Cybersecurity Training in OT&E for DOT&E Action Officers



Similar documents
OFFICE OF THE SECRETARY OF DEFENSE 1700 DEFENSE PENTAGON WASHINGTON, DC

1 July 2015 Version 1.0

Cybersecurity. Cybersecurity 331

CYBERSECURITY CHALLENGES FOR DOD ACQUISITION PROGRAMS. Steve Mills Professor of Information Technology

Cybersecurity Throughout DoD Acquisition

ENTERPRISE COMPUTING ENVIRONMENT. Creating connections THROUGH SERVICE & WORKFORCE EXCELLENCE

OFFICE OF THE SECRETARY OF DEFENSE 1700 DEFENSE PENTAGON WASHINGTON, DC

UNCLASSIFIED. UNCLASSIFIED Office of Secretary Of Defense Page 1 of 8 R-1 Line #50

STATEMENT BY DAVID DEVRIES PRINCIPAL DEPUTY DEPARTMENT OF DEFENSE CHIEF INFORMATION OFFICER BEFORE THE

Cybersecurity Kill Chain. William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015

DoD Strategy for Defending Networks, Systems, and Data

Developing a Mature Security Operations Center

National Cybersecurity Assessment and Technical Services

Cybersecurity: Mission integration to protect your assets

Advanced Threat Protection with Dell SecureWorks Security Services

Interim DoDI The Cliff Notes Version --

Cybersecurity in Test & Evaluation. James S. Wells Deputy Director, Cyberspace & HSE Programs Office of Test & Evaluation

Guidelines for Cybersecurity DT&E v1.0

Cybersecurity is one of the most important challenges for our military today. Cyberspace. Cybersecurity. Defending the New Battlefield

Defense Security Service

National Cybersecurity Assessment and Technical Services: Capability Brief. Presented by: Sean McAfee Updated: May 5, 2014

NAVFAC EXWC Platform Information Technology (PIT) Cyber Security Initiatives

CYBERSECURITY CHALLENGES FOR DOD ACQUISITION PROGRAMS. Steve Mills DAU-South

Ray A. Letteer, CISSP, NSA-IAM, ITIL Director, IA Division; USMC SIAO; MCEN DAA Headquarters, US Marine Corps, C4IA

Bellevue University Cybersecurity Programs & Courses

Appendix A: Gap Analysis Spreadsheet. Competency and Skill List. Critical Thinking

CPNI VIEWPOINT CYBER SECURITY ASSESSMENTS OF INDUSTRIAL CONTROL SYSTEMS

Chairman Johnson, Ranking Member Carper, and Members of the committee:

The Path Ahead for Security Leaders

How to use the National Cybersecurity Workforce Framework. Your Implementation Guide

How To Build A Cybersecurity Company

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems

DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, D.C

STATEMENT OF MR. THOMAS ATKIN ACTING ASSISTANT SECRETARY OF DEFENSE FOR HOMELAND DEFENSE AND GLOBAL SECURITY OFFICE OF THE SECRETARY OF DEFENSE;

2015 Michigan NASCIO Award Nomination. Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy

National Initiative for Cyber Security Education

ESKISP Direct security testing

WHITE PAPER. Attack the Attacker HOW A MANAGED SECURITY SERVICE IMPROVES EFFICIENCY AND SAVES COST

State Agency Cyber Security Survey v October State Agency Cybersecurity Survey v 3.4

Joint Information Environment Single Security Architecture (JIE SSA)

CyberNEXS Global Services

Defending against modern threats Kruger National Park ICCWS 2015

A Guide to the Cyber Essentials Scheme

Logical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110

Middle Class Economics: Cybersecurity Updated August 7, 2015

Secure by design: taking a strategic approach to cybersecurity

Operationally Focused CYBER Training Framework

Predictive Cyber Defense A Strategic Thought Paper

FY 2014 Annual Report

The DoD CIO Charter:

Cyber Learning Solutions

Defensible Strategy To. Cyber Incident Response

Network Management and Defense Telos offers a full range of managed services for:

OFFICE OF THE SECRETARY OF DEFENSE 1700 DEFENSE PENTAGON WASHINGTON, DC

CyberSecurity Solutions. Delivering

Cybersecurity Enhancement Account. FY 2017 President s Budget

Defending Against Data Beaches: Internal Controls for Cybersecurity

SECURE POWER SYSTEMS PROFESSIONALS (SPSP) PROJECT PHASE 3, FINAL REPORT: RECRUITING, SELECTING, AND DEVELOPING SECURE POWER SYSTEMS PROFESSIONALS

Cybersecurity on a Global Scale

ESKISP Conduct security testing, under supervision

Lessons from Defending Cyberspace

Introduction to Cybersecurity Overview. October 2014

Department of Homeland Security

Security Control Standard

Information Technology

US-CERT Year in Review. United States Computer Emergency Readiness Team

National Initiative for Cybersecurity Education

Table of Contents CYBER SECURITY STRATEGIC PLAN VERSION 1.0

Cyber Community Highlights

Cloud Computing Technologies Achieving Greater Trustworthiness and Resilience

Data- centric Security: A New Information Security Perimeter Date: March 2015 Author: Jon Oltsik, Senior Principal Analyst

Cyber R &D Research Roundtable

Managing the Unpredictable Human Element of Cybersecurity

Statement of Danny Harris, Ph.D. Chief Information Officer U.S. Department of Education

UNCLASSIFIED. UNCLASSIFIED Office of Secretary Of Defense Page 1 of 9 R-1 Line #139

How To Protect Your Data From Being Hacked

Network Mission Assurance

Navy Information Dominance Industry Day

Cyber Security Risk Management: A New and Holistic Approach

STATE OF MARYLAND 2017 INFORMATION TECHNOLOGY MASTER PLAN (ITMP) Department of Information Technology David Garcia; State CIO

APPENDIX J INFORMATION TECHNOLOGY MANAGEMENT GOALS

DEFENSE INFORMATION SYSTEMS AGENCY STRATEGIC PLAN UNITED IN SERVICE TO OUR NATION

ESKISP Manage security testing

U.S. Department of Energy Office of Inspector General Office of Audits and Inspections

Transcription:

Cybersecurity Training in OT&E for DOT&E Action Officers Dr. Catherine Warner Science Advisor to the Director, Operational Test and Evaluation (DOT&E) 6/12/2015-1

DOT&E Guidance Dr. Gilmore s August 1, 2014 Memo to OTAs Identifies the cyber threat as a real and present danger for modern warfare systems Requires that any oversight system capable of sending or receiving digital information undergo cybersecurity testing as part of OT&E Defines adequate cybersecurity testing as testing that: Identifies all significant vulnerabilities in the operational environment Captures their effect on mission accomplishment Prescribes a two-phased approach to cybersecurity OT&E: Cooperative Vulnerability and Penetration Assessment Threat-representative Adversarial Assessment 6/12/2015-2

Reviewing TEMPs and Test Plans DOT&E guidance highlights expected contents for TEMPs and Test Plans All cyber OT&E events should have a DOT&E-approved plan DOT&E AO should coordinate with Cyber OT&E POC (Dave Aland) At IDA, Cyber OT&E group will review all incoming TEMPs and Test Plans Send documents for review early while changes can still be made! 6/12/2015-3

Elements of Cyber OT&E Planning Almost every modern weapons system sends or receives digital information, and therefore needs cyber testing in OT&E Taken from MQ-1/9 Architecture Analysis (Every program should have a diagram like this one to help define the scope of testing) Air-gapped systems are still vulnerable and must be tested 6/12/2015-4

Data Collection 1 August 2014 memo defines minimum set of data to be collected for both Cooperative Vulnerability and Penetration Assessment (CVPA) and Adversarial Phases Emphasis needs to be on detection, reaction, and response Not just identifying vulnerabilities Goal is to understand how well the system can perform in the presence of a cyber adversary 6/12/2015-5

Reporting DOT&E uses the results of cybersecurity testing when determining operational effectiveness, suitability, and survivability Results can be caveated E.g. survivable in the presence of an outsider cyber threat but not survivable in the presence of a nearsider or insider cyber threat DOT&E reports should incorporate: Vulnerability results from CVPA Vulnerabilities discovered during adversarial testing Detection, reaction, and response performance of cyber defenders Mission effects through cyber» Through direct demonstration in OT&E, or» Inferred from SME expertise when necessary due to safety or other risks 6/12/2015-6

Cyber OT&E Challenges The list of NSA-certified cyber threat teams (Red Team) is small compared to the number of events they need to cover 177 th and 57 th Information Aggressor Squadrons Threat Systems Management Office 1 st Information Operations Command Naval Information Operations Command / Commander, Operational Test and Evaluation Force DISA Red Team In FY14, there were 21 oversight OT&E cyber events and 16 exercise assessments this is only what s under DOT&E oversight! All of the teams receive Service-level tasking as well Many programs perceive a lack of clear requirements DepSecDef directed examining the feasibility of a Cyber KPP JROC is examining incorporating Cyber into a Survivability KPP DOT&E has been working with JROC, but also exploring alternatives including a standalone Cyber KPP 6/12/2015-7

DOT&E Exercise Assessment Program Separately from the OT&E oversight role, DOT&E also administers the Congressionally-mandated CCMD cybersecurity exercise assessment program Assesses cybersecurity posture of CCMDs in the context of pre-existing training exercises Training audience learns to fight through a hostile cyber environment Although most of today will focus on OT&E, two briefings this afternoon will introduce the assessment program Focus will be on sophisticated analysis of attack threads and defender responses Demonstrates why operational cybersecurity testing is vital prior to fielding 6/12/2015-8

Today s Schedule DOT&E Procedures Case Study #1 Q-53 Common Myths and Refutations Cyber OT&E Overarching Case Study #2 LCS Best Practices FY14 Exercise Overarching Valiant Shield 2014 6/12/2015-9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information