Sunday, October 25, 2015

What U.S. Navy is doing to remain cybersecure

Office of the Deputy Chief of Naval Operations for Information Dominance Navy Cybersecurity Division, Navy News Service
22 October 2015

WASHINGTON – The cyber threat reaches beyond traditional information technology (IT) networks and computers to systems that affect nearly every aspect of the Navy's mission. Machinery control, weapons and navigation systems may be vulnerable, as well as the
networks and computers commonly used by Navy personnel.
To protect against these threats the Navy has made significant changes, including how it is organized and how much it invests in cybersecurity.
In 2014, the Navy established Task Force Cyber Awakening (TFCA) to improve cybersecurity after its network was compromised the previous year. The mission of the task force was to take a comprehensive look at the Navy's cybersecurity and make changes to improve its defenses.
TFCA established priorities for protecting the Navy based on recommendations from industry, the cybersecurity community and stakeholders. Using these priorities, the task force evaluated hundreds of funding requests for addressing vulnerabilities, which resulted in $300 million being set aside in fiscal year 2016 for solutions that strengthened the Navy's defenses and improved awareness of its cybersecurity posture. TFCA used the same approach to evaluate over 300 competing funding requests for the next five years of the Navy's budget.
One of these funding priorities was for control points which allow the Navy to isolate portions of the network after a breach is detected. Much like the watertight compartments on a ship, these control points will allow the Navy to limit the impact of a compromise and keep adversaries from moving to other targets in the network. These control points will also allow the Navy to selectively limit connectivity for parts of the network if increased cyber activity from adversaries is expected, similar to how ships set different material conditions of readiness.
The task force also formed a Navy-wide group to implement the CYBERSAFE Program. CYBERSAFE is modeled after SUBSAFE which is the rigorous submarine safety program begun after the loss of the USS Thresher (SSN 593) in 1963. Like the submarine program, CYBERSAFE will harden a critical subset of warfighting components, which could be certain computer systems or parts of the network. CYBERSAFE will apply more stringent requirements to these components before and after fielding to ensure they can better withstand attempted compromises. CYBERSAFE will also require changes in crew proficiency and culture to implement these requirements.
Technical solutions alone cannot completely protect the Navy. The cybersecurity, professional and general workforce are also key contributors to the Navy's defense.
• Cyber workforce: To ensure the cyber workforce has people with the right skills, the Secretary of the Navy is revising the Cyber Workforce Management Manual. After this manual is approved, the Navy will identify updated training, education and certification requirements for the cybersecurity workforce.
• Professional workforce: To reduce vulnerabilities in the computers that control equipment, machines or weapons systems, the Navy identified positions within the systems commands that will need cybersecurity training.
• General workforce: The Navy is bolstering its cybersecurity training to users and leaders because defending the Navy is not only the responsibility of the cybersecurity workforce, it is an all hands effort. Some examples of current training being provided to the general workforce include cybersecurity training for Surface Warfare Officer leaders, and officers at Submarine School.
In September 2015, the CNO established the Navy Cybersecurity Division on the Navy headquarters staff to continue the transformation started by TFCA. The new division will oversee the Navy's approach to cybersecurity, developing strategy, ensuring compliance with cybersecurity policy and advocating for cybersecurity requirements. The division will also evaluate and prioritize major investments and manage the CYBERSAFE program.
Other organizations critical to the cybersecurity fight:
Navy Chief Information Officer: Establishes policy and guidance relating to IT.
• Developed the Navy's approach for evaluating and improving the security of IT systems;
• Revised the Navy's policy for protecting information and information systems.
Fleet Cyber Command/U.S. 10th Fleet – Operates, maintains and defends Navy networks and conducts cyber operations.
• Began installing and operating the new technical solutions that have been purchased;
• Continued defending the Navy's networks, systems and data.
Information Dominance Forces Command: Organizes, mans, trains and equips the cybersecurity workforce.
• Obtained approval to add another Division Officer cybersecurity position on CG, DDG, and LSD class ships;
• Conducted training and assist visits to prepare Echelon II commands for cybersecurity and cyber readiness inspections.
Systems Commands: Strengthen cybersecurity throughout the lifecycle of systems with the goal of "baking in" security from the beginning instead of "bolting it on" after systems are fielded.
• Developed technical standards for building more secure systems;
• Helped develop and implement the CYBERSAFE Program.
The Navy continues to strengthen its cyber posture. But remember, the most critical member of the Navy cybersecurity team is you.

No comments: