Docstoc

Slide Template UNCLASSIFIED UNCLASSIFIED FOUO - PowerPoint

Document Sample
Slide Template UNCLASSIFIED UNCLASSIFIED FOUO - PowerPoint Powered By Docstoc
					          UNCLASSIFIED                            UNCLASSIFIED // FOUO


                                     LandWarNet 2008
                                  Track 2: Information Assurance –
                                         The Defender’s Challenge




                            The State of Army
                         Information Assurance
                                Program
                                                        Session 1
                                                     19 August 2008


Mr. Roy Lundgren, Deputy Director, Army Office of Information Assurance & Compliance
Leroy.lundgren@us.army.mil phone: 703-602-7355
UNCLASSIFIED                                                                           Track 2 Session 1
         UNCLASSIFIED                                UNCLASSIFIED


                                                            LandWarNet 2008

        PURPOSE: To provide an overview of the Army’s
          Information Assurance Program


        OBJECTIVES:
         To present key challenges

         To highlight select programs
          and initiatives


    Mr. Roy Lundgren, Deputy Director, Army Office of Information Assurance & Compliance
    Leroy.lundgren@us.army.mil phone: 703-602-7355
UNCLASSIFIED                                                                               Track 2 Session 1
        UNCLASSIFIED


                                LandWarNet 2008
           Agenda
       Threat Perceptions
       Policy
       Compliance
          Culture
          Challenge
          Compliance Programs/initiatives
       Training
       Communications Security
       Public Key Infrastructure
       IA Awareness




UNCLASSIFIED                                  Track 2 Session 1
        UNCLASSIFIED




                       Threat




UNCLASSIFIED                    Track 2 Session 1
                                           R0
        UNCLASSIFIED



                       Changes in Threat Perspectives
                1995 – Life was simple

                   Few foreign developed tools considered

                   Presence of a non U.S. citizen is a red flag

                   Trusted coalition partners is a short list

                   Threat to networks is not widely understood

                       Threat not that sophisticated –Jolt cola and SATAN
                       perceptions

                   Limit access to the INTERNET



UNCLASSIFIED                                                             Track 2 Session 1
        UNCLASSIFIED


               Office of Information Assurance and Compliance




                                                We understood
                                              this type of war !
                                             What to do was clear !




UNCLASSIFIED                                                 Track 2 Session 1
        UNCLASSIFIED


                       Changes in Threat Perspectives

          2008 – Life is more complicated

                Research Centers support multinational corporations are located
                 In Russia, China and India
                Multinational boards include non U.S. citizens
                Demand for information sharing with coalition partners is
                 significant – and really necessary
                Supply Chain concerns
                Theft of information
                    Organized crime
                    Personal Identifiable Information (PII) – identity theft
                Technology – P2P/collaboration/virtual
                Threat is more sophisticated
                    Solar Sunrise -- Israel
                    Moonlight Maze – Russian
                    Titan Rain -- China



UNCLASSIFIED                                                               Track 2 Session 1
        UNCLASSIFIED


                       Changes in Threat Perspectives




                           The Reconnaissance Phase
                            of a Cyber War is already
                                  taking place --
                           We are already under attack
                                          !!
                                Yet – it is not clear
                                  what to do !!!!



UNCLASSIFIED                                             Track 2 Session 1
                                                                    R0
        UNCLASSIFIED



                    Can You Guarantee 100% Security
       Can you guarantee with this IA investment that my information will
        be 100% protected ?

       Information Assurance investments looked at as something
        separate, something special, something out of the norm.

       After spending 1M plus for a tank does the decision maker ask if the
        provider can guarantee it will be 100 % assured of not being
        damaged/destroyed ?
                Depth of armor
                  Reactive technology
                  Speed
                  Smoke
                  Stand off capability

       IA is not always looked at as an integral and key enabler to facilitate
        the Integrity, confidentiality and availability of the information
        necessary to execute a mission.

UNCLASSIFIED                                                          Track 2 Session 1
        UNCLASSIFIED




                       IA POLICY




UNCLASSIFIED                       Track 2 Session 1
                                              R0
        UNCLASSIFIED


           Policy and Best Business Practices (BBP)

            Printing press approach of providing policy for the Army and
           DoD in general is no longer adequate or able to address a world
           of rapidly changing threats and technologies.

            The staffing and administrative requirements for producing
           an Army Regulation results in an AR that is in need of updating
           before it is published.

            The Army develops and staffs Best Business Practices that
           are able to respond rapidly to technology and threat changes.

            BBPs provide guidance and procedures for the
           implementation of policy.

            HQDA IG is concerned – laws are behind


UNCLASSIFIED                                                           Track 2 Session 1
        UNCLASSIFIED




                       Compliance




UNCLASSIFIED                        Track 2 Session 1
                                               R0
        UNCLASSIFIED




                 Turn a
                Ship in
               a Bathtub




UNCLASSIFIED               Track 2 Session 1
        UNCLASSIFIED


                        What is the Challenge ?
       A Firewall/IPS that does not have adequate policy
           rules and or is not audited is a door stop !
       The best Certification and Accreditation (C&A) and
       Networthiness process in the world is worthless if there
       is no daily follow up and compliance !
       Need to get away from the “3 year”
       mind set
       Need compliance checks
                  Lack of compliance needs to be painful !
       Lack of enterprise results in pockets of excellence
       and pockets of failure.

UNCLASSIFIED                                                  Track 2 Session 1
        UNCLASSIFIED



                       What is the Challenge ?
      1995 DOIM IA              2008 DOIM IA responsibilities:
     responsibilities:             Extensive IA requirements
      IA responsibilities:           FISMA
            Very few requirements    C&A
            SAs burden               Networthiness
      IA Personnel Assigned: 0       IA Controls
                                      PII
                                      DAR etc. etc. etc.
                                      SAs burden
                                 IA Personnel Assigned: 0


                                      DOIM IA Division
                                    Has been approved !!!!!!

UNCLASSIFIED                                              Track 2 Session 1
        UNCLASSIFIED


           Information,      Information, Information

              In modern conflict, information as one of the eight
               elements of combat power (The other elements are
               leadership, movement and maneuver, intelligence,
               fires, sustainment, command and control, and
               protection) has become as important as lethal action in
               determining the outcome of operations.




UNCLASSIFIED                                                    Track 2 Session 1
        UNCLASSIFIED




                        Compliance
                         Programs
                       and Initiatives




UNCLASSIFIED                             Track 2 Session 1
                                                    R0
        UNCLASSIFIED



                       HQDA IG IA Division

    Operational
    IA Self Assessment Training Module
           Question
           Source
           Standard
           Determine standard is being met
     Limited number of categories and questions
     ALARACT directing use of the self assessment tool to
      conduct a self assessment




UNCLASSIFIED                                           Track 2 Session 1
        UNCLASSIFIED




                        Approval to
                       Connect (ATC)




UNCLASSIFIED                           Track 2 Session 1
                                                  R0
        UNCLASSIFIED



                       Authority To Connect (ATC)

        DISA requires customers to renew a request
         for their circuit connectivity.
        To be successful the customer must have a
         valid IATO/ATO.
        2008 is the first year that the Army is tracking
         the status of ATCs.
        2008 is the first year that JTF GNO is
         disconnecting circuits that cannot meet the
         standards for an ATC.



UNCLASSIFIED                                         Track 2 Session 1
         UNCLASSIFIED




                                Army NIPRNET Circuits
                                                        Circuits
                                                   Army NIPR Circuits




  400

                                                                                                              352
  350                                                                                              331
                                                                                          328
                                                                                 307
  300                                                                   295
                                                      265
  250
                                         245
                                212
  200                   178
               165
        140
  150


  100


   50


    0
    FY 98      FY 99    FY 00    FY 01     FY 02           FY 03         FY 04    FY 05    FY 06   FY 07        FY-08
UNCLASSIFIED                                                                                        Track 2 Session 1
         UNCLASSIFIED




                                Army SIPRNet Circuits
                                                      Circuits
                                                 Army NIPR Circuits




  500

  450
                                                                                                            453
                                                                                                 410
  400
                                                                                        328
  350                                                                          341
                                                                      312
  300
                                                   270
  250                                   235
                                217
                        201
  200          178
        152
  150

  100

   50

    0
    FY 98      FY 99    FY 00   FY 01    FY 02           FY 03         FY 04    FY 05    FY 06   FY 07        FY-08
UNCLASSIFIED                                                                                      Track 2 Session 1
        UNCLASSIFIED


           SIPRNet- NIPRNet Global Authority to Connect (ATC)
                                          STATUS
                                          Status

                 SIPRNet Circuits                            NIPRNet Circuits



  25                                         25


  20                                         20
                                                                     NC          NC
                            NC       NC
  15                                         15
                                     25
                                             10
  10                                                                             15
                                                                     12
          10                10                5
   5                   7                              4        3
                                              0
   0                                               Expired   Aug    Sep         Oct
       Expired     Aug     Sep      Oct



UNCLASSIFIED                                                                     Track 2 Session 1
        UNCLASSIFIED




                       Tools and
                       Systems




UNCLASSIFIED                       Track 2 Session 1
                                              R0
        UNCLASSIFIED

                       Tools and Systems

                Protection of Information not only in transit but
               also in storage – Data at Rest

                Retina and Patch Link scanning tools

                Army IA Approved Products List

                Systems
                  Host Based Security System (HBSS)
                  Reverse Proxy Servers
                  Telephone Firewalls
                  REM/Retina


UNCLASSIFIED                                                    Track 2 Session 1
        UNCLASSIFIED




                       Certification and
                        Accreditation




UNCLASSIFIED                               Track 2 Session 1
                                                      R0
        UNCLASSIFIED


                   Certification and Accreditation
      Transition to DIACAP
        Enterprise level visibility

      1200 + DIACAP Packages completed

      DAA not delegated below GO/SES level
               181 DAAs

      Centralized Army Certification Authority
               Certification Authority Representative
               Agents of the Certification Authority

      Agent of the Certification Authority (ACA)
               Government lead
               Vetted

UNCLASSIFIED                                             Track 2 Session 1
        UNCLASSIFIED




                        ARMY WEB
                          RISK
                       ASSESSMENT
                       CELL (AWRAC)



UNCLASSIFIED                          Track 2 Session R0
                                                      1
        UNCLASSIFIED



                 Army Web Risk Assessment Cell
           Reviews:
                Public assessable web sites
                Army BLOGs
           Works with owner/web manager to
           remediate
           Trends:
                Personably Identifiable Information




UNCLASSIFIED                                           Track 2 Session 1
        UNCLASSIFIED            UNCLASSIFIED

               AWRAC Tracking Database Snapshot July 2008




UNCLASSIFIED                                           Track 2 Session 1
                                                                           30
        UNCLASSIFIED


        Army Web Risk Assessment–Holistic Approach




                         Review for OPSEC/PII
                                                Register
    Discover Public Web Server




                                                           Scan for IAVA




                                                           Cross Check with AVTR


                                 AWRAC TEAM
                                                             Reverse Proxy

UNCLASSIFIED                                                                 Track 2 Session 1
        UNCLASSIFIED




                       Information
                        Assurance
                       Vulnerability
                       Management



UNCLASSIFIED                           Track 2 Session 1
                                                  R0
           UNCLASSIFIED




               Information Assurance Vulnerability Alerts
                   (IAVA) - Hosts Scanned for Patches
                                              IAVA – Hosts Scanned



 120,000                                                                                        113,013
                                                                                      103,171
 100,000



  80,000
                                                                78,000

                                            58,200
  60,000                                                                     53,349
                                   39,565
  40,000



  20,000                  13,249
               2,670
       0
               FY 99       FY 01    FY 02    FY 03                   FY 04    FY 05    FY 06      FY 07

UNCLASSIFIED                                                                                    Track 2 Session 1
           UNCLASSIFIED




                 Information Assurance Vulnerability Alerts
                       (IAVA) - Patches Not Applied
                                                  IAVA – Patches Not Applied




  10000                                                                                                  9,465
   9000

   8000

   7000
                                                                                               6,850
   6000                                                                        5,744
   5000

   4000
                                          3,295 3,500
   3000                                                                                2,621
   2000

   1000                   725     555
               62
       0
               FY 99      FY 00   FY 01   FY 02              FY 03             FY 04   FY 05   FY 06       FY 07

UNCLASSIFIED                                                                                           Track 2 Session 1
          UNCLASSIFIED




                   Information Assurance Vulnerability Alerts
                     (IAVA) - Sites Checked for Compliance
                                                 IAVA- Sites Visited



    25


                                                                        21
                         20
    20                                                                                 19
                                                       17
                                                                                                18
    15

                                                                               12
                                          11
    10                            9

               6
      5




      0
            FY 99        FY 00   FY 01   FY 02      FY 03              FY 04   FY 05   FY 06   FY 07

UNCLASSIFIED                                                                                    Track 2 Session 1
           UNCLASSIFIED




                Information Assurance Vulnerability Alerts
                  (IAVA) - Army Annual Vulnerability Rate
                                               IAVA – Army Annual Vulnerability Rate




   7.00%
                                                                                                           6.90%
                                                                   6.12%
   6.00%


   5.00%
                                              4.61%
                                    4.19%                                                        4.11%
   4.00%
                          3.43%                                                        3.41%
   3.00%

        2.05%
   2.00%


   1.00%


   0.00%
                FY 00       FY 01     FY 02        FY 03                      FY 04      FY 05     FY 06     FY 07

UNCLASSIFIED                                                                                               Track 2 Session 1
        UNCLASSIFIED




                       NETWORTHINESS




UNCLASSIFIED                           Track 2 Session 1
                                                  R0
        UNCLASSIFIED


               Certificates of Networthiness (CON)
 70

 60

 50

 40                                                                         CoN's
                                                                            Completed by
 30                                                                         Month
 20

 10

    0   September      October   November   December   January   February
UNCLASSIFIED                                                                      Track 2 Session 1
        UNCLASSIFIED




                        Federal Information
                       Security Management
                           Act (FISMA)




UNCLASSIFIED                                  Track 2 Session 1
                                                         R0
        UNCLASSIFIED



                       Federal Information System
                        Management Act (FISMA)
         Systems requiring Accreditation must have an
          Authority to Operate (ATO)
         Systems need to have a Plan of Action and Milestones
          (POAM)
         System owners must test their DoD 8500.2 Security
          Controls on Annual Basis
         All Systems must have a Contingency Plan and test
          that Contingency Plan on an Annual Basis
         System owners must conduct an annual security
          review
         Annual IA training requirement
         Army Portfolio Management System (APMS)
UNCLASSIFIED                                             Track 2 Session 1
        UNCLASSIFIED


                       Army FISMA Statistics


    Category           ATO   Contingency   Security   IA
                             Test          Review     Controls


    Army               93%      82%         89%          87%


                       +3
                       +3       -8          -1           -3
                                                         -3




UNCLASSIFIED                                                  Track 2 Session 1
        UNCLASSIFIED




                       Training




UNCLASSIFIED                      Track 2 Session 1
                                             R0
                UNCLASSIFIED




                                  System Administrator Training
                                                        Training: System Administrator




             4,000                                                                                        3,644
             3,500
                                                                                         3,170
                                                                          2,650
             3,000
                                       2,850                                                     2,555
                                            2,650 2,650
             2,500
                             2,015
  Students




             2,000


             1,500


             1,000
                     605
              500


                0
                     FY 99     FY 00    FY 01   FY 02      FY 03                FY 04    FY 05    FY 06    FY07



UNCLASSIFIED                                                                                                      Track 2 Session 1
               UNCLASSIFIED



                                                      Training: e-Learning




                            IA Workforce Specialized Training
                                 (e-Learning / Skillport)
           50,000                                                                           47,842
           45,000                                                                     42,936
           40,000

           35,000

           30,000
                                                                             26,969
Students




           25,000

           20,000

           15,000
                                                      9,800
           10,000                             7,595
            5,000
                    702       738     1,396
               0
                    FY 00     FY 01   FY 02   FY 03   FY 04                   FY 05    FY 06   FY 07



UNCLASSIFIED                                                                                           Track 2 Session 1
        UNCLASSIFIED

                          Virtual Training Completion

                                    Successful Course Completion - Past 6 Months      DataArmor/
                                                                                      FileArmor
                                                                                      PolicyServer
                  25000
                                                                                      Army G3
                                                                                      COMSEC
                                                                                      STAT 6.4.3
                  20000                                                               Flying Squirrel

                                                                                      Army Specific
                                                                                      DAA
                  15000                                                               NetScreen
         Number




                                                                                      Wireless

                                                                                      Thumbdrive
                  10000                                                               Awareness
                                                                                      REM 3.0

                                                                                      STAT 6.0
                   5000                                                               REM 2.X

                                                                                      Hercules 3.5

                                                                                      Incident
                     0                                                                Handling
                          Jan-08   Feb-08    Mar-08     Apr-08    May-08     Jun-08   Retina
                                                    Month                             Web Content
                                                                                      and OPSEC

UNCLASSIFIED                                                                                     Track 2 Session 1
                                                                                                                     45
        UNCLASSIFIED

                           Certificates Approved For FY08



                120
                                                                                   99
                100

                  80                                          68
                                         63                                                 61
                  60                                                 55
                                                49
                                  43                                        42
                           32                          36
                  40

                  20

                       0
                           Oct-07 Nov-07 Dec-07 Jan-08 Feb-08 Mar-08 Apr-08 May-08 Jun-08   Jul-08




UNCLASSIFIED                                                                                         Track 2 Session 1
                                                                                                                         46
        UNCLASSIFIED




                       Communications
                          Security




UNCLASSIFIED                            Track 2 Session 1
                                                   R0
        UNCLASSIFIED


                        Communications Security
               Legacy                        New/Emerging

         Taclane E100/Classic KG-175    Taclane MICRO KG-175D          vIPer




                                                                   SecNet 54
                                              SME-PED
                 OMNI / STE


                                                                     STE VoIP




          KIV-19A         KOV-14                          KSV-21          Talon
                                           KIV-7MIP




UNCLASSIFIED                                                         Track 2 Session 1
        UNCLASSIFIED

                       Communications Security

  Prior to FY08
        Stopped issuing - KG-84, KG-94, KG-175, STUIII,
        Production stopped- KG-175AC (classic), DTD, KIV-7 HSB, KG-75
        New Technology- TALON, SecNet 11, SecNet 54, KG-250
  FY08-
        Stop issuing KG-175 AC, KY-68, KIV-7, KIV-19
        Production stopped- KG-175 E-100, KG-175B, KG-235, KG-240
        New Technology- KG-175D, KIV-7M, KIV-19M, KY-100s, vIPer, ECC, SME-
         PED, SKL, TALON, KG-255, SecNet 54
  FY09-
        Stop issuing- KOV-14
        Production stopped- TBD
        New Technology- 10 GB TACLANEs, other TBD
  FY10
        Not supported- STUIII


UNCLASSIFIED                                                             Track 2 Session 1
        UNCLASSIFIED




                         Public Key
                       Infrastructure




UNCLASSIFIED                            Track 2 Session 1
                                                   R0
        UNCLASSIFIED


                       Public Key Infrastructure

                                                                                Armed Forces

                                                                                            of the

                                                                                 United States




   Identity Management
   Logical access
                                                          Rank                               Pay Grade




                                                                          Issue Date




   Physical access
                                                                          Expiration Date




                                                   Identification Card




   Select groups
   Security - Security - Security




UNCLASSIFIED                                                             Track 2 Session 1
        UNCLASSIFIED




                           IA
                       AWARENESS




UNCLASSIFIED                       Track 2 Session 1
                                              R0
        UNCLASSIFIED


                       IA Awareness Training




                               ON CYBER PATROL




            Since the first OCP cartoon and article
           were posted to AKO in September of
           2005, the OCP cartoon and article have
           been downloaded 3.1M + times.
UNCLASSIFIED                                           Track 2 Session 1
         UNCLASSIFIED


                                   LandWarNet 2008

                           Track 2: Information Assurance:
                              The Defenders Challenge


                        IA Communications
                              Featuring “On Cyber Patrol”

                                              Session 1, part 2
                                              19 August 2008




Mr. Edwin F. Beemer III, APR, OFFICE SYMBOL
efb@corpcommteam.com, 703-379-4235
UNCLASSIFIED                                                      Track 2 Session 1
        UNCLASSIFIED


                                      LandWarNet 2008

        • PURPOSE: To present and discuss IA
          communication initiatives featuring the On
          Cyber Patrol (OCP) tool set

        • OBJECTIVES: By the end of this
          presentation you will be able to:

               – A. Be aware of the IA “On Cyber Patrol” resource
               – B. Learn how to use OCP to your advantage
               – C. Join and promote the new IA Champion and
                 Mentor programs
               – D. Access and implement new IA communication
                 resources
UNCLASSIFIED                                                  Track 2 Session 1
        UNCLASSIFIED


                                LandWarNet 2008
          OCP Overview

          Objective: Get the IA Message out and
          across in a way that everyone will notice and
          understand!

          Solution: Graphical Interface




UNCLASSIFIED                                         Track 2 Session 1
        UNCLASSIFIED


                                   LandWarNet 2008
          IA Message Objectives

               • Reinforce AR 25-2
               • Promote training
               • Promote all levels and forms of certification




UNCLASSIFIED                                             Track 2 Session 1
        UNCLASSIFIED


                               LandWarNet 2008
         Message Strategies & Tactics
          • Message simplicity and repetition
          • Multiple, easy to use and disseminate formats
          • Relevant and timely topics
          • Real world scenarios
          • Humor




UNCLASSIFIED                                       Track 2 Session 1
        UNCLASSIFIED


                                 LandWarNet 2008
          OCP Team Roles & Brief History

               • William Buzinski, OCP Team Lead
               • Grant Brownrigg, Artist
               • Ed Beemer, Comm Specialist




UNCLASSIFIED                                       Track 2 Session 1
        UNCLASSIFIED


                                   LandWarNet 2008

          OCP Program Results to Date

               • (Current stats from AKO and anecdotal
                 testimonials) -




UNCLASSIFIED                                             Track 2 Session 1
        UNCLASSIFIED


                              LandWarNet 2008
         OCP Program Expansion
         • Videos (Scenarios & Tips of the Week)
         • IA Toolbox
             • Purpose
             • Contents
             • Access
         • IA Champions/Mentorship




UNCLASSIFIED                                       Track 2 Session 1
        UNCLASSIFIED


                                 LandWarNet 2008

          “Go Forth and Communicate IA”
     “It’s only common sense, if the sense is common.”
                                  ~    SFC John Firewall, On Cyber Patrol,
                       Army Office of Information Assurance & Compliance




UNCLASSIFIED                                                     Track 2 Session 1
        UNCLASSIFIED




                   Track 2: Information Assurance –
                      The Defender’s Challenge




                   https://informationassurance.us.army.mil


UNCLASSIFIED                                             Track 2 Session 1

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:47
posted:8/8/2011
language:English
pages:63