An Overview of Large US Military Cybersecurity Organizations

Transcription

1 An Overview of Large US Military Cybersecurity Organizations Colonel Bruce D. Caulkins, Ph.D. Chief, Cyber Strategy, Plans, Policy, and Exercises Division United States Pacific Command

2 2 Agenda United States Cyber Strategy US Federal Cybersecurity Operations Team DOD Cyber Strategy JP 3-12 (R) Example: DODIN Operations Cyber Framework Conclusions

3 United States Cyber Strategy U.S. International Strategy for Cyberspace: combine Diplomacy, Defense & Development to enhance prosperity, security & openness Dissuading and Deterring Strengthening Partnerships Building Prosperity and Security Our strategic approach is always grounded by our unshakable commitments to fundamental freedoms of expression, privacy, and the free flow of information U.S. Joint Cyberspace Doctrine is Emerging and Evolving 3 UNCLASSIFIED

4 AGREED March 5, 2013 Global Cyberspace US Government Departments and Agencies UNCLASSIFIED U.S. Federal Cybersecurity Operations Team DOJ/FBI Investigate, attribute, disrupt and prosecute cyber crimes Lead domestic national security operations Conduct domestic collection, analysis, and dissemination of cyber threat intelligence Support the national protection, prevention, mitigation of, and recovery from cyber incidents Coordinate cyber threat investigations National Roles and Responsibilities * DOJ/FBI LEAD FOR Investigation and Enforcement FBI, NSD, CRM, USAO DHS Coordinate the national protection, prevention, mitigation of, and recovery from cyber incidents Disseminate domestic cyber threat and vulnerability analysis Protect critical infrastructure Secure federal civilian systems Investigate cyber crimes under DHS s jurisdiction DHS LEAD FOR Protection NPPD, USSS, ICE DoD Defend the nation from attack Gather foreign cyber threat intelligence and determine attribution Secure national security and military systems Support the national protection, prevention, mitigation of, and recovery from cyber incidents Investigate cyber crimes under military jurisdiction DoD LEAD FOR National Defense USCYBERCOM, NSA, DISA, DC3 Coordinate with Public, Private, and International * Note: Nothing in this chart alters existing DOJ, DHS, and DoD roles, responsibilities, or authorities Partners UNCLASSIFIED

5 Department of Defense Cyber Strategy (2015) Build and maintain ready forces and capabilities to conduct cyberspace operations; Defend the DoD information network, secure DoD data, and mitigate risks to DoD missions; Be prepared to defend the U.S. homeland and U.S. vital interests from disruptive or destructive cyberattacks of significant consequence; Build and maintain viable cyber options and plan to use those options to control conflict escalation and to shape the conflict environment at all stages; Build and maintain robust international alliances and partnerships to deter shared threats and increase international security and stability.

6 JP 3-12 (R) Example: DODIN Operations DOD Information Network operations are actions taken: To design, build, configure, secure, operate, maintain, and sustain DOD communications systems and networks in a way that creates and preserves data availability, integrity, confidentiality, as well as user/entity authentication and non-repudiation

7 USPACOM Cyberspace Security Capabilities Framework Provides foundation for assisting cyberspace maturity of allied and partner nations Facilitates collective cyber defense in the Pacific region Offers stable, flexible catalog of security controls to meet information protection needs Incorporates internationally-recognized best practices based on National Institute of Standards and Technology (NIST) and International Organization for Standardization (ISO) security controls Aligns with operational structure of defense establishments using the DOTMLPF-P construct to categorize security controls 7

8 Methodology Examples Self-Assessment DOTMLPF-P

9 Maturity Level Maturity Level Scoring Mapped to DOTMLPF-P Country X Cybersecurity Maturity Level (DOTMLPF-P) Sample Assessment: Maturity Level by DOTMLPF-P Group After scoring maturity levels within 17 security control categories, we can evaluate the organization s cyberspace security maturity based on DOTMLPF-P

10 DOTMLPF-P Example Doctrine Organizations Training Materiel Leadership & Education Personnel Facilities Policy Are there organization(s) with the mission and appropriate authorities to implement and monitor the execution of cyberspace defensive measures? (Cyber Workforce Requirements)

11 DOTMLPF-P Example Doctrine Organizations Training Materiel Leadership & Education Personnel Facilities Policy Does the defense establishment conduct recurring (annual) training for all network users on basic network security principles and awareness?

12 DOD 8570

13 DOTMLPF-P Example Doctrine Organizations Training Materiel Leadership & Education Personnel Facilities Policy Does the defense establishment have leader education modules stressing the importance of security in cyberspace?

14 DOTMLPF-P Example Doctrine Organizations Training Materiel Leadership & Education Personnel Facilities Policy Does the organization promote cyber awareness and cooperation at the national level about the need for national action, international cooperation, and a whole-of-government approach to cyber?

15 Conclusions Robust cyber strategy from US Government and DOD Key components for any organization Cyber framework construct will enable U.S. and allies and partners in the USPACOM area to bolster our collective cyberspace defenses Ultimately, we need to continue to promote international norms and standards in cyberspace security concepts while promoting a whole-of-government approach

16 Questions?