20140906_disa-cyber-assurance.pdf

(488 KB) Pobierz
UNCLASSIFIED
Mission Assurance
2014 Forecast to Industry
Mr. Mark S. Orndorff
Mission Assurance Executive
20 August 2014
UNCLASSIFIED
37
UNCLASSIFIED
The Problem
Problem Statement:
Neither the DoD nor the combatant commanders can adequately see, control,
or defend their networks. We can’t meet the urgent and immediate cyber threat, defend the current
infrastructure or reduce network vulnerabilities.
Capability Gaps
Lack of Enterprise-level view and standardized security
topology
Too many avenues of attack
Heavy reliance on independent delivery of security services
Inability to apply advanced threat analysis
Lack of Enterprise responsiveness in assessing, detecting,
responding to threats
Lack of [unity of effort] in operating and managing
cyberspace operations
Segmented approach to networks creates seams and
creates difficulty in information sharing, thus complicating
protection of forces
Gaps and HLOs Identified in Authoritative Sources (paraphrased)
UNCLASSIFIED
High Level Objectives (HLOs)
HLO 1: Operate, defend, manage,
and maintain the JIE (DoDIN)
HLO 2: Enable and protect critical
warfighting information and information
exchange through various capabilities
and services
HLO 3: Ensure critical warfighter
information, capabilities and services
are available in a degraded cyber
condition
Authoritative Sources:
JIE ICD v 3.1.1, GIG 2.0 ICD and Cyber SA ICD
JIE OPS CONOPS and Chairman’s White Paper
38
UNCLASSIFIED
Mission Assurance
(Cybersecurity and NetOps)
Internet Access Points
Sensors (ECOS)
Web Content Filtering
Demilitarized Zone (DMZ)
Distributed Denial of Service Mitigations
Enterprise Email Security Gateway
Domain Name System (DNS) Hardening
Zone 1 –
External Access
Zone 4c – Network Management and Foundational Capabilities
Cyber SA/NetOps
Cyber SA Analytic
Cloud (CSAAC)
Secure Configuration
Management
Continuous Monitoring
Risk Scoring
Enterprise Mission
Assurance Support
Service (eMASS)
Insider Threat Analytics
Security Information
/Event Manager
Joint Incident
Management
Regional Security
Joint Regional Security Stacks
Zone 2
Perimeter Zero Day Network Defense
Enterprise
Cross Domain Enterprise Services
Network Core
Filter List Manager
Zone 3a –
Data & Applications
Commercial
Cloud
(Levels 3-5)
Enclave and Endpoint Security
Public Key Infrastructure
Host Based Security System
Enterprise Anti-Virus/Anti-Spyware
Assured Compliance Assessment Solution
Bootable Media
Rogue Wireless Detection
Foundational
Zones 3b-3d, 5, & 6 –
Data, Applications,
End Users, and
Tactical Edge
Cyber Workforce Development
Cyber Readiness Assessments
Projected contract actions:
Service Contract
New Solution
39
UNCLASSIFIED
UNCLASSIFIED
Cyber Situational Awareness Analytic Cloud
Enterprise Operations Center
CYBER Operators
&
Cyber Protection Teams
Analytics
Components
Enterprise
Service Status
Alert
Correlation
Collaboration
&
Workflow
Mission
Mapping
COTS:
ArcSight
Splunk
Sensage
Etc
GOTS:
“Big Data Analytics”
Insider Threat
Fight by Indicator
CMRS
Structured Databases:
MADSS
JIMS
eMASS
Risk Scoring
API
API
Data Ingest Service
CDCs
IAPs &
DISN
Architecture
Security
Single
API
API
JRSS
Enclaves and
End Points
UNCLASSIFIED
40
UNCLASSIFIED
Contact Information
Acquisition Point of Contact
Charles S. Hamilton
Charles.S.Hamilton1.civ@mail.mil
(301) 225-8598
Vendor Coordinator
Mark D. Hamilton
DISA.Meade.ma.mbx.dcto-ma@mail.mil
(301) 225-8583
UNCLASSIFIED
42

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin