Information Dominance Anytime, Anywhere…

PEOC4I.NAVY.MIL

Program Executive OfficeCommand, Control, Communications, Computers and Intelligence (PEO C4I)

15 September 2010Kevin McNally

Program Manager (PMW 130)(858) 537-0682

kevin.mcnally@navy.mil

Program Executive OfficeCommand, Control, Communications, Computers and Intelligence (PEO C4I)

Navy Information Assurance and Cyber Security

Statement A: Approved for public release; distribution is unlimited (9 SEPTEMBER 2010)

Agenda

• Changes in our Community

• PEO C4I and PMW 130

• Why Cyber Matters

• The Threat

• The Acquisition Process Today

• Way Ahead for Cyber Acquisition

• Challenges

• IA Concerns on the Horizon

• Q&A 2

3

The Drive to Information Dominance

The Economist

Changes in our Community

“…we must embrace innovation, be willing to test and evaluate new concepts, and ultimately, resource and support game-changing technologies, processes, and information capabilities. Our goal: to achieve command and control overmatch against all adversaries. If we’re reaching for something less than that, we aren’t trying hard enough…”

-VADM Dorsett, DCNO (N2/N6)

4

5

PEO C4I Organizational Structure

Special Assistant for MDA – Andy Farrar

Chief of Staff – CAPT Gary Galloway DPEO Acquisition Management – John MetzgerDPEO Manpower & Budget – Susie DrewDPEO Strategic Mgmt & Process Improvement – Aaron WhitakerDPEO Platform Integration & Modernization – VacantDPEO Technical Direction & Program Integration – Charlie Suggs

APEO Contracts (2.0) – Trelli DavisAPEO Logistics (4.0) - Sean ZionAPEO Engineering (5.0) – Wendy SmidtAPEO S&T (7.0) - John McDonnell

SPAWAR Space Field Activity

SSC Pacific

SSC Atlantic

CURRENT READINESS REPORTING PEO C4I

RDML Jerry Burroughs

SPAWARRADM P. Brady

VICE DEPUTY

PRINCIPAL DEPUTY

INTELLIGENCEMr. Terry Simpson

PRINCIPAL MILITARY DEPUTY

CAPT John Pope

ASN(RDA)Assistant Secretary of the Navy

(Research, Development & Acquisition)

CNOChief of Naval Operations

Updated 10 September 2010

International C4I Integration

PMW 740 Steve Bullard

Joe Orechovesky

NIPO

Carrier and Air Integration PMW 750

Mark Evangelista (Acting) Cheryl Carlton (Acting)

NAE

Ship IntegrationPMW 760

CAPT Ken RitterBill Farmer

SWE

Submarine Integration PMW 770 CAPT Dean Richter

Maria Cuin

USENECE

Shore and Expeditionary Integration

PMW 790Ruth Youngs LewCDR Allan Walters

Allen Armstrong

Command and Control PMW 150

CAPT Steve McPhillips Jim Churchill

Tactical Networks PMW 160

CAPT DJ LeGoff CDR William “Ben” McNeal

Communications PMW 170 Vince Squitieri CAPT (Sel) Mark Glover

NIDE NIDE NIDE

Information Assurance and Cyber Security PMW 130 Kevin McNally

CAPT Don Harder

NIDE

Battlespace Awareness & Information Operations PMW 120 CAPT Bob Parker

Mark Reinig

NIDE

6

About PEO C4I

Workforce•Civilian: 214•Military: 71

Programs - Total: 122•ACAT I: 8* •ACAT II: 6 •ACAT III & Below: 106•Rapid Deployment Capabilities (RDCs): 2*Includes: IAC – 3 IAM – 2 (1-DISA/1-PEO C4I)

IC – 2 Pre-MAIS/MDAP – 1

Platforms Supported – FY10•Afloat: 228 •Shore: 349 •Expeditionary: 34

Navy C4I Key Facts

More than 5,200 radios fielded More than 2,500 annual installations More than 700 applications supported Average/fielded bandwidth capability

Carrier: 4 mbps - 24mbpsDestroyer: 512 kbps - 8mbpsSubmarine: 128 kbps

Average technology refresh18 months

Average time to market Initial fielding: 36 monthsFull Fielding: 8-10 years

updated 23 August 2010

Minimize total ownership cost of a

secure Cyber Domain

PMW 130Strategic Priorities

COST SPEED WORKFORCE CUSTOMER

GOALS

PMW 130 Vision:Securing the Cyber Domain

PMW 130 Mission: Provide capabilities to secure the cyber domain, assure end-to-end information and

enable decision superiority

Rapidly and proactively field

innovative capabilities to stay ahead of the

Cyber threat

Maintain a world-class Information Assurance workforce equipped to

achieve acquisition excellence in a dynamic

environment

Achieve synergistic partnerships with

requirements’ owners, resource sponsors

and end-users

PEO C4I PMW 130Information Assurance and Cyber Security

Strategic Priorities

7

PMW 130 Information Assurance and Cyber Security

DEPUTY PMCAPT Donald Harder

Acquisition Mgr

Technical Dir. PEO DDAA

Dir Ops

BFM Lead

APM-E

APM-L

Cyber Security Liaison

APM-C

BFM Support

Install ResourceManager

APM- S&T

PROGRAM MANAGERKevin McNally

§

Crypto Voice

Key Management

Crypto & Key Management

Crypto Products

Crypto Data

PKI

Crypto Mod

Ports & ProtocolsNetwork Security

Network Security

CND Afloat

NMCI/NGEN IA

DIACAP

Network SecurityIntegration

CND Ashore

Security Mgt

Radiant Mercury

8

9

PEO C4I PMW 130Our Portfolio

• OPNAVINST 5239.1C, Navy IA Program: Navy IA Technical Lead; Systems Security Engineering; IA

Requirements; IA Products

AcquisitionAuthority

RoleCrypto Voice

Electronic KeyMgt System

Computer NetworkDefense (CND)

Crypto

Technical LeadRole

CND Defense in

Depth

On-LineServices

IA Pubs

INFOSECHelpdesk

System Security Engineering

SEA SHORE

SPACE

AIR

WARFIGHTER

SENSORSNETWORKS

DECISION AIDS WEAPONS

SEABED

TRANSFORMING I NFORMATI ON I NTO COMBAT POWERFORCENET

IA Technical Support

OPNAV

CFFC

NAVCYBERFOR

SYSCOMs

PEO-EIS

PEO-C4ICrypto Mod

Program Office

Public KeyInfrastructure

Radiant Mercury

NETWARCOMFLTCYBERCOM

What Is Cyber?

• Any process, program, or protocol relating to the use of the Internet or an intranet, automatic data processing or transmission, or telecommunication via the Internet or an intranet; and

• Any matter relating to, or involving the use of, computers or computer networks

10

From the S.773 Bill, Cybersecurity Act of 2009:

"The office of the Chief of Naval Operations must be organized to achieve the integration and innovation necessary for warfighting

dominance across the full spectrum of operations at sea, under sea, in the air, in the littorals, and in the cyberspace and information

domains.“ -Adm. Gary Roughead, Chief of Naval Operations

Why Cyber Matters?

• 1 trillion URLs (Uniform Resource Locator, like www.)• Greater than 210 billion emails are sent every day• Over 2 billion Google searches are conducted each day• Over 1.7 billion Internet users• DoD users make 1 billion+ Internet connections each day, passing

40TB of data• Symantec: 458K new malware code signatures from APR-JUN 2010• Adversaries are continuously improving their cyber attack capabilities

using many commonly available tools

11

Cyber security is vital to our warfighting capability

"If the nation went to war today in a cyber war, we would lose. - Admiral Mike McConnell (retired), 23 Feb 2010

The ThreatAnatomy of a Common Attack

• Scan/map network• Find vulnerabilities (often using automated tools)• Establish foothold on computer• Escalate privileges on the network• Pwnd• Put measures in place to hide tracks (erase logs,

etc.)• Expand on network (gather info, insert malware,

zombies, use to spam, etc)

12

Sop

hist

icat

ion

Time

CONFICKER.AHTTP Command & Control

No Software Armoring

CONFICKER.B+ Password Cracking

+ USB Infection Vector+ Primitive Peer-to-Peer Comms

Anti-Virus CountermeasuresSoftware Update Countermeasures

Code Cryptography

CONFICKER.D50K Domains

+ Improved HTTP Command & Control+ Robust Peer-to-Peer Comms

Kills Security SoftwareMalware Analysis Countermeasures

21 Nov 08 30 Dec 08 6 Mar 0920 Feb 09

CONFICKER.CDirect Update Feature

CONFICKER.ESpam

“Scareware”

7 Apr 09

CONFICKER ExampleSpeed of Adversary Weaponization

We need to be agile and resilient

5 versionsin 5 months –

each more capable

13

Time

CONFICKER vs AcquisitionSpeed of Fielding

• 30 variants could have been developed before IOC• 80 variants could have been developed before FOC

2 years 3 yearsDay One 1 year

Sop

hist

icat

ion

4 years 5 years 6 years 7 years 8 years

Initiation IOC FOC

Dramatization:Each red dotis a possible

variant

14

How We Do Acquisition Today

• Current DoD 5000 model built for acquisition for ships, aircraft and weapons systems Requirements and oversight based upon risk

reduction• This model does not work for IT or Cyber

Defense COTS insertion model is low risk (cost-wise) IT lifecycle ~3 years, then EOL Cyber attack tools progress rapidly

15

DSB Task Force March 2009 Proposed Acquisition Model

Rapid COTS InsertionNew capabilities fielded incrementally

Prototyping and Experimentation16

17

New Acquisition Approach

• Advantages Keep pace with technology Get ahead of EOL challenge Rapid introduction of new commercial products and S&T Closer pace to changing cyber threat

• Challenges Requirements, Funding and POM Testing, Certification and Accreditation SHIPMAIN

• Challenges unique to the Afloat Environment Availability schedules Configuration Management/Change Control and Patching Millennial sailors Training Shipboard is NOT a test environment

18

Current Acquisition Status

• Crypto Mod for the Navy, USMC, USCG, and MSC. Aging equipment Consolidate families of cryptographic devices

• Currently fielding CND Inc 1 HBSS, HIDS, NIDS, Firewalls, NIPS

• Navy CND Increment 2 builds and adds upon the Increment 1 capabilities Defense-in-Depth (DiD) Situational awareness Anomalies and attacks assessment CND command and control (C2) Expect Milestone C decision in FY11

• CDS Navy continues to recognize the importance of RM's Cross

Domain transfer capability in support of Navy, Joint, National and Coalition operations.

IA Concerns on the Horizon

• Cloud security• Wireless/handheld devices• Social networking

Facebook, Twitter, LinkedIn, Foursquare• Advanced spear phishing

Targeted with some accurate information• Web enabled applications/application

security Cross-site scripting

19

20

IA Concerns on the Horizon cont.

• SOA Environment• More IA Integration into Applications• Identity Management

Role Based Access• Sensor management

Correlating the data of multiple sensors Analyzing the data

• Move to a more proactive position

Cyber Defense and the NavyWhat Lies Ahead

• Moving from reactive to predictive

• Speed of incident handling• Cyber COP• Identifying network

anomalies• Navigating the acquisition

process

Proactive and Predictive Cyber Defense21

PMW 130 Government / Industry Exchange

• An opportunity for industry to present products they feel may be of interest to PMW 130

• Attendees include PMW 130 senior leadership, SPAWAR and PEO C4I invitees, and other PMW 130 personnel (Assistant Program Managers, engineers, etc.)

• Held once a month • 50 minutes, including Q&A• Please contact Carol Cooper at

Cooper_carolyn@bah.com

22

Summary

• IA and Cyber are now getting serious attention• Threat cycle vs. acquisition cycle• New IT acquisition model has promise• Must overcome cultural challenges in

requirements, acquisition, contracting, testing, C&A, and fielding

• Moving from reactive to proactive• PEO C4I and PMW 130 welcome collaboration

across government, commercial, academia and other stakeholders

23PEOC4I.NAVY.MIL

We get it.We also integrate it, install it and support it. For today and tomorrow.

24

25

PEO C4I Mission

Provide integrated communication and

information technology systems that enable

Information Dominance and the command and

control of maritime forces

Information Dominance ChallengeExponential Data Growth Outpaces Infrastructure

GIG Data Capacity (Services, Transport & Storage)

UUVs

Sens

or D

ata

Volum

e2000 2005 2010 2015 & Beyond

PREDATOR UAV VIDEOGLOBAL HAWK DATA

Future Sensor X

Future Sensor Y

Future Sensor Z

Theater Data Stream (2006):~270 TB of NTM data / year

1018

1012

1024

1015

1021

FIRESCOUT VTUAV DATA

Capability Gap

Current single mode fiber carries 960 Gpbs

Max of 50 Mbps per channel

Time to transfer one terabyte of data = 8,796,093,022,208 or 8.8E+12 bitsMax Transfer

(bits/sec) Seconds Minutes Hours Days

50 megabit bps WGS Channel 40,000,000 219,902 3,665 61 3

155 megabit bps service 62,000,000 141,872 2,365 39 210 gigabit bps service 4,000,000,000 2,199 37 1Large Data JCTD 8,500,000,000 1,035 1740 gigabit bps service 16,000,000,000 550 9100 gigabit bps service 40,000,000,000 220 4

26