15 september 2010 kevin mcnally program manager (pmw 130) (858) 537-0682 [email protected]
DESCRIPTION
Program Executive Office Command, Control, Communications, Computers and Intelligence (PEO C4I) Navy Information Assurance and Cyber Security. 15 September 2010 Kevin McNally Program Manager (PMW 130) (858) 537-0682 [email protected]. - PowerPoint PPT PresentationTRANSCRIPT
Information Dominance Anytime, Anywhere…
PEOC4I.NAVY.MIL
Program Executive OfficeCommand, Control, Communications, Computers and Intelligence (PEO C4I)
15 September 2010Kevin McNally
Program Manager (PMW 130)(858) 537-0682
Program Executive OfficeCommand, Control, Communications, Computers and Intelligence (PEO C4I)
Navy Information Assurance and Cyber Security
Statement A: Approved for public release; distribution is unlimited (9 SEPTEMBER 2010)
Agenda
• Changes in our Community
• PEO C4I and PMW 130
• Why Cyber Matters
• The Threat
• The Acquisition Process Today
• Way Ahead for Cyber Acquisition
• Challenges
• IA Concerns on the Horizon
• Q&A 2
3
The Drive to Information Dominance
The Economist
Changes in our Community
“…we must embrace innovation, be willing to test and evaluate new concepts, and ultimately, resource and support game-changing technologies, processes, and information capabilities. Our goal: to achieve command and control overmatch against all adversaries. If we’re reaching for something less than that, we aren’t trying hard enough…”
-VADM Dorsett, DCNO (N2/N6)
4
5
PEO C4I Organizational Structure
Special Assistant for MDA – Andy Farrar
Chief of Staff – CAPT Gary Galloway DPEO Acquisition Management – John MetzgerDPEO Manpower & Budget – Susie DrewDPEO Strategic Mgmt & Process Improvement – Aaron WhitakerDPEO Platform Integration & Modernization – VacantDPEO Technical Direction & Program Integration – Charlie Suggs
APEO Contracts (2.0) – Trelli DavisAPEO Logistics (4.0) - Sean ZionAPEO Engineering (5.0) – Wendy SmidtAPEO S&T (7.0) - John McDonnell
SPAWAR Space Field Activity
SSC Pacific
SSC Atlantic
CURRENT READINESS REPORTING PEO C4I
RDML Jerry Burroughs
SPAWARRADM P. Brady
VICE DEPUTY
PRINCIPAL DEPUTY
INTELLIGENCEMr. Terry Simpson
PRINCIPAL MILITARY DEPUTY
CAPT John Pope
ASN(RDA)Assistant Secretary of the Navy
(Research, Development & Acquisition)
CNOChief of Naval Operations
Updated 10 September 2010
International C4I Integration
PMW 740 Steve Bullard
Joe Orechovesky
NIPO
Carrier and Air Integration PMW 750
Mark Evangelista (Acting) Cheryl Carlton (Acting)
NAE
Ship IntegrationPMW 760
CAPT Ken RitterBill Farmer
SWE
Submarine Integration PMW 770 CAPT Dean Richter
Maria Cuin
USENECE
Shore and Expeditionary Integration
PMW 790Ruth Youngs LewCDR Allan Walters
Allen Armstrong
Command and Control PMW 150
CAPT Steve McPhillips Jim Churchill
Tactical Networks PMW 160
CAPT DJ LeGoff CDR William “Ben” McNeal
Communications PMW 170 Vince Squitieri CAPT (Sel) Mark Glover
NIDE NIDE NIDE
Information Assurance and Cyber Security PMW 130 Kevin McNally
CAPT Don Harder
NIDE
Battlespace Awareness & Information Operations PMW 120 CAPT Bob Parker
Mark Reinig
NIDE
6
About PEO C4I
Workforce•Civilian: 214•Military: 71
Programs - Total: 122•ACAT I: 8* •ACAT II: 6 •ACAT III & Below: 106•Rapid Deployment Capabilities (RDCs): 2*Includes: IAC – 3 IAM – 2 (1-DISA/1-PEO C4I)
IC – 2 Pre-MAIS/MDAP – 1
Platforms Supported – FY10•Afloat: 228 •Shore: 349 •Expeditionary: 34
Navy C4I Key Facts
More than 5,200 radios fielded More than 2,500 annual installations More than 700 applications supported Average/fielded bandwidth capability
Carrier: 4 mbps - 24mbpsDestroyer: 512 kbps - 8mbpsSubmarine: 128 kbps
Average technology refresh18 months
Average time to market Initial fielding: 36 monthsFull Fielding: 8-10 years
updated 23 August 2010
Minimize total ownership cost of a
secure Cyber Domain
PMW 130Strategic Priorities
COST SPEED WORKFORCE CUSTOMER
GOALS
PMW 130 Vision:Securing the Cyber Domain
PMW 130 Mission: Provide capabilities to secure the cyber domain, assure end-to-end information and
enable decision superiority
Rapidly and proactively field
innovative capabilities to stay ahead of the
Cyber threat
Maintain a world-class Information Assurance workforce equipped to
achieve acquisition excellence in a dynamic
environment
Achieve synergistic partnerships with
requirements’ owners, resource sponsors
and end-users
PEO C4I PMW 130Information Assurance and Cyber Security
Strategic Priorities
7
PMW 130 Information Assurance and Cyber Security
DEPUTY PMCAPT Donald Harder
Acquisition Mgr
Technical Dir. PEO DDAA
Dir Ops
BFM Lead
APM-E
APM-L
Cyber Security Liaison
APM-C
BFM Support
Install ResourceManager
APM- S&T
PROGRAM MANAGERKevin McNally
§
Crypto Voice
Key Management
Crypto & Key Management
Crypto Products
Crypto Data
PKI
Crypto Mod
Ports & ProtocolsNetwork Security
Network Security
CND Afloat
NMCI/NGEN IA
DIACAP
Network SecurityIntegration
CND Ashore
Security Mgt
Radiant Mercury
8
9
PEO C4I PMW 130Our Portfolio
• OPNAVINST 5239.1C, Navy IA Program: Navy IA Technical Lead; Systems Security Engineering; IA
Requirements; IA Products
AcquisitionAuthority
RoleCrypto Voice
Electronic KeyMgt System
Computer NetworkDefense (CND)
Crypto
Technical LeadRole
CND Defense in
Depth
On-LineServices
IA Pubs
INFOSECHelpdesk
System Security Engineering
SEA SHORE
SPACE
AIR
WARFIGHTER
SENSORSNETWORKS
DECISION AIDS WEAPONS
SEABED
TRANSFORMING I NFORMATI ON I NTO COMBAT POWERFORCENET
IA Technical Support
OPNAV
CFFC
NAVCYBERFOR
SYSCOMs
PEO-EIS
PEO-C4ICrypto Mod
Program Office
Public KeyInfrastructure
Radiant Mercury
NETWARCOMFLTCYBERCOM
What Is Cyber?
• Any process, program, or protocol relating to the use of the Internet or an intranet, automatic data processing or transmission, or telecommunication via the Internet or an intranet; and
• Any matter relating to, or involving the use of, computers or computer networks
10
From the S.773 Bill, Cybersecurity Act of 2009:
"The office of the Chief of Naval Operations must be organized to achieve the integration and innovation necessary for warfighting
dominance across the full spectrum of operations at sea, under sea, in the air, in the littorals, and in the cyberspace and information
domains.“ -Adm. Gary Roughead, Chief of Naval Operations
Why Cyber Matters?
• 1 trillion URLs (Uniform Resource Locator, like www.)• Greater than 210 billion emails are sent every day• Over 2 billion Google searches are conducted each day• Over 1.7 billion Internet users• DoD users make 1 billion+ Internet connections each day, passing
40TB of data• Symantec: 458K new malware code signatures from APR-JUN 2010• Adversaries are continuously improving their cyber attack capabilities
using many commonly available tools
11
Cyber security is vital to our warfighting capability
"If the nation went to war today in a cyber war, we would lose. - Admiral Mike McConnell (retired), 23 Feb 2010
The ThreatAnatomy of a Common Attack
• Scan/map network• Find vulnerabilities (often using automated tools)• Establish foothold on computer• Escalate privileges on the network• Pwnd• Put measures in place to hide tracks (erase logs,
etc.)• Expand on network (gather info, insert malware,
zombies, use to spam, etc)
12
Sop
hist
icat
ion
Time
CONFICKER.AHTTP Command & Control
No Software Armoring
CONFICKER.B+ Password Cracking
+ USB Infection Vector+ Primitive Peer-to-Peer Comms
Anti-Virus CountermeasuresSoftware Update Countermeasures
Code Cryptography
CONFICKER.D50K Domains
+ Improved HTTP Command & Control+ Robust Peer-to-Peer Comms
Kills Security SoftwareMalware Analysis Countermeasures
21 Nov 08 30 Dec 08 6 Mar 0920 Feb 09
CONFICKER.CDirect Update Feature
CONFICKER.ESpam
“Scareware”
7 Apr 09
CONFICKER ExampleSpeed of Adversary Weaponization
We need to be agile and resilient
5 versionsin 5 months –
each more capable
13
Time
CONFICKER vs AcquisitionSpeed of Fielding
• 30 variants could have been developed before IOC• 80 variants could have been developed before FOC
2 years 3 yearsDay One 1 year
Sop
hist
icat
ion
4 years 5 years 6 years 7 years 8 years
Initiation IOC FOC
Dramatization:Each red dotis a possible
variant
14
How We Do Acquisition Today
• Current DoD 5000 model built for acquisition for ships, aircraft and weapons systems Requirements and oversight based upon risk
reduction• This model does not work for IT or Cyber
Defense COTS insertion model is low risk (cost-wise) IT lifecycle ~3 years, then EOL Cyber attack tools progress rapidly
15
DSB Task Force March 2009 Proposed Acquisition Model
Rapid COTS InsertionNew capabilities fielded incrementally
Prototyping and Experimentation16
17
New Acquisition Approach
• Advantages Keep pace with technology Get ahead of EOL challenge Rapid introduction of new commercial products and S&T Closer pace to changing cyber threat
• Challenges Requirements, Funding and POM Testing, Certification and Accreditation SHIPMAIN
• Challenges unique to the Afloat Environment Availability schedules Configuration Management/Change Control and Patching Millennial sailors Training Shipboard is NOT a test environment
18
Current Acquisition Status
• Crypto Mod for the Navy, USMC, USCG, and MSC. Aging equipment Consolidate families of cryptographic devices
• Currently fielding CND Inc 1 HBSS, HIDS, NIDS, Firewalls, NIPS
• Navy CND Increment 2 builds and adds upon the Increment 1 capabilities Defense-in-Depth (DiD) Situational awareness Anomalies and attacks assessment CND command and control (C2) Expect Milestone C decision in FY11
• CDS Navy continues to recognize the importance of RM's Cross
Domain transfer capability in support of Navy, Joint, National and Coalition operations.
IA Concerns on the Horizon
• Cloud security• Wireless/handheld devices• Social networking
Facebook, Twitter, LinkedIn, Foursquare• Advanced spear phishing
Targeted with some accurate information• Web enabled applications/application
security Cross-site scripting
19
20
IA Concerns on the Horizon cont.
• SOA Environment• More IA Integration into Applications• Identity Management
Role Based Access• Sensor management
Correlating the data of multiple sensors Analyzing the data
• Move to a more proactive position
Cyber Defense and the NavyWhat Lies Ahead
• Moving from reactive to predictive
• Speed of incident handling• Cyber COP• Identifying network
anomalies• Navigating the acquisition
process
Proactive and Predictive Cyber Defense21
PMW 130 Government / Industry Exchange
• An opportunity for industry to present products they feel may be of interest to PMW 130
• Attendees include PMW 130 senior leadership, SPAWAR and PEO C4I invitees, and other PMW 130 personnel (Assistant Program Managers, engineers, etc.)
• Held once a month • 50 minutes, including Q&A• Please contact Carol Cooper at
22
Summary
• IA and Cyber are now getting serious attention• Threat cycle vs. acquisition cycle• New IT acquisition model has promise• Must overcome cultural challenges in
requirements, acquisition, contracting, testing, C&A, and fielding
• Moving from reactive to proactive• PEO C4I and PMW 130 welcome collaboration
across government, commercial, academia and other stakeholders
23PEOC4I.NAVY.MIL
We get it.We also integrate it, install it and support it. For today and tomorrow.
24
25
PEO C4I Mission
Provide integrated communication and
information technology systems that enable
Information Dominance and the command and
control of maritime forces
Information Dominance ChallengeExponential Data Growth Outpaces Infrastructure
GIG Data Capacity (Services, Transport & Storage)
UUVs
Sens
or D
ata
Volum
e2000 2005 2010 2015 & Beyond
PREDATOR UAV VIDEOGLOBAL HAWK DATA
Future Sensor X
Future Sensor Y
Future Sensor Z
Theater Data Stream (2006):~270 TB of NTM data / year
1018
1012
1024
1015
1021
FIRESCOUT VTUAV DATA
Capability Gap
Current single mode fiber carries 960 Gpbs
Max of 50 Mbps per channel
Time to transfer one terabyte of data = 8,796,093,022,208 or 8.8E+12 bitsMax Transfer
(bits/sec) Seconds Minutes Hours Days
50 megabit bps WGS Channel 40,000,000 219,902 3,665 61 3
155 megabit bps service 62,000,000 141,872 2,365 39 210 gigabit bps service 4,000,000,000 2,199 37 1Large Data JCTD 8,500,000,000 1,035 1740 gigabit bps service 16,000,000,000 550 9100 gigabit bps service 40,000,000,000 220 4
26