80 likes | 351 Views
Information Assurance. Opportunities and Requirements. Doug Jimenez, IA Division Director Mary Mayonado, CISSP, IA Program Manager Marla Shipley, CND/aXiom Program Manager January 8, 2010. SAIC James Business Unit Information Assurance Overview. Information Assurance (IA Division)
E N D
Information Assurance Opportunities and Requirements Doug Jimenez, IA Division Director Mary Mayonado, CISSP, IA Program Manager Marla Shipley, CND/aXiom Program Manager January 8, 2010
SAIC James Business Unit Information Assurance Overview • Information Assurance (IA Division) • Doug Jimenez, Division Director • 200+ employees supporting SPAWAR Systems Center Atlantic, NAVAIR, and their sponsors • 42m annually • DOD 8570 Compliant Workforce • Certified Information Systems Security Professionals (CISSP) • CISSP/Information System Security Engineering Professional (CISSP-ISSEP) • Security Plus • Vendor Certifications • Fully Qualified Navy Certification Agents
Core Routing and Switching _ vendor independent Integration Support Routers/Switches IDS/IPS Application Proxy Firewalls Remote access solutions Secure Wireless (Survey, Design, and Integration) LAN Infrastructure Service Oriented Architectures (SOA)/Cloud Computing Virtualization/Data Centers Application Development/Programming (JAVA, Pearl) UNIX Services Sharepoint/Web hosting IPv6 readiness and implementation General Programming/Network Support SPAWAR Atlantic and Sponsors
Why Are We Here? • High Demand for IA savvy employees • Relocation Costs • High Training Costs • Lost Revenue • We Could Do So Much More if Education/Academia and Industry were better aligned • Capture more of those high school students who want IT/IA careers • Create more jobs for the State of SC • Less Relocation/Bringing in talent from outside • Chance for Recognition as a center of excellence for IA
What do we need from Academia(Education/Skill sets needed) • Graduates who understand and are able to develop a secure IT solution, a comprehensive understanding of underlying principles is the foundation • Networking, TCP/IP fundamentals • Programming, secure coding techniques • System Engineering – for the entire lifecycle • Configuration Management processes and techniques • Legal Issues in Information Assurance • Forensics • HIPAA • Privacy Act • Compliance issues – vary by customer
Shortfall Areas/Potential Research Areas • Cross Domain/Multilevel Security • We have to share data across organizations, this is still a major area of challenge • Active Network Defense • Within ethical and legal guidelines • Event Correlation • Gathering attack data across diverse networks to develop comprehensive threat/risk picture • Anti-Tamper • Need to develop additional techniques to guard against reverse engineering hardware and software • Improved IA techniques for Weapons Systems • Confidentiality – generally o.k. • Integrity – area of improvement • Availability – area of improvement
SAIC 5617 North Rhett Avenue North Charleston, SC 29406 843.740.4600 843.308.0466 – fax Mary.o.mayonado@saic.com Marla.h.shipley@saic.com Douglas.w.jimenez@saic.com www.saic.com For More Information