pre-decisional – not for release without n81 approvaldraft unclassified/fouo defensive cyberspace...
TRANSCRIPT
Pre-decisional – Not for release without N81 approval Draft
UNCLASSIFIED/FOUO
UNCLASSIFIED/FOUO
Defensive Cyberspace Workforce StudyIPT #1
March 4, 2010
Phil VenturaOPNAV N81F
Information Dominance FY-10 Studies
Overall Classification of this brief is UNCLASSIFIED//FOUO
UNCLASSIFIED/FOUO
Pre-decisional – Not for release without N81 approval DraftUNCLASSIFIED/FOUO
Agenda
• Study Plan• Task Framework• Way-ahead
UNCLASSIFIED/FOUO
Pre-decisional – Not for release without N81 approval DraftUNCLASSIFIED/FOUO
Objectives
• Issue– The Joint Staff has a working framework to establish how many people are required for
Computer Network Exploitation and Computer Network Attack. However, a corresponding defensive cyberspace framework doesn’t exist. How may personnel does the Navy need for defensive cyberspace?
• Objectives– Document the Navy requirements for defending cyberspace in the functional areas of
Network Operations (NETOPS), Computer Network Defense (CND), and Information Assurance (IA)
– Document where the requirements should be done– Decompose the steps and skills needed to meet the requirements including where they
should be done– Determine how much one person can do as a functional skill and longevity at each
location for each requirement– Show how new approaches or planned technologies can reduce personnel required– Make recommendations for the number and type of cyberspace defenders the Navy
needs
Resource issues that this study is designed to illuminate:
1. Navy Total Force Manpower Mix required for IA, NETOPS, and CND
2. MPT&E changes necessary to mitigate threats
3. Material changes necessary to mitigate threats
UNCLASSIFIED/FOUO
Pre-decisional – Not for release without N81 approval DraftUNCLASSIFIED/FOUO
Background
[This slide intentionally blank.]
UNCLASSIFIED/FOUO
Pre-decisional – Not for release without N81 approval DraftUNCLASSIFIED/FOUO
Scope
Scope• Focus on Navy CND, IA, and NETOPS manpower requirements
– Network Operations: Configuring and operating our networks.– Information Assurance: Ensuring information availability, integrity, authentication,
confidentiality and non-repudiation.– Computer Network Defense: Protect, detect and respond functions in securing DoD
information systems and networks.
Source: Cyber Warfare Manpower Strategy, OPNAV N1, January 2010
CND
IA NETOPS
Computer Network Attack
(CNA)
Computer Network Exploitation
(CNE)
Computer Network Defense
(CND)
Co
mp
ute
r Ne
two
rk O
pe
ration
s
(CN
O)
Cyberspace Operations
Network Operations
(NetOps)
Information Assurance
(IA)
Source: Computer Network Exploitation and Attack Manpower Requirements, JROC Briefing, 15 July 2009
UNCLASSIFIED/FOUO
Pre-decisional – Not for release without N81 approval DraftUNCLASSIFIED/FOUO
Study Approach
Understand the Current Problem
* Game Changing = Substantial reduction or addition of personnel required or shift in mission focus or approach
Data Collection
Modeling/AnalysisFinal Analysis
• Decompose the steps and skills needed to meet requirements• Document where the requirements should be done (Tier 1, 2, 3, etc.)• Determine how much one person can do as a function of skill and longevity on station• Document what type of person (Navy designator, rate, NEC, Civilian, Contractor) fits the skill set required• Ensure the revisit rate to each network to be effective for each requirement is included (e.g. Blue Team, Red Team, Hunt Teams)• Factor in training pipeline requirements
Requirements
InstructionsCTOsRegular DutiesRed TeamsBlue TeamsHunt TeamsCNECND/RAAcquisition Chain protectionEtc.
Defended Networks
# of NetworksType of NetworksOwnership of NetworksEtc.
Game Changing*ApproachesActive DefenseFuture TechnologiesStandup of CYBERCOMand 10th FleetEtc.
Personnel skill sets requiredOfficers in IW, Intel, IPCT, IT, IS enlisted rates requiredCiviliansContractorsOther applicable military
• Evaluate how the game changing approaches or technologies would affect personnel required
• Model personnel requirement to real-world scenarios developed for this study
Recommend the number and type
of cyberspace defenders the Navy needs
UNCLASSIFIED/FOUO
Pre-decisional – Not for release without N81 approval DraftUNCLASSIFIED/FOUO
Approach
FCC / C10FC2F C3F C4F C5F C6F C7FSIPRNIPR
SIPRNIPR
SIPRNIPR
SIPRNIPR
SIPRNIPR
SIPRNIPR
IA
NETOPS
CND
MIL/CIV/CTR
IA
NETOPS
CND
MIL/CIV/CTR
IA
NETOPS
CND
MIL/CIV/CTR
IA
NETOPS
CND
MIL/CIV/CTR
IA
NETOPS
CND
MIL/CIV/CTR
IA
NETOPS
CND
MIL/CIV/CTR
IA
NETOPS
CND
MIL/CIV/CTR
Navy NETWARCOMNavy CYBERFORIO, Space, Comms
Norfolk, VA
Navy InformationOperations Commands
(NIOCs) (10)IO, SIGINT
VariousCONUS/OCONUS
Navy Cyber DefenseOperations Command
(NCDOC)CND
Norfolk, VA
Navy Computer &Telecom Area Master
Station (NCTAMS)NETOPSVarious
CONUS/OCONUS
CBCA-MOC Data Elements being added to TWMS
9
Booz Allen HamiltonNaval War College
CBCA
Final Analysis & Reporting
Stakeholder Workshops
Capability Analysis
Understanding the Problem
Data Collection
FFC
Afloat Ashore
8UNCLASSIFIED
Approach (cont.)
UnderstandingThe
Problem
Capability
AnalysisData
Collection
StakeholderWargame
FinalAnalysis &Reporting
1 4 52 3
• Selected Navy Cyber Scenarios
• Mission Analysis
Workforce Requirement by Scenario/Role:•Competencies Required
•Roles Defined
•Longevity of Personnel Required
•Skill Proficiency required
•Recommended personnel composition
• NSPD 54/HSPD 23
• USCYBERCOM Implementation Plan
• CNO NMETLS
• NWP-3-63
Key
Act
ivit
ies
Ou
tpu
t
• Navy Cyber Capability Requirements and Tasks
• Comprehensive Terms of Reference and Study Plan
Inp
uts
• Review driving strategy and directives
• Identify and Develop Navy Cyber Capability Statements
• Establish Stakeholders and participant list
• Navy Cyber Capability Statements
• Study Plan
• Operational View Architecture descriptions of each scenario
• Tasks aligned to operational and tactical units
• Establish Stakeholder teams to include Red and Blue teams
• Design Scenarios at different Cyber Threat Levels
• Map Capabilities and Tasks to Scenarios
• Identify supporting and supported task relationships
• Establish performance standards (MOP/MOE)
• Identify competency requirements for each task
• Scenarios
• Capabilities and Task List
• Workforce Requirements
• Wargame AAR
• Comprehensive Navy Cyber Workforce Recommendation
• Roles & Billet information in TWMS
• Manpower Gap Analysis
• Develop total workforce requirement recommendation
• Identify cross training and performance efficiencies from across the Information Dominance Corps
• Describe impact of “Game Changing” technologies
• Validate workforce requirements
• Select future tasks and mission requirements by timeframe
• Prioritize workforce gaps and shortfalls
• Scale workforce requirements
• ID “Game Changing” Technologies
• Wargame after action report (AAR)
•Bold items are deliverables
•Facilitated Workshop
WS#1 WS#2
Mar 4 Apr 1 May 1 May 27
✔✔✔✔✔
✔
✔
✔
WS#3
9
Approach (cont.)
IPT#1
IPT#1
NextNext
NextNext
Next
UNCLASSIFIED/FOUO
Pre-decisional – Not for release without N81 approval DraftUNCLASSIFIED/FOUO
IPT / Study Team
OPNAV N2/N6• CAPT John Post
– Head, Cyber Branch• CAPT Michael Ortwein• CAPT(s) Mickey Batson• CDR Theresa Everette• CDR Joe Brennan• LCDR Ken Gregoire
– IA & CND
• LCDR Joey Harrison• LCDR Zimmerman
– N2N6 Manpower• Sue Prose
– NNWC
OPNAV N1/NPC/PERS• Mr. Dave Smith, N112• CAPT Boticario, N122• CDR Maurice Fischer, N122
– Requirements Officer• CDR Don Wilkinson, N131D
– Head, Officer Force Shaping• Mr. Ralph DeFalco
– IDC MPT&E Strategies• CDR Sean Heritage
– IW OCM
• CDR Sue Himes
– N2/N6 IDC Manpower• CDR Carri Robbins
– Intelligence OCM• CDR Julie Schroeder
– IP OCM• LCDR Stacy Bowman
– ECM (IT, CT, IS)• LCDR Ken Matthias
– Intelligence ECM
NCDOC• CAPT Stephanie Keck, CO
NIOC Hawaii• CAPT James Hagy, CO• Mr. Noah Smith, N9
PACFLT• CAPT Jean Benfer, N2• Ms. Linda Newton, N6
C10F• CAPT Jim Brokaw, N3• CAPT Daryl Hancock, N2• CDR Stone Davis
USFF• CAPT Teresa Fairbanks, N1• CAPT Rich Saunders, N2/N3• Ms. Jane Barclift, N1D• LCDR Ashley Rose, N2• Mr. James Cooney, N9
Naval War College• Prof. Rich Suttie
DON CIO• Mr. Chris Kelsall• Ms. Mary Purdy• Ms. Jennifer Harper
ASN(M&RA)• Mr. Rich Delaquis
ASD(NII)• Ms. Sandy Smith
SECNAV OPA• LCDR Vic Spears
OPNAV N095/CNRFC• CAPT Bill Carney• CAPT Carlisle Wilson
CID• Mr. Sam Kelly, N31
CYBERCOM• Mr. Rob Schrier, Dep. J33
NSA• Ms. Michele Iverson
– IA Campaign Mgr.
• Mr. Keith Denton
NTOC• Mrs. Patricia Ihnat, Deputy
NNWC• CAPT Len Abbatiello• CAPT Eric Exner• CAPT Craig Eaton• CDR Stone Davis• CDR Vanessa Hamm
Booz Allen Study Team• Mr. Scott Gooch (PM)• Mr. Bob Breitbeil (Lead)• Mr. Gerald Williams (Cyber)• Mr. Gene Marc (Cyber)• Mr. Mark Monti (CBCA)• Ms. Erin Kordis (CBCA)• Mr. Jim Monahan (HCS)• Ms. Liz Fairweather (M&S)
NCIS• CAPT Gus Otero
OPNAV N814• CDR Karan Schriver
SPAWAR / PEO(C4I)• Mr. Ken Bible• Mr. Ted Follas• Mr. Chris Newborn
DOD DIAP• Mr. Steve Bush
Navy CYBERFOR• Mr. Mike Knight, IA Wkforce• CWO4 Greg Stone
UNCLASSIFIED/FOUO
Pre-decisional – Not for release without N81 approval DraftUNCLASSIFIED/FOUO
Study Plan and Terms of Reference
• Study Plan (4 Phases)– Data Collection and Framework Development (3 weeks)– Scenario Process, Roles & Competencies, and Surveys (4 weeks)– Workforce Analysis and Game Changing Technologies (4 weeks)– Final Analysis (3 weeks)
• Terms of Reference– Strategy-to-Task Mapping Terminology– Capabilities-Based Competency Assessment Terminology– NETOPS, CND, IA Definitions
UNCLASSIFIED/FOUO
Pre-decisional – Not for release without N81 approval DraftUNCLASSIFIED/FOUO
Plan of Action and Milestones
Integrated Program
AssessmentPOM 12 Timeline
Sponsor Program Proposals
N81F Timeline
IPT IPTIPT IPTIPT
Kick-off
Mid-course Review
Final Brief and Report
Deliverables
W/F Reqmt
WS AAR
OV-6c Initial Results
Reqmt & Tasks
Kick-off
Study Plan
FEB MAR APR MAYWeek 1 Week 2 Week 3 Week 4 Week 1 Week 2 Week 3 Week 4 Week 1 Week 2 Week 3 Week 4 Week 1 Week 2 Week 3 Week 4
IPT
PLANNEDLegend: COMPLETEDIN PROGRESS LATEPOMEvents
StudyEvents
Data Collection / Framework Development
Scenario Process, Roles & Competencies, and Surveys
Workforce Analysis and Game Changing Technologies
Final Analysis
Sponsor Program Proposals
DUEMethodology Development Meeting
2/15
Conduct Literature Review (National/DOD/Navy directives)
2/15
Study Plan/TOR Development 2/19Conduct Strategy-to-Task Analysis: Task Binning
2/25
Collect baseline manpower data for key nodes (AMDs, TWMS)
2/26 on-
goingIdentify SMEs (criteria, geographic regions, event coordinator)
2/26
Write scenarios (x3) 3/2Develop role framework for NETOPS/CND/IA
3/2
IPT Review of Study Plan & STT 3/4
DUE Develop OV-4 for key organizations 3/10Virtual Review of Role Framework 3/11Competency Workshop Rehearsal 3/16Develop draft OV-6C diagrams for 3 scenarios: Task mapping to scenarios
3/23
IPT/Workshop #1: Roles/Competencies/Skills (3 Days)
3/23 to
3/25Map Training to Competencies 3/29Review/Finalize Core Competency Data
3/30
Survey Development 4/1IPT/Workshop #2: OV-6C Review (Full-Day)
4/1
DUE Administer survey to all key organizations (Includes short VTC instruction period)
4/7
Revise OV-6Cs 4/14IPT: Identify Game-Changing Technologies (2-3 Hours: future systems/vulnerabilities and role impacts)
4/15
Review/Process Survey results (clean data/initial database creation)
4/21
Generate initial manpower requirements based on roles
4/28
Map Game-Changing Impacts to Roles 4/29IPT/Workshop #3 (Full-day): Validate workforce requirements based on role/scenarios; gap analysis; game-changing impact analysis
5/5
DUERevise workforce requirements based on workshop feedback 5/12Develop manpower deliverables for Final Report (Database, Key Survey Findings, Workforce gaps/excesses) 5/14Integrate results from all phases into Final Report 5/21Request TWMS submission 5/24IPT Final Brief-out: Comprehensive Navy Cyber Workforce Requirements 5/27
✔✔✔
✔
✔
UNCLASSIFIED/FOUO
Pre-decisional – Not for release without N81 approval DraftUNCLASSIFIED/FOUO
Strategy-to-Task Framework
NMETL
UJTL
JCA
Strategic ObjectivesCONDUCT INFORMATION
ASSURANCE PROCEDURES:
PROTECT
Establish a secure network
CONDUCT NETOPS:
MONITOR/ANALYZE/DETECT
Ensure Operation Capabilities
CONDUCT NETOPS:
MONITOR/ANALYZE/DEFEND
Ensure Operation Capabilities
DEFEND NETWORK:
RESPOND
Identify and Mitigate Intrusions
CONDUCT IA PROCEDURES:
PROTECT
Establish a secure network
Analyze PacketHeaders
NTA 5.5.5Perform
Information Assurance
NTA 5.5.XConductIncident
Response Management
NTA 5.2Analyze and
AssessInformation
NTA 2.4.5.3Provide
Indications & Warning of
Threat
NTA 2.4.4.1Identify
Issues and Threats
NTA 3.1.6.XDevelop Cyber
Counter-Targeting
Plans
SN 2.4.1Evaluate, Integrate,
Analyze and Interpret
Information
NTA 5.5.5.1Provide
ComputerNetwork Defense
Operational Activities & Processes
OP 5.4.7Integrate Computer
Investigations &Operations in CND
ST 5.1.2.3Manage
InformationAssurancePolicies
ST 5.5.7.3Direct CND
ST 5.1.6Establish
IA Procedures
SN 5.5.5Defend the GIG
OP 5.6.5.3Conduct CND
OP 5.3Prepare
Plans and orders
Net Centric, Force Application/ Engagement, Protection, Command and Control(Capabilities required to Operate, Secure, and Defend the GIG)
Detect MaliciousActivity on
Network
Identify AccessControl List
Identify database Security concerns
Verify Securitycontrols
Maintain/ Troubleshoot System
Re-imageaffected systems
Develop IntrusionDetection Signatures
Implement INFOSEC
Analyze/ AuditSystem logs
Implement NetworkFirewall
Perform ForensicAnalysis
Validate Network Intrusionincident
Perform virus scansAnalyze Incident forIntelligence value
Analyze File SystemTimelines
UNCLASSIFIED/FOUO
Pre-decisional – Not for release without N81 approval DraftUNCLASSIFIED/FOUO
References
NSPD-54/HSPD-23, Cybersecurity Policy, Jan 8, 2008 (TS) USCYBERCOM Implementation Plan CNO NMETLS NWP 3-63, CNO, Jan 2008 JROCM 023-09 Cyberspace Operations Way Ahead Navy Strategic Plan in support of POM-12, 09 Oct 2009 FY2011-2015 Guidance for the Development of the Force, Jul 28, 2009 DoDD O-8530.1, CND, Jan 8, 2001 DoDI O-8530.2, Support to CND, Mar 9, 2001 DoDI 8500.1, IA, Oct 24, 2002 DoDI 8500.2, IA Implementation, Feb 6, 2003 DoDM 8570.01-M, IA Workforce Improvement Program, May 15, 2008 CJCSI 6510.01E, IA and CND, Aug 15, 2007 SECNAVINST 5239.3a, DON IA Policy, Dec 20, 2004 Naval Studies Board, IA for Network Centric Naval Forces Cyber Warfare Manpower Strategy, OPNAV N1, Jan 20, 2010 Cyberspace Defense Study, OPNAV N81, Oct 29, 2009 CNO Tasker, Health of Navy Networks – Operational & Tactical Networks, OPNAV N6, Oct 21, 2009 CND Increment 2 CPD, Nov 23, 2009 CNE/CNA Manpower Requirements, FS FCB, JROC Briefing, Jul 15, 2009 USSTRATCOM & USJFCOM Final Report for the Cyberspace Operations (Manning) Objective Experiment, Feb 12, 2009 USSTRATCOM and NSA/CSS Cyber DCR, Oct 8, 2008 USSTRATCOM Operational Concept for Cyberspace, Apr 10, 2008 DI-1577-37-07, Information Operations Capstone Threat Assessment, Apr 2007 ONI-CTA-005-06, Naval Electronics, Navigation, and Network Systems Capstone System Threat Assessment, Sep 2006 USSTRATCOM, CND ICD, Jul 14, 2004• N2/N6 Cyber Roadmap
UNCLASSIFIED/FOUO
Pre-decisional – Not for release without N81 approval DraftUNCLASSIFIED/FOUO
Way Ahead
Study Plan & Task Framework • Comments by 10 March
Workshop #1, 23-25 March• Scenario Development• Role Framework Development
UNCLASSIFIED/FOUO
Pre-decisional – Not for release without N81 approval DraftUNCLASSIFIED/FOUO
BACKUP
17
Assessing Strategic GuidanceAssessing Strategic Guidance
National Military Strategy for Cyber Operations• Strategic approach to use Cyberspace to ensure Military Strategic superiority in Cyber domain
DOD
DoD Information Management and Information Technology Strategic Plan (2008-2009)
• Provide timely access to authoritative, relevant, trusted, and actionable information for all authorized users
• Support national security missions by sharing information with DoD and external partners
• Enable assured information sharing across domains and Communities of Interest
• Ensure that capabilities support the information assurance needs of the net-centric vision
• Streamline and unify foundational information assurance processes across the DoD and Intelligence Community enterprises
Operation ** ( Apr 2009)
• Establishes USSTRATCOM as responsible entity to direct GIG Operations and Defense
• Shifts operational focus from individual to enterprise framework across enclaves centralizing planning and decentralizing execution
• Establishes operations and capabilities within the Six Phase Campaign process via established “Pillars” and Lines of Operations (LOOs)
DoD 8570.01M IA Workforce Improvement Program
• Identifies Workforce & Capability level requirements
JOINT
USSTRATCOM and NSA/CSS Cyber DCR ( Oct 2008)
• Continue development of Cyberspace as a mission area through enhanced capability, intelligence, acquisition, and interagency coordination
• Identify shortfalls to address a clear solutions matrix
Final Report for Cyber OPS Manning Limited Objective Experiment (Feb 2009)
• Study assigned objective to determine manning requirements for the conduct of CNA/CNE in support of COCOM operations
Operational Concept for Cyberspace ( Apr 2008)
• Addresses vision for achieving Cyberspace dominance through development of new capabilities, C2 relationships, organizational constructs, training, and policy
NAVY
Navy Strategic Plan (NSP-12)• Provides CNO strategic guidance for effective resource acquisition and allocation for
projection of Century Seapower (CS-21) initiatives addressing shortfalls and projected future conflicts
NWP 3-63 Computer Network Operations Vol I • Overview of Computer Network Operations and its respective disciplines and their
• Supporting roles within the Information Operations domain
Naval Network Warfare Command Instruction 5450.4A• Describes Missions, Functions, and Tasks (MF&T) for Computer Network Defense
operations at Navy Cyber Defense Operations Command (NCDOC)
FLT Cyber Command/ 10th FLT Implementation Plan• Way Ahead to conduct operations in Cyberspace leveraging NSA and DISA efforts and
capabilities to achieve FOC
• DOTMLPF paradigm inclusion across all Agencies, Services, Multi-National stakeholders
CNO Tasker- Health of Navy Networks (Operational & Tactical)• ID near and long term Security & Reliability
• Identify network life cycle requirements
• POA&M to mitigate network shortfalls
National Guidance DoD, Joint, and Navy Guidance
UNCLASSIFIED/FOUO
18
Identifying Cyber Workforce Strategic ObjectivesIdentifying Cyber Workforce Strategic Objectives
CONDUCT INFORMATION ASSURANCE
PROCEDURES:
PROTECT
Establish a secure network
DEFEND NETWORK:
RESPOND
Identify and Mitigate Intrusions
Apply and monitor system hardware and software
configurations and applications IAW directed
policy and procedures
Ensure network(s) effectiveness to support Commanders intent and
the decision making process
Apply Intrusion Detection, Intrusion Protection and
mitigative TTPs to protect the enterprise services
UNCLASSIFIED/FOUO
CONDUCT NETOPS:
MONITOR/ANALYZE/DETECT
Ensure Operation capabilities
19
Task Definitions (UJTL)Task Definitions (UJTL)
Label Task Name Task Description
OP 5.6.5.3Conduct CND
To conduct actions taken through the use of computer networks to protect, monitor, analyze, detect, and respond to unauthorized activity within DOD information systems and computer networks
SN 5.5.5 Defend the GIG
Direct and lead Information Assurance and Computer Network Defense (IA/CND) actions to protect, monitor, analyze, detect and respond to unauthorized activity within DOD GIG assets, information systems and computer networks. Employ IA protection activity and deliberate actions to modify an assurance configuration or condition in response to a CND alert or threat information. CND response actions include defensive and restoration actions. Provide assured system and network availability, assured information protection, and assured information delivery.
ST 5.1.6 Establish IA Procedures
To establish information assurance procedures for deployed operations. This task includes developing IO appendices including defensive information operations (IO) and IA for all deliberate plans and operations orders as required. IA may be used to ensure information and information
systems availability, integrity, authentication, confidentiality, and nonrepudiation. This includes providing for restoration of information systems by incorporating protection, detection, and reaction capabilities.
ST 5.5.7.3 Direct CNDTo direct actions taken through the use of computer networks to protect, monitor, analyze, detect, and respond to unauthorized activity within DOD information systems and computer networks.
ST 5.1.2.3Manage Information Assurance Policies
Establish and enforce policies and procedures to design, operate, maintain, and protect theater command, control, communications, and computers (C4) systems.
OP 5.4.7
Integrate Computer
Investigations &
Operations in CND
To coordinate, facilitate and deconflict computer investigations and operations between investigative and member agencies.
OP 5.3Prepare Plans and Orders
To make detailed plans, staff estimates, and decisions for implementing the geographic combatant commander's theater strategy, associated sequels, and anticipated campaigns or major operations. Plans and orders address, among other things, centers of gravity, branches, sequels, culminating points, and phasing. Planning includes organizing an effective staff, structuring and organizing the force, considering multinational capabilities/ limitations, and cross-leveling or balancing Service component, joint, and national command, control, communications, and computers (C4) means. Plans should address specific missions and tasks for subordinate joint or multinational task forces, Service and functional components and supporting commands and agencies.
UNCLASSIFIED/FOUO
20
Task Definitions (NMETL)Task Definitions (NMETL)
Label Task Name Task Description
NTA X.X.XPlans and Policy
NTA 5.5.5 Perform Information
Assurance
Protect and defend information and Information Systems ensuring their Confidentiality, Integrity, Availability, Authentication, and non-repudiation. Provide Restoration procedures by implementing protection, detection, and reaction capabilities
NTA.2.4.4.1
Identify Issues and
Threats Assess and identify threats which may impact national security interests and operations
SN 2.4.1
Evaluate, Integrate,
Analyze and Interpret
Information
Appraise the credibility, reliability, accuracy of information through a process of identifying patterns, conducting analysis, and interpreting its significance
NTA 5.2 Analyze and
Assess InformationContinuously evaluate information to determine and refine COA
NTA 2.4.5.3 Provide Indications &
Warning of ThreatProvide early warning of attacks to prevent surprise and reduce risk on planning assumptions
NTA 3.1.6.X
Develop Cyber
Counter- Targeting
Plans
Prevent enemy from attaining own force Cyber Targeting Plans
UNCLASSIFIED/FOUO
21
Task Definitions (NMETL)Task Definitions (NMETL)
Label Task Name Task Description
NTA 5.5.5.1Provide Computer
Network DefenseProtect and defend Information and Information Systems from disruption, denial, degradation, and destruction
NTA 5.5.XConduct Incident
Response Management
Employment of Cyber Incident response management techniques to restore cyber combat capabilities damaged by attack or natural occurences
NTA X.XProvide Trained
PersonnelProvide personnel trained to effectively and efficiently apply Commanders concept, intent, and objectives
UNCLASSIFIED/FOUO
22
STT Primary ReferencesSTT Primary References
• Net-Centric Data Strategy• DoD 8570.01-M Information Assurance Workforce Improvement
Program• NSTISSI No. 4011 National Training Standard For Information
Systems Security (INFOSEC) Professionals• Navy Enlisted Manpower Occupations and Standards Vol I & II• OPNAVINST 3500.34F Navy PQS Program• Joint Pub 3-13 Information OPS• DoDINST 8410.02 NetOPS for the GIG• NIST SP 800-53 Information Security• NTTP 3-32.1 Maritime Operations Center TTP• CONOPS for NETOPS, Information Operations and Space Center
(NIOSC) • National Military Strategy for Cyberspace Operations • NNWC NMETL for IO and SIGINT Capability Area Development• CJCSI 6510.01/ 01A/01E IO and CND Series• NWP3-63 Vol1 Computer Network Operations
UNCLASSIFIED/FOUO