Kevin McNally - The Security Network
Download
Report
Transcript Kevin McNally - The Security Network
Program Executive Office
Command, Control, Communications,
Computers and Intelligence (PEO C4I)
Navy Information Assurance and
Cyber Security
15 September 2010
Kevin McNally
Program Manager (PMW 130)
(858) 537-0682
[email protected]
Statement A: Approved for public release; distribution is unlimited (9 SEPTEMBER 2010)
Information Dominance
Anytime, Anywhere…
PEOC4I.NAVY.MIL
Agenda
• Changes in our Community
• PEO C4I and PMW 130
• Why Cyber Matters
• The Threat
• The Acquisition Process Today
• Way Ahead for Cyber Acquisition
• Challenges
• IA Concerns on the Horizon
• Q&A
2
The Drive to Information Dominance
The Economist
3
Changes in our Community
“…we must embrace innovation, be
willing to test and evaluate new
concepts, and ultimately, resource and
support game-changing technologies,
processes, and information capabilities.
Our goal: to achieve command and
control overmatch against all
adversaries. If we’re reaching for
something less than that, we aren’t
trying hard enough…”
-VADM Dorsett, DCNO (N2/N6)
4
PEO C4I Organizational Structure
ASN(RDA)
CNO
Assistant Secretary of the Navy
(Research, Development & Acquisition)
Chief of Naval Operations
SPAWAR
CURRENT READINESS
RADM P. Brady
VICE
PEO C4I
REPORTING
DEPUTY
RDML Jerry Burroughs
APEO
APEO
APEO
APEO
SSC Atlantic
SSC Pacific
Contracts (2.0) – Trelli Davis
Logistics (4.0) - Sean Zion
Engineering (5.0) – Wendy Smidt
S&T (7.0) - John McDonnell
PRINCIPAL
DEPUTY
INTELLIGENCE
PRINCIPAL
MILITARY
DEPUTY
Mr. Terry Simpson
CAPT John Pope
SPAWAR Space
Field Activity
Special Assistant for MDA – Andy Farrar
Chief of Staff – CAPT Gary Galloway
DPEO Acquisition Management – John Metzger
DPEO Manpower & Budget – Susie Drew
DPEO Strategic Mgmt & Process Improvement – Aaron Whitaker
DPEO Platform Integration & Modernization – Vacant
DPEO Technical Direction & Program Integration – Charlie Suggs
Battlespace Awareness &
Information Operations
PMW 120
CAPT Bob Parker
Mark Reinig
Information Assurance
and Cyber Security
PMW 130
Kevin McNally
CAPT Don Harder
Command and Control
PMW 150
Tactical Networks
PMW 160
Communications
PMW 170
CAPT Steve McPhillips
Jim Churchill
CAPT DJ LeGoff
CDR William “Ben” McNeal
Vince Squitieri
CAPT (Sel) Mark Glover
NIDE
NIDE
NIDE
NIDE
NIDE
International C4I
Integration
PMW 740
Steve Bullard
Joe Orechovesky
Carrier and Air Integration
PMW 750
Ship Integration
PMW 760
Submarine Integration
PMW 770
Mark Evangelista (Acting)
Cheryl Carlton (Acting)
CAPT Ken Ritter
Bill Farmer
CAPT Dean Richter
Maria Cuin
NIPO
NAE
SWE
USE
Shore and Expeditionary
Integration
PMW 790
Ruth Youngs Lew
CDR Allan Walters
Allen Armstrong
NECE
Updated 10 September 2010
5
About PEO C4I
Workforce
• Civilian: 214
• Military: 71
Navy C4I Key Facts
More than 5,200 radios fielded
Programs - Total: 122
• ACAT I: 8*
• ACAT II: 6
• ACAT III & Below: 106
• Rapid Deployment Capabilities
(RDCs): 2
*Includes: IAC – 3
IC – 2
IAM – 2 (1-DISA/1-PEO C4I)
Pre-MAIS/MDAP – 1
Platforms Supported – FY10
• Afloat: 228
• Shore: 349
• Expeditionary: 34
updated 23 August 2010
More than 2,500 annual installations
More than 700 applications supported
Average/fielded bandwidth capability
Carrier: 4 mbps - 24mbps
Destroyer: 512 kbps - 8mbps
Submarine: 128 kbps
Average technology refresh
18 months
Average time to market
Initial fielding: 36 months
Full Fielding: 8-10 years
6
PMW
130130
PEO C4I
PMW
Priorities
InformationStrategic
Assurance and
Cyber Security
Strategic Priorities
PMW 130 Vision:
Securing the Cyber Domain
PMW 130 Mission:
Provide capabilities to secure the cyber domain, assure end-to-end information and
enable decision superiority
GOALS
Minimize total
ownership cost of a
secure Cyber Domain
COST
Rapidly and
proactively field
innovative capabilities
to stay ahead of the
Cyber threat
SPEED
Maintain a world-class
Information Assurance
workforce equipped to
achieve acquisition
excellence in a dynamic
environment
WORKFORCE
Achieve synergistic
partnerships with
requirements’ owners,
resource sponsors
and end-users
CUSTOMER
7
PMW 130
Information Assurance and Cyber Security
PROGRAM MANAGER
Kevin McNally
DEPUTY PM
CAPT Donald Harder
Technical Dir.
PEO DDAA
Crypto &
Key Management
Network Security
§
Acquisition Mgr
CND Afloat
BFM Lead
Crypto Products
CND Ashore
Cyber
Security Liaison
Crypto Data
Ports & Protocols
Network Security
Dir Ops
Crypto Voice
Security Mgt
APM-C
Key Management
DIACAP
APM-E
PKI
NMCI/NGEN IA
APM- S&T
Network Security
Integration
APM-L
Radiant Mercury
Install Resource
Manager
Crypto Mod
BFM Support
8
PEO C4I PMW 130
Our Portfolio
• OPNAVINST 5239.1C, Navy IA Program:
Navy IA Technical Lead; Systems Security Engineering; IA
Requirements; IA Products
IA Technical Support
System Security
Computer Network
NAVCYBERFOR
Defense (CND)
Engineering
FLTCYBERCOM
Crypto
CND
Public Key
On-Line
NETWARCOM
Defense in
Infrastructure
Services
Acquisition
Depth
Technical Lead
CFFC
Authority
Electronic Key
Role
Mgt System
Crypto Voice
Radiant
Mercury
PEO-EIS
OPNAV
PEO-C4I
SYSCOMs
Role
Crypto Mod
Program Office
IA Pubs
INFOSEC
Helpdesk
9
What Is Cyber?
From the S.773 Bill, Cybersecurity Act of 2009:
• Any process, program, or protocol
relating to the use of the Internet or an
intranet, automatic data processing or
transmission, or telecommunication via
the Internet or an intranet; and
• Any matter relating to, or involving the
use of, computers or computer networks
"The office of the Chief of Naval Operations must be organized to
achieve the integration and innovation necessary for warfighting
dominance across the full spectrum of operations at sea, under sea,
in the air, in the littorals, and in the cyberspace and information
domains.“ -Adm. Gary Roughead, Chief of Naval Operations
10
Why Cyber Matters?
"If the nation went to war today in a cyber war, we would lose.
- Admiral Mike McConnell (retired), 23 Feb 2010
• 1 trillion URLs (Uniform Resource Locator, like www.)
• Greater than 210 billion emails are sent every day
• Over 2 billion Google searches are conducted each day
• Over 1.7 billion Internet users
• DoD users make 1 billion+ Internet connections each day, passing
40TB of data
• Symantec: 458K new malware code signatures from APR-JUN 2010
• Adversaries are continuously improving their cyber attack capabilities
using many commonly available tools
Cyber security is vital to our warfighting capability
11
The Threat
Anatomy of a Common Attack
•
•
•
•
•
•
Scan/map network
Find vulnerabilities (often using automated tools)
Establish foothold on computer
Escalate privileges on the network
Pwnd
Put measures in place to hide tracks (erase logs,
etc.)
• Expand on network (gather info, insert malware,
zombies, use to spam, etc)
12
CONFICKER Example
Speed of Adversary Weaponization
CONFICKER.E
Spam
“Scareware”
Sophistication
CONFICKER.D
50K Domains
+ Improved HTTP Command & Control
+ Robust Peer-to-Peer Comms
Kills Security Software
Malware Analysis Countermeasures
CONFICKER.C
Direct Update Feature
CONFICKER.B
+ Password Cracking
+ USB Infection Vector
+ Primitive Peer-to-Peer Comms
Anti-Virus Countermeasures
Software Update Countermeasures
Code Cryptography
5 versions
in 5 months –
each more capable
CONFICKER.A
HTTP Command & Control
No Software Armoring
21 Nov 08
30 Dec 08
20 Feb 09
6 Mar 09
We need to be agile and resilient
7 Apr 09
Time
13
CONFICKER vs Acquisition
Speed of Fielding
Sophistication
Dramatization:
Each red dot
is a possible
variant
Day One
FOC
IOC
Initiation
1 year
2 years
3 years
4 years
5 years
6 years
7 years
8 years
Time
• 30 variants could have been developed before IOC
• 80 variants could have been developed before FOC
14
How We Do Acquisition Today
• Current DoD 5000 model built for
acquisition for ships, aircraft and weapons
systems
Requirements and oversight based upon risk
reduction
• This model does not work for IT or Cyber
Defense
COTS insertion model is low risk (cost-wise)
IT lifecycle ~3 years, then EOL
Cyber attack tools progress rapidly
15
DSB Task Force March 2009
Proposed Acquisition Model
Rapid COTS Insertion
New capabilities fielded incrementally
Prototyping and Experimentation
16
New Acquisition Approach
• Advantages
Keep pace with technology
Get ahead of EOL challenge
Rapid introduction of new commercial products and S&T
Closer pace to changing cyber threat
• Challenges
Requirements, Funding and POM
Testing, Certification and Accreditation
SHIPMAIN
• Challenges unique to the Afloat Environment
Availability schedules
Configuration Management/Change Control and Patching
Millennial sailors
Training
Shipboard is NOT a test environment
17
Current Acquisition Status
• Crypto Mod for the Navy, USMC, USCG, and MSC.
Aging equipment
Consolidate families of cryptographic devices
• Currently fielding CND Inc 1
HBSS, HIDS, NIDS, Firewalls, NIPS
• Navy CND Increment 2 builds and adds upon the Increment 1
capabilities
Defense-in-Depth (DiD)
Situational awareness
Anomalies and attacks assessment
CND command and control (C2)
Expect Milestone C decision in FY11
• CDS
Navy continues to recognize the importance of RM's Cross
Domain transfer capability in support of Navy, Joint, National and
Coalition operations.
18
IA Concerns on the Horizon
• Cloud security
• Wireless/handheld devices
• Social networking
Facebook, Twitter, LinkedIn, Foursquare
• Advanced spear phishing
Targeted with some accurate information
• Web enabled applications/application
security
Cross-site scripting
19
IA Concerns on the Horizon cont.
• SOA Environment
• More IA Integration into Applications
• Identity Management
Role Based Access
• Sensor management
Correlating the data of multiple sensors
Analyzing the data
• Move to a more proactive position
20
Cyber Defense and the Navy
What Lies Ahead
• Moving from reactive to
predictive
• Speed of incident handling
• Cyber COP
• Identifying network
anomalies
• Navigating the acquisition
process
Proactive and Predictive Cyber Defense
21
PMW 130 Government / Industry
Exchange
• An opportunity for industry to present products they
feel may be of interest to PMW 130
• Attendees include PMW 130 senior leadership,
SPAWAR and PEO C4I invitees, and other PMW 130
personnel (Assistant Program Managers, engineers,
etc.)
• Held once a month
• 50 minutes, including Q&A
• Please contact Carol Cooper at
[email protected]
22
Summary
•
•
•
•
IA and Cyber are now getting serious attention
Threat cycle vs. acquisition cycle
New IT acquisition model has promise
Must overcome cultural challenges in
requirements, acquisition, contracting, testing,
C&A, and fielding
• Moving from reactive to proactive
• PEO C4I and PMW 130 welcome collaboration
across government, commercial, academia and
other stakeholders
PEOC4I.NAVY.MIL
23
We get it.
We also integrate it, install it and
support it. For today and tomorrow.
24
PEO C4I Mission
Provide integrated
communication and
information technology
systems that enable
Information Dominance
and the command and
control of maritime
forces
25
Information Dominance Challenge
Exponential Data Growth Outpaces Infrastructure
1024
Max of 50 Mbps
per channel
1021
Theater Data Stream (2006):
~270 TB of NTM data / year
Current single mode fiber
carries 960 Gpbs
1018
Time to transfer one terabyte of data = 8,796,093,022,208 or 8.8E+12 bits
Max Transfer
Seconds Minutes Hours Days
(bits/sec)
50 megabit bps WGS
40,000,000
219,902 3,665
61
3
Channel
155 megabit bps service
62,000,000
141,872 2,365
39
2
10 gigabit bps service
4,000,000,000
2,199
37
1
Large Data JCTD
8,500,000,000
1,035
17
40 gigabit bps service
16,000,000,000
550
9
100 gigabit bps service
40,000,000,000
220
4
Capability Gap
1015
UUVs
1012
GIG Data Capacity (Services, Transport & Storage)
2000
2005
2010
2015 & Beyond
26