LANDWARNET 2011 UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Operating & Defending the Enduring Norm
Session 2
“Enabling the COIN Campaign”
Kimberly Hersey
Deputy, Cyber Security Division
USCENTCOM CCJ6-C
Session: 3, The Enduring Cyberspace C2 2011-08-01 // U..S. Central Command J-6
LANDWARNET 2011 UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
1. Orientation
a) Vision, Mission, Responsibilities
2. Current Situation and Challenges
3. Solutions & Lessons Learned
a) Tying together Security Disciplines
b) Increasing Cyber Intel Support
c) Balancing Global, Regional and CJOA needs
d) Streamlining Theater C2
LANDWARNET 2011 UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Purpose – To protect the Warfighter by ensuring the confidentiality, integrity, accessibility, non-repudiation and authentication within C4 networks and information in the CENTCOM AOR
Defense-in-depth requires a strong foundation integrating: • Technology
• People
• Intelligence (activities inside and outside the perimeter)
Successful defense also requires an active, intelligent component to retain the initiative against a thinking, learning, relentless enemy
LANDWARNET 2011 UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
The Cyber Security Division will:
“Plan, direct and synchronize activities to protect and proactively defend the US CENTCOM portion of the GIG in collaboration with subordinate commands and external commands/agencies, and to provide theater situational awareness to CDR USCENTCOM.”
Overall intent: •Proactive protection and defense of the TIG, by
Continuously improving CND posture in targeted manner
Engaging the enemy proactively to seize initiative
Anticipating and adapting to technology and tactics
Planning and operating collaboratively
LANDWARNET 2011 UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Theater IA Branch responsibilities Headquarters IA Branch responsibilities
CAP
Cross Domain Solutions
Vulnerability
Assessments
IAVA Compliance
Monitoring and
Reporting to JTF-GNO
(via TNC CENT)
IAVA Compliance
Reporting to TNC-CENT
Incident
Response
HQ Systems
C&A
HQ Systems Integration
(ST&E, Baseline etc)
HQ COOP/DRP
Tier 1 IDS
Policies
Circuit
Accreditations
Training
Coalition IA
Policies/Guidance
Review Component/JTF
C&A packages
DISN/DSAWG interface
Monitor/manage
Tier 2 Security devices
LANDWARNET 2011 UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
CFH NOC
Qatar
USCENTCOM
J6
TIG Events
ARCENT MNF-I/MNC-I
(JNCC-I)
CJTF-101
(JNCC-A) MARCENT SOCCENT AFCENT NAVCENT
TNCCENT
GIG
Events
LANDWARNET 2011 UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Relentless Cyber Adversaries •Requiring constant vigilance at multiple levels
Supporting the mission in Afghanistan •Afghanistan Mission Network (AMN)
Supporting the transition in Iraq •Protecting communications during the transition
Supporting the partnering with Pakistan •Office of Defense Representative Pakistan
LANDWARNET 2011 UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Unity of C2 of C5 Networks •C2 divided across Service, Agencies and Combatant
Commands
CYBERCOM Standup •New relationships & new capabilities
WikiLeaks •Balance information sharing vs. information protection
Cyber Vigilance Campaign •New policies and increased controls
LANDWARNET 2011 UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Goal: Get diverse security disciplines working together toward the same end-state
Solution: Establish new forums/partnerships to tackle the issues
Command Information Security Working Group (ISWG) • Information Assurance(J2/J6)
•Operations Security (J3)
•Joint Security Office (J3)
•Special Security Office (J2)
•Along with Foreign Disclosure Office, Command publications and training (J7), Headquarters Commandant, Judge Advocate Office (JAG) and others
LANDWARNET 2011 UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Cyber Vigilance Campaign
ISWG stand-up
Random searches
Policy #55
(PEDs Banned)
CTO 110-133 (SIPR Write Privileges Restricted)
Policy # 58
(Removable Media Restricted)
Revamped COMPUSEC Card Program
Incident Response Consolidation
TRAINING
IA Officers
Authorized Transfer Agents
Coalition
OPSEC
Security Regulations Consolidation
Shared Security Database
02/11
12/10
10/10
09/10
04/11
WikiLeaks
LANDWARNET 2011 UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Goal: Ensure Cyber Defenders have sufficient cyber intelligence to prevent strategic surprises and ensure that our defenses are appropriately focused on countering the most likely and highest impact cyber threats
Solution: Stand up of a Cyber Intelligence CND Working group •Parenting with:
USCENTCOM J2/J3
USCYBERCOM J2
Intelligence Community
LANDWARNET 2011 UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Goal: Identify, assess, and fix (or mitigate) CX-I vulnerabilities that represent CJTF risk to COMISAF/USFOR-A, Theater risk to COMCENTCOM, and global/national risk to COMCYBERCOM.
Solution: Enduring Operational Assessment Framework
Established baseline for enduring CX-I OA process
Improved understanding of CX-I network risks and mitigations for CJTF –Theater --Global/National stakeholders
Hardening CX-I network infrastructure
.
LANDWARNET 2011 UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Goal: Establish a theater wide NETOPS framework for all forces and those providing direct support to the theater. This should balance optimal service, effective network defense, efficient use of resource and proactive network planning.
• Solution: Establish C2 framework for Operate/Defend activities within Cyber C2 construct.
• CENTCOM 25-200/206
• CJOA-A NETOPS Frameworks
IJOA NETOPS Framework
LANDWARNET 2011 UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
CCR 25-200
Architectures
Information
Management
CCR 25-206
Synchronization
USCENTCOM
CONOPS
Joint NetOps
CONOPS
Aligned Joint
NetOps Structure
Supported by
Integrated &
Documented
Processes &
Procedures
JNCC-A
CONOPS
JNCC-I
CONOPS
JTF-GNO
TNC-CENT
Bahrain
USCENTCOM
J6
CFH NOC
Qatar
CJTF-HOA JNCC-Iraq JNCC-Afg 335th
TNOSC
NAVCENT
C4I
Watch
ACCC CFSOCC
JCCC
LANDWARNET 2011 UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
QUESTIONS?
LANDWARNET 2011 UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Shared Sensor AwarenessOperationalizing ‘Who does what - with what data’
(Joint and Service Equities)
Global
Theater
CJOA
CYBERCOM CDR
CENTCOM CDR
USFOR-A/ISAF CDR
CYBERCOM / NSA /DISA
TNC-CENT
JNCC-A
AOR Supported Cdr