280 likes | 991 Views
Program Executive Office Command, Control, Communications, Computers and Intelligence (PEO C4I) Navy Information Assurance and Cyber Security. 15 September 2010 Kevin McNally Program Manager (PMW 130) (858) 537-0682 kevin.mcnally@navy.mil.
E N D
Program Executive Office Command, Control, Communications, Computers and Intelligence (PEO C4I) Navy Information Assurance and Cyber Security 15 September 2010 Kevin McNally Program Manager (PMW 130) (858) 537-0682 kevin.mcnally@navy.mil Statement A: Approved for public release; distribution is unlimited (9 SEPTEMBER 2010)
Agenda • Changes in our Community • PEO C4I and PMW 130 • Why Cyber Matters • The Threat • The Acquisition Process Today • Way Ahead for Cyber Acquisition • Challenges • IA Concerns on the Horizon • Q&A
The Drive to Information Dominance The Economist
Changes in our Community “…we must embrace innovation, be willing to test and evaluate new concepts, and ultimately, resource and support game-changing technologies, processes, and information capabilities. Our goal: to achieve command and control overmatch against all adversaries. If we’re reaching for something less than that, we aren’t trying hard enough…” VADM Dorsett, DCNO (N2/N6) 4
PEO C4I Organizational Structure ASN(RDA) Assistant Secretary of the Navy (Research, Development & Acquisition) CNO Chief of Naval Operations SPAWAR RADM P. Brady VICE DEPUTY PEO C4I RDML Jerry Burroughs CURRENT READINESS REPORTING Special Assistant for MDA – Andy Farrar Chief of Staff – CAPT Gary Galloway DPEO Acquisition Management – John Metzger DPEO Manpower & Budget – Susie Drew DPEO Strategic Mgmt & Process Improvement – Aaron Whitaker DPEO Platform Integration & Modernization – Vacant DPEO Technical Direction & Program Integration – Charlie Suggs APEO Contracts (2.0) – Trelli Davis APEO Logistics (4.0) - Sean Zion APEO Engineering (5.0) – Wendy Smidt APEO S&T (7.0) - John McDonnell SSC Atlantic PRINCIPAL MILITARY DEPUTY CAPT John Pope PRINCIPAL DEPUTY INTELLIGENCE Mr. Terry Simpson SSC Pacific SPAWAR Space Field Activity Command and Control PMW 150 CAPT Steve McPhillips Jim Churchill Tactical Networks PMW 160 CAPT DJ LeGoff CDR William “Ben” McNeal Communications PMW 170 Vince Squitieri CAPT (Sel) Mark Glover Information Assurance and Cyber SecurityPMW 130 Kevin McNally CAPT Don Harder Battlespace Awareness & Information Operations PMW 120 CAPT Bob Parker Mark Reinig NIDE NIDE NIDE NIDE NIDE Shore and Expeditionary Integration PMW 790 Ruth Youngs Lew CDR Allan Walters Allen Armstrong International C4I Integration PMW 740 Steve Bullard Joe Orechovesky Carrier and Air Integration PMW 750 Mark Evangelista (Acting) Cheryl Carlton (Acting) Ship Integration PMW 760 CAPT Ken Ritter Bill Farmer Submarine Integration PMW 770 CAPT Dean Richter Maria Cuin SWE USE NAE NIPO NECE Updated 10 September 2010
About PEO C4I • Navy C4I Key Facts • More than 5,200 radios fielded • More than 2,500 annual installations • More than 700 applications supported • Average/fielded bandwidth capability • Carrier: 4 mbps - 24mbps • Destroyer: 512 kbps - 8mbps • Submarine: 128 kbps • Average technology refresh • 18 months • Average time to market • Initial fielding: 36 months • Full Fielding: 8-10 years • Workforce • Civilian: 214 • Military: 71 • Programs - Total: 122 • ACAT I: 8* • ACAT II: 6 • ACAT III & Below: 106 • Rapid Deployment Capabilities (RDCs): 2 • *Includes: IAC – 3 IAM – 2 (1-DISA/1-PEO C4I) • IC – 2 Pre-MAIS/MDAP – 1 • Platforms Supported – FY10 • Afloat: 228 • Shore: 349 • Expeditionary: 34 updated 23 August 2010
PEO C4I PMW 130 Information Assurance and Cyber Security PMW 130Strategic Priorities Strategic Priorities PMW 130 Vision: Securing the Cyber Domain PMW 130 Mission: Provide capabilities to secure the cyber domain, assure end-to-end information and enable decision superiority GOALS Maintain a world-class Information Assurance workforce equipped to achieve acquisition excellence in a dynamic environment Achieve synergistic partnerships with requirements’ owners, resource sponsors and end-users Minimize total ownership cost of a secure Cyber Domain Rapidly and proactively field innovative capabilities to stay ahead of the Cyber threat COST SPEED WORKFORCE CUSTOMER
PMW 130 Information Assurance and Cyber Security PROGRAM MANAGER Kevin McNally DEPUTY PM CAPT Donald Harder Technical Dir. PEO DDAA Crypto & Key Management Acquisition Mgr Network Security § BFM Lead BFM Support Crypto Mod CND Afloat Crypto Products CND Ashore Cyber Security Liaison Dir Ops Ports & Protocols Network Security Crypto Data Security Mgt Crypto Voice APM-C DIACAP Key Management APM-E NMCI/NGEN IA APM- S&T PKI Network Security Integration APM-L Radiant Mercury Install Resource Manager
PEO C4I PMW 130Our Portfolio • OPNAVINST 5239.1C, Navy IA Program: • Navy IA Technical Lead; Systems Security Engineering; IA Requirements; IA Products IA Technical Support System Security Engineering Computer Network Defense (CND) NAVCYBERFOR FLTCYBERCOM Crypto CND Defense in Depth Public Key Infrastructure On-Line Services NETWARCOM Acquisition Authority Role Technical Lead Role CFFC PEO-EIS Radiant Mercury Electronic Key Mgt System IA Pubs OPNAV Crypto Mod Program Office PEO-C4I Crypto Voice INFOSEC Helpdesk SYSCOMs
What Is Cyber? From the S.773 Bill, Cybersecurity Act of 2009: • Any process, program, or protocol relating to the use of the Internet or an intranet, automatic data processing or transmission, or telecommunication via the Internet or an intranet; and • Any matter relating to, or involving the use of, computers or computer networks "The office of the Chief of Naval Operations must be organized to achieve the integration and innovation necessary for warfighting dominance across the full spectrum of operations at sea, under sea, in the air, in the littorals, and in the cyberspace and information domains.“ -Adm. Gary Roughead, Chief of Naval Operations
Why Cyber Matters? "If the nation went to war today in a cyber war, we would lose. - Admiral Mike McConnell (retired), 23 Feb 2010 • 1 trillion URLs (Uniform Resource Locator, like www.) • Greater than 210 billion emails are sent every day • Over 2 billion Google searches are conducted each day • Over 1.7 billion Internet users • DoD users make 1 billion+ Internet connections each day, passing 40TB of data • Symantec: 458K new malware code signatures from APR-JUN 2010 • Adversaries are continuously improving their cyber attack capabilities using many commonly available tools Cyber security is vital to our warfighting capability
The ThreatAnatomy of a Common Attack • Scan/map network • Find vulnerabilities (often using automated tools) • Establish foothold on computer • Escalate privileges on the network • Pwnd • Put measures in place to hide tracks (erase logs, etc.) • Expand on network (gather info, insert malware, zombies, use to spam, etc)
CONFICKER ExampleSpeed of Adversary Weaponization CONFICKER.E Spam “Scareware” CONFICKER.D 50K Domains + Improved HTTP Command & Control + Robust Peer-to-Peer Comms Kills Security Software Malware Analysis Countermeasures Sophistication CONFICKER.C Direct Update Feature 5 versions in 5 months – each more capable CONFICKER.B + Password Cracking + USB Infection Vector + Primitive Peer-to-Peer Comms Anti-Virus Countermeasures Software Update Countermeasures Code Cryptography CONFICKER.A HTTP Command & Control No Software Armoring Time 21 Nov 08 30 Dec 08 20 Feb 09 6 Mar 09 7 Apr 09 We need to be agile and resilient
CONFICKER vs AcquisitionSpeed of Fielding Dramatization: Each red dot is a possible variant Sophistication FOC IOC Initiation Time 1 year 3 years 2 years Day One 4 years 5 years 6 years 7 years 8 years • 30 variants could have been developed before IOC • 80 variants could have been developed before FOC
How We Do Acquisition Today • Current DoD 5000 model built for acquisition for ships, aircraft and weapons systems • Requirements and oversight based upon risk reduction • This model does not work for IT or Cyber Defense • COTS insertion model is low risk (cost-wise) • IT lifecycle ~3 years, then EOL • Cyber attack tools progress rapidly
DSB Task Force March 2009 Proposed Acquisition Model Rapid COTS Insertion New capabilities fielded incrementally Prototyping and Experimentation
New Acquisition Approach • Advantages • Keep pace with technology • Get ahead of EOL challenge • Rapid introduction of new commercial products and S&T • Closer pace to changing cyber threat • Challenges • Requirements, Funding and POM • Testing, Certification and Accreditation • SHIPMAIN • Challenges unique to the Afloat Environment • Availability schedules • Configuration Management/Change Control and Patching • Millennial sailors • Training • Shipboard is NOT a test environment
Current Acquisition Status • Crypto Mod for the Navy, USMC, USCG, and MSC. • Aging equipment • Consolidate families of cryptographic devices • Currently fielding CND Inc 1 • HBSS, HIDS, NIDS, Firewalls, NIPS • Navy CND Increment 2 builds and adds upon the Increment 1 capabilities • Defense-in-Depth (DiD) • Situational awareness • Anomalies and attacks assessment • CND command and control (C2) • Expect Milestone C decision in FY11 • CDS • Navy continues to recognize the importance of RM's Cross Domain transfer capability in support of Navy, Joint, National and Coalition operations.
IA Concerns on the Horizon • Cloud security • Wireless/handheld devices • Social networking • Facebook, Twitter, LinkedIn, Foursquare • Advanced spear phishing • Targeted with some accurate information • Web enabled applications/application security • Cross-site scripting
IA Concerns on the Horizon cont. • SOA Environment • More IA Integration into Applications • Identity Management • Role Based Access • Sensor management • Correlating the data of multiple sensors • Analyzing the data • Move to a more proactive position
Cyber Defense and the NavyWhat Lies Ahead • Moving from reactive to predictive • Speed of incident handling • Cyber COP • Identifying network anomalies • Navigating the acquisition process Proactive and Predictive Cyber Defense
PMW 130 Government / Industry Exchange • An opportunity for industry to present products they feel may be of interest to PMW 130 • Attendees include PMW 130 senior leadership, SPAWAR and PEO C4I invitees, and other PMW 130 personnel (Assistant Program Managers, engineers, etc.) • Held once a month • 50 minutes, including Q&A • Please contact Carol Cooper at Cooper_carolyn@bah.com
Summary • IA and Cyber are now getting serious attention • Threat cycle vs. acquisition cycle • New IT acquisition model has promise • Must overcome cultural challenges in requirements, acquisition, contracting, testing, C&A, and fielding • Moving from reactive to proactive • PEO C4I and PMW 130 welcome collaboration across government, commercial, academia and other stakeholders PEOC4I.NAVY.MIL
We get it. We also integrate it, install it and support it. For today and tomorrow.
PEO C4I Mission Provide integrated communication and information technology systems that enable Information Dominance and the command and control of maritime forces
Information Dominance ChallengeExponential Data Growth Outpaces Infrastructure 1024 1021 Max of 50 Mbps per channel Future Sensor Z Theater Data Stream (2006): ~270 TB of NTM data / year Sensor Data Volume Current single mode fiber carries 960 Gpbs Future Sensor Y 1018 Future Sensor X Capability Gap 1015 GLOBAL HAWK DATA PREDATOR UAV VIDEO FIRESCOUT VTUAV DATA UUVs 1012 GIG Data Capacity (Services, Transport & Storage) 2000 2005 2010 2015 & Beyond 26