Brief - AFCEA Hampton Roads Chapter

UNCLASSIFIED
Cyber Security,…or Cyber Warfare?
AFCEA Hampton Roads Monthly Luncheon
April 14, 2015
Captain Doug Powers, U.S. Navy
Commanding Officer, Navy Cyber Defense Operations Command (NCDOC)
Commander, Task Force 1020
Overall classification of this brief is UNCLASSIFIED
UNCLASSIFIED
Navy Cyber Defense Operations Command
Cyber Warriors – Ever Vigilant
UNCLASSIFIED
Fighting Through It
• Platforms  Warships
• Processes Warplans
• People
 Warriors
UNCLASSIFIED
Navy Cyber Defense Operations Command
Cyber Warriors – Ever Vigilant
2
UNCLASSIFIED
Platforms  Warships
• Armed to defend (& attack)
• Sectored, water tight doors
• Built to withstand
• Water tight integrity
• Resilient defense systems
• Redundant engineering
• Safety & Security - priorities
• Inspected and Re-inspected
• Built to fight through it!
UNCLASSIFIED
Navy Cyber Defense Operations Command
Cyber Warriors – Ever Vigilant
3
UNCLASSIFIED
Processes  Warplans
• Defense-in-Depth
• Lines of Operation
• “Fight through it” SOPs
– Continually evolving
• Speed, Accuracy, & Agility
• Left-of-Kill Chain (LoKC)
• Defensive Cyber Maneuver
– Restrict, Reduce, Replicate,
Randomize, Ruse, Rebuild, Retaliate?
• Created to fight through it!
UNCLASSIFIED
Navy Cyber Defense Operations Command
Cyber Warriors – Ever Vigilant
4
UNCLASSIFIED
Defensive Cyber Maneuver (DCM)
• Issue: IA/CND Defense-in-Depth alone is a failing,
unsustainable strategy of attrition warfare
• Concept: “Place the chessboard so that the sun is in
your opponent’s eyes” – execute maneuver warfare
• Assumptions:
1. Cyberspace is man-made & virtual = manipulation by man.
2. Cybersecurity vulnerabilities will always be exploited.
3. Cyber network defenders should expect unwanted visitors.
4. Expect, embrace and shape the experience of intruders.
Leverage cyberspace’s virtual nature for DCM
UNCLASSIFIED
Navy Cyber Defense Operations Command
Cyber Warriors – Ever Vigilant
5
UNCLASSIFIED
DCM Tactics (Cyber “Warplans”)
1. Restrict: implement least privilege principle
2. Reduce: limit boundary access points
3. Replicate: build in dynamic resilience
4. Randomize: introduce fog-of-war
5. Ruse: leverage virtual machines for deception
6. Redesign: depart from the commodity rules
7. Retaliate: exercise the right to self defense
Build and utilize a comprehensive DCM Strategy
UNCLASSIFIED
Navy Cyber Defense Operations Command
Cyber Warriors – Ever Vigilant
6
UNCLASSIFIED
People  Warriors
• Integrity is a team fight
• All-hands on deck mentality
– Never give up the ship (network)!
• Threat-focused - vigilant
• Train as we fight – drill, drill, drill
• Accountability
• Certifications
• Inspect and Re-inspect
• Redundancy & Resilience
• Trained to fight through it!
UNCLASSIFIED
Navy Cyber Defense Operations Command
Cyber Warriors – Ever Vigilant
7
UNCLASSIFIED
Certification (Cyber Warriors)
Mastery Certification Level
Progression
Training Type
Master Trainer
Level IV
Experience
Superior
Performance
Expert
Level III
Advanced Qualification
Experience
Journeyman
Level II
Apprentice
Level I
PQS/JQR
Qualified
Under Instruction
Cyber
Forensics
Trainee
Level 0
CND
ACADEMY
Cyber
Forensics
Mission
Manageme
nt
Mission
Management
BOOTCAMP
DCO
DIRSUP
DCO
Intelligence
DIRSUP
CNDWO
BWC
CBT
In Training
UNCLASSIFIED
Navy Cyber Defense Operations Command
Cyber Warriors – Ever Vigilant
INTERNAL DRILL /CXP/TEAM TRAINING (CRTT)
CERTIFICATION (CSWF)
VENDOR TRAINING
UNCLASSIFIED
Discussion
UNCLASSIFIED
Navy Cyber Defense Operations Command
Cyber Warriors – Ever Vigilant
9
UNCLASSIFIED
Challenges
Mobility
RF side/SS7/Mobile
ICS
HME
Weapon Systems
Interconnectivity
Insider Threat
Supply Chain
Culture, Cost & Scale
UNCLASSIFIED
Navy Cyber Defense Operations Command
Cyber Warriors – Ever Vigilant
10