Information Warfare Industry Day

Transcription

1 Information Warfare Industry Day RDML Barrett, OPNAV N2N6G

2 TRANSPORT COMMERCIAL INTERNET DISN SCI Coalition Networks ADNS TELEPORT NMCI & ONE-NET JRSS MOC GNOC NCDOC USMC ISNS / CANES / SUBLAN / TSCE TACTICAL SWITCH (TSw) A P P L I C A T I O N S Installations Air Combat HM&E Navigation C O N T R O L S Y S T E M S C 4 I S Y S T E M S DISN Core INTERNET ADNS NCTAMS/NOC DISN CORE NCDOC MOC Public Works Physical Security PSNET Public Safety Air Ops Port Ops C O N T R O L S Y S T E M S Other Connections (Commercial, Coalition, RF) Cyber resilience extends across the enterprise 2

3 Cyber resilience is continued operations in a contested cyber environment 3

4 Cyber Resilience Strategy TFCA (2014/5) 2016 CYBER RESILIENCY APPROACH Cyber situational awareness Build-in-resiliency Control points Cyber hygiene Cyber workforce RESTORE Cyber Resilience REACT + FOUNDATIONAL Cyber resilience is the Navy s long-term strategy 4

5 Standards Completion Status IA Standards Aligned to NIST Framework Designing for Security & Resiliency Implementation Standards FY15 Identify NIST Framework Protect Detect Respond Recover Discover Anatomy of a Cyber Attack Probe Penetrate Escalate Expand Persist Execute Stds 11/33 26/33 19/33 7/33 5/33 15/33 27/33 28/33 22/33 23/33 16/33 23/33 1 HLP 2 Network Firewall 3 IDPS 4 ISCM 5 SIEM 6 Vulnerability Scan 7 Boundary Protect FY16 8 OS 9 Cyber Risk 10 TSN 11 Cyber SA 12 IT Asset Mgmt 13 Account Mgmt 14 Cyber CM FY17 15 Web Security 16 Cross Domain Solution 17 Security 18 Software Assurance 19 RAS 20 Patch Mgmt 21 BIOS 22 IdAM 23 Event Mgmt 24 Info Mgmt 25 PKE 26 Wireless Comms 27 WEAC 28 Data in Transit 29 Data at Rest 30 Key Mgmt Exchange 31 DNS 32 Cloud Security 33 Unified Capability Disrupting the Adversary s Cyber Kill Chain 5

6 Compile to Combat- 24 hours End-to-End Micro Services Architecture End-to-end architecture with micro web services - transforming our enterprise information environment Compressed XML Compressed XML USS UNDERWAY Teleport Site Presentation NOC Commercial Cloud w/xml Compression 4 PILLARS Use of Commercial Cloud Automated testing of Web Services to include RMF Application Data Most transactions happen on the ship, only data exchanged ship/shore Shared Infrastructure Data Standardization Sensors UV/AVs Link data Etc. Objectives: From development through automated fielding They will be our FEDEX and will package up delivery of content for afloat (compressed XML), only those data ordered up by the ship Big data analytics From Compile to delivery on ship 24 hours all automated Functional testing against Open standards compliant web Services development guidance and XML data standardization Automated RMF testing, to include intel assessment of risk, inherit shared infrastructure accreditation Use CANES Already accredited Uses standard / approved Ports and Protocols Drop code not boxes Reduce attack surface XML Open Standard Data exml compression Why it matters: Leverage commercial technology Improved security Data compression Data analytics Commercial Cloud afloat $ savings Reduce cost/time to field capability Eliminate cybersecurity risks of legacy apps Drop code not infrastructure Improve speed for fielding capability and cybersecurity solutions Operate with 80% of needed info in denied space environment Exploring afloat commercial infrastructure as a service Standardized data = date reuse by many, improved QOS, efficient use of bandwidth, can apply AI all lead to improved decision making, improve cross domain use etc.

7 Automation, automation, automation Dependent on People Processes Technology Crucial to balance automated response against man-in-the-loop monitoring, especially for complex systems-of-systems Real-time, machine driven solutions. Automated through machine learning: Mapping, continuous monitoring, sensing and warning, reporting, alerting etc. Configuration baselines RMF in the C2C24 model DEVOPS, system development & vulnerability assessment Control system code assurance Artificial Intelligence and Big Data Analytics 7

8 IA Standards Roadmap Develop control systems with security controls (from NIST Rev 2) baked in adherence to open standards Help us answer: What are the leading approaches to securing and sensing control systems? How should we decide what data or systems to protect first and what we re willing to spend? How do you measure cybersecurity risk and establish a threshold of acceptance vs. mitigation for resiliency? What are the best ways to minimize your attack surface and to detecting anomalous activity? What are the best ways to create and maneuver an agile network of systems to frustrate would-be attackers? How do you approach the development and retention of a cyber smart workforce? (other than compensation) How to C2 of our information in the commercial cloud shared responsibility Cyber resilience relies on a partnership between government & industry 8

9 IA Standards Roadmap Covered defense information (CDI) = unclassified information that: Requires safeguarding Provided to a DoD contractor or used by DoD contractor in support of a contract DFARS Clause requires DoD contractors to: Safeguard CDI Report cyber incidents to DoD Submit malicious software from a cyber incident to DoD Preserve images and data from a cyber incident for 90 days Minimum cybersecurity standards for safeguarding CDI described in NIST areas (access control, incident response, identification, authentication, etc.) Full compliance required no later than 31 Dec DoD contractors are responsible for safeguarding Navy information 9