20140906_disa-cyber-assurance.pdf
(
488 KB
)
Pobierz
UNCLASSIFIED
Mission Assurance
2014 Forecast to Industry
Mr. Mark S. Orndorff
Mission Assurance Executive
20 August 2014
UNCLASSIFIED
37
UNCLASSIFIED
The Problem
Problem Statement:
Neither the DoD nor the combatant commanders can adequately see, control,
or defend their networks. We can’t meet the urgent and immediate cyber threat, defend the current
infrastructure or reduce network vulnerabilities.
Capability Gaps
Lack of Enterprise-level view and standardized security
topology
Too many avenues of attack
Heavy reliance on independent delivery of security services
Inability to apply advanced threat analysis
Lack of Enterprise responsiveness in assessing, detecting,
responding to threats
Lack of [unity of effort] in operating and managing
cyberspace operations
Segmented approach to networks creates seams and
creates difficulty in information sharing, thus complicating
protection of forces
Gaps and HLOs Identified in Authoritative Sources (paraphrased)
UNCLASSIFIED
High Level Objectives (HLOs)
HLO 1: Operate, defend, manage,
and maintain the JIE (DoDIN)
HLO 2: Enable and protect critical
warfighting information and information
exchange through various capabilities
and services
HLO 3: Ensure critical warfighter
information, capabilities and services
are available in a degraded cyber
condition
Authoritative Sources:
JIE ICD v 3.1.1, GIG 2.0 ICD and Cyber SA ICD
JIE OPS CONOPS and Chairman’s White Paper
38
UNCLASSIFIED
Mission Assurance
(Cybersecurity and NetOps)
Internet Access Points
•
Sensors (ECOS)
•
Web Content Filtering
•
Demilitarized Zone (DMZ)
•
Distributed Denial of Service Mitigations
•
Enterprise Email Security Gateway
•
Domain Name System (DNS) Hardening
Zone 1 –
External Access
Zone 4c – Network Management and Foundational Capabilities
Cyber SA/NetOps
•
Cyber SA Analytic
Cloud (CSAAC)
•
Secure Configuration
Management
•
Continuous Monitoring
Risk Scoring
•
Enterprise Mission
Assurance Support
Service (eMASS)
•
Insider Threat Analytics
•
Security Information
/Event Manager
•
Joint Incident
Management
Regional Security
•
Joint Regional Security Stacks
Zone 2
•
Perimeter Zero Day Network Defense
Enterprise
•
Cross Domain Enterprise Services
Network Core
•
Filter List Manager
Zone 3a –
Data & Applications
Commercial
Cloud
(Levels 3-5)
Enclave and Endpoint Security
•
Public Key Infrastructure
•
Host Based Security System
•
Enterprise Anti-Virus/Anti-Spyware
•
Assured Compliance Assessment Solution
•
Bootable Media
•
Rogue Wireless Detection
Foundational
Zones 3b-3d, 5, & 6 –
Data, Applications,
End Users, and
Tactical Edge
•
Cyber Workforce Development
•
Cyber Readiness Assessments
Projected contract actions:
Service Contract
New Solution
39
UNCLASSIFIED
UNCLASSIFIED
Cyber Situational Awareness Analytic Cloud
Enterprise Operations Center
CYBER Operators
&
Cyber Protection Teams
Analytics
Components
Enterprise
Service Status
Alert
Correlation
Collaboration
&
Workflow
Mission
Mapping
COTS:
•
ArcSight
•
Splunk
•
Sensage
•
Etc
GOTS:
“Big Data Analytics”
•
Insider Threat
•
Fight by Indicator
•
CMRS
Structured Databases:
•
MADSS
•
JIMS
•
eMASS
Risk Scoring
API
API
Data Ingest Service
CDCs
IAPs &
DISN
Architecture
Security
Single
API
API
JRSS
Enclaves and
End Points
UNCLASSIFIED
40
UNCLASSIFIED
Contact Information
Acquisition Point of Contact
Charles S. Hamilton
Charles.S.Hamilton1.civ@mail.mil
(301) 225-8598
Vendor Coordinator
Mark D. Hamilton
DISA.Meade.ma.mbx.dcto-ma@mail.mil
(301) 225-8583
UNCLASSIFIED
42
Plik z chomika:
Amiga789
Inne pliki z tego folderu:
Doj-Oeo-Esu - Electronics Surveillance Manual, Procedures And Case Law Forms (October 1997).pdf
(14296 KB)
20140825_nsa-icreach.pdf
(4523 KB)
INIWIC X26E_v4_062805a.pdf
(6276 KB)
LCMR TM WP 0007 Rev5.1.pdf
(5292 KB)
20120903_nsa-sci-cybersecurity.pdf
(18 KB)
Inne foldery tego chomika:
20120214_Cryptome_malware
20120606_KPN-blokkade-TPB
20120606_UPC-blokkade-TPB_files
cheatsheets
Dessens
Zgłoś jeśli
naruszono regulamin