Title: NetCentric Operations
1Net-Centric Operations
Addressing Concerns, Threats and Vulnerabilities
AFCEA Hawaii Chapter Honolulu, Hawaii
Hon. John GrimesASD NII/CIO23 July 2008
2The DoD Focus
Leverage
Power
the
Information
of
Create an agile enterprise empowered by access to
and sharing of timely and trusted information
3ASD NII/CIO a Quick Review
4DoDs Global Information GridA Unique Area of
Responsibility
5DoD Investments in IT
- Saving money by shutting down systems
- Increasing IT investment transparency
- Federal IT budget growth FY082.8
- Leveraging line of business"
- Payroll
- Case Mgmt.
- Travel
- Accounting
- Recruiting
Common Services
6Net-Centricity The Path AheadWarfighter
Driven, Mission Focused
NEXTGEN Internet - DARPA
Trusted End-to-End Service
Resilient Infrastructure IT / Telecom
Globalization H/W S/W Supply Chain
Technology Advances Content / ID mgmt.
7The Future Net-Centric Solutions
IF
Authorized you have a reason Authenticated
you are who you claim
THEN
Pull what you need Contribute what you
know Collaborate as you go
Global access to timely information you can trust
8The Path
Its all about the information
Make data Visible
Make data Accessible
Make data Understandable
Information a strategic asset
9A Team Effort
Communities of Interest (COI)
Collaborative groups of users who must exchange
information in pursuit of their shared goals and
missions
Shared vocabulary leads to shared information
10The Shift Enterprise Solutions
LEGACY
EMERGING
Information stovepipes Welded
interfaces Pre-determined needs Fixed display
formats Protect the network Need to Know
Shared information Unconstrained Accommodate
uncertainty User-defined info and formats Assure
the information Need to share right to know
AGILE
RIGID
Share
Access
Collaborate
11Enterprise Computing CapabilitiesA Core
Requirement
- The Enterprise Computing environment
- 3,000,000 users
- 34 mainframes, 6100 servers
- 1700 TERABYTES of storage
- 2800 applications database instances
- 215 software vendors
- Rapidly building warfighter support capabilities
- Robust, critical application hosting services
- Standardizing processes / architectures
- Leveraging computing / storage contracts
12Building a Net-Centric Enterprise Enabling
Technologies
- IPv6
- Supports proliferation of IP-addressed
applications/devices, and comm on the move - VOIP
- Increases flexibility/capacity through broadband
Internet connection allows for converged voice
and data on the same network - Satellite Comms
- Enables real time connectivity, high data rate,
ISR exfiltration, and comm on the move
- Wireless Communications
- Provides network connectivity to users at the
tactical edge - SME / PED implementation
- SOA
- Establishes easy-to-use services to access, share
and collaborate - Information Assurance
- Securing DoDs information, systems, and
information infrastructure - Fundamental shift secure from the start
13DoD Leveraging IT CapabilitiesThoughts on
Future Needs
- Security
- Trusted Computing from untrusted systems
- Anonymous authentication
- Bandwidth
- Everything over IP
- Convergence of fixed wireless
- WiFi / WiMAXreplacing wired Ethernet?
- Management (NetOps)
- Traffic flows spikes Capacity planning,
application tuning - Quality of service
- Priority handling of packets
- Strict pre-emption standards
- Server virtualization grid computing
14Cyberspace The New Wild West
Information Assurance Info-assassins vs.
Info-defenders Guys in the white hats are
out-numbered and surrounded
15Cyber Activity A Quick SnapshotSignificant
Growth in Malicious Activity
- USCERT incidents up 55 (FY07 vs. FY06)
- Increase in malware
- 2,000 new detections per week
- 1.3 of ALL searches link to infected sites (59
MILLION web pages) - 2007 135,885 new threats, beats 05 06
combined) - 2008 72 of networks w/ gt100 PCs are infected
- Increasing Windows Root-kit installations
- 200K installations detected first half of 2007)
- Web 2.0 as threat vector
- Malware in, or linked from, user content
- Sites data mined for spear fishing
16DoDs Cyber-Security SolutionsIncreasing
Emphasis on Protecting Information
- Accelerate Network Defense Initiatives
- Deploying PKI / CAC, patch management, host-based
security - Were getting stronger, more responsive, more
consistent - DoDs GIG Info Assurance Program (GIAP)
- Managing IA as a capability across the enterprise
- Capability based, focused investment / results
- Cross-Domain Solutions
- Aligning policies, processes, governance to drive
assured sharing - Established DOD/Intel Cross Domain Management
Office (CDMO) - Certification Accreditation (CA)
- Intel and DoD working together to transform /
integrate processes - Systems fielded in one community authorized to
operate in others
17Assessing Cyber ThreatsDefending Across a Broad
Front
- Cyberspace Unconstrained by borders
- Huge increases in targeted incidents on the
Internet - Socially engineered schemes used by organized
crime - Efforts increasingly focused on financial
transactions - Hacking incidents crime or act of war who
decides? - Estonia attack in April 2007 (denial of service)
- lt1 of attacks target specific military espionage
- The Targets INFORMATION and Infrastructure
- 14 TRILLION in global econ activity is enabled
by Internet - Information more valuable / profitable than
network attack - Personal, business govt. data/intellectual
property at risk - Data theft, identity theft, loss, fraud, and
deception
18Cyber-SecurityMotives and Impact
MOTIVE
DAMAGE
Cyber Warrior
Competitors, Organized Crime
National Security
Insiders
Espionage expertise, resources, tools
Hackers, Crackers
Industrial Espionage
Sophisticated tools, expertise and substantial
resources
Script Kiddies
Monetary Gain and Revenge
Inside information and services
Prestige Thrill
Substantial time, tools, social engineering
Curiosity
Scripts, tools, books
ADVERSARY
As Security Increases, Adversaries get more
Sophisticated
19Infrastructure VulnerabilitiesTrans-Oceanic
Fiber Optic Cables
0.2m
Bahrain
Qatar
0.3m
Kuwait
0.8m
UAE
1.7m
Saudi Arabia
4.7m
Egypt
6m
Pakistan
12m
India
60m
- Recent Concerns in the Middle East
- Dragging anchor cut two critical cables
- 85 million users impact across eight countries
- Incident highlights potential terrorist
opportunities
Resiliency is ABSOLUTELY CRITICAL
20GlobalizationThe Supply Chain and Critical
Capabilities
- Globalization of Information Comm Technologies
(ICT) - Supply chain opportunities to manipulate ICT
products - Countermeasures Defense-in-Breadth
- Eliminate access to / communication w/
compromised ICT products - Increase adversarys costs and risk of exposure
- Decrease payoff from a successful attack
- Develop implement a USG-wide risk mitigation
approach - Leverage information, standards/best practices in
acquisition - Develop standards/best practices for assured
products - Develop new security policies/procedures, enforce
existing ones - National Security Criteria for Mergers
Acquisitions
Goal Minimize Risk Across IT Product/Service
Lifecycles
21Our Challenge
deliver the right solutions quickly and reliably
22QUESTIONS?