Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Evolving a Cyberspace Doctrine
The Process
Michael E. Ruiz
CTO, Net-Enabled Operations
Deloitte Consulting LLP
April 16, 2...
Objective
Discuss the Evolution of Cyberspace
 Provide a Context for discussing Cyber Space
 Share some ideas on Cyber W...
Background
The DoD and Intel communities have engaged in Cyberspace under the
auspice of Information Assurance and Network...
Components of Cyberspace

Cyber
Warfare

Cyber
Homeland
Security
Cyber Space

Cyber Law
Enforcement
Continuum of Cyber Security and Operations
Security
Engineering &
Integration

Cyber Security

Information
Assurance
Pract...
Cyber Warfare Doctrine

Doctrine

Leadership

Organization

Personnel

Training

Facilities

-6-

SATX - Evolving a Cybers...
Cyber Command and Control
Command and Control (C2) is “the exercise of
authority and direction by a properly designated
commander over assigned and ...
Cyber Command and Control
 Gather Information Related to Cyber Threats and Vulnerabilities (Data
fusion)
 Analyze the cy...
- 10 -

SATX - Evolving a Cyberspace Doctrine.pptx

Cyber Command and Control Reference Model
Data/Information Sources

 Data Collection and Fusion Environment - Combination of real-time
data from cyber assets combi...
- 12 -

SATX - Evolving a Cyberspace Doctrine.pptx

The Core of Cyberspace Operation Center
The Communities of Interest (COI)

- 13 -

SATX - Evolving a Cyberspace Doctrine.pptx

 Disseminate cyber threats informa...
 Enterprise Service for Federated
Management and Cross Domain
Information Sharing

 Coordinate the response planning and...
Conclusion
Asymmetric, highly decentralized organization are impossible to stop with
centralized approaches.
Creating an e...
Copyright © 2009 Deloitte Development LLC. All rights reserved.
Upcoming SlideShare
Loading in …5
×

Evolving a Cyber Space Doctrine

703 views

Published on

When presented in 2010, this presentation provided a novel concept for moving from passive security to active defense. Leveraging lessons learned from BearingPoint and Deloitte's R&D on Collaborative Situational Awareness for Decision Making, this presentation put forward a framework for integrating cyber security system to enhance collaboration and more effectively integrate information from desperate sources.

Published in: Technology
  • Be the first to comment

Evolving a Cyber Space Doctrine

  1. 1. Evolving a Cyberspace Doctrine The Process Michael E. Ruiz CTO, Net-Enabled Operations Deloitte Consulting LLP April 16, 2010
  2. 2. Objective Discuss the Evolution of Cyberspace  Provide a Context for discussing Cyber Space  Share some ideas on Cyber Warfare Doctrine An appreciation of the complexity and emergence of Cyberspace domain in Warfare -2- SATX - Evolving a Cyberspace Doctrine.pptx  Present possible Cyberspace Operations Center for the Future
  3. 3. Background The DoD and Intel communities have engaged in Cyberspace under the auspice of Information Assurance and Network Security for at least three decades.  Security has to be more than policy – Policy must be implementable – Enforcement must be understood during policy definition  Information Sharing requires trust; trust creates risk. – We have been slow to adopt a posture of risk mitigation – Risk avoidance is still a cultural mindset  Cyber Operation is the emerging mission The Enemy is within the Wire -3- SATX - Evolving a Cyberspace Doctrine.pptx – The next war will have a significant cyber component
  4. 4. Components of Cyberspace Cyber Warfare Cyber Homeland Security Cyber Space Cyber Law Enforcement
  5. 5. Continuum of Cyber Security and Operations Security Engineering & Integration Cyber Security Information Assurance Practices Cyber Operation Network Security Operation Centers (NSOC) -5- Cyber Space Operation Centers (CSOC) Active Passive Security Strategy Non-Kinetic Cyber Attack Monitoring Active Action Certification Defense of and Cyber Assets Accreditation SATX - Evolving a Cyberspace Doctrine.pptx Security Architecture Vulnerability Remediation Coordinated Kinetic and Non-Kinetic Action
  6. 6. Cyber Warfare Doctrine Doctrine Leadership Organization Personnel Training Facilities -6- SATX - Evolving a Cyberspace Doctrine.pptx Materiel
  7. 7. Cyber Command and Control
  8. 8. Command and Control (C2) is “the exercise of authority and direction by a properly designated commander over assigned and attached forces in the accomplishment of the mission...” - The DoD Dictionary of Military and Associated Terms
  9. 9. Cyber Command and Control  Gather Information Related to Cyber Threats and Vulnerabilities (Data fusion)  Analyze the cyber threats and vulnerabilities (Analytical Tools)  Visualize the cyber threats and vulnerabilities (Shared Situational Awareness)  Disseminate cyber threats information and collaborate on the information (Wiki and Web 2.0)  Coordinate the response planning and execution (Remediation and Operations Teams) -9- SATX - Evolving a Cyberspace Doctrine.pptx  Interface with internal and external entities (public, private and open source) to share and integrate information
  10. 10. - 10 - SATX - Evolving a Cyberspace Doctrine.pptx Cyber Command and Control Reference Model
  11. 11. Data/Information Sources  Data Collection and Fusion Environment - Combination of real-time data from cyber assets combined with historical data provides context for evaluating threats - 11 - SATX - Evolving a Cyberspace Doctrine.pptx  Interface with internal and external entities (public, private and open source) to share and integrate information
  12. 12. - 12 - SATX - Evolving a Cyberspace Doctrine.pptx The Core of Cyberspace Operation Center
  13. 13. The Communities of Interest (COI) - 13 - SATX - Evolving a Cyberspace Doctrine.pptx  Disseminate cyber threats information and collaborate on the information
  14. 14.  Enterprise Service for Federated Management and Cross Domain Information Sharing  Coordinate the response planning and execution (Remediation and Operations Teams) - 14 - SATX - Evolving a Cyberspace Doctrine.pptx Federated Security Space Operations Centers
  15. 15. Conclusion Asymmetric, highly decentralized organization are impossible to stop with centralized approaches. Creating an environment for spontaneity is crucial to enabling highly centralized organization to act and operate as decentralized forces. Technology is not the solution it is an enabler … the solution requires a blend of People, Process, and Technology working to a common goal.  De-incentivize our adversary  Train the work force  Create Tactics, Techniques, and Procedure to wage and protect the Cyber domain - 15 - SATX - Evolving a Cyberspace Doctrine.pptx  Allow flexibility and agility in creating capability.
  16. 16. Copyright © 2009 Deloitte Development LLC. All rights reserved.

×