Unclassified Navy Cyber Resilience 20160614 Mr. Troy Johnson
From cybersecurity to cyber resilience 2
Disconnected response through stove-piped assessments & initiatives across the enterprise: Operation ROLLING TIDE (ORT) N81 Cyber Defense Studies Cyber Platform Risk Assessment Unified response through Task Force Cyber Awakening: NOT N2/N6-centric cyber platform spans the entire Navy Use existing mechanisms where possible Cybersecurity must be a resourcing and organizing principle Accountability and rigor are key POM-17 Cyber Resiliency BAM inclusive of full DOTMLPF Cybersecurity is as important as the next missile or platform 3
Identify and protect Ashore assets in the following priority order: Critical assets OPNAV priority buildings Utility Systems (UCS) which support OPNAV priority facilities Smart grid facilities Other Building Systems (BCS) and UCS Conduct cyber warfare workforce development Develop plan for aviation enclave Execute coordinated projects / partnerships Complete cyber risk assessments CYBERSAFE / incident response Develop facilities and tools to support programs Assess systems through RMF / CYBERSAFE Conduct training Continue platform installs / implement standards CONOPS development / operating / casualty procedures Develop cyber certification requirements Develop CYBERSAFE procedures and operating conditions NETCON TTPs Sharkcage, Cyber Mission Forces deployers Resilient C2 CONOPS Exercise EHF / Link 16 Train with Fleet Cyber Command Improve system baseline and inspection requirements Develop architecture and standards Develop cyber situational awareness capability Reduce attack surface and improve compliance Support incident response and recovery Complete vulnerability assessments / cyber upgrades Develop CYBERSAFE TTPs Back fit CYBERSAFE to earlier configurations Provide post-incident training / continue Technical Insertion (TI) cyber upgrades Assess systems using RMF, CYBERSAFE Conduct recurring assessment of assets Establish baseline for Platform IT Introduce situational awareness, incident response capabilities 4
Architecture Framework Initial consensus on Architecture Framework Synchronizes cybersecurity architectural strategies, standards and plans Requirements Developed collection of draft Key Systems Attributes (KSA) and other systems attributes Developing OPNAV Instruction (w/ KSAs) will be part of SECNAV Acquisition Manual Strategy Outlined cybersecurity strategy w/ focus on top-level strategic goals Develop operational concepts, cyber resiliency, workforce, organize for optimal effectiveness Investments Risk Posture Developing dashboard with FCC, IFOR, SYSCOMs Organized by views Operating Forces, Echelon II Developing measures for Navy Cyber Resilience Communications Navy cybersecurity communications campaign in coordination with stakeholders Released NAVADMIN, articles on navy.mil and Navy s Facebook page, videos, infographics Standards IT/IA Technical Authority Board (TAB) has 20 of 48 standards signed, or being reviewed 2 CYBERSAFE standards signed 4 of 16 FY16 standards being reviewed CYBERSAFE Developed CYBERSAFE Certification Guidance & Test Plan IT/IA TAB developed CYBERSAFE Selection Criteria & Requirements SYSCOMs developed Strategic Roadmap for their programs Training Working Group to synchronize training NETC User Working Group Leader SYSCOMs Enhanced User Collaboratively executing across Navy functions 5
C A N E S Defense-in-Depth Protection Levels Cyber Situation Awareness Level 0 DISN Ship-to-Ship Comms Level 1 Level 2 External Comms C2ISR / IO C4I NOC SCI C4I Pier side Comms IA and Agile Core Services External Interfaces SCI Level 3 UNCLASS SEC REL GENSER s Critical Functions Enclave Boundary Protection Incident Isolation Recovery Operations Agile Technology Insertion L16 CEC Radar / EW Level 4 Combat CS Navigation NAV HM&E MC Aviation Aviation Leverage common engineering across multiple ship classes CG Amphibs DDG CVN LCS SSBN 6
Cyber Resiliency Investment Reprioritized and Reprogrammed PB15 Enterprise and C4I enclave hardening actions to provide fortification for the tactical edge. PB16 USNO, NCSA, Aviation Systems, s (CP) for HM&E, Navigation, and Combat Systems PB17 CP Wholeness, CYBERSAFE Ashore, Cyber Hygiene ORT Wholeness, Sharkcage, Nuclear C3 POM-18 NCSA/Sharkcage, Enterprise Workforce, Building Systems Further Consideration Next POM / Execution Year: JRSS Navy Integration Surface Sustainment Aviation s ORT & Enterprise Workforce Wholeness Specifications and Standards Generation USS Secure 7
IA Standards Roadmap What are the leading approaches to securing and sensing Systems? How should we decide what data or systems to protect first and what we re willing to spend? How did you measure cybersecurity risk and establish a threshold of acceptance vs. mitigation? What are the best ways to minimize your attack surface? What are the best solutions for detecting anomalous activity? What are the best ways to create and maneuver an agile network of systems to frustrate would-be attackers? How do you approach the development and retention of a Cyber Smart workforce? (other than compensation) Achieving Cyber Resilience Will Be A Balance Between Government & Industry 8
Moving beyond protection to operationalize (detect, react, restore) Cyber resilience is guiding investments, actions Navy-wide risk will be measured using the cyber resilience framework Cyber resilience is the Navy s strategy for winning in the contested cyber environment 9