unclassified 1 navy netops – aligning for the future capt doug swanson 3 mar 2011
TRANSCRIPT
UNCLASSIFIED
UNCLASSIFIED
1
Navy NetOps – Aligning for the Future
CAPT Doug Swanson3 Mar 2011
UNCLASSIFIED
UNCLASSIFIED
2
Roadmap
• What’s driving us?• Where we’ve been• Where we are• Where we’re going• How we’re getting there
– NGEN
– NETOPS Alignment• RNOSCs• GNOC Merger
– ITIL
– Inspections
– Shared SA
• Challenges Ahead
UNCLASSIFIED
UNCLASSIFIED
3
“We must maintain our preeminence in networks, intelligence, and information. There is no other Service or nation that is as good as we are.”
Admiral Gary RougheadChief of Naval Operations
17 July and 23 October 2009
Information as a Weapon
“Aligning intelligence and operations and optimizing the network in many
ways takes priority over the platform. If we don’t get the intelligence and
information right, then the platform is sub-optimized. Therefore we need to elevate the priority of information. Since we already think and operate
this way, it’s time aligned organizationally to sustain it … to
achieve prominence and dominance”
UNCLASSIFIED
UNCLASSIFIED
4
“The cyber threat to our country is real and growing. We are surrounded by foreign adversaries, terrorists, and criminal elements that are able to steal, alter or destroy vast amounts of sensitive government and private sector information --- perhaps most of it --- and to do so at will. In addition, many of our adversaries have or are seeking the knowledge, skills, technology and resources to infiltrate the networks used throughout our country.”
A Nation at Risk
Mike McConnellFormer Director of National Intelligence
UNCLASSIFIED
UNCLASSIFIED
5
Evolution and Organization
Naval Space Command
COMNAVCOMTELCOM
NCMS
NMSC
FIWC
NETWARCOMNetworks, IA,
Space, COMMS, INFO
OPS, CNO, COMSEC, IO
Naval Space Command
NCMS
NMSC
FIWC
USFF N6/CIO
FLEET C5I
Modernization
Naval Space Command
NCMS
NMSC
FIWC
USFF N6/CIO
FLEET C5I
Modernization
Cryptology/Signals Intel
Naval Space Command
NCMS
NMSC
FIWC
USFF N6/CIO
FLEET C5I
Modernization
Cryptology/Signals Intel
Naval Space Command
NCMS
NMSC
FIWC
USFF N6/CIO
FLEET C5I
Modernization
Cryptology/Signals Intel
Naval Space Command
NCMS
NMSC
FIWC
USFF N6/CIO
FLEET C5I
Modernization
Cryptology/Signals Intel
Navy Task Force CNO
NCDOCNAVCIRT
+Navy Task Force CNO
NCDOCNAVCIRT
+Navy Task Force CNO
NCDOCNAVCIRT
+
FLT Readiness Division
FLT Intel TYCOM
FLT Readiness Division
FLT Intel TYCOM
FLT Readiness Division
FLT Intel TYCOM
Naval Space Command
NCMS
NMSC
FIWC
USFF N6/CIO
FLEET C5I
Modernization
Cryptology/Signals Intel
Navy Task Force CNO
NCDOCNAVCIRT
+
FLT EW Center
FLT EW Center
USCYBERCOMFLTCYBERCOM
CYBERFOR NNWC Split
2002
2004
2005
2006
2008
2009
2010
COMNAVCOMTELCOM
COMNAVCOMTELCOM
COMNAVCOMTELCOM
COMNAVCOMTELCOM
COMNAVCOMTELCOM
COMNAVCOMTELCOM
UNCLASSIFIED
UNCLASSIFIED
6
CYBERFOR
STRATCOM
USCYBERCOM
FLTCYBERCOMUSFF
N6
Common Model
COMPACFLT
CNO
NCTAMS LANT NCTAMS PAC NAVSOC
NNWC
COM 10th FLT
NIOCsNCDOCNCTAMS
LANT / PAC
NNWC
NAVSOC
NCDOC
NIOCs
NCMS
AdministrativeOperational
NMSC
UNCLASSIFIED
UNCLASSIFIED
7
Mission StatementNaval Network Warfare Command/ Task Force 1010 commands and controls Navy Networks and leverages Joint Space capabilities to deliver Information Dominance for Navy and Joint operations.
Goal 1 - Achieve C2
Achieve effective Navy Network command and control (C2) through optimal organizational alignment, common architecture, mature processes and functions, and standard terminology.
Goal 2 - Enhance Security Posture
Enhance security posture, improve IT services and prepare for the future Naval Networking Environment by eliminating legacy networks.
Goal 3 - Deliver Space Products
Deliver enhanced Space products (Satellite Communications, Precision Navigation & Timing, Missile Warning, Intelligence Surveillance and Reconnaissance , and Meteorological Information) to Operating Forces by leveraging DOD,
National, commercial, and international Space capabilities.
Goal 4 - Optimize Navy Networks
Optimize Navy Networks by articulating and prioritizing operational requirements and issuing direction and guidance that implements Navy IM/IT policy.
Goal 5 - Achieve NetOps Mission Assurance
Achieve NetOps mission assurance (Network availability and security) through accreditation, operational inspection and certification, and uniform standards and metrics.
NETWARCOM Mission & Goals
Updated 24-Sep-10
UNCLASSIFIED
UNCLASSIFIED
8
NNE
Evolution of Navy Networks
Since Dec 2006, Navy has reduced the number of networks from 1300 to 350 with 120 additional
scheduled for termination by Oct 2011SubLANSubLAN
SCI NetworksSCI Networks
CENTRIX-MCENTRIX-M
ISNS / IT21ISNS / IT21
LegacyLegacy
MCENMCEN
ExceptedExcepted
Commonality•Services•Gold Disk
•Security Settings•Common Client
Hardware•Enterprise Software
Licensing•Common Application
Approval
NGENNGENONE-NETONE-NET
Combat Combat SystemsSystems
CANESCANES
MCEITSMCEITS
ExceptedExcepted
AF
LO
AT
AS
HO
RE
NMCI
ONE-NETONE-NET
8
UNCLASSIFIED
UNCLASSIFIED
9
Operational Alignment
Implement NETWARCOM Direction• Establish C2: Standardized policies,
procedures, processes and tools to operationalize NetOps.
Facilitate NNE Implementation• Need a Consistent Framework: Provide
a framework that aligns all NetOps programs under one strategic umbrella
(Starting with NGEN).
Improved Resource Alignment
• Justified Resourcing: Deliver consistent POM/PR submittals, SMRD reviews, and DRRS-N requirements, aligned to NetOps
strategy.
Desired Effect: A More Responsive, Agile, Secure, and Transparent NetOps Organization That Delivers Information Dominance to the Warfighter
Meet Warfighter Demands• Provide Predictive Operational
Support: Shared SA, codified relationships and authorities, and solid
reporting requirements.
As determined during Operation BUCKSHOT YANKEE, NETWARCOM and its subordinate commands are not optimally aligned to exercise C2 of NetOps across all dimensions of
warfare and all network enclaves.
Objectives:
UNCLASSIFIED
UNCLASSIFIED
10
Global Enterprise, Regionally Managed
Command
Control
Coordinate
NCTSs
C3F/C7FPACFLT
ONENET-FE
RNOSC PAC
PR NOCNGEN NOCs
C10F(CTF 1010)
DCO
CTF 1020
NCTSs
C2F/USFFC4F/
NAVSO
RNOSC LANT
UAR NOCNGEN NOC
DCO
NCTSs
C6FCNE/NAVAF
RNOSC EUR
DCO
NCTSs
C5FNAVCENT
RNOSC CENT
DCO
ECR NOCONENET-EU
IOR NOCONENET-ME
NIOCs, CND NIOCs, CND NIOCs, CND NIOCs, CND
MessagingServices
TacticalNetworkServices
CommunicationsServices
EnterpriseNetworkServices
NetOpsControlCenter
Voice & VideoServices
Standard Operations Dept. Alignment –
Services-Based
Field Services Disaster Recovery Asset Mgmt Config. MgmtSvc Desk Support
Data Center Ops Tech Supt. (T3) Security Mgmt
Sample Catalog
Service Lines
Change Mgmt
UNCLASSIFIED
UNCLASSIFIED
11
Aligning for C2
NGEN
Excepted Networks
IT-21ExceptedONE-Net
COSC
GN
OC
Merg
er &
NN
WC
Realig
nm
ent
30 APR 11
CT
F 1
010 / C10F
Enterprise View Strengthen the Region
GlobalNetOps
Alignment
RN
OS
C IO
C
28 JAN 11 30 SEP 11
Regional
Focus
and DCO
CND
CND
COSC
60%
IT-21ONE-Net
Excepted
30%
Legacy
Legacy
10%
Legacy
Integrate/ Aggregate
NGEN/CANES
-Unified
C2
2014+
UNCLASSIFIED
UNCLASSIFIED
12
Standardizing NETOPS Service Delivery through ITIL V3
UNCLASSIFIED
UNCLASSIFIED
13
Cyber Security Inspection and Certification Program
UNCLASSIFIED
UNCLASSIFIED
14
Afloat Assessments
T1
T2
T3
T4
0
5
10
15
20
25
30
35
40
45
Findings• USB Devices
• Patches
• Malware
• Unauthorized Software
• Root Level Access
• Weak / No Access Control Lists
• Unnecessary Open Ports
• Weak / Default Passwords
“Acc
epta
ble
”
“No
t A
ccep
tab
le”
T1 T2 T3 T4
5 35 43 14
Culture Conduct Capability
Same Problems Ashore
UNCLASSIFIED
UNCLASSIFIED
1515
Significant Findingsfor Shore Installations
Installation Location Enclave
COMPACFLT Oahu, HI NMCI
C3F HQ San Diego, CA NMCI, Legacy
NCTAMS PAC Oahu, HI IT-21
NCTS San Diego, CA IT-21
NCTS Yokosuka, Japan ONE-Net
NCTS Guam ONE-Net
Note: Not all installations had all of the findings listed below
•Extensive USB device usage•Malware present
•Unauthorized software installed on workstations•Unnecessary services running on workstations
•Unnecessary open ports on network hosts•Weak / Default passwords on system devices and privileged accounts
•Improper configuration of file system permissions
UNCLASSIFIED
UNCLASSIFIED
16
• Admin Program Review
(ADMAT)
Ready to Train
• Unit Level Training and Assessment
Ready to Operate
• External Inspection
Certified to Operate
EXPECT WHAT YOU INSPECT
Three year cycle tied to Network Authority to Operate (ATO) process with an annual drumbeat…
Stage 1 Stage 2 Stage 3
New Cyber Security Cycle
UNCLASSIFIED
UNCLASSIFIED
17
How are we
postured? What do weneed to do?
What are we
detecting?What’s happening
in Cyberspace of concern?
What is the scope of
the attack?
Who are the
victims?
Can we detect
malicious activity? Who needs
to be informed?
Situational AwarenessUnderstanding
networks
IntelligenceNational
rulesWindow to get
information Cognizance
Roles and Responsibilities
The Cyber COP
UNCLASSIFIED
UNCLASSIFIED
18
Challenges
• Converging strategy for C2 with emerging technology trends
• Negotiating/codifying regional C2 relationships and authorities
• Implementing an industry model in Navy• Workforce transition• Network instrumentation to support
C2/SA/COP• Risk Assessment• Resources
UNCLASSIFIED
UNCLASSIFIED
19
Questions
Naval Network Warfare Command2465 Guadalcanal Road
Virginia Beach VA 23459-3228(757) 417-6700
www.netwarcom.navy.mil
UNCLASSIFIED
UNCLASSIFIED
20
Backups
UNCLASSIFIED
UNCLASSIFIED
21
7 Step ITIL CSI Process
1. Define what you should measure
4. Process the data – align and rationalize data from disparate
sources
3. Compile available data – not only what is done, but when, how,
and by whom
2. Define what you can measure7. Implement
corrective action
6. Present and use the information to answer “Did we get there?”
and to determine next steps
5. Analyze the data – are there
relationships? Trends? Were targets
met? Were plans followed? Is
corrective action needed?
Identify• Vision
• Strategy• Tactical Goals
• Operational Goals
Goals
UNCLASSIFIED
UNCLASSIFIED
22
Questions
“Our Sailors must be empowered to operate and fight in a vast array of environments that range from failing states and ungoverned spaces to the most technologically advanced nations, virtual worlds and cyberspace.”
Statement of CNO to HASC,1 March 2006
UNCLASSIFIED
UNCLASSIFIED
23
C10F C2(CTF 1010)
Command – lawful command authority over subordinates by assignment or rank
Control – non-command authority exercised over activities of organizations
Coordinate – delegated authority for coordinating specific functions or activities
C10F(CTF 1010)
RNOSCCTF 10xxRegional
NIOC
Component & Numbered
FLT CDRs
CTF 1020
CND
FRAGO/TMS
SCI CHAT
CHAT
/MSG
/VOIC
E
CHAT/MSG/VOICE
CHAT/VOICE
OPORD OPTAS
K
DCO CONOPS
OPORD
CONOPS
DCO
CO
NO
PS
CHAT
/VO
ICE
FRAGO
• Comply w/Global Orders
• Impact limited to AOR• Report to CTF 1010
ASAP** Ops Urgency Prevails
San Diego
NCTSs NCTSs
Djibouti
NCTSs
C3F/C7FPACFLT
C2F/USFFC4F/NAVSO
C5FNAVCENT
C6FCNE/NAVAF
NIOCs, CND NIOCs, CND NIOCs, CND NIOCs, CND
ONENET-FE
RNOSC PAC
RNOSC LANT
RNOSC EUR
RNOSC CENT
PR NOC
NGEN NOCs NGEN NOCs
UAR NOC
IOR NOC
ONENET-ME
ECR NOC
ONENET-EU
C10FCTF 1010
UNCLASSIFIED
UNCLASSIFIED
24
Alignment Plan Timeline
3/10 8/10 8/10 7/12
Gain NNWC Leadership
Approval for Way Ahead
Form Overarching
and Core IPTs
Assume C2 of NMCI/
COSC
Commence Transition to RNOSCs
Complete Phase I.
10/10*
Gain FLTCYBER/
C10F Leadership
Approval for Way Ahead
4/10
* Initiate Exercise C2 over Critical Services
FOC expected 1 OCT 2011
Execute Phase I:
Mature and Consistent
C2
Achieve RNOSC Interim
Operational Capability
(IOC)
Achieve RNOSC Full Operational Capability
(FOC)
10/10 4/11 10/12
Objectives:Establish Command and Control (C2)
Provide Predictive Operational Support
Facilitate NNE Implementation
UNCLASSIFIED
UNCLASSIFIED
25
Defensive Cyberspace Operations
• DCO WO• Coordinate and execute regional DCO missions
• Incident Handling• Respond to network defense events and incidents
• Vulnerability Management• Vulnerability assessment, tracking and reporting
• Indications & Warning (I&W)• Identifies cyber threats• Correlates with AS&W reporting• Recommends countermeasures
• Attack Sensing and Warning (AS&W)• Identifies malicious changes• Detects, correlates and characterizes• Executes and validates countermeasures
• Forensics• Low priority incident triage analysis• Comprehensive malware and hard drive analysis
FOUO
FOUO
UNCLASSIFIED
UNCLASSIFIED
26
FY09/10 Significant CND Eventswith NETOPS Implications
INFO
CON 3
Term
inal
Fur
y ’0
9 (3
)
AFLO
AT SURG
E (1,2
)
USS XXXXXX (1
,2)
Ope
ratio
n B
UC
KSH
OT
YAN
KEE (1
,2,3
)
USS XXXXXXX (
1,2)
Term
inal
Fur
y ’1
0 (1
,2,3
)
2008 2009 2010
Nov
08
Nov
/Dec
08
Apr
09
May
09
Jun-
Sep
09
Apr
/May
10
May
10
Afloat Roles/ Responsibilities N6/N39?
1. Culture
2. Conduct
3. Capability
UNCLASSIFIED
UNCLASSIFIED
27
Solutions
• Culture– Accountability– Commander’s “Daily View”– Focus on 1000s of Threats– Damage Control, Force Protection
• Conduct– Enterprise C2– One Network, One Fight– Inspection Mentality– Proactive– OPREP 3– Physical Security– Compliance
• Capability– Network Visibility– Information Assurance– TYCOM– Dynamic Defense– Automation– Physical Security– PORs
UNCLASSIFIED
UNCLASSIFIED
28
Building the NetOps Workforce
• Transition to ITSM organizational and business model– ITIL-based– Reassessment of workforce skill sets– Competition with industry– INSERT ITIL TRAINING DATA HERE
UNCLASSIFIED
UNCLASSIFIED
29
Our Global Presence
NETWARCOM
NETWARCOM Presence
UNCLASSIFIED
UNCLASSIFIED
30
Evolution of Navy Networks
Existing Networks Naval Networking Environment (NNE)
Commonality
CANES
NGEN
NMCI
ONE-Net
ISNS/IT-21
CENTRIX-M
SCI Networks
SubLAN
MCEN
Excepted MCEITS
•Services•Gold Disk•Security Settings•Common ClientHardware•Enterprise SoftwareLicensing•Common Application Approval
AF
LO
AT
AS
HO
RE
Government controlled standardized Architecture & managed (Engineered) Interfaces
Excepted
De-centralized control with decentralized execution
Legacy
Navy has significantly reduced the number of networks
Combat Systems
One-Net
UNCLASSIFIED
UNCLASSIFIED
31
NetOps Command and Control(Starting with NGEN)
Shared SA + Authority + People + Processes + Tools = NetOps C2
• Synergy between:
– Visibility into health and status of the network
– SA of threat environment
– SA of operational environment
– Focus on mission priorities and Commander’s intent
• Authority, People, Processes, and Tools to direct appropriate actions on the network
• Synergy between:
– Visibility into health and status of the network
– SA of threat environment
– SA of operational environment
– Focus on mission priorities and Commander’s intent
• Authority, People, Processes, and Tools to direct appropriate actions on the network
UNCLASSIFIED
UNCLASSIFIED
32
Realignment Objectives
• Exercise command & control of Navy NETOPS
• Provide shared situational awareness and security posture to meet warfighter demands
• Deliver a consistent NETOPS framework for the future
• Foster a culture of accountability in NETOPS
• Improve resource alignment (people, tools, and finances)
UNCLASSIFIED
UNCLASSIFIED
33
Challenge: Dynamic Threat
From Eschelbeck, G., Do you feel the force?, July 2003 http://www.scmagazine.com/scmagazine/2003_07/cover/
Attack Sophistication versus Intruder Knowledge
Compression of the Discovery-Attack Life Cycle
• Has the situation improved or worsened since these graphs were produced?
• New exploits since 2003– Code Red, Slammer/Blaster, BotNets, Phishing & Spear Phishing, Cybercrime “for hire”
• What’s next? Can you help the Navy stay ahead?
UNCLASSIFIED
UNCLASSIFIED
34
Solutions
• Culture– Accountability – everybody has a role– Commander’s “Daily View”– Focus on 1000s of Threats– Damage Control, Force Protection
• Conduct– Enterprise C2– One Network, One Fight– Inspection Mentality– Proactive– Operational rigor & reporting
• Capability– Network Visibility– Information Assurance– Type Commander to focus on Man,
Train & Equip functions– Dynamic Defense– Automation
UNCLASSIFIED
UNCLASSIFIED
35
Transformation Strategy
MOC – RNOSC Construct
Synchronized Plan
1.RNOSC IOC → FOC2.C10F C2/SA3.CTF 1010 /C10F4.COSC → NGEN → NNE
CTF 1010 /C10F
NGEN C2 Implementation
C10F C2/SA
NetOps Alignment PlanJul 10
RNOSC IOCApr 11
N-Code StandardizationOct 10
GNOC Det MergerJan 11
RNOSC Build OutOct 11
Codified C2
Mutually Supportive
Unity of Effort
CSICPJan 11
UNCLASSIFIED
UNCLASSIFIED
36
Continual Service Improvement
CYBERFOR
•Plan •Requirements
Design•Builds Capability
•Gap Analysis
C10F / NNWC NetOps
•Test•Implement
•Execute
CSI
•Control•Measure•Design
•Prioritize•Coordinate
•Improve
Gaps
MeasureNEIRP
Fleet Reqs
PMW Reqs
NotionalNotional
UNCLASSIFIED
UNCLASSIFIED
37
• Desired Results:– Standardized, repeatable processes and procedures for supporting and
maintaining NETOPS services– Establish policy to guide process development and continual improvement– Common lexicon– Clearly defined roles and responsibilities– Establish tool standards that will enable “single source of information” for
collaboration and coordination of daily activities
Standardizing NETOPS Service Delivery through ITIL V3
• Operational Objectives– Navy Networks integrated within an effective NetOps C2 construct --
centralized, global and authoritative C2, regionally managed– SOPs to capture standardized network operations tactics, techniques and
procedures– Standardized NetOps capabilities that enable visibility and control -
processes, procedures, tools and core competencies– Accurate and timely information shared awareness enabling NetOps C2
Continual Service Improvement (CSI)
Info SecurityMgmt
AccessMgmt
ProblemMgmt
EventMgmt
Incident Mgmt
NetOps Directorate ACOS/Deputy/Admin/LCPO
NetOps-1 Network OpsDivDir&Deputy
BWC-ABWC/NetOps C2Service Operation
Trans/EntOps/Change(ASI)Network Performance
NetOps-2 IADiviDir&Deputy
IA/Compliance/IA Watch/DMZ/MOC/COI/Data
Conf/CTO(s)
NetOps-3 Enterprise Mgmt
DivDir & DeputiesTransport
GTSE/RF MgmtPier/Bdry/C2I
BAN-LAN/WANServices
Web/MessagingApps/DB-ESD/OSVOX-VID/File/COI
NetOps-5 Plans/policy/ExerciseFuture Ops/Process & Analysis/CSI/Future Plans/Exercise-COOP
CSI
CSICSI
OWNER: NNWC CIO
MANAGER: NETOPS-2OWNER & MANAGER:
NETOPS-1OWNER: NCF N4/7
MANAGER: NETOPS-3
UNCLASSIFIED
UNCLASSIFIED
39
NetOps - Command and Control
Network Command and Control equates to shared Situational Awareness and Unified C2
UNCLASSIFIED
UNCLASSIFIED
40
Information Dominance Warfare PQS
• Officer PQS– Approved by N2/N6 and Community Leaders, the IDC
PQS is in final stages of preparation for NETC publication
as NAVEDTRA 43360
– Individual community PQSs are undergoing review/update
• Information Warfare: Complete
• Information Professional Basic PQS working group
held in Jun
• Intel PQS update conference planned tentatively for
Aug/Sep
• Space Cadre PQS working group planned for Aug
• Enlisted PQS– Common Core assigned NAVEDTRA 43365
– 4 Command specific PQS completed: NCDOC,
NIOC, NCTAMS, ONI
– Common Core PQS currently being Beta tested and rolled
out to all commands
UNCLASSIFIED
UNCLASSIFIED
41
C10F Standing Task Organization
CTG 1000.1NIOC Menwith
Hill Station
CTG 1000.2NIOC
Sugar Grove
CTF 1000 C10F
Service Cryptologic Component Operations
CTG 1000.6NIOC
Maryland
CTG 1000.7NIOCHawaii
CTG 1000.5NIOC
Georgia
CTG 1000.4NIOCTexas
CTG 1000.3NIOC
Misawa
CTF 1030CO NIOC
Norfolk
C10F
CTG 1060.1NIOC
Maryland
CTF 1060CO NIOCMaryland
CTG 1030.2NIOC
San Diego
CTG 1070.2NIOC
Yokosuka
CTG 1070.3NIOC
Misawa
CTG 1070.1NIOCHawaii
CTG 1030.3NIOC
Whidbey Island
CTF 1070 CO NIOC
Hawaii
CTG 1050.1NIOC
Georgia
CTG 1050.2NIOC
Bahrain
CTF 1050CO NIOC
Georgia
CTF 1040CO NIOC
Texas
CTF 1020CO NCDOC
D/COM
CTG 1020.1NCDOC
CTG 1060.2FIOC
UK
CTG 1040.1NIOCTexas
CTF 1080 CO NIOCColorado
CTG 1010.2NCTAMS PAC
CTG 1010.3NAVSOC
CTG 1010.1NCTAMS LANT
CTF 1010COMNNWC
BWC
Computer Network DefenseNetOps/SpaceOps
Information Operations
Fleet and Theater Operations
Headquarters CTF 1090CO NIOC Suitland
CTG 1080.1NIOC
Colorado
CTG 1030.1NIOC
Norfolk
CTG 1000.8NIOC
Colorado
CTG 1000.9NIOD
Yakima
CTG 1020.2NIOC
Pensacola
CTG 1000.10NIOD
Alice Springs
R &D
Network Operations & Defense Group
UNCLASSIFIED
UNCLASSIFIED
42
NETWARCOM Organization
Commander
Deputyand
Chief of Staff
Navy Operational Designated Approving Authority
Network Operations
Cyber Asset Reduction &
Security
Space Operations
Network Assurance
& Command Information
Office
Office of Compliance and
Assessment
UNCLASSIFIED
UNCLASSIFIED
43
Big 7 ITIL Process Owners & Managers
OM
OM
O
NAVYCYBERFOR
Access Management - CIO O
Info Security Mgmt - CIO O
Access Mgmt – NetOps-2 M
Info Scty Mgmt – NetOps-2 M
Event Mgmt – NetOps-1 O M
Incident Mgmt – NetOps-1 O M
Problem Mgmt – NetOps-3 M
NAVNETWARCOM
Man, Train, Equip Operate
M
UNCLASSIFIED
UNCLASSIFIED
44
COMFLTCYBERCOM FT GEORGE G MEADE MD 282138Z JAN 11
“ THIS IS A COORDINATED COMPACTFLT, USFF, AND COMFLTCYERCOM MESSAGE TO IMPLEMENT A CNO
DIRECTED THREE-STAGE ENTERPRISE CYBER SECURITY INSPECTION AND CERTIFICATION PROGRAM
(CSICP). THIS PROGRAM WILL ENSURE THE HEALTH AND SECURITY OF NAVY NETWORKS AND CONNECTED COMBAT SYSTEMS, AND FORMALIZE A PROCESS THAT
PROVIDES CONTINUING OVERSIGHT AND ACCOUNTABILITY……. NAVY NETWORKS ARE A
COMBAT SYSTEM AND WILL ADHERE TO THE SAME INSPECTION AND CERTIFICATION RIGOR AS ALL
OTHER COMBAT SYSTEMS.”
Cyber Security Inspection and Certification Program (CSICP)
UNCLASSIFIED
UNCLASSIFIED
45
Our Global Presence
NETWARCOM
NETWARCOM Presence
45
For Official Use Only