An Overview of Large US Military Cybersecurity Organizations
-
Upload
truongdang -
Category
Documents
-
view
215 -
download
1
Transcript of An Overview of Large US Military Cybersecurity Organizations
An Overview of Large US Military
Cybersecurity Organizations
Colonel Bruce D. Caulkins, Ph.D.
Chief, Cyber Strategy, Plans, Policy, and Exercises Division
United States Pacific Command
Agenda
2
• United States Cyber Strategy
• US Federal Cybersecurity Operations Team
• DOD Cyber Strategy
• JP 3-12 (R) Example: DODIN Operations
• Cyber Framework
• Conclusions
United States Cyber Strategy
UNCLASSIFIED
U.S. International Strategy for Cyberspace:
“…combine Diplomacy, Defense & Development to enhance
prosperity, security & openness…”
• Dissuading and Deterring
• Strengthening Partnerships
• Building Prosperity and Security
Our strategic approach is always grounded by our unshakable
commitments to fundamental freedoms of expression, privacy,
and the free flow of information
3U.S. Joint Cyberspace Doctrine is Emerging and Evolving
Glo
bal
Cyb
ersp
ace
US
Go
vern
men
t Dep
artm
ents
an
d A
gen
cies
UNCLASSIFIED
U.S. Federal Cybersecurity Operations Team National Roles and Responsibilities
• Investigate, attribute, disrupt and
prosecute cyber crimes
• Lead domestic national security
operations
• Conduct domestic collection,
analysis, and dissemination of
cyber threat intelligence
• Support the national protection,
prevention, mitigation of, and
recovery from cyber incidents
• Coordinate cyber threat
investigations
• Defend the nation from attack
• Gather foreign cyber threat intelligence
and determine attribution
• Secure national security and military
systems
• Support the national protection,
prevention, mitigation of, and recovery
from cyber incidents
• Investigate cyber crimes under military
jurisdiction
DOJ/FBI DoD DHS• Coordinate the national protection,
prevention, mitigation of, and
recovery from cyber incidents
• Disseminate domestic cyber threat
and vulnerability analysis
• Protect critical infrastructure
• Secure federal civilian systems
• Investigate cyber crimes under
DHS’s jurisdiction
DHSLEAD FOR
Protection
NPPD, USSS,ICE
DOJ/FBILEAD FOR
Investigation and
EnforcementFBI, NSD, CRM,
USAO
USCYBERCOM, NSA,
DISA, DC3
DoDLEAD FOR
National Defense
Coordinate with Public, Private, and International Partners
UNCLASSIFIED
* Note: Nothing in this chart alters existing DOJ, DHS, and DoD roles, responsibilities, or authorities
*AGREED
March 5, 2013
Department of Defense Cyber Strategy (2015)
• Build and maintain ready forces and capabilities to
conduct cyberspace operations;
• Defend the DoD information network, secure DoD data,
and mitigate risks to DoD missions;
• Be prepared to defend the U.S. homeland and U.S.
vital interests from disruptive or destructive
cyberattacks of significant consequence;
• Build and maintain viable cyber options and plan to
use those options to control conflict escalation and to
shape the conflict environment at all stages;
• Build and maintain robust international alliances and
partnerships to deter shared threats and increase
international security and stability.
JP 3-12 (R) Example: DODIN Operations
DOD Information Network operations are actions taken:
• To design, build, configure, secure, operate, maintain, and sustain
DOD communications systems and networks in a way that creates
and preserves data availability, integrity, confidentiality, as well as
user/entity authentication and non-repudiation
7
USPACOM Cyberspace Security Capabilities Framework
• Provides foundation for assisting cyberspace maturity of allied and
partner nations
• Facilitates collective cyber defense in the Pacific region
• Offers stable, flexible catalog of security controls to meet
information protection needs
• Incorporates internationally-recognized best practices based on
National Institute of Standards and Technology (NIST) 800-53 and
International Organization for Standardization (ISO) 27001 security
controls
• Aligns with operational structure of defense establishments using
the DOTMLPF-P construct to categorize security controls
Sample Assessment: Maturity Level by DOTMLPF-P Group
After scoring maturity levels within 17 security control categories, we can evaluate
the organization’s cyberspace security maturity based on DOTMLPF-P
0.0
0.5
1.0
1.5
2.0
2.5
3.0
3.5
4.0
4.5
5.0
Matu
rity
Lev
el
Country X Cybersecurity Maturity Level (DOTMLPF-P)
Maturity Level Scoring Mapped to DOTMLPF-P
DOTMLPF-P Example
• Doctrine
• Organizations
• Training
• Materiel
• Leadership & Education
• Personnel
• Facilities
• Policy
“Are there organization(s) with
the mission and appropriate
authorities to implement and
monitor the execution of
cyberspace defensive
measures?” (Cyber Workforce
Requirements)
DOTMLPF-P Example
• Doctrine
• Organizations
• Training
• Materiel
• Leadership & Education
• Personnel
• Facilities
• Policy “Does the defense
establishment conduct
recurring (annual) training for
all network users on basic
network security principles
and awareness?”
DOTMLPF-P Example
• Doctrine
• Organizations
• Training
• Materiel
• Leadership & Education
• Personnel
• Facilities
• Policy“Does the defense
establishment have leader
education modules stressing
the importance of security in
cyberspace?”
DOTMLPF-P Example
• Doctrine
• Organizations
• Training
• Materiel
• Leadership & Education
• Personnel
• Facilities
• Policy
“Does the organization
promote cyber awareness
and cooperation at the
national level about the need
for national action,
international cooperation, and
a whole-of-government
approach to cyber?”
Conclusions
Robust cyber strategy from US Government and DOD
Key components for any organization
Cyber framework construct will enable U.S. and allies
and partners in the USPACOM area to bolster our
collective cyberspace defenses
Ultimately, we need to continue to promote international
norms and standards in cyberspace security concepts
while promoting a whole-of-government approach