Presentation is loading. Please wait.

Presentation is loading. Please wait.

JTAMS Post-Milestone C Analysis

Published byEllen Bryan Modified over 5 years ago

Similar presentations

Presentation on theme: "JTAMS Post-Milestone C Analysis"— Presentation transcript:

1 JTAMS Post-Milestone C Analysis
Team #: Practicum Sections Team Assignment Briefing Teams Cybersecurity Controls Analysis 3, 4 Cloud BCA Analysis 1, 2, 5

2 Cybersecurity Controls Analysis
Read the Case study file: “JTAMS Breach Overview” Summarize the Case and provide an overview of the exercise requirements (the BLUF) Categorize the JTAMS system and go to the RMFKS and identify the controls to implement using the “secure” overlay. Identify the recommended NIST controls per the SANS CIS Critical Controls chart (crit controls with NIST.pdf) – see template slides. Identify any controls from the chart that are not included in the RMFKS controls per your categorization – see template slides. Recommended any “related” SP controls you feel could mitigate this type of attack – use NIST SP Justify your selections. (See template slides) Identify statements, language, or clauses concerning controls that should/could go into an RFP. Identify and explain any current events, updated policies, emerging technology, or personal experiences that may be relevant to future controls analysis (provide references) Provide a summary/conclusion/recommendation (ie the “so what”) Cybersecurity Controls Analysis NOTE: An attack vector is a path or means by which a hacker can gain access to a computer or network server in order to deliver a payload or malicious outcome.

3 Overview of the Case and Exercise Requirements

4 JTAMS Information Type System Categorization
Categorize System Determine system categorization impact level for Confidentiality, Integrity and Availability. Determine Information Types from JTAMS Documents used throughout the course. Use the “JTAMS Information Types Baseline Excerpt” (as appropriate) to determine the impact values. JTAMS Information Type Category IAW the JTAMS Information Types Baseline Excerpt (if applicable) Impact Values (H,M,L) C I A Onboard Diagnostics D Mission Capability of Asset M H System Categorization Highest Value for each column. Cybersecurity Controls Analysis The intent of this slide is to re-assess the information types based on where we are in the JTAMS system at this point and to leverage the JTAMS Information Types Baseline document as appropriate. Step 1: use your knowledge of JTAMS to identify the basic types of data and information that will be exchanged using the various modules of JTAMS in support of overall operations. What information must be exchanged for JTAMS to accomplish its intended purpose? This is your assessment – do not cut/paste from the exercise from Cyber part B. Step 2: Map the basic information types to the categories contained in the JTAMS Information Types Baseline – not everything will map directly – that’s ok – just be prepared to discuss your assessment Step 3: identify the Impact Values Step 4: Categorize the system Step 5: go to the RMFKS and identify the number of controls Using the classified overlay – how many controls are recommended by the RMFKS?: _______________ See the notes page for addnl information REFERENCES:

5 Controls Analysis (1 of 2)
Overall Categorization C = I = A = Total # of Controls = Attack Vector 1 Reconnaissance Critical Controls 17 14 8 Security Skills Assessment and Appropriate Training to Fill Gaps Controlled Access Based on the Need to Know Malware defense Recommended NIST controls per the SANS CIS Critical Controls chart. 8 – CA-7, SC-39, SC-44, SI-3, SI-4, SI-8 Identify any controls from the chart that are not included in the RMFKS per your categorization Recommended any “related” SP controls you feel could mitigate this type of attack  Controls Justification - Section 2 Cybersecurity Controls Analysis The intent of the controls slides is to have the students identify various sources for identifying controls based on a particular attack vector. Clearly, we have had a breach – this could be because we did not initially select the proper controls or that the threat has changed and now additional or other controls are required to be “secure enough” The first row “Overall categories” is taken from their previous analysis and is there simply as a reminder of the earlier work. The second row “Attack Vector” is given to the students and is drawn from the overall scenario document “JTAMS Breach Overview”. The third row “Critical Controls” is taken from the SANS CIS Critical Controls chart and is intended to focus on the area identified in the attack vector – again, this is given to the students. The fourth row – “NIST controls…” has the students leverage the SANS CIS Critical Controls chart to identify NIST controls associated with the identified Critical Controls The fifth row … “RMFKS…” has the students compare/contrast the RMFKS assessment with the Critical Controls assessment The sixth row “…related…” has the students go into the NIST document and identify any “related” controls identified as part of their initial controls assessment and to provide a justification for selecting these related controls REFERENCES: NIST Special Publication , Department of Navy Information Types Baseline

6 Controls Analysis (2 of 2)
Overall Categorization C = I = A = Total # of Controls = Attack Vector 11 Data moved to drop locations Critical Controls 13 20 Data Protection: Employ tools at perimeters to monitor for sensitive data leaving the company in clear text. Penetration Tests and Red Team Exercises Recommended NIST controls per the SANS CIS Critical Controls chart. 20 – CA-2, CA-5, CA-6, CA-8, RA-6, SI-6, PM-6, PM-14 Identify any controls from the chart that are not included in the RMFKS per your categorization Recommended any “related” SP controls you feel could mitigate this type of attack  Controls Justification Section 2 Cybersecurity Controls Analysis The intent of the controls slides is to have the students identify various sources for identifying controls based on a particular attack vector. Clearly, we have had a breach – this could be because we did not initially select the proper controls or that the threat has changed and now additional or other controls are required to be “secure enough” The first row “Overall categories” is taken from their previous analysis and is there simply as a reminder of the earlier work. The second row “Attack Vector” is given to the students and is drawn from the overall scenario document “JTAMS Breach Overview”. The third row “Critical Controls” is taken from the SANS CIS Critical Controls chart and is intended to focus on the area identified in the attack vector – again, this is given to the students. The fourth row – “NIST controls…” has the students leverage the SANS CIS Critical Controls chart to identify NIST controls associated with the identified Critical Controls The fifth row … “RMFKS…” has the students compare/contrast the RMFKS assessment with the Critical Controls assessment The sixth row “…related…” has the students go into the NIST document and identify any “related” controls identified as part of their initial controls assessment and to provide a justification for selecting these related controls REFERENCES: NIST Special Publication , Department of Navy Information Types Baseline

7 Possible RFP Language Options
What statements, language, or clauses concerning controls should go into an RFP? Cybersecurity Controls Analysis See: SSE-Language-for-TSN-in-DoD-RFPs

8 Capstone Assessment (Cyber)
Identify and explain any current events, updated policies, emerging technology, or personal experiences that may be relevant to future controls analysis (provide references): Current Event Overview: Updated Policy Overview / Policy Review: Emerging Technology Analysis: Applicable Personal Experiences Summary: Use additional slides if necessary

9 Cyber Summary and Conclusions

10 Cloud BCA Requirements:
The JTAMS PM is looking for a Cloud Service Provider (CSP) as an alternative hosting solution for its web-based applications because the Army has not designated the current Program Director Hosting Service (PD HS) at Fort Lincoln as an enduring data center. Requirements: Provide an overview (Executive Summary) of the overall scenario and the requirements to include the presentation overview. Identify and justify the IIL required for the program; Describe the impacts to the program Provide an overview of the program Cloud transition requirements Compare and contrast the capabilities of the two cloud service providers Identify 3 risks to the program (based on the requirements and capabilities provided) Identify and explain any current events, updated policies, emerging technology, or personal experiences that may be relevant to future Cloud BCA analysis (provide references) Provide a summary/conclusion/recommendation (ie the “so what”) See Cloud BCA Analysis

11 Scenario and Presentation Overview
See Cloud BCA Analysis

12 Information Impact Level
Identify and justify the IIL required for the program: Describe the impacts to the program inherent in the required impact level: See Cloud BCA Analysis

13 Overall Rec. Primary Rationale
Overview of Program Cloud Transition Requirements / Provider Capability Comparison Capability Overview of Capability/Terminology AWS* DISA MilCloud* Derived Requirements / Explanations / Discussion Cloud Capabilities Security Ease of Migration Management / Monitoring DR / COOP Governance Total (less Cost) Costs See Cloud BCA Analysis * Columns 3 and 4 1: No Capability; 2: /Low Capability; 3: Some Capability 4: Most Capability 5: Full Capability Overall Rec. Primary Rationale

14 Risk Analysis 1 2 3 4 5 Risk Management
Identify 3 risks to the program (based on your selected provider). Present risk statements for your three risks and present your risks using a risk cube. Focus your risk analysis on the following categories: Security, Support, Staffing, and Governance. 1 2 3 4 5 See Cloud BCA Analysis P C S P C S P C S Yellow = Medium Risk Green = Low Risk Red = High Risk Risk Management

15 Capstone Assessment (Cloud)
Identify and explain any current events, updated policies, emerging technology, or personal experiences that may be relevant to future Cloud BCA analysis (provide references): Current Event Overview: Updated Policy Overview / Policy Review: Emerging Technology Analysis: Applicable Personal Experiences Summary: Use additional slides if necessary

16 Cloud Summary/Conclusion
Summarize the Requirement 2. Summarize the Cloud Provider Capability Comparison Results 3. Summarize the risks and impacts to the program: 4. Provide an overall Recommendation/Conclusion: See Cloud BCA Analysis

Download ppt "JTAMS Post-Milestone C Analysis"

Similar presentations

Microsoft ® System Center Configuration Manager 2007 R3 and Forefront ® Endpoint Protection Infrastructure Planning and Design Published: October 2008.

Microsoft ® System Center Configuration Manager 2007 R3 and Forefront ® Endpoint Protection Infrastructure Planning and Design Published: October 2008.
Series 2: Project Management Understanding and Using 6 Basic Tools 9/2013 From the CIHS Video Series “Ten Minutes at a Time”

Series 2: Project Management Understanding and Using 6 Basic Tools 9/2013 From the CIHS Video Series “Ten Minutes at a Time”
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Complying With The Federal Information Security Act (FISMA)

Complying With The Federal Information Security Act (FISMA)
McGraw-Hill/Irwin © 2006 The McGraw-Hill Companies, Inc. All rights reserved. BUSINESS DRIVEN TECHNOLOGY Business Plug-In B10 Project Management.

McGraw-Hill/Irwin © 2006 The McGraw-Hill Companies, Inc. All rights reserved. BUSINESS DRIVEN TECHNOLOGY Business Plug-In B10 Project Management.
Applied Technology Services, Inc. Your Partner in Technology www.appliedtechnologyservices.com Applied Technology Services, Inc. Your Partner in Technology.

Applied Technology Services, Inc. Your Partner in Technology Applied Technology Services, Inc. Your Partner in Technology.
Unit 5:Elements of A Viable COOP Capability (cont.)  Define and explain the terms tests, training, and exercises (TT&E)  Explain the importance of a.

Unit 5:Elements of A Viable COOP Capability (cont.)  Define and explain the terms tests, training, and exercises (TT&E)  Explain the importance of a.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
10/10/2015 IENG 471 Facilities Planning 1 IENG 471 - Lecture END Project Report Requirements & Project Presentation Information.

10/10/2015 IENG 471 Facilities Planning 1 IENG Lecture END Project Report Requirements & Project Presentation Information.
IRM304 CDR Course Manager: Denny Involved Competency Leads: 26 (Cybersecurity)-Denman, 19 (Measurement)-Denny, 7 (DBS)-Corcoran [Capability Planning],

IRM304 CDR Course Manager: Denny Involved Competency Leads: 26 (Cybersecurity)-Denman, 19 (Measurement)-Denny, 7 (DBS)-Corcoran [Capability Planning],
Practice with Screening & Getting started with the Environmental Procedures Training Manual (EPTM) [DATE][SPEAKERS NAMES]

Practice with Screening & Getting started with the Environmental Procedures Training Manual (EPTM) [DATE][SPEAKERS NAMES]
Shift Left Feb 2013 Page-1 DISTRIBUTION STATEMENT A – Cleared for Open Publication by OSR on January 17 th, 2013 – SR case number 13-S-0851 Dr. Steven.

Shift Left Feb 2013 Page-1 DISTRIBUTION STATEMENT A – Cleared for Open Publication by OSR on January 17 th, 2013 – SR case number 13-S-0851 Dr. Steven.
IT 499 Bachelor Capstone Week 4. Adgenda Administrative Review UNIT Four UNIT Five Project UNIT Six Preview Project Status Summary.

IT 499 Bachelor Capstone Week 4. Adgenda Administrative Review UNIT Four UNIT Five Project UNIT Six Preview Project Status Summary.
Federal Information Security Management Act (FISMA) By K. Brenner OCIO Internship Summer 2013.

Federal Information Security Management Act (FISMA) By K. Brenner OCIO Internship Summer 2013.
IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.

IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.
Primary Steps for Achieving ISO 27001 Certification.

Primary Steps for Achieving ISO Certification.
For more course tutorials visit www.uophelp.com. SEC 480 Entire Course For more course tutorials visit www.uophelp.com SEC 480 Week 1 DQs SEC 480 Week.

For more course tutorials visit SEC 480 Entire Course For more course tutorials visit SEC 480 Week 1 DQs SEC 480 Week.
MANAGEMENT of INFORMATION SECURITY, Fifth Edition.

MANAGEMENT of INFORMATION SECURITY, Fifth Edition.
Principal Investigator ESTCP Selection Meeting

Principal Investigator ESTCP Selection Meeting
JTAMS POST-CDR IT/SIS ISSUES

JTAMS POST-CDR IT/SIS ISSUES

Similar presentations

Ads by Google