110 likes | 240 Views
DoD’s Cyber Innovation and Private Sector Partnership Framework. Objective. Accelerate DoD’s ability to consume and provide innovation to improve its cyber security Leveraging & Improving Classic Acquisition Models Operating at the Speed of Innovation in the World of Cyber.
E N D
DoD’s Cyber Innovation and Private Sector Partnership Framework
Objective Accelerate DoD’s ability to consume and provide innovation to improve its cyber security • Leveraging & Improving Classic Acquisition Models • Operating at the Speed of Innovation in the World of Cyber
DoD Lines of Operation Long-Term Approach: The DOD Innovation Framework Identify Innovation Connect Innovation to Opportunity 3. Conduct Pilots to Cultivate Cyber Innovation/Disseminate Advanced Cyber Defense Practices 4. Find the Next Cyber Wave
DoD Lines of Operation FY 2012/3Activities • FY 2012 Lines of Operation • Catalogue existing programs and activities to include appropriate connection to those in other Federal agencies such as DHS • Refine DOD innovation requirements definition (i.e. establish the Cyber Bucket List) • Develop framework for coordinating efforts within DOD and with partners • Utilize outreach activities to link to Service/Agency program offices and S&T activities • Conduct cyber pilots • FY 13 Lines of Operation: • Leverage Cyber Legislation/Regulation with a focus on DFAR • Establish Innovation Program Metrics • Deeper participation by the full Cyber Community of Interest with a focus on Service acquisition and S&T efforts Unclassified
Why are you here? (i.e. what is your Strategy) Situation 1 The Experienced Government Vendor Focus on injecting innovation through the normal process • Notional Buckets • Situational Awareness • Mobility • PKI • LE/CI/DCO • Exploit • Attack • Hardware • https://www.fbo.gov/ • The Center of Gravity Situation 2 The Small Innovators Enable them to play if they care about USG business • What is your Product or Service and is it holistic or a Piece Part? • Tied to GSA Announcement? • Y • N • Holistic Strategy • Piece Part Strategy • Is it tied to legislation? • GSA • You have no clue • Set Aside • Y • N • Build Value and Sell • Build Value and Hold • Which bucket does it fit under? • Sub to a Major • Monitor Legislation • GFE to a Major Our focus is the Innovators
What is your Strategy? Basic Stuff You Need to Know about Your Product or Service Why do you want to do business with the USG? How is your non-USG business going? What bucket does your Product or Service fit in (and is it holistic or a piece part)? What specific examples of deployments do you have? What is your gross revenue? Who has similar products/services?
What is DoD looking for? Notional Concept of Cyber Buckets by operational areas
What is DoD looking for? Notional Concept of Cyber Buckets by functional areas Secure Configuration Management Continuous Monitoring Host Based Security Systems Cyber Security Inspection Programs Enterprise AV DoD/Fed DMZ USG Configuration Baseline Insider Threat Detection COP/SA IA Training/Workforce Management Use these buckets to your product/service
Current DOD Cyber Pilots • Non-signature based perimeter defenses • Non-signature based endpoint defense • Enclave security policy • Secure and Resilient Cloud • Mobility and Identity in an unmanaged endpoint environment • Persistent cryptographic tagging for data loss prevention
Observations and Sequels Extremely diverse corporate cultures and processes among large and small companies seeking to provide DOD innovation Incredible drive/passion of innovators &academics in cyber security Very large R&D spend/corporate reserves in US IT focused industry – DOD needs to leverage this investment Market share and focus devoted to USG on average is very small Possible bi-lat/multi-lateral CRADAs (Cooperative Research and Development Agreements)? Develop USG inter-agency partnerships with Silicon Valley (DHS/DNI/In-Q-Tel) Ensure coordination for new/renewed DOD innovation efforts