Cyber Situational Awareness - Big Data Solution



Similar documents
Big Data Platform (BDP) and Cyber Situational Awareness Analytic Capabilities (CSAAC)

Infrastructure Development Forecast to Industry

DISA and the Evolving DoD Enterprise

DISA Testing Services for the Enterprise. Luanne Overstreet

How To Improve The Defense Communications System

Joint Information Environment Single Security Architecture (JIE SSA)

DoD Mobility Kim Rice

Mission Partner Concept

A Combat Support Agency

DEFENSE INFORMATION SYSTEMS AGENCY STRATEGIC PLAN UNITED IN SERVICE TO OUR NATION

Forecast to Industry 2015

DISA Acquisition Opportunities

Unified Capabilities (UC)

DoD s Strategic Mobility Vision: Needs & Challenges

US Army Network Security Reference Architecture

Partnering with Small Business

How To Make A Theater Forest More Functional

Mark S. Orndorff Director, Mission Assurance and NetOps

STATEMENT BY DAVID DEVRIES PRINCIPAL DEPUTY DEPARTMENT OF DEFENSE CHIEF INFORMATION OFFICER BEFORE THE

Space Ground Services in the Joint Information Environment (JIE)

A Comprehensive Cyber Compliance Model for Tactical Systems

Cyber Workforce Training

Enterprise Services to the Edge

Operationally Focused CYBER Training Framework

Network Operations (NetOps)

Joint Training Enterprise Architecture

Triangle InfoSeCon. Alternative Approaches for Secure Operations in Cyberspace

The State of DoD Biometrics

U.S. Army - Network Security Enterprise Reference Architecture

An Overview of Large US Military Cybersecurity Organizations

Army Intelligence Industry Day Foundation Layer Technology Focus Areas

1. Has your command deployed an Enterprise Content Management (ECM) application? Yes, but we do not have TRIM deployed in ECM mode.

Department of Defense INSTRUCTION

ENTERPRISE COMPUTING ENVIRONMENT. Creating connections THROUGH SERVICE & WORKFORCE EXCELLENCE

Cybersecurity: The Defense Perspective

Cloud Computing and Enterprise Services

DEFENSE INFORMATION SYSTEMS AGENCY STRATEGIC PLAN VERSION 2

Cloud Security. A Sales Guy Talks About DoD s Cautious Journey to the Public Cloud. Sean Curry Sales Executive, Aquilent

AFCEA Aberdeen Luncheon. Army Common Operating Environment (COE) Update. March 11, 2015

Cloud Computing Strategy

Enterprise IT. Aligning Strong Solutions, Assuring Enterprise Strength

Cloud Computing Strategy

Big data platform for IoT Cloud Analytics. Chen Admati, Advanced Analytics, Intel

Combating Spear-phishing:

Reliable, Repeatable, Measurable, Affordable

IT Service Management in the JIE and the DoD Enterprise Service Management Framework

Advanced Systems & Development

DoD Cloud Computing Strategy Needs Implementation Plan and Detailed Waiver Process

Cyber Superiority. Weapon System Normalization Update. Colonel Aaron Smith HQ AFSPC/A5I Chief, Cyberspace Superiority. AFCEA Luncheon Jan 2015

DoD ESI & The Joint Information Environment (JIE)

United States Department of Defense

Department of Defense DIRECTIVE

UNCLASSIFIED R-1 ITEM NOMENCLATURE. FY 2014 FY 2014 OCO ## Total FY 2015 FY 2016 FY 2017 FY 2018

Department of Defense. Enterprise Information Warehouse/Web (EIW) Using standards to Federate and Integrate Domains at DOD

Mission Partner Environment DISA Multinational Information Sharing

UNCLASSIFIED. Army Data Governance. COL Linda Jantzen CIO/G-6 Acting Dir, Army Architecture Integration Center February 17, 2016 UNCLASSIFIED

UNCLASS FORT GORDON GEORGIA CYBER REQUIREMENTS. MAJ Hurcules Murray TCM- CYBER DCO Chief 1 UNCLASS

Raytheon Oakley Systems

Improvements Needed With Host-Based Intrusion Detection Systems

OFFICE OF THE SECRETARY OF DEFENSE 1700 DEFENSE PENTAGON WASHINGTON, DC

The Road to Cyber Power

DoD Strategy for Defending Networks, Systems, and Data

How To Build A Cloud Based Intelligence System

GAO DEFENSE DEPARTMENT CYBER EFFORTS. More Detailed Guidance Needed to Ensure Military Services Develop Appropriate Cyberspace Capabilities

To the Men and Women of the Coast Guard:

The Comprehensive National Cybersecurity Initiative

Global Video Services (GVS)

What is Unified Capabilities?

Obtaining Enterprise Cybersituational

DoD CIO ITSM Overview Enterprise Architecture Conference

This Conference brought to you by

G2 Industry Day JULY Mr. Stephen Kreider PEO IEW&S. G2 Industry Day 29 July 2015 CLEARED FOR PUBLIC RELEASE

AGENDA. CNDSP Program CNDSP is a Team Sport. Protect Respond CNDSP Contacts Questions

The Department of Defense Strategy for Implementing the Joint Information Environment

Integrated Cyber Operations Business Portfolio

DoD IT Enterprise Strategy and Roadmap Department of Defense (DoD) Information Technology (IT) Enterprise Strategy and Roadmap

Accenture Cyber Security Transformation. October 2015

Systems Engineering and Integration Efforts. 11 Dec 2013

The DoD Information Enterprise Strategic Plan and Roadmap (SP&R)

SUBJECT: Joint Information Environment Implementation Guidance

DoD IT Service Management Initiatives Implications and Opportunities for Industry

Forecast to Industry 2015 External Contracting Opportunities

DEFENSE INFORMATION SYSTEMS AGENCY P. O. BOX 549 FORT MEADE, MARYLAND Joint Interoperability Test Command (JTE) 7 Jan 15

White Paper: Leveraging Web Intelligence to Enhance Cyber Security

Army Cloud Computing Strategy

DEFENSE INFORMATION SYSTEMS AGENCY P. O. BOX 549 FORT MEADE, MARYLAND

Cyber Watch. Written by Peter Buxbaum

STATEMENT OF MR. THOMAS ATKIN ACTING ASSISTANT SECRETARY OF DEFENSE FOR HOMELAND DEFENSE AND GLOBAL SECURITY OFFICE OF THE SECRETARY OF DEFENSE;

FROM THE DOD CIO. Teresa M. Takai, DoD CIO

Cyber Mission Analysis

Space and Naval Warfare Systems Center Atlantic

DoD Joint Information Enterprise

Update On Smart Grid Cyber Security

Transcription:

Cyber Situational Awareness - Big Data Solution Dan Bart & Bob Landreth DISA ID61 17 Jun 2015 1

CSAAC / RDK Overview Cyber Situational Awareness Analytical Capabilities (CSAAC) is a set of NIPRNet and SIPRNet solutions that will provide the ability to collect, analyze, visualize, and share DODIN & Mission Partner information for collaborative DODIN Operations and Defensive Cyberspace Operations. CSAAC enables greater visibility into the enterprise allowing critical decisions to be made based on a richer and broader set of information. The Rapid Deployment Kit (RDK) is the big data solution that supports the data ingest, correlation, and visualization infrastructure. Supporting the operation and defense of the Cyber mission space 2

Functional Components Share Visualize Analyze Mission Planning Continuous Risk Management Network Management Enterprise Service Management ANALYTIC PLATFORM DATA INGEST SERVICE Cyber Defense Near Real and Real Time *Cyber Information Sharing *Intel Collect Information DISN OSS JRSS *Commercial Cloud *Federal CDCs/DECC Gateways DATA SOURCES Enclaves & End Points *Cyber Intel *DIB *Future Integration 3

Supports Multiple Mission Sets to Enhance Decision Support Defensive Cyber Ops Mission Mapping / Continuous Monitoring DODIN Ops / Situational Awareness Audit Management Fight By Indicator (FBI) Roadmap Capability Defense Enterprise Email Monitoring Insider Threat Detection Service Analytics User Base Metrics DISA Command Center, OPS, CONUS, EUR, PAC, EIS, STRATCOM, JSSC, EE, Ent Ops NORTHCOM, SOUTCHCOM DECCs: OKC, MECH, ESD NA CYBERCOM ACOIC, 561 st NOS DOK Joint Staff, NSA, IAD, OSD, NTOC, HQDA/ITA, HQ Air Force NETCOM, ARCYBER, TRANSCOM, Army CIO/G6 USTRANSCOM, AFCYBER USSOUTHCOM, JFHQ DoDIN DES Community 15 ingested data sources 102 deployed widgets 747+ users 4

CSAAC-RDK Operational Overview What is CSAAC RDK? CSAAC RDK is a DISA developed capability for ingesting and storing large data sets, building analytics, and visualizing the results. Allows critical decisions to be made based on a richer and broader set of information. Developed around open source and unclassified components while leveraging community tech transfer from other DoD entities. CSAAC RDK within DISA Production environments deployed on NIPR, SIPR, and a Private Secret enclave. Environments available in JITC lab for mission partner development. CSAAC RDK Key Objectives Aggregate DoD data to operate, assure, and defend the DODIN Support JIE & JRSS initiatives of data collection and analysis Enable collaborative analytic development across the DoD Establish governance aligned with operational requirements CSAAC RDK Mission Partners CSAAC RDK has been embraced by multiple mission partners including USCYBERCOM, NSA, Army, Navy, Air Force, and the Marines. CSAAC RDK allows mission partners to rapidly meet the demands of their mission (e.g. ARL s mission to operate and defend the DREN). 5

Integrated Architecture RDK provides the potential to consolidate CSAAC capabilities. This is only an example. 6

CSAAC-RDK Strategic Linkages Standards Governance Consolidate IT Joint Operations Data Collection Analytics Visualization Info Sharing Information Sharing Architecture Enhance Shared Situational Awareness (ESSA) 7

Path Toward Convergence Present Efforts Developing a unified architecture with common APIs, data schemas, and data standards Unified Architecture Future Efforts Integrate CSAAC-RDK with the Intelligence Community and Navy Tactical Clouds DISA CSAAC - RDK 8

Coast Guard Cyber Vision: Cross domain capabilities Service / National Research Labs NSA & CYBERCOM ARCYBER AFCYBER (24 th AF) AFIT (Center for Cyberspace Research) JWICS/NSAnet Real Time Distributed Architecture SIPR FLTCYBERCOM (10th Flt) Query one, query all NIPR 9

Industry s Role with CSAAC-RDK There are three predominant opportunities for Industry big data participation: 1. Create solutions that can seamlessly integrate into the existing big data infrastructure and augment / enhance currently deployed capabilities 2. Develop solutions that support big data analytics which can be shared amongst all agencies and enhance collaboration 3. Bring your COTS solution: Attributes of a COTS tool to be considered as an enterprise solution should provide capabilities that: Satisfy validated DOD operational requirements Are not redundant with currently deployed capabilities Offer a more cost effective solution which would be too time consuming or expensive to build ourselves on CAAC-RDK Integrate with existing CSAAC-RDK infrastructure 10

Contact/POC Information Information www.disa.mil Website or Program External Link https://east1.deps.mil/disa/cop/mae/netops/csaac/sitepages/home.aspx EMAIL Robert Landreth Program Manager Robert.Landreth2.civ@mail.mil 11

United in Service to Our Nation 12

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information