The Challenge of Cyberspace Defense and CSSP Services

Similar documents
DISA Cybersecurity Service Provider (CSSP)

Defense Information Systems Agency

Providing Cybersecurity Inventory, Compliance Tracking, and C2 in a Heterogeneous Tool Environment

About the DISA Cloud Playbook

Forecast to Industry 2016

Migrating Applications to the Cloud

Cybersecurity Capabilities Overview

Secure Cloud Computing Architecture (SCCA)

Multiprotocol Label Switching MPLS 101 Global Packet Transport Rollout

Privileged User Access and Management

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Innovations in Identity & Access Management (IdAM)

DISA CLOUD CLOUD SYMPOSIUM

Cyber Security Summit 2014 USCENTCOM Cybersecurity Cooperation

Rocky Mountain Cyberspace Symposium 2018 DoD Cyber Resiliency

Enterprise Services & Unified Capabilities Development & Delivery

Enterprise Voice Services Unclassified and Classified Voice Services

White Paper. View cyber and mission-critical data in one dashboard

Evolving the Security Strategy for Growth. Eric Schlesinger Global Director and CISO Polaris Alpha

Developing a Sensing Strategy

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

AFCEA BELVOIR. Industry Day. Joint Service Provider Overview. Victor O. Shirley Chief of Staff Joint Service Provider April 4, 2018

U.S. FLEET CYBER COMMAND U.S. TENTH FLEET Managing Cybersecurity Risk

Fidelis Overview. 15 August 2016 ISC2 Cyber Defense Forum

Mission Defense via Information-Centric Security

Secure Cloud Computing Architecture (SCCA)

Why you should adopt the NIST Cybersecurity Framework

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

Department of Defense Fiscal Year (FY) 2014 IT President's Budget Request Defense Media Activity Overview

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

SIEM Solutions from McAfee

Cyber Security Technologies

U.S. Army Cyber Center of Excellence and Fort Gordon

Noam Ikar R&DVP. Complex Event Processing and Situational Awareness in the Digital Age

Security

The Perfect Storm Cyber RDT&E

Supply Chain Integrity and Security Assurance for ICT. Mats Nilsson

Welcome to the DISA Cloud Symposium

Eirene Sceptre Cyber Defense Services

Protecting organisations from the ever evolving Cyber Threat

UNCLASSIFIED UNCLASSIFIED

Securing Privileged Access Securing High Value Assets Datacenter Security Information Protection Information Worker and Device Protection

End-to-End Trust, Segmentation and Segregation in the IIoT

Defense Security Service. Strategic Plan Addendum, April Our Agency, Our Mission, Our Responsibility

Advanced Technology Academic Research Council Federal CISO Summit. Ms. Thérèse Firmin

New Zealand Government IBM Infrastructure as a Service

DISN Evolution. TDM Elimination. Mr. Jessie L. Showers, JR., SES Infrastructure Executive (IE) 15 June 2017 UNITED IN SERVICE TO OUR NATION

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

DEFENSE LOGISTICS AGENCY

DEFENSE LOGISTICS AGENCY AMERICA S COMBAT LOGISTICS SUPPORT AGENCY. Cyber Security. Safeguarding Covered Defense Information.

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

RSA Advanced Security Operations Richard Nichols, Director EMEA. Copyright 2015 EMC Corporation. All rights reserved. 1

Using Threat Analytics to Protect Privileged Access and Prevent Breaches

CYBER ASSISTANCE TEAM OVERVIEW BRIEFING

Managed Security Services - Endpoint Managed Security on Cloud

INFORMATION ASSURANCE DIRECTORATE

Cybersecurity-Related Information Sharing Guidelines Draft Document Request For Comment

Angela McKay Director, Government Security Policy and Strategy Microsoft

The Interim Report on the Revision of the Guidelines for U.S.-Japan Defense Cooperation

to protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large

PALANTIR CYBERMESH INTRODUCTION

5 Steps to Government IT Modernization

Best-in-Class Cybersecurity Program

Security Operations 2018: What is Working? What is Not.

Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS

Cloud Overview. Mr. John Hale Chief, DISA Cloud Portfolio February, 2018 UNITED IN SERVICE TO OUR NATION UNCLASSIFIED 1

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

EXPERT SERVICES FOR IoT CYBERSECURITY AND RISK MANAGEMENT. An Insight Cyber White Paper. Copyright Insight Cyber All rights reserved.

Leading the Digital Transformation from the Centre of Government

SHARKSEER Zero Day Net Defense. Ronald Nielson Technical Director

RFP/RFI Questions for Managed Security Services. Sample MSSP RFP Template

Cyber, Command, Control, Communications, and Computers Assessments Division (C5AD)

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

Proposed Capability-Based Reference Architecture for Real-Time Network Defense

AZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES. To Secure Azure and Hybrid Cloud Environments

FOR FINANCIAL SERVICES ORGANIZATIONS

Symantec Security Monitoring Services

Information Warfare Industry Day

Power of the Threat Detection Trinity

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

MITIGATE CYBER ATTACK RISK

Enterprise Network Modernization. Getting to JRSS. Joint Regional Security Stacks

Security by Default: Enabling Transformation Through Cyber Resilience

Federal Continuous Monitoring Working Group. March 21, DOJ Cybersecurity Conference 2/8/2011

Joint Information Environment

Workshop on Cyber Security & Cyber Crime Policies. Policies for African Diplomats

IMPACT Global Response Centre. Technical Note GLOBAL RESPONSE CENTRE

Privacy Impact Assessment for the National Cyber Security Division Joint Cybersecurity Services Pilot (JCSP) DHS/NPPD-021.

Fidelis Overview. ISC 2 DoD and Industry Forum. Rapid Detection and Automated Incident Response DoD & Commercial Active Defense Use Cases

Transforming IT: From Silos To Services

Cyber Attacks & Breaches It s not if, it s When

Service Management. What an Acquisition Practitioner Needs to Know. Karen Gomez Defense Information Systems Agency Mission Support Division

ARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin

ATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS

ISAO SO Product Outline

NEXT GENERATION SECURITY OPERATIONS CENTER

with Advanced Protection

Presentation to the ITU on the Q-CERT Incident Management Team. Ian M Dowdeswell Incident Manager, Q-CERT

EMPOWER PEOPLE IMPROVE LIVES INSPIRE SUCCESS

Transcription:

FOR OFFICIAL USE ONLY The Challenge of Cyberspace Defense and CSSP Services COL Dee Straub Chief, DISA Defensive Cyber Operations Mr. Paul Barbera Chief, DCO Plans & Requirements Mr. Rob Mawhinney Chief, DCO Current Operations Mr. Darrell Fountain Chief, DISA Cyber Security Service Provider 1

Disclaimer The information provided in this briefing is for general information purposes only. It does not constitute a commitment on behalf of the United States Government to provide any of the capabilities, systems or equipment presented and in no way obligates the United States Government to enter into any future agreements with regard to the same. The information presented may not be disseminated without the express consent of the United States Government. 2

Defensive Cyber Operations Across DISA GLOBAL & REGIONAL DCO & CSSP (DGOC/DNCs) DEFENSIVE CYBER OPS DIVISION (HQS) Current Operations Maintain SA for all defensive cyber operations Direct and Prioritize DCO Provide C2 for proactive cyber defense Determine/De-conflict Counter Measures Enterprise Cyber Threat Analysis Mission Partners DISA Internal Partners DISA External Partners PARTNERSHIPS + INNOVATIONS = SOLUTIONS Monitor Persistent Presence Observe Suspicious Activity/ Sensor Data CSSP Execution Investigate Incident(s) Confirm Malicious Activity Report Incidents Cyber Threat Analysis Plans, Strategy, Transformation DCO Strategy & Transformation DCO Requirements DCO-IDM Strategic/Deliberate/ Future Planning CSSP CSSP Program Management Service Development Customer Engagement CSSP Compliance / Inspections Feedback UNITED IN IN SERVICE TO OUR NATION Solutions 3

The Challenges Data Big Data lakes are a drop in the ocean Escalating storage requirements will make PCAP storage cost prohibitive Break & Inspect increases volume of metadata and alerts Strategy: Advanced analytics Software Defined Environment Artificial Intelligence Speed of Cyber Everyone loves fast internet, until they have to analyze it Alert Queuing & prioritization not enough time to fully analyze all alerts By 2021, global fixed broadband speeds will reach 53 Mbps, up from 27.5 Mbps in 2016 Strategy: Machine Learning Auto Mitigation 4

The Challenges (continued) Continued Trend toward Mobility 2018 World Population est. 7.6 billion # of Cellphone Users: 4.9 billion, # of Smartphone Users: 2.5 billion DoD microcosm: mobile device use doubled over last year Strategy: Industry partnerships for innovative and integrated perimeter, mid-tier and end-point solutions The Cloud Cloud defense is in a storming phase Strategy: Integrate Secure Cloud Computing Architecture into DCO environment to provide seamless cyber defense solution 5

Changes to DOD Policy 2001 2016 Current Policy: DoDI 8530.01, Cybersecurity Activities Support to DoD Information Network Operations 6

DISA CSSP Global Support DISA PACIFIC Regional CSSP CCMD Support Operations NORTHCOM CCMD Support Operations GLOBAL Regional CSSP DoDIN Boundary Defense COLS-NA Enterprise Services EEMSG MNIS Data Center Services DISA HQ/ DCC Inter Agency Liaison Fusion Coordination Program Management DISA EUR/AFRICOM Regional CSSP CCMD Support Operations CENTCOM CCMD Support Operations 130+ Global Analysts 427 Sensors 126 CSSP Subscribers 7

CSSP for Cloud: A Two-Phased Approach Availability: Now Description: Minimal CSSP services that can be provided to Commercial Cloud customers immediately. Provides limited monitoring capability utilizing existing sensors in the Cloud Access Point, Incident Reporting services, and technical support for implementing security in Cloud environments. Applicability: Information Impact Level 2/4/5; IaaS/PaaS/SaaS Benefit: PHASE 1 Initial Cloud CSSP Offering Allow CSSP customers to proceed with Cloud migration projects Transitional Period of Cloud CSSP Instantiation Ongoing Development: Description: Integration and Investigation of key and essential data feeds from Cloud customer environments. Seeking to provide a more robust monitoring and analytic capability in pursuit of additional risk reduction capabilities in the Cloud environment. Applicability: Information Impact Level 2/4/5; IaaS Benefit: Development of more robust Cyber Security services to the evolving environment of the Commercial Cloud CSSP customer Availability: PHASE 2 SCCA CSSP Offering Based on Secure Cloud Computing Architecture (SCCA) schedule Description: Perform sensing and correlation via centralized, common, DISA-managed enterprise Virtual Data Center Security Stack (VDSS) and Virtual Data Center Management Services (VDMs) Applicability: Information Impact Level 2/4/5; IaaS Benefit: Improve effectiveness and efficiency of incident detection and response through utilization of common sensor(s) for multiple Commercial Cloud CSSP customers 8

What We Need From Industry Tell us what you re doing Partnerships Key to our success! Innovation, More Innovation, and Even More Innovation! 9

10

DEFENSE INFORMATION SYSTEMS AGENCY The IT Combat Support Agency www.disa.mil /USDISA @USDISA

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback