Evolving a Cyber Space Doctrine
•
4 likes•1,009 views
When presented in 2010, this presentation provided a novel concept for moving from passive security to active defense. Leveraging lessons learned from BearingPoint and Deloitte's R&D on Collaborative Situational Awareness for Decision Making, this presentation put forward a framework for integrating cyber security system to enhance collaboration and more effectively integrate information from desperate sources.
Recommended
Recommended
More Related Content
What's hot
What's hot (19)
Similar to Evolving a Cyber Space Doctrine
Similar to Evolving a Cyber Space Doctrine (20)
Recently uploaded
Recently uploaded (20)
Evolving a Cyber Space Doctrine
- 1. Evolving a Cyberspace Doctrine The Process Michael E. Ruiz CTO, Net-Enabled Operations Deloitte Consulting LLP April 16, 2010
- 2. Objective Discuss the Evolution of Cyberspace Provide a Context for discussing Cyber Space Share some ideas on Cyber Warfare Doctrine An appreciation of the complexity and emergence of Cyberspace domain in Warfare -2- SATX - Evolving a Cyberspace Doctrine.pptx Present possible Cyberspace Operations Center for the Future
- 3. Background The DoD and Intel communities have engaged in Cyberspace under the auspice of Information Assurance and Network Security for at least three decades. Security has to be more than policy – Policy must be implementable – Enforcement must be understood during policy definition Information Sharing requires trust; trust creates risk. – We have been slow to adopt a posture of risk mitigation – Risk avoidance is still a cultural mindset Cyber Operation is the emerging mission The Enemy is within the Wire -3- SATX - Evolving a Cyberspace Doctrine.pptx – The next war will have a significant cyber component
- 4. Components of Cyberspace Cyber Warfare Cyber Homeland Security Cyber Space Cyber Law Enforcement
- 5. Continuum of Cyber Security and Operations Security Engineering & Integration Cyber Security Information Assurance Practices Cyber Operation Network Security Operation Centers (NSOC) -5- Cyber Space Operation Centers (CSOC) Active Passive Security Strategy Non-Kinetic Cyber Attack Monitoring Active Action Certification Defense of and Cyber Assets Accreditation SATX - Evolving a Cyberspace Doctrine.pptx Security Architecture Vulnerability Remediation Coordinated Kinetic and Non-Kinetic Action
- 6. Cyber Warfare Doctrine Doctrine Leadership Organization Personnel Training Facilities -6- SATX - Evolving a Cyberspace Doctrine.pptx Materiel
- 7. Cyber Command and Control
- 8. Command and Control (C2) is “the exercise of authority and direction by a properly designated commander over assigned and attached forces in the accomplishment of the mission...” - The DoD Dictionary of Military and Associated Terms
- 9. Cyber Command and Control Gather Information Related to Cyber Threats and Vulnerabilities (Data fusion) Analyze the cyber threats and vulnerabilities (Analytical Tools) Visualize the cyber threats and vulnerabilities (Shared Situational Awareness) Disseminate cyber threats information and collaborate on the information (Wiki and Web 2.0) Coordinate the response planning and execution (Remediation and Operations Teams) -9- SATX - Evolving a Cyberspace Doctrine.pptx Interface with internal and external entities (public, private and open source) to share and integrate information
- 10. - 10 - SATX - Evolving a Cyberspace Doctrine.pptx Cyber Command and Control Reference Model
- 11. Data/Information Sources Data Collection and Fusion Environment - Combination of real-time data from cyber assets combined with historical data provides context for evaluating threats - 11 - SATX - Evolving a Cyberspace Doctrine.pptx Interface with internal and external entities (public, private and open source) to share and integrate information
- 12. - 12 - SATX - Evolving a Cyberspace Doctrine.pptx The Core of Cyberspace Operation Center
- 13. The Communities of Interest (COI) - 13 - SATX - Evolving a Cyberspace Doctrine.pptx Disseminate cyber threats information and collaborate on the information
- 14. Enterprise Service for Federated Management and Cross Domain Information Sharing Coordinate the response planning and execution (Remediation and Operations Teams) - 14 - SATX - Evolving a Cyberspace Doctrine.pptx Federated Security Space Operations Centers
- 15. Conclusion Asymmetric, highly decentralized organization are impossible to stop with centralized approaches. Creating an environment for spontaneity is crucial to enabling highly centralized organization to act and operate as decentralized forces. Technology is not the solution it is an enabler … the solution requires a blend of People, Process, and Technology working to a common goal. De-incentivize our adversary Train the work force Create Tactics, Techniques, and Procedure to wage and protect the Cyber domain - 15 - SATX - Evolving a Cyberspace Doctrine.pptx Allow flexibility and agility in creating capability.
- 16. Copyright © 2009 Deloitte Development LLC. All rights reserved.
Editor's Notes
- Doctrine –addresses the much needed Tactics, Techniques and Procedures (TTPs) for operating in a cyber realm.Cyber ISR techniques are needed – today we focus on protection of our networks tomorrow we need to understand how our enemies will use there networkCyber C2 Procedures are required – What threats require remediation in the form of patch? And What threats require operations in the form of an MP going to a desk or covert operative being tasked to find out more about a particular organization or group?What does the Cyber Kill Chain look like? When are our actions an act of war and when are the a protective posture?Friedman in his Book “The Next Hundred Years” asserts that Russia will take defensive measure - creating buffer around its border to protect itself from encroaching Europeans. These actions will appear aggressive to some.Estonia Cyber war in April 2007 – mostly Do's Attacks and Botnet spam attacksGeorgia Takes a Beating in the Cyber war With Russia - By JOHN MARKOFF - the New York Times – August 11, 2008Organization – defines the organizational structures needed to successfully implement a cyber warfare organization, specifically the work BearingPoint is doing for the Army G2 for cyber operations.The Creation of Cyber Command – a unified command to address Cyber ChallengesThe Creation of the 24th Air Force – a numbered Air Force dedicated to working on Cyber ChallengesThe Creation of the Army Cyber DirectorateThe Navy reorganization – combining the N2/N6 and designating new cyber authorities.Training – how we train our troops … what are we teaching in the school house and is it the right thingBefore we can start training we have to establish DoctrineContinuous improvement is needed to ensure we are training correctly – new ways of updating the school house will be needed as this domain changes so rapidlyMateriel – describes a reference model / implementation pattern for implementing future cyber command and control systems.Personnel – how do we motivate a workforce that is counter to all military honors and traditions to join the Cyber Warfare machineHuge cultural challenges await.The Story of our EVP and our Cyber GuysFacilities – illustrates the types of facilities (i.e. Network Operation Centers, Security Operation Centers, and Cyber Space Operation Centers) and the processes for federating across agency / organizational boundaries.
- Messaging Web ApplicationsProtection BoundariesPhysical SecurityTelecommunication NetworksAccess Control