Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Colonel Gene Tyler Director, Defense-wide Information Assurance Program Office of the Assistant Secretary of Defense, Networks and Information Integration.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Colonel Gene Tyler Director, Defense-wide Information Assurance Program Office of the Assistant Secretary of Defense, Networks and Information Integration."— Presentation transcript:

1 1 Colonel Gene Tyler Director, Defense-wide Information Assurance Program Office of the Assistant Secretary of Defense, Networks and Information Integration Gene.Tyler@osd.mil@osd.mil 703-602-9988 U.S. Department of Defense Information Assurance

2 2 Information Assurance (IA) IA (U.S. Definition) Measures that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. This includes providing for restoration of information systems by incorporating protection, detection and reaction capabilities. Protect - Provides for the availability, integrity, authenticity, confidentiality, and non-repudiation of information or transactions Detect - Provides for the ability to detect efforts to disrupt and deny services React - Provides for reconstitution of information and services in case of a successful disruption or denial

3 3 Definitions Availability - Information and information systems are available when needed to support mission critical, mission support, and administrative purposes. Integrity - Data is unchanged from its source--has not been accidentally or maliciously altered. Authentication - Data, and their originators, are authentic, and that a recipient is eligible to receive specific categories of information Non-Repudiation - Strong and substantial evidence of an information exchange or transaction. Confidentiality - Information can be read only by authorized entities e.g. encryption

4 4 SECDEF’s Transformational Goals*:  First, to defend the U.S. homeland and other bases of operations, and defeat nuclear, biological and chemical weapons and their means of delivery;  Second, to deny enemies sanctuary—depriving them of the ability to run or hide—anytime, anywhere.  Third, to project and sustain forces in distant theaters in the face of access denial threats;  Fourth, to conduct effective operations in space;  Fifth, to conduct effective information operations; and,  Sixth, to leverage information technology to give our joint forces a common operational picture. “….Protect our information networks from attack”......Use information technology to link up different kinds of US forces so that they can in fact fight jointly...” * From Secretary Rumfeld’s speech to the National Defense University 21 Jan 2002 Information Assurance – Emphasis Starts at the Top

5 5 Our ability to leverage the power of information will be key to our success in the 21st Century. I am committed to: Make information available on a network that people depend on and trust Populate the network with new, dynamic sources of information to defeat the enemy Deny the enemy information advantages and exploit weakness to support Network Centric Warfare and the transformation of DoD business processes. John P. Stenbit ASD(NII) Information Assurance – Senior Leadership Emphasis

6 6 Information Security & Global Networks Global Economy Global Information Environment Electronic Security Must Be Global U.S. Cannot “Solve” Problem Unilaterally International Cooperation Required Think Global!

7 7 Detected “Events” As of 1 Jan 03 225 559 730 780 5,844 22,144 23,662 40,076 46,057 0 5,000 10,000 15,000 20,000 25,000 30,000 35,000 40,000 45,000 50,000 949596979899000102 Malicious Activity Continues to Climb "Information Networks must be controlled, protected, and managed as effectively as weapon systems” Lt Gen Harry D. Raduege, DISA Director Unauthorized DoD Intrusions (314 Category 1 & 2 Intrusions as of 1 Jan 03) IAVA/ Bulletins “New” Intrusion Method or Under Analysis “Poor Security Practices” “Multiple Vulnerabilities” Virus Growth Per Month (Internet - “Wild List”) Jan May NovSep Jul Mar 120 140 160 180 200 220 240 260 280 300 1999 2000 2001 2002 As of 1 Jan 03 36% 30% 14% 20%

8 8 Net-Centric Warfare C2 Transportation / Logistics Sensors INTEL Weapons Systems Network In NCW, the Network is the center of gravity: the focus on which all elements of combat power depend

9 9 Scope of the IA Mission Sustaining base Systems and Business systems Weapon Systems Infrastructure Power projection platforms and communications Command & Control (C2) systems Situation awareness Information everywhere Information is used everywhere and is vital to Warfighters and Operational Readiness Sensor-to -Shooter Logistic systems

10 10 The Changing Technology Environment PAST – dedicated circuits – stovepiped systems – government developed and produced solutions – “risk avoidance” – limited cooperation with industry – government-owned and – controlled security mgt infrastructure (SMI) PRESENT – highly interconnected – interdependent – commercial technology forms the basis for solutions – “risk management” – full and open cooperation with industry – global interoperable public key-based SMI FUTURE – genetic algorithms – neural networks – intelligent agents – nano-technologies – distributed computing – wireless – changing architectures, operations, technology all aimed at leveraging the “richness and reach” of the internet – where are the boundaries? We cannot afford to “stay the course”

11 11 Goals Objectives Protect Information Protect Information Defend Systems & Networks Defend Systems & Networks Provide Situational Awareness / IA C2 Provide Situational Awareness / IA C2 Transform and Enable IA Capabilities Transform and Enable IA Capabilities Create an IA Empowered Workforce Create an IA Empowered Workforce Establish timely Intelligence and I&W information to enterprise SA Infuse IA into other disciplines Harmonize NETOPS, IO, CNA, CND relationships Develop & Enforce CND Policies Create SA Visualization capabilities Evaluate & Deploy CND Tools and Capabilities Establish GiG Network Defense Architecture & To Be Baseline Develop & Deploy Protection Capabilities Promulgate IA Architecture Define Protection Criteria for Netcentric Opns Enhance IA skill levels Provide trained/skilled personnel Standardize baseline certifications Enable Information sharing & collaboration Improve strategic decision making Expedite dynamic IA capabilities through innovation Ensure IA is integrated & sustained in all programs throughout the lifecycle IA Mission and Strategy Establish vertical & horizontal defense mechanisms w/I CND RAF Coordinate IA ops & decisions Transform SMI IA Mission Assure DoD’s Information, Information Systems and Information Infrastructure and Support DoD’s Transformation to Network and Data Centric Operations and Warfare

12 12 OPERATIONSTECHNOLOGY PERSONNEL No Single Solution! Solution requires a multidimensional approach Trained and disciplined personnel Improved operations (including updated policies) Innovations in technology Solutions must address importance of Information Technology in elements of the Critical Infrastructure, for example, Power, Transportation, other The DoD IA Strategy

13 13

14 14 BACKUP

15 15 Personnel Cyber security training and awareness –Platform Training –Computer Based Training (CBT) –Video Certification of information system operators, administrators, and maintainers Career field management - focus on retention Partnership with industry for cooperative internships National InfoSec Education & Training Program Academic Centers Of Excellence (36 today)

16 16 Operations Integrated Information Assurance Policy Information Assurance Vulnerability Alert (IAVA) Process –Positive Control Service and Agency Computer Emergency Response Teams Joint Task Force - Computer Network Operations (JTF-CNO) –Coordination within the Department of Defense, and with other government departments and agencies Continuous Vulnerability Analysis and Assessment Program Exercises to test protection, detection, and response capabilities

17 17 Technology Full spectrum Information Assurance solutions –Layered Information Assurance strategy (Defense-in-Depth) –Deployment of intrusion detection technology –Strategic partnership with industry Security-enabled commercial products Open security framework –National Information Assurance Partnership (NIAP) Common Criteria evaluations Global, interoperable Security Management Infrastructure R&D for highly assured products and systems R&D for real-time monitoring, data collection, analysis, and visualization

18 18 IA Strategy and Defense-in- Depth (DiD) Interface Defense-in- Depth: Establishes our defenses in place and gives DoD a basic defensive framework IA Strategy: Takes concepts of DiD and brings the warfighter into the IA arena

Download ppt "1 Colonel Gene Tyler Director, Defense-wide Information Assurance Program Office of the Assistant Secretary of Defense, Networks and Information Integration."

Similar presentations

AFCEA DC Cyber Security Symposium Military Joint Cyber Command Panel Harry Raduege Lieutenant General, USAF (Ret) Chairman, Center for Network Innovation.

AFCEA DC Cyber Security Symposium Military Joint Cyber Command Panel Harry Raduege Lieutenant General, USAF (Ret) Chairman, Center for Network Innovation.
Presented by the US Department of Education. More information at

Presented by the US Department of Education. More information at
Homeland Security at the FCC July 10, 2003. FCCs Homeland Security Focus Interagency Partnerships Industry Partnerships Infrastructure Protection Communications.

Homeland Security at the FCC July 10, FCCs Homeland Security Focus Interagency Partnerships Industry Partnerships Infrastructure Protection Communications.
The Military Challenge of Cyber AOC Talk on Cyber, EW and IO Dr Gary Waters, 17 April 2012.

The Military Challenge of Cyber AOC Talk on Cyber, EW and IO Dr Gary Waters, 17 April 2012.
METRICS AND CONTROLS FOR DEFENSE IN DEPTH AN INFORMATION TECHNOLOGY SECURITY ASSESSMENT INITIATIVE.

METRICS AND CONTROLS FOR DEFENSE IN DEPTH AN INFORMATION TECHNOLOGY SECURITY ASSESSMENT INITIATIVE.
Douglas Bass, Director Office of Emergency Management Fairfax County, VA.

Douglas Bass, Director Office of Emergency Management Fairfax County, VA.
Navy’s Operational Authority for Naval Networks, Information Operations, and FORCEnet 2004 Strike, Land Attack & Air Defense Annual Symposium Vice Admiral.

Navy’s Operational Authority for Naval Networks, Information Operations, and FORCEnet 2004 Strike, Land Attack & Air Defense Annual Symposium Vice Admiral.
BENEFITS OF SUCCESSFUL IT MODERNIZATION

BENEFITS OF SUCCESSFUL IT MODERNIZATION
Keeping the War Fighter Informed

Keeping the War Fighter Informed
1 Continuity Planning for transportation agencies.

1 Continuity Planning for transportation agencies.
The U.S. Coast Guard’s Role in Cybersecurity

The U.S. Coast Guard’s Role in Cybersecurity
INFORMATION SYSTEMS & GLOBAL SERVICES Craig Solem, CISSP Lockheed Martin Information Systems and Global Services Program Manager, Joint Medical information.

INFORMATION SYSTEMS & GLOBAL SERVICES Craig Solem, CISSP Lockheed Martin Information Systems and Global Services Program Manager, Joint Medical information.
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
Distribution Statement A: Approved for Public Release; Distribution is unlimited. 1 Electronic Warfare Information Operations 29 MAR 2011 Val O’Brien.

Distribution Statement A: Approved for Public Release; Distribution is unlimited. 1 Electronic Warfare Information Operations 29 MAR 2011 Val O’Brien.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
5/17/2015 1 SUPPORT THE WARFIGHTER DoD CIO 1 (U) FOUO DoD Transformation for Data and Information Sharing Version 1.0 DoD Net-Centric Data Strategy (DS)

5/17/ SUPPORT THE WARFIGHTER DoD CIO 1 (U) FOUO DoD Transformation for Data and Information Sharing Version 1.0 DoD Net-Centric Data Strategy (DS)
National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.

National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.
UNCLASSIFIED 1 Joint Net-Centric Operations Strawman Joint Net-Centric Operations: The ability to exploit all human and technical elements of the joint.

UNCLASSIFIED 1 Joint Net-Centric Operations Strawman Joint Net-Centric Operations: The ability to exploit all human and technical elements of the joint.
Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.

Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.
Chapter 1 – Introduction

Chapter 1 – Introduction

Similar presentations

Ads by Google