service
More informationAgile Coalition Environment (ACE) Freedom within a Framework. Michele McGuire Space & Naval Warfare Systems Command Office of Chief Engineer (056)
Agile Coalition Environment (ACE) Freedom within a Framework Michele McGuire Space & Naval Warfare Systems Command Office of Chief Engineer (056) Points of Contact Sponsor: U.S. Pacific Command Mr. Randall
More informationCybersecurity in Acquisition
Kristen J. Baldwin Acting Deputy Assistant Secretary of Defense for Systems Engineering (DASD(SE)) Federal Cybersecurity Summit September 15, 2016 Sep 15, 2016 Page-1 Acquisition program activities must
More informationVol. 1 Technical RFP No. QTA0015THA
General Services Administration (GSA) Enterprise Infrastructure Solutions (EIS) Core Infrastructure IPSS Concept of Operations Per the IPSS requirements, we provide the ability to capture and store packet
More informationDefense Information Systems Agency (DISA) Department of Defense (DoD) Cloud Service Offering (CSO) Initial Contact Form
Defense Information Systems Agency (DISA) Department of Defense (DoD) Cloud Service Offering (CSO) Initial Contact Form Page 1 of 5 Submitted to DISA s DoD Cloud Support Office by: Signature (Prefer CAC
More informationCloud Computing Strategy
Department of Defense Chief Information Officer Cloud Computing Strategy July 2012 Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden for the collection of information is
More informationNATIONAL COMPUTER SECURITY CENTER A GUIDE TO PROCUREMENT OF SINGLE AND CONNECTED SYSTEMS
RATIONAL COMFDTEB SECÜBITT; "CHUBB NCSC TECHNICAL REPORT-004 Library No. S-241,359 NATIONAL COMPUTER SECURITY CENTER 19980513 111 A GUIDE TO PROCUREMENT OF SINGLE AND CONNECTED SYSTEMS LANGUAGE FOR RFP
More informationMOVING MISSION IT SERVICES TO THE CLOUD
MOVING MISSION IT SERVICES TO THE CLOUD About half of civilian agency IT officials report they are now implementing mission support and business systems in the cloud. But a new progress report also highlights
More informationDepartment of Defense Defense Information Enterprise Architecture Version 1.0 April 11, 2008
Department of Defense Defense Information Enterprise Architecture Version 1. April 11, 28 Prepared by: Department of Defense Office of the Chief Information Officer (This page intentionally left blank)
More informationAFCEA Welcome/Opening Keynote Speech. Murad Bayar, Undersecretary for Defense Industries, MoND, Turkey
AFCEA Welcome/Opening Keynote Speech Murad Bayar, Undersecretary for Defense Industries, MoND, Turkey A Turkish Perspective on the Challenges of Security in a Network-Enabled Environment I would like to
More informationDepartment of Defense Fiscal Year (FY) 2014 IT President's Budget Request Defense Advanced Research Projects Agency Overview
Mission Area Business System Breakout Appropriation BMA 0.027 Total 35.003 Defense Business Systems 0.027 All Other Resources 34.976 EIEMA 34.976 FY 2014 ($M) FY 2014 ($M) 35.003 FY 2014 ($M) FY13 to FY14
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Deployment Deployment is the phase of the system development lifecycle in which solutions are placed into use to
More informationUNCLASSIFIED. Exhibit R-2, RDT&E Budget Item Justification Date: February 2008 Appropriation/Budget Activity RDT&E, Dw BA 06
Exhibit R-2, RDT&E Budget Item Justification Date: February 2008 R-1 Item Nomenclature: Support to Networks and Information Integration, 0605170D8Z Cost ($ in millions) FY 2007 FY 2008 FY 2009 FY 2010
More informationISC2. Exam Questions CAP. ISC2 CAP Certified Authorization Professional. Version:Demo
ISC2 Exam Questions CAP ISC2 CAP Certified Authorization Professional Version:Demo 1. Which of the following are the goals of risk management? Each correct answer represents a complete solution. Choose
More information