MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200)...
-
Upload
shania-gayles -
Category
Documents
-
view
217 -
download
4
Transcript of MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200)...
![Page 1: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/1.jpg)
![Page 2: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/2.jpg)
MCIWESTInformation Assurance
Mr. David Robbins
MCIWEST Information Assurance Manager (Bldg 24200)
Camp Pendleton, CA 92055
Comm: (760) 725-2725
DSN: 365-2725
BlkBry: (760) 213-0400
![Page 3: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/3.jpg)
MCIWEST Information Assurance
201(AFCEA…me again?)
![Page 4: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/4.jpg)
MCIWEST Information Assurance
201(AFCEA…me again?)
![Page 5: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/5.jpg)
MCIWEST Information Assurance
201(AFCEA…me again?)
• …regardless of the reason, here I am!!!
![Page 6: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/6.jpg)
MCIWEST Information Assurance
201(…but before we proceed)
• Summary of MCIWEST IA 101 (April 2010)
• Pass IA 101 Certification Exam in order to Proceed to the MCIWEST IA 201 Course!!!
![Page 7: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/7.jpg)
MCIWESTInformation Assurance
MCIWEST Commands +1
![Page 8: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/8.jpg)
MCIWESTInformation Assurance
Command & Organizational Relationships
![Page 9: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/9.jpg)
MCIWESTInformation Assurance 101
IA Mission & Overview
• The Marine Corps Information Assurance (IA) division supports expeditionary maneuver warfare extending from the Operating Forces to the Supporting Establishment. Marine Corps IA ensures end-to-end capability to deliver secure information at the right time, to the right place, and in a useable format, allowing commanders to exercise command and communication, regardless of proximity to their assigned forces.
• The Marine Corps' specific objective for achieving IA is to employ state-of-the-art technology, provide awareness training to all users, and to deploy computer network defense tools across the enterprise. This is achieved by deploying a defense in depth strategy integrating the capabilities of people, sound procedures, and technology to achieve strong, effective, multi-layer and multi-dimensional protection. The goals of the Marine Corps IA division include confidentiality, integrity, availability, authentication, and non-repudiation.
![Page 10: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/10.jpg)
MCIWESTInformation Assurance 101
IA Goals & Pillars
• Confidentiality• Integrity• Availability• Authentication• Non-Repudiation
• Protect Information• Defend Systems & Networks (CND)• Provide SA & IA Command & Cntrl• Transform & Enable IA Capabilities• Create an IA Empowered
Workforce
![Page 11: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/11.jpg)
MCIWESTInformation Assurance
Information Assurance Manager (PD)
• Develop Mission, Functions, & Responsibilities
• Define - Refine Command Relationships
• Identify Issues, Commonalities, & Solutions
• Develop Regional Policies & Doctrine
• Allocate resources to installations
• Set Priorities, Deadlines, & Schedules
• Interface with other Uniformed Services, Federal Agencies, local governments, and commercial service providers in the region, as directed
• Scan Legacy, NMCI, & SIPRNET
• Ensure Scans are sent from each Installation to the REM Server @ CPEN
• Ensure the REM Server forwards Installation scans to MCNOSC
• Ensure Remediation is conducted
• Manage Audit Recods
• Ensure Arcsight feed is monitored
• Verify Backups
• Review POA&M
• Password Cracking
• Ensure scanning is completed and reported
• Conduct Self Assessments
• Manage War Driving
• Report COOP activities
• Ensure Emergency Action Plans are in place and up to date
• Review System Security Program
![Page 12: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/12.jpg)
MCIWESTInformation Assurance
Information Assurance Manager (PD) con’t
• Develop Mission, Functions, & Responsibilities
• Define - Refine Command Relationships
• Identify Issues, Commonalities, & Solutions
• Develop Regional Policies & Doctrine
• Allocate resources to installations
• Set Priorities, Deadlines, & Schedules
• Interface with other Uniformed Services, Federal
• Agencies, local governments, and commercial service providers in the region, as directed
• Scan Legacy, NMCI, & SIPRNET
• Ensure Scans are sent from each Installation to the REM Server @ CPEN
• Ensure the REM Server forwards Installation scans to MCNOSC
• Ensure Remediation is conducted
• Manage Audit Recods
• Ensure Arcsight feed is monitored
• Verify Backups
• Review POA&M
• Password Cracking
• Ensure scanning is completed and reported
• Conduct Self Assessments
• Manage War Driving
• Report COOP activities
• Ensure Emergency Action Plans are in place and up to date
• Review System Security Program
![Page 13: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/13.jpg)
MCIWESTInformation Assurance
Information Assurance Manager (PD) con’t
• Develop Mission, Functions, & Responsibilities
• Define - Refine Command Relationships
• Identify Issues, Commonalities, & Solutions
• Develop Regional Policies & Doctrine
• Allocate resources to installations
• Set Priorities, Deadlines, & Schedules
• Interface with other Uniformed Services, Federal Agencies,
• local governments, and commercial service providers in the region, as directed
• Scan Legacy, NMCI, & SIPRNET
• Ensure Scans are sent from each Installation to the REM Server @ CPEN
• Ensure the REM Server forwards Installation scans to MCNOSC
• Ensure Remediation is conducted
• Manage Audit Recods
• Ensure Arcsight feed is monitored
• Verify Backups
• Review POA&M
• Password Cracking
• Ensure scanning is completed and reported
• Conduct Self Assessments
• Manage War Driving
• Report COOP activities
• Ensure Emergency Action Plans are in place and up to date
• Review System Security Program
• On the 8th Day, catch up on emails (you have fallen behind, AGAIN)!!!
![Page 14: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/14.jpg)
MCIWEST Information Assurance
OKAY!!!
Enough reviewing…..on to the TEST!!!
![Page 15: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/15.jpg)
MCIWEST Information Assurance
101 TEST
• How many installations/bases comprise MCIWEST?
• What is the MCIWEST Higher Headquarters Command?
• What are the 3 Pillars of Information Assurance?
• What is the acronym for Information Assurance?
![Page 16: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/16.jpg)
MCIWEST Information Assurance
101 TEST
• How many installations/bases comprise MCIWEST?• 7 (+1)
• What is the MCIWEST Higher Headquarters Command?• MARFOR Bases Pacific (MARFORPAC)
• What are the 3 Pillars of Information Assurance?• Confidentiality, Integrity, Availability
• What is the acronym for Information Assurance?• IA
• ……..and for the bonus round
![Page 17: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/17.jpg)
MCIWEST Information Assurance
101 TESTThe Bonus Round
• What do IAMs do on the 8th day of the week?
• What is the most widely used phrase in an IAM’s vocabulary?
• What does DIACAP stand for?
![Page 18: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/18.jpg)
MCIWEST Information Assurance
101 TESTThe Bonus Round
• What do IAMs do on the 8th day of the week?• Catch up on emails!!!
• What is the most widely used phrase in an IAM’s vocabulary?
NO! (backup phrase: NO-WAY!)• What does DIACAP stand for?
• Dept of Defense Certification & Accreditation Process
![Page 19: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/19.jpg)
MCIWEST Information Assurance
201AGENDA
• Command Support
• IT Governance
• Access (process & physical security partnership)
• Certification & Accreditation
![Page 20: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/20.jpg)
MCIWEST Information Assurance
201COMMAND SUPPORT of IA PROGRAM
• Structure (T/O, Contractor Support)
• Funding (Training, Equipment, Salaries)
• Policy (IT Governance…5 W’s)
• Procedure (IT Governance…How)
![Page 21: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/21.jpg)
MCIWEST Information Assurance
201IT GOVERNANCE (Policy, Doctrine, & Procedures)• Who Writes, Reviews, Approves
• Resources Required
• Establish & Document Clear Roles & Responsibilities (R&R)
• Key Information Security Documents• Mission Statements• Job Descriptions• Reporting Relationships• Owner, Custodian, User Roles• Outsourcing
![Page 22: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/22.jpg)
MCIWEST Information Assurance
201ACCESS (process & physical security partnership)
• Process for ACCESS
• System Authorization Access Request (SAAR…new!)• Request, Need to Know, Clearance Validated, Verified
• IA last line of defense: “Assurance”
• IA Training (IA, PII, PKI, Removable Media, Phishing)
• Physical Security Partnership
![Page 23: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/23.jpg)
MCIWEST Information Assurance
201Certification & Accreditation (DIACAP)
• PHASE I: Train (Both IA Community and Customers/Users)
• PHASE II: Identify (Systems & Applications)
• PHASE III: Verify (already ATO/ATC?)
• PHASE III: Document
• PHASE IV: Maintain & Decommission
• VALIDATORS!!! Uncle Sam Needs You!!!
![Page 24: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/24.jpg)
MCIWESTInformation Assurance
“Keys to Success” • Right People,
Procedures, Technology
• Confidentiality• Integrity• Availability• Authentication• Non-Repudiation
![Page 25: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/25.jpg)
MCIWESTInformation Assurance
Cyber War: Is the Threat Real?
![Page 26: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/26.jpg)
MCIWESTInformation Assurance
C & A (The FOG of WAR)
![Page 27: MCIWEST Information Assurance Mr. David Robbins MCIWEST Information Assurance Manager (Bldg 24200) Camp Pendleton, CA 92055 Comm: (760) 725-2725 DSN:](https://reader030.fdocuments.us/reader030/viewer/2022032702/56649cab5503460f9496b81e/html5/thumbnails/27.jpg)
MCIWESTInformation Assurance
Questions?