SlideShare a Scribd company logo

Robert Carey, Principal Deputy CIO, DOD Insight session

Government Technology and Services Coalition
Government Technology and Services Coalition

Robert Carey joined GTSC for a session on DOD's technology priorities, cyber security and budget considerations for 2014/2015.

Technology
1 of 24
Download to read offline
DoD CIO UNCLASSIFIED DoD CIO Priorities for 2014 Robert J. Carey Principal Deputy Chief Information Officer U.S. Department of Defense January 17, 2014 SUPPORT THE WARFIGHTER
DoD CIO UNCLASSIFIED Agenda • DoD CIO Focus • DoD IT Environment • Movement toward the Joint Information Environment o Major Components of JIE o Work in Progress o Way Ahead • Additional Significant Work Streams o Cybersecurity o Mobility o Spectrum Strategy and Implementation Plan • How Can Industry Help SUPPORT THE WARFIGHTER 2
DoD CIO UNCLASSIFIED DoD CIO Focus • Deliver the Joint Information Environment o Major effort and change within the Department towards IT modernization • Strengthen Cyber Security o Improve information security from desktop to data center o Cyber workforce strategy o DoD strategy for defending networks and data • Deliver Secure Mobile Devices o Deploy and manage secure modern mobile devices • Manage RF Spectrum to support mission SUPPORT THE WARFIGHTER 3
DoD CIO UNCLASSIFIED What We’re About: Mission Assurance Warfighter Needs We must ensure access to information … on any device, at anytime, under all conditions, wherever the warfighter needs it … Mission assurance is DoD’s top priority SUPPORT THE WARFIGHTER 4
DoD CIO UNCLASSIFIED DoD IT Environment: Cyber Footprint DoD IT User Base IT Systems • ~1.4 million active duty • >10,000 operational systems (20% mission critical) • ~783,000 civilian personnel • ~1700 data centers • ~65,000 servers • ~7+ million computers and IT • ~1.2 million National Guard and Reserve devices • 5.5+ million family members and military retirees • Thousands of networks/enclaves Total IT Budget • 146 + countries • 5,000 + locations • 600,000 + buildings and structures • > $39.6B in FY14 • > $17.4B in IT Infrastructure • > $4.7B for cybersecurity • Thousands of email servers, firewalls, proxy servers, etc. • Mobile devices ~ 493,000 Blackberries ~ 41,000 iOS Systems (Pilots) ~ 8,700 Android Systems (Pilots) Scale of the footprint … scope of the challenge SUPPORT THE WARFIGHTER 5
DoD CIO UNCLASSIFIED What is the Joint Information Environment? • JIE (when delivered fully) will consist of: o ~25 Core Data Centers using common computing environment, ~800 smaller installation data centers (reduced from ~2000) that are secure, resilient and efficient o Coherent security architecture / protected networks with enhanced resiliency to int/ext threats o Common Enterprise Services that support the entire Department o Component built business/warfighter applications on a joint technology infrastructure • JIE implements joint network standards, specifications, and architectures driving commonality across a diverse DoD computing environment to drive greater security and information sharing This DoD-wide effort toward the JIE will: • Realign, restructure, modernize how IT (NIPRnet and SIPRnet) networks and systems are constructed, operated, and defended • Consolidate and standardize the design and architecture of the Department’s networks • Change Cyber Security Tactics, Techniques and Procedures SUPPORT THE WARFIGHTER 6
DoD CIO UNCLASSIFIED Benefits of the JIE • Enhanced Mission Effectiveness o o • Rapidly and dynamically respond to changing mission information needs for all operational scenarios Users and Systems will have timely and secure access to the data services needed to accomplish their assigned missions, regardless of their location or device Increased Security o Able to jointly See, Block, Maneuver across the whole of the DoD information Network • Allow Commanders to manage risks within regional domains o o Users and systems can trust their connection from end to end o Knowledge of the network, the data, and accesses with role and persona attribution o • C2 of the Network from USCC and component cyber commands Capabilities are remain available during contested or degraded cyber events Achieved IT Efficiencies o Information assets are joint assets, leverage by all for Department missions o Constant visibility into it expenditures through increased transparency o Maximize Enterprise purchasing and minimize variations SUPPORT THE WARFIGHTER 7
DoD CIO UNCLASSIFIED JIE Capabilities Provided to Programs Joint Information Environment Program Considerations Enterprise Operations Defined Enterprise IT Service Management Processes - Incident Mgmt Event Mgmt Problem Mgmt Change Mgmt Network Normalization End to End IP Transport Predictable Security Boundaries MPLS Virtual Networks with QoS Architecture patterns for Security - Monitoring C2 Architecture Patterns Single Security Architecture Data Center Consolidation Standard Approach to Security GFE Computing (e.g., cloud computing) - - - Zoned Approach Boundaries provided and managed at DoD Enterprise Standard Network Configurations for Security - Monitoring C2 - Capacity Services Storage Services Standard Network Configurations Enterprise Services Email IdAM Single Identity linked to DEERS Portal Services Instant Messaging/Chat/Pr esence Awareness VOIP/SVOIP Directory Services Single Security Architecture Architecture Patterns Authentication via Direct PKI or Gateway Service On-demand account provisioning Access management patterns for CND Help Desk What’s needed: Technical Documentation leading to the development of an Acquisition Baseline Transparent Documentation of IT Infrastructure Costs and Cost Recovery Approaches SUPPORT THE WARFIGHTER 9
DoD CIO UNCLASSIFIED JIE Progress to Date Network Consolidation Consolidating networks and IT infrastructure across the Department IOT increase operational effectiveness • Converging voice, data, video networks via EoIP & migrating to Enterprise (DISA provided )VoIP (call management) Services • Upgrade to network(MPLS) routers - managed by DISA, • USMC upgrading network (MPLS) routers • Service reduced gateways from 203 to 16 • Services reducing legacy networks • COCOM’s pursuing consolidated desktop initiative • COCOM’s consolidating HQs and component networks Enterprise Capabilities and Applications Reducing costs through movement to enterprise licensing, capability delivery and application reduction Enhancing Cyber Operations Security Improving ability to see and respond to Cyber Threats • Improved Security Architecture (~400 TLAs to 15 regional TLAs) supporting CONUS & SWA • USMC centralized Operations Center • Mandated use of Enterprise Directory Services and an authoritative identity data source • Established initial Enterprise Operations Center in Europe 1/24/2014 • • • • USA reduce applications by 30%; ID’d 2.5K of 10.6K to sunset Microsoft Joint Enterprise License Agreement USMC Data Center hosting Navy and DoJ apps DON adopts USMC PMO for DON ELAs; USN to complete 3 of 12 ELAs in FY 13 • USN reduced 25K applications to 6K • Coordinating Mission Partner Environment • Commercial cloud service offering pilot efforts SUPPORT THE WARFIGHTER 10
DoD CIO “All requirements set for IOC for JIE Increment-1 in the European and specified Africa Commands AORs have been met.” UNCLASSIFIED Key JIE Policies and Guidance 5 Oct 2011 5 Dec 2012 JIE Management Charter CDC DoD Chief Information Officer 1 Nov 2012 9 NOV 2012 Migration of Apps and systems by FY18 DoD CDC DoD UC Memo 11 Jul 2013 11 Jul 2013 JTSO Establishment Memo CJCS JIE Whitepaper 22 Jan 2013 JIE Operations CONOPS 1.0 JIE Management Construct CYBERCOM Tasking Order J3-13-0688 CC/S/A 31 Jul 2013 22 Jan 2013 5 SEP 2013 Directs implementation of key capabilities and sets conditions for future planning 23 Oct 2012 JIE Increment-1 Transition JIE Operations CONOPS CONOPS 2.0 25 Jul 2013 In progress 11 Jul 2013 6 SEP 2013 Implementation Guidance 26 Sep 2013 JIE ICD “JIE represents the largest restructuring of IT management in the history of the Depart of Defense.” In progress JIE Increment-1 Business Case Analysis “BCA…is the first step in aligning PPBE processes for JIE stakeholders” “…describes roles, responsibilities, functions and tasks…” 25 Jan 2013 DEE JOSG Establishment Memo 29 Aug 2012 12 Aug 2013 JIE Inc2 JIE Inc 1 IOC in Europe PACOM EDS Key JIE planning forums stood up with CC/S/A support and participation “First and foremost, JIE will improve mission effectiveness.” Joint Staff Places all JIE related capabilities under DOT&E oversight. 6 May 2013 12 SEP 2013 Identification of Data Center Types OT&E Oversight Memo DoD is committed to multi-year JIE effort directed by DoD CIO Directs DoD Components to participate and align resources to enable JIE Office of the Secretary of Defense 1/24/2014 JIE Implementation Memo JIE EXORD Modification 1 JIE EXORD Inactive/Not Complete Designates Defense Enterprise Email as an Enterprise Service and states inclusion in DoD Information Enterprise Architecture for compliance purposes SUPPORT THE WARFIGHTER Acronym Key CDC – Core Data Center DOT&E – Director of Operational Test & Evaluation EDS – Enterprise Directory Services EXORD – Execution Order DEE- Defense Enterprise Email ICD - Initial Capabilities Document IOC – Initial Operational Capability ITESR – IT Enterprise Strategy and Roadmap JMC – JIE Management Construct JOSG – JIE Operational Sponsor Group JTSO – JIE Technical Synchronization Office OT&E – Operational Test & Evaluation UC- Unified Capabilities UCP – Unified Command Plan DoD Acquisition, Budget & Requirements Processes DoD ITESR 11
DoD CIO UNCLASSIFIED Key JIE Related Architecture Artifacts DoDI 8100.04 Policy & Guidance 9 DEC 2010 Establishes governing policy for Unified Capabilities products and services supported on DoD networks. In Progress Provides direction for identifying, developing, and prescribing IT, including NSS and DBS, standards In Progress architecture-based approach for interoperability analysis; Establishes the requirement for enterprise services to be certified for interoperability. IdAM Data Dictionary DoDI 8270.bb Establishes the role of the DoD EA in providing context and rules for accomplishing the mission of the Department. In Progress In Progress In progress Merges the architecture content and guidance of DoD IEA v2.0 and the JIE EA into a single, integrated, authoritative architecture for the Information Enterprise. EANCS ADORA CDC RA SSA RA UC RA IdAM RA EOC RA 24 AUG 2010 29 Aug 2012 18 SEP 2012 MAY 2013 8 FEB 2013 In Review In Progress Reference Architectures Solution Architectures 1/24/2014 14 AUG Naming Specification Informational Guidance; Currently Under TWG 2013 Review DoD IEA v3.0 In Formal Review; expected to be approved for JIE RA and SA development in 1QFY14 Approved 10 Aug 2012; Foundation for the JIE EA 10 AUG 2012 DoDI 8330.aa capability-focused, JIE EA v0.4 DoD IEA v2.0 Enterprise Architecture Establishes a DoDI 8310.aa SAs Under Development by IDTs: IdAM: Directory Services, Synchronization Services, Authentication GW Services, People & Organization Discovery Services, Enclave Attribute Services, and DoD Visitor SSA: Enterprise Perimeter Protection, Base Area Network(ICAN), and Enterprise IA Security CDC: Core Data Center, Installation Process Node (IPN), and Installation Services Node (ISN) NNT: Wide Area Network (WAN), SATCOM Gateway, and Mobility Gateway Unified Capabilities EOC/OOB Instrumentation SUPPORT THE WARFIGHTER EC RA Provide Strategic Purpose, Principles, Patterns, Technical Positions and Vocabulary for Solution In progress Architecture development Acronym Key IEA – Information Enterprise Architecture JIE EA – Joint Information Environment Enterprise Architecture EANCS – Enterprise-wide Access to Network and Collaboration Services ADO – Active Directory Optimization CDC – Core Data Center SSA – Single Security Architecture UC – Unified Capabilities IdAM – Identity and Access Management EOC – Enterprise Operations Center EC – Enterprise Cloud NNT – Network Normalization and Transport OOB – Out Of Band 12
DoD CIO UNCLASSIFIED JIE Way Ahead • Continue to leverage COCOMs, Services and Agencies IT initiatives to achieve end-state • Drive implementation and execution actions necessary to deliver capabilities o Acquire via component normal tech refresh process to standards and architectures defined as JIE norms • Improve IT Budget transparency to align spend • Develop and deploy policies, procedures, oversight, and culture that enables info sharing • Accelerate initiatives where feasible to move effort forward • Consolidate/standardize elements of networks to more effectively defend them and confront threats with agile information sharing SUPPORT THE WARFIGHTER 13
DoD CIO UNCLASSIFIED Additional Significant Work Streams • Cybersecurity • Mobility • Spectrum Strategy and Implementation Plan 1/24/2014 SUPPORT THE WARFIGHTER 14
DoD CIO UNCLASSIFIED Sophistication of available tools is GROWING Growth of the Cyber Threat ? High Sophistication Sophistication required of Actors is DECLINING sophisticated C2 cross site scripting “stealth” / advanced scanning techniques packet spoofing sniffers denial of service sweepers staging Distributed attack tools www attacks automated probes/scans graphic user interface back doors disabling audits “Cyberspace is real. And so are the risks that come with it.” -President Obama, 29 May 09 exploiting known vulnerabilities password cracking self-replicating code password guessing 1980 1985 ? network mgmt. diagnostics hijacking sessions burglaries Low phishing 1990 1995 2000 SUPPORT THE WARFIGHTER 2010 2015 15
DoD CIO UNCLASSIFIED Defending DoD Networks & Systems: Cyber Strategic Choices for 2020 Shift to Proactive Cyber Defense Operations Deliver Adaptable Cyber Defense Solutions Enhance Cyber Situational Awareness and Partnering Fully employ active cyber defense Architect a defensible information environment Improve the cyber sensing infrastructure Provide forces to maneuver and influence Strengthen data defenses Harness the power of Big Data analytics Mitigate all phases of cyber aggression Engineer unpredictable defenses Implement a multimission cyber operational picture Institutionalize cyber threat-based engineering & acquisition Capitalize on the strengths of publicprivate partnerships Defend beyond DoD boundaries Assure Survivability against Catastrophic Cyber Attacks High priority mission areas Prepare for success against large-scale cyber- attack S P P O R T H W A R F I Mission Focusing CyberUDefense TonEAssuredG H T E R Execution 16
DoD CIO UNCLASSIFIED JIE Security Architecture Overview The intent of the security architecture is to: • Create a coherent, uniform and standards-based security construct o Uniform Service/Capability Delivery o Ability to Standardize Ingress/Egress connectivity as well as O&M processes • Improve Performance of Security o Provide full security suite capability to every Base / Post / Camp / Station o Fill known holes in the current security architecture o Provide full visibility, move away from standalone to an enterprise security solution o Reduced lateral movement beneath the Regional Security Stacks o Enclave boundaries clearly defined and centrally managed o Provide a Security Infrastructure that is Always On, Always Connected • Improve Cost of Security o Cost avoidance associated with life-cycle of hardware, eliminate localized Security Stacks, by delivering the same services through 11 Centralized Security Stacks. o o Cost avoidance associated with scaling to meet emerging requirements o 1/24/2014 Cost avoidance associated with operations and maintenance No new hardware simply add virtual instances SUPPORT THE WARFIGHTER 17
DoD CIO UNCLASSIFIED JIE SSA Architecture Overview (V2.0) • JIE Single Security Architecture team delivered the JIE SSA RA Version 2.0 and receiving comments from the Architecture Working Group (AWG) – Enterprise Perimeter Protections – NIPR & SIPR – Cross Domain Security – Common Network Interfaces – CND views • Version 3.0 will include Mission Partner Environment (MPE), SATCOM, UC, and IdAM 1/24/2014 SUPPORT THE WARFIGHTER 18
DoD CIO UNCLASSIFIED What actions are we taking? • Evolving DoD’s defenses: o o o o Standardization and consolidation of the infrastructure Layering defenses Deploying identity tools – PKI all network domains Improving monitoring • Multiple efforts to contain, dampen, detect, diagnose, and respond to successful or partially successful cyber intrusions and attacks include: o o Network hardening Moving toward more automation via continuous monitoring SUPPORT THE WARFIGHTER 19
DoD CIO UNCLASSIFIED DoD Mobility Strategy • DoD Mobile Device Strategy, Jun 2012 • DoD CMD Implementation Plan, Feb 2013 • Mobility STIGs (iOS, Android, BB), May 2013 • Commercial Classified Solution (Secret), May 2013 • DISA MDM/MAS award, Jun 2013 • Defense Enterprise Email, Sept 2013 • DoD Enterprise MDM and Mobile App Storefront, Dec 2013 • Commercial Classified Solution (Top Secret), May 2013 • Modified CMD Security Approval Process, July 2014 • SME PED end-of-life, Dec 2014 SUPPORT THE WARFIGHTER 20
DoD CIO UNCLASSIFIED DoD Mobility Strategy & Implementation Plan Mobile Device Policies and Standards Promote the development and User of DoD Mobile & Web-Enabled Apps An enterprise Mobility services for Classified & Unclassified capabilities DoD Mobility Strategy NEW SPEC ? MAM MAS MDM Business Case Analysis CAC/PIV 2012 Integration MDM/MAS Award BYOD TBD FY13 FY14 FY15 - 17 FY17 - Beyond Enterprise Solution Information Enterprise Infrastructure to support Mobile Devices BCA – Business Case Analysis BYOD – Bring Your Own Device CMD – Commercial Mobile Device DoDI – DoD Instruction MAM – Mobile Application Management MAS – Mobile Application Store MDM – Mobile Device Management MILDEP – Military Department PIV – Personal Identity Verification SME PED – Secure Mobile Environment Portable Electronic Device Expedite Approval Process CMD Pilot Consolidation DoDI 8100.02 Mobility Gateways FY13-14 DoD CIO Consolidation Plan Phase-out SME PED Federal Digital Strategies New Classified Capability Federal Standards SUPPORT THE WARFIGHTER Primary Communication for ROUTINE DoD Users is Wireless Technology Insertion 21
DoD CIO UNCLASSIFIED Challenge: Rapidly Changing Spectrum Use Battlefield Training/Testing • Constraining Regulatory Environment • Cyber warfare •Mobility Strategy •More unmanned systems • More powerful radars to combat stealthier threats • Increasing data rates • Connectivity to lower echelons Increasingly Contested & Congested • Repurposing/Spectrum Sharing • Auctions of Federal spectrum in US • Reallocation of military spectrum in host nations Wireless Industry Mobile International Coalition • Jamming • Exponential increase in wireless devices worldwide DoD’s exclusive access to spectrum WILL BE reduced and challenged – in US and overseas spectrum sharing and co-use is a certainty SUPPORT THE WARFIGHTER 22
DoD CIO UNCLASSIFIED Response: DoD Electromagnetic Spectrum Strategy Vision: Spectrum access when and where needed to achieve mission success Goal 1: Increase efficiency, flexibility, and adaptability • • • • Spectrum Operations Goal 2: Increase agility • Develop near real-time spectrum operations • Advance ability to mitigate interference • Modify policy, regulation and standards to allow agile spectrum operations Spectrum Regulation and Policy Goal 3: Sharpen responsiveness • Reform DoD’s ability to assess regulatory/policy proposals • Expand DoD participation in regulatory/policy discussions • Institutionalize DoD’s ability to adapt to regulatory/policy changes Spectrum Dependent Systems Expedite development of spectrum efficient and flexible technologies Accelerate sharing technologies Adopt commercial services where feasible Strengthen enterprise oversight • A paradigm shift - Improvements to spectrum management and spectrum efficiency are necessary, but not sufficient - spectrum access through sharing is required to increase DoD’s spectrum access opportunities • Advancements in technology and associated policy/regulations are needed • Required for success: Collaboration/partnerships AND Leadership/ Accountability Working toward “win-win” for DoD, other federal users, and the wireless industry SUPPORT THE WARFIGHTER 23
DoD CIO UNCLASSIFIED How can you Help? • Ask hard questions…propose answers in the context of our problem set • Leverage your best and brightest • Help us find lasting, innovative solutions • Be part of our success Collaboration – Key to conquering our challenges SUPPORT THE WARFIGHTER 24
DoD CIO UNCLASSIFIED QUESTIONS? SUPPORT THE WARFIGHTER 25

Recommended

David Knox: How do we Protect our Systems and Meet Compliance in a Rapidly Ch...
David Knox: How do we Protect our Systems and Meet Compliance in a Rapidly Ch...David Knox: How do we Protect our Systems and Meet Compliance in a Rapidly Ch...
David Knox: How do we Protect our Systems and Meet Compliance in a Rapidly Ch...Government Technology and Services Coalition
 
Dr. Jim Murray: How do we Protect our Systems and Meet Compliance in a Rapidl...
Dr. Jim Murray: How do we Protect our Systems and Meet Compliance in a Rapidl...Dr. Jim Murray: How do we Protect our Systems and Meet Compliance in a Rapidl...
Dr. Jim Murray: How do we Protect our Systems and Meet Compliance in a Rapidl...Government Technology and Services Coalition
 
Key Cyber Security Issues for Government Contractors
Key Cyber Security Issues for Government ContractorsKey Cyber Security Issues for Government Contractors
Key Cyber Security Issues for Government ContractorsGovernment Technology and Services Coalition
 
Integration of Technology & Compliance Presented by John Heintz, CPS Energy
Integration of Technology & Compliance Presented by John Heintz, CPS EnergyIntegration of Technology & Compliance Presented by John Heintz, CPS Energy
Integration of Technology & Compliance Presented by John Heintz, CPS Energystacybre
 
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...TheAnfieldGroup
 
Technologies for Security and Compliance by Ken McIntyre, Ercot
Technologies for Security and Compliance by Ken McIntyre, ErcotTechnologies for Security and Compliance by Ken McIntyre, Ercot
Technologies for Security and Compliance by Ken McIntyre, ErcotTheAnfieldGroup
 
Midway Swiss Case Study: Journey towards CMMC Compliance with Ignyte
Midway Swiss Case Study: Journey towards CMMC Compliance with IgnyteMidway Swiss Case Study: Journey towards CMMC Compliance with Ignyte
Midway Swiss Case Study: Journey towards CMMC Compliance with IgnyteIgnyte Assurance Platform
 
The privacy and security implications of AI, big data and predictive analytics
The privacy and security implications of AI, big data and predictive analyticsThe privacy and security implications of AI, big data and predictive analytics
The privacy and security implications of AI, big data and predictive analyticsDan Michaluk
 

Recommended

David Knox: How do we Protect our Systems and Meet Compliance in a Rapidly Ch...
David Knox: How do we Protect our Systems and Meet Compliance in a Rapidly Ch...David Knox: How do we Protect our Systems and Meet Compliance in a Rapidly Ch...
David Knox: How do we Protect our Systems and Meet Compliance in a Rapidly Ch...Government Technology and Services Coalition
 
Dr. Jim Murray: How do we Protect our Systems and Meet Compliance in a Rapidl...
Dr. Jim Murray: How do we Protect our Systems and Meet Compliance in a Rapidl...Dr. Jim Murray: How do we Protect our Systems and Meet Compliance in a Rapidl...
Dr. Jim Murray: How do we Protect our Systems and Meet Compliance in a Rapidl...Government Technology and Services Coalition
 
Key Cyber Security Issues for Government Contractors
Key Cyber Security Issues for Government ContractorsKey Cyber Security Issues for Government Contractors
Key Cyber Security Issues for Government ContractorsGovernment Technology and Services Coalition
 
Integration of Technology & Compliance Presented by John Heintz, CPS Energy
Integration of Technology & Compliance Presented by John Heintz, CPS EnergyIntegration of Technology & Compliance Presented by John Heintz, CPS Energy
Integration of Technology & Compliance Presented by John Heintz, CPS Energystacybre
 
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...TheAnfieldGroup
 
Technologies for Security and Compliance by Ken McIntyre, Ercot
Technologies for Security and Compliance by Ken McIntyre, ErcotTechnologies for Security and Compliance by Ken McIntyre, Ercot
Technologies for Security and Compliance by Ken McIntyre, ErcotTheAnfieldGroup
 
Midway Swiss Case Study: Journey towards CMMC Compliance with Ignyte
Midway Swiss Case Study: Journey towards CMMC Compliance with IgnyteMidway Swiss Case Study: Journey towards CMMC Compliance with Ignyte
Midway Swiss Case Study: Journey towards CMMC Compliance with IgnyteIgnyte Assurance Platform
 
The privacy and security implications of AI, big data and predictive analytics
The privacy and security implications of AI, big data and predictive analyticsThe privacy and security implications of AI, big data and predictive analytics
The privacy and security implications of AI, big data and predictive analyticsDan Michaluk
 
Vulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyVulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyNandita Nityanandam
 
Full Cybersecurity Regulations Overview for DoD Prime and Subcontractors
Full Cybersecurity Regulations Overview for DoD Prime and SubcontractorsFull Cybersecurity Regulations Overview for DoD Prime and Subcontractors
Full Cybersecurity Regulations Overview for DoD Prime and SubcontractorsIgnyte Assurance Platform
 
Government Webinar: Preparing for CMMC Compliance Roundtable
Government Webinar: Preparing for CMMC Compliance Roundtable Government Webinar: Preparing for CMMC Compliance Roundtable
Government Webinar: Preparing for CMMC Compliance Roundtable SolarWinds
 
Leveraging Purchase Power and Standards to Improve Security in the IT Supply ...
Leveraging Purchase Power and Standards to Improve Security in the IT Supply ...Leveraging Purchase Power and Standards to Improve Security in the IT Supply ...
Leveraging Purchase Power and Standards to Improve Security in the IT Supply ...John Gilligan
 
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...TheAnfieldGroup
 
How to Comply with NIST 800-171
How to Comply with NIST 800-171How to Comply with NIST 800-171
How to Comply with NIST 800-171Corserva
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case StudyDigital Bond
 
Intel Cyber Security Briefing at the Cyberstrat14 Security Conference in Hels...
Intel Cyber Security Briefing at the Cyberstrat14 Security Conference in Hels...Intel Cyber Security Briefing at the Cyberstrat14 Security Conference in Hels...
Intel Cyber Security Briefing at the Cyberstrat14 Security Conference in Hels...Matthew Rosenquist
 
Managing Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust PrinciplesManaging Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust PrinciplesControlCase
 
Continuous Compliance Monitoring
Continuous Compliance MonitoringContinuous Compliance Monitoring
Continuous Compliance MonitoringControlCase
 
PCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudPCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudControlCase
 
The RIPE Experience
The RIPE ExperienceThe RIPE Experience
The RIPE ExperienceDigital Bond
 
Achieving Visible Security at Scale with the NIST Cybersecurity Framework
Achieving Visible Security at Scale with the NIST Cybersecurity FrameworkAchieving Visible Security at Scale with the NIST Cybersecurity Framework
Achieving Visible Security at Scale with the NIST Cybersecurity FrameworkKevin Fealey
 
GDPR
GDPRGDPR
GDPRRajivarnan R
 
Huntsville GovCon Growth Summit 2020 - Summit 7 - Cybersecurity Maturity Mode...
Huntsville GovCon Growth Summit 2020 - Summit 7 - Cybersecurity Maturity Mode...Huntsville GovCon Growth Summit 2020 - Summit 7 - Cybersecurity Maturity Mode...
Huntsville GovCon Growth Summit 2020 - Summit 7 - Cybersecurity Maturity Mode...Unanet
 
Laying the Foundation: The Need for Cybersecurity in U.S. Manufacturing
Laying the Foundation: The Need for Cybersecurity in U.S. ManufacturingLaying the Foundation: The Need for Cybersecurity in U.S. Manufacturing
Laying the Foundation: The Need for Cybersecurity in U.S. ManufacturingIgnyte Assurance Platform
 
Assessing the Security of Cloud SaaS Solutions
Assessing the Security of Cloud SaaS SolutionsAssessing the Security of Cloud SaaS Solutions
Assessing the Security of Cloud SaaS SolutionsDigital Bond
 
AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014KBIZEAU
 
IT Service & Asset Management Better Together
IT Service & Asset Management Better TogetherIT Service & Asset Management Better Together
IT Service & Asset Management Better TogetherIvanti
 
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...Cohesive Networks
 
20090921 Risacher To Ncoic Cloud Storefront
20090921 Risacher To Ncoic Cloud Storefront20090921 Risacher To Ncoic Cloud Storefront
20090921 Risacher To Ncoic Cloud StorefrontGovCloud Network
 
Complete Presentation | Federal Mobile Computing Summit | July 9, 2013
Complete Presentation | Federal Mobile Computing Summit | July 9, 2013Complete Presentation | Federal Mobile Computing Summit | July 9, 2013
Complete Presentation | Federal Mobile Computing Summit | July 9, 2013Tim Harvey
 

More Related Content

What's hot

Vulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyVulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyNandita Nityanandam
 
Full Cybersecurity Regulations Overview for DoD Prime and Subcontractors
Full Cybersecurity Regulations Overview for DoD Prime and SubcontractorsFull Cybersecurity Regulations Overview for DoD Prime and Subcontractors
Full Cybersecurity Regulations Overview for DoD Prime and SubcontractorsIgnyte Assurance Platform
 
Government Webinar: Preparing for CMMC Compliance Roundtable
Government Webinar: Preparing for CMMC Compliance Roundtable Government Webinar: Preparing for CMMC Compliance Roundtable
Government Webinar: Preparing for CMMC Compliance Roundtable SolarWinds
 
Leveraging Purchase Power and Standards to Improve Security in the IT Supply ...
Leveraging Purchase Power and Standards to Improve Security in the IT Supply ...Leveraging Purchase Power and Standards to Improve Security in the IT Supply ...
Leveraging Purchase Power and Standards to Improve Security in the IT Supply ...John Gilligan
 
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...TheAnfieldGroup
 
How to Comply with NIST 800-171
How to Comply with NIST 800-171How to Comply with NIST 800-171
How to Comply with NIST 800-171Corserva
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case StudyDigital Bond
 
Intel Cyber Security Briefing at the Cyberstrat14 Security Conference in Hels...
Intel Cyber Security Briefing at the Cyberstrat14 Security Conference in Hels...Intel Cyber Security Briefing at the Cyberstrat14 Security Conference in Hels...
Intel Cyber Security Briefing at the Cyberstrat14 Security Conference in Hels...Matthew Rosenquist
 
Managing Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust PrinciplesManaging Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust PrinciplesControlCase
 
Continuous Compliance Monitoring
Continuous Compliance MonitoringContinuous Compliance Monitoring
Continuous Compliance MonitoringControlCase
 
PCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudPCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudControlCase
 
The RIPE Experience
The RIPE ExperienceThe RIPE Experience
The RIPE ExperienceDigital Bond
 
Achieving Visible Security at Scale with the NIST Cybersecurity Framework
Achieving Visible Security at Scale with the NIST Cybersecurity FrameworkAchieving Visible Security at Scale with the NIST Cybersecurity Framework
Achieving Visible Security at Scale with the NIST Cybersecurity FrameworkKevin Fealey
 
Huntsville GovCon Growth Summit 2020 - Summit 7 - Cybersecurity Maturity Mode...
Huntsville GovCon Growth Summit 2020 - Summit 7 - Cybersecurity Maturity Mode...Huntsville GovCon Growth Summit 2020 - Summit 7 - Cybersecurity Maturity Mode...
Huntsville GovCon Growth Summit 2020 - Summit 7 - Cybersecurity Maturity Mode...Unanet
 
Laying the Foundation: The Need for Cybersecurity in U.S. Manufacturing
Laying the Foundation: The Need for Cybersecurity in U.S. ManufacturingLaying the Foundation: The Need for Cybersecurity in U.S. Manufacturing
Laying the Foundation: The Need for Cybersecurity in U.S. ManufacturingIgnyte Assurance Platform
 
Assessing the Security of Cloud SaaS Solutions
Assessing the Security of Cloud SaaS SolutionsAssessing the Security of Cloud SaaS Solutions
Assessing the Security of Cloud SaaS SolutionsDigital Bond
 
AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014KBIZEAU
 
IT Service & Asset Management Better Together
IT Service & Asset Management Better TogetherIT Service & Asset Management Better Together
IT Service & Asset Management Better TogetherIvanti
 
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...Cohesive Networks
 

What's hot (20)

Vulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyVulnerability Testing Services Case Study
Vulnerability Testing Services Case Study
 
Full Cybersecurity Regulations Overview for DoD Prime and Subcontractors
Full Cybersecurity Regulations Overview for DoD Prime and SubcontractorsFull Cybersecurity Regulations Overview for DoD Prime and Subcontractors
Full Cybersecurity Regulations Overview for DoD Prime and Subcontractors
 
Government Webinar: Preparing for CMMC Compliance Roundtable
Government Webinar: Preparing for CMMC Compliance Roundtable Government Webinar: Preparing for CMMC Compliance Roundtable
Government Webinar: Preparing for CMMC Compliance Roundtable
 
Leveraging Purchase Power and Standards to Improve Security in the IT Supply ...
Leveraging Purchase Power and Standards to Improve Security in the IT Supply ...Leveraging Purchase Power and Standards to Improve Security in the IT Supply ...
Leveraging Purchase Power and Standards to Improve Security in the IT Supply ...
 
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...
 
How to Comply with NIST 800-171
How to Comply with NIST 800-171How to Comply with NIST 800-171
How to Comply with NIST 800-171
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case Study
 
Intel Cyber Security Briefing at the Cyberstrat14 Security Conference in Hels...
Intel Cyber Security Briefing at the Cyberstrat14 Security Conference in Hels...Intel Cyber Security Briefing at the Cyberstrat14 Security Conference in Hels...
Intel Cyber Security Briefing at the Cyberstrat14 Security Conference in Hels...
 
Managing Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust PrinciplesManaging Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust Principles
 
Continuous Compliance Monitoring
Continuous Compliance MonitoringContinuous Compliance Monitoring
Continuous Compliance Monitoring
 
PCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudPCI DSS Compliance in the Cloud
PCI DSS Compliance in the Cloud
 
The RIPE Experience
The RIPE ExperienceThe RIPE Experience
The RIPE Experience
 
Achieving Visible Security at Scale with the NIST Cybersecurity Framework
Achieving Visible Security at Scale with the NIST Cybersecurity FrameworkAchieving Visible Security at Scale with the NIST Cybersecurity Framework
Achieving Visible Security at Scale with the NIST Cybersecurity Framework
 
GDPR
GDPRGDPR
GDPR
 
Huntsville GovCon Growth Summit 2020 - Summit 7 - Cybersecurity Maturity Mode...
Huntsville GovCon Growth Summit 2020 - Summit 7 - Cybersecurity Maturity Mode...Huntsville GovCon Growth Summit 2020 - Summit 7 - Cybersecurity Maturity Mode...
Huntsville GovCon Growth Summit 2020 - Summit 7 - Cybersecurity Maturity Mode...
 
Laying the Foundation: The Need for Cybersecurity in U.S. Manufacturing
Laying the Foundation: The Need for Cybersecurity in U.S. ManufacturingLaying the Foundation: The Need for Cybersecurity in U.S. Manufacturing
Laying the Foundation: The Need for Cybersecurity in U.S. Manufacturing
 
Assessing the Security of Cloud SaaS Solutions
Assessing the Security of Cloud SaaS SolutionsAssessing the Security of Cloud SaaS Solutions
Assessing the Security of Cloud SaaS Solutions
 
AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014
 
IT Service & Asset Management Better Together
IT Service & Asset Management Better TogetherIT Service & Asset Management Better Together
IT Service & Asset Management Better Together
 
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...
 

Viewers also liked

20090921 Risacher To Ncoic Cloud Storefront
20090921 Risacher To Ncoic Cloud Storefront20090921 Risacher To Ncoic Cloud Storefront
20090921 Risacher To Ncoic Cloud StorefrontGovCloud Network
 
Complete Presentation | Federal Mobile Computing Summit | July 9, 2013
Complete Presentation | Federal Mobile Computing Summit | July 9, 2013Complete Presentation | Federal Mobile Computing Summit | July 9, 2013
Complete Presentation | Federal Mobile Computing Summit | July 9, 2013Tim Harvey
 
Dmg tem2011-0718-02 norton cmd disa mitre overview - v9
Dmg tem2011-0718-02 norton cmd disa mitre overview - v9Dmg tem2011-0718-02 norton cmd disa mitre overview - v9
Dmg tem2011-0718-02 norton cmd disa mitre overview - v9jakreile
 
Cloud Computing In DoD, IDGA Presentation
Cloud Computing In DoD, IDGA PresentationCloud Computing In DoD, IDGA Presentation
Cloud Computing In DoD, IDGA PresentationGovCloud Network
 
Dmg tem2011-0718-05 madina--cto ns mobility pp
Dmg tem2011-0718-05 madina--cto ns mobility ppDmg tem2011-0718-05 madina--cto ns mobility pp
Dmg tem2011-0718-05 madina--cto ns mobility ppjakreile
 
Aws 2008 Cloud Computing Ncoic
Aws 2008 Cloud Computing NcoicAws 2008 Cloud Computing Ncoic
Aws 2008 Cloud Computing NcoicGovCloud Network
 
Global BBC iPlayer designed by pinch/zoom
Global BBC iPlayer designed by pinch/zoomGlobal BBC iPlayer designed by pinch/zoom
Global BBC iPlayer designed by pinch/zoomBrian Fling
 
Office Chief of Cyber Personnel Presentation: TechNet Augusta 2015
Office Chief of Cyber Personnel Presentation: TechNet Augusta 2015Office Chief of Cyber Personnel Presentation: TechNet Augusta 2015
Office Chief of Cyber Personnel Presentation: TechNet Augusta 2015AFCEA International
 

Viewers also liked (10)

20090921 Risacher To Ncoic Cloud Storefront
20090921 Risacher To Ncoic Cloud Storefront20090921 Risacher To Ncoic Cloud Storefront
20090921 Risacher To Ncoic Cloud Storefront
 
Complete Presentation | Federal Mobile Computing Summit | July 9, 2013
Complete Presentation | Federal Mobile Computing Summit | July 9, 2013Complete Presentation | Federal Mobile Computing Summit | July 9, 2013
Complete Presentation | Federal Mobile Computing Summit | July 9, 2013
 
Dmg tem2011-0718-02 norton cmd disa mitre overview - v9
Dmg tem2011-0718-02 norton cmd disa mitre overview - v9Dmg tem2011-0718-02 norton cmd disa mitre overview - v9
Dmg tem2011-0718-02 norton cmd disa mitre overview - v9
 
Cloud Computing In DoD, IDGA Presentation
Cloud Computing In DoD, IDGA PresentationCloud Computing In DoD, IDGA Presentation
Cloud Computing In DoD, IDGA Presentation
 
Esquerdo normal direito
Esquerdo normal direitoEsquerdo normal direito
Esquerdo normal direito
 
Dmg tem2011-0718-05 madina--cto ns mobility pp
Dmg tem2011-0718-05 madina--cto ns mobility ppDmg tem2011-0718-05 madina--cto ns mobility pp
Dmg tem2011-0718-05 madina--cto ns mobility pp
 
Aws 2008 Cloud Computing Ncoic
Aws 2008 Cloud Computing NcoicAws 2008 Cloud Computing Ncoic
Aws 2008 Cloud Computing Ncoic
 
Global BBC iPlayer designed by pinch/zoom
Global BBC iPlayer designed by pinch/zoomGlobal BBC iPlayer designed by pinch/zoom
Global BBC iPlayer designed by pinch/zoom
 
NS421_Evolution_of_Warfare_Warfighting
NS421_Evolution_of_Warfare_WarfightingNS421_Evolution_of_Warfare_Warfighting
NS421_Evolution_of_Warfare_Warfighting
 
Office Chief of Cyber Personnel Presentation: TechNet Augusta 2015
Office Chief of Cyber Personnel Presentation: TechNet Augusta 2015Office Chief of Cyber Personnel Presentation: TechNet Augusta 2015
Office Chief of Cyber Personnel Presentation: TechNet Augusta 2015
 

Similar to Robert Carey, Principal Deputy CIO, DOD Insight session

Afac device-security-july-7-2014v7-2
Afac device-security-july-7-2014v7-2Afac device-security-july-7-2014v7-2
Afac device-security-july-7-2014v7-2KBIZEAU
 
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply ChainsFortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply ChainsIgnyte Assurance Platform
 
APBI Briefing Slides 9 May 2022
APBI Briefing Slides 9 May 2022APBI Briefing Slides 9 May 2022
APBI Briefing Slides 9 May 2022PEODigital
 
Transitioning a Full Enterprise to Cloud in 10 Months - Cloud Expo
Transitioning a Full Enterprise to Cloud in 10 Months - Cloud ExpoTransitioning a Full Enterprise to Cloud in 10 Months - Cloud Expo
Transitioning a Full Enterprise to Cloud in 10 Months - Cloud Exposjdeluca
 
July 9 ssc_gc_net_wan_service_industry_day_slides
July 9 ssc_gc_net_wan_service_industry_day_slidesJuly 9 ssc_gc_net_wan_service_industry_day_slides
July 9 ssc_gc_net_wan_service_industry_day_slidesKBIZEAU
 
Gov cloud pressclub_29mar2011_final
Gov cloud pressclub_29mar2011_finalGov cloud pressclub_29mar2011_final
Gov cloud pressclub_29mar2011_finalGovCloud Network
 
DoD Cloud Computing Strategy
DoD Cloud Computing StrategyDoD Cloud Computing Strategy
DoD Cloud Computing StrategyGovCloud Network
 
cv simon fleming summary
cv simon fleming summarycv simon fleming summary
cv simon fleming summarySimon Fleming
 
Howell_2022 Defense Standardization Program (DSP) Conference Presentation_fin...
Howell_2022 Defense Standardization Program (DSP) Conference Presentation_fin...Howell_2022 Defense Standardization Program (DSP) Conference Presentation_fin...
Howell_2022 Defense Standardization Program (DSP) Conference Presentation_fin...SandeepShilawat
 
Workplace Technology Devices (WTD) Initiative
Workplace Technology Devices (WTD) InitiativeWorkplace Technology Devices (WTD) Initiative
Workplace Technology Devices (WTD) InitiativeKBIZEAU
 
IoT World Forum Press Conference - 10.14.2014
IoT World Forum Press Conference - 10.14.2014IoT World Forum Press Conference - 10.14.2014
IoT World Forum Press Conference - 10.14.2014Bessie Wang
 
Daniel_J_Till_Resume_1_1_16
Daniel_J_Till_Resume_1_1_16Daniel_J_Till_Resume_1_1_16
Daniel_J_Till_Resume_1_1_16Dan Till
 
Twd Capabilities 2009
Twd Capabilities 2009Twd Capabilities 2009
Twd Capabilities 2009haneyd
 
Cloud Security: A New Perspective
Cloud Security: A New PerspectiveCloud Security: A New Perspective
Cloud Security: A New PerspectiveWen-Pai Lu
 
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitizedMigrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitizedUnifyCloud
 

Similar to Robert Carey, Principal Deputy CIO, DOD Insight session (20)

Afac device-security-july-7-2014v7-2
Afac device-security-july-7-2014v7-2Afac device-security-july-7-2014v7-2
Afac device-security-july-7-2014v7-2
 
Mr John Taylor - The ICT Transformation Challenge for a Transformed MOD
Mr John Taylor - The ICT Transformation Challenge for a Transformed MODMr John Taylor - The ICT Transformation Challenge for a Transformed MOD
Mr John Taylor - The ICT Transformation Challenge for a Transformed MOD
 
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply ChainsFortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
 
IT Head - Resume
IT Head - ResumeIT Head - Resume
IT Head - Resume
 
APBI Briefing Slides 9 May 2022
APBI Briefing Slides 9 May 2022APBI Briefing Slides 9 May 2022
APBI Briefing Slides 9 May 2022
 
Transitioning a Full Enterprise to Cloud in 10 Months - Cloud Expo
Transitioning a Full Enterprise to Cloud in 10 Months - Cloud ExpoTransitioning a Full Enterprise to Cloud in 10 Months - Cloud Expo
Transitioning a Full Enterprise to Cloud in 10 Months - Cloud Expo
 
July 9 ssc_gc_net_wan_service_industry_day_slides
July 9 ssc_gc_net_wan_service_industry_day_slidesJuly 9 ssc_gc_net_wan_service_industry_day_slides
July 9 ssc_gc_net_wan_service_industry_day_slides
 
Gov cloud pressclub_29mar2011_final
Gov cloud pressclub_29mar2011_finalGov cloud pressclub_29mar2011_final
Gov cloud pressclub_29mar2011_final
 
Internet of things
Internet of thingsInternet of things
Internet of things
 
DoD Cloud Computing Strategy
DoD Cloud Computing StrategyDoD Cloud Computing Strategy
DoD Cloud Computing Strategy
 
cv simon fleming summary
cv simon fleming summarycv simon fleming summary
cv simon fleming summary
 
Howell_2022 Defense Standardization Program (DSP) Conference Presentation_fin...
Howell_2022 Defense Standardization Program (DSP) Conference Presentation_fin...Howell_2022 Defense Standardization Program (DSP) Conference Presentation_fin...
Howell_2022 Defense Standardization Program (DSP) Conference Presentation_fin...
 
Workplace Technology Devices (WTD) Initiative
Workplace Technology Devices (WTD) InitiativeWorkplace Technology Devices (WTD) Initiative
Workplace Technology Devices (WTD) Initiative
 
CommunityWide Case Study_V1
CommunityWide Case Study_V1CommunityWide Case Study_V1
CommunityWide Case Study_V1
 
IoT World Forum Press Conference - 10.14.2014
IoT World Forum Press Conference - 10.14.2014IoT World Forum Press Conference - 10.14.2014
IoT World Forum Press Conference - 10.14.2014
 
Daniel_J_Till_Resume_1_1_16
Daniel_J_Till_Resume_1_1_16Daniel_J_Till_Resume_1_1_16
Daniel_J_Till_Resume_1_1_16
 
Twd Capabilities 2009
Twd Capabilities 2009Twd Capabilities 2009
Twd Capabilities 2009
 
Cloud Security: A New Perspective
Cloud Security: A New PerspectiveCloud Security: A New Perspective
Cloud Security: A New Perspective
 
Mike najarian resume
Mike najarian resumeMike najarian resume
Mike najarian resume
 
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitizedMigrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
 

More from Government Technology and Services Coalition

More from Government Technology and Services Coalition (20)

GTSC 5th Anniversary Annual Report: Steady in a Sea of Change
GTSC 5th Anniversary Annual Report: Steady in a Sea of ChangeGTSC 5th Anniversary Annual Report: Steady in a Sea of Change
GTSC 5th Anniversary Annual Report: Steady in a Sea of Change
 
Government Technology & Services Coalition 2015 Annual Report
Government Technology & Services Coalition 2015 Annual ReportGovernment Technology & Services Coalition 2015 Annual Report
Government Technology & Services Coalition 2015 Annual Report
 
Robert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government ContractorsRobert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government Contractors
 
GTSC Annual Meeting 2014: Michelle Mrdeza: What to Expect When You Are Expect...
GTSC Annual Meeting 2014: Michelle Mrdeza: What to Expect When You Are Expect...GTSC Annual Meeting 2014: Michelle Mrdeza: What to Expect When You Are Expect...
GTSC Annual Meeting 2014: Michelle Mrdeza: What to Expect When You Are Expect...
 
GTSC Annual Meeting 2014: Chani Wiggins: 114th Congress: Big Picture
GTSC Annual Meeting 2014: Chani Wiggins: 114th Congress: Big PictureGTSC Annual Meeting 2014: Chani Wiggins: 114th Congress: Big Picture
GTSC Annual Meeting 2014: Chani Wiggins: 114th Congress: Big Picture
 
GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...
GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...
GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...
 
GTSC Annual Meeting 2014: BD Exchange
GTSC Annual Meeting 2014: BD ExchangeGTSC Annual Meeting 2014: BD Exchange
GTSC Annual Meeting 2014: BD Exchange
 
GTSC June 2013 - November 2014 Annual Report
GTSC June 2013 - November 2014 Annual ReportGTSC June 2013 - November 2014 Annual Report
GTSC June 2013 - November 2014 Annual Report
 
Kristina Tanasichuk: Presentation of GTSC/InfraGard Cyber Survey
Kristina Tanasichuk: Presentation of GTSC/InfraGard Cyber SurveyKristina Tanasichuk: Presentation of GTSC/InfraGard Cyber Survey
Kristina Tanasichuk: Presentation of GTSC/InfraGard Cyber Survey
 
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
 
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
 
Antwayne Johnson: Alert/Notification Technologies: The Integrated Public Aler...
Antwayne Johnson: Alert/Notification Technologies: The Integrated Public Aler...Antwayne Johnson: Alert/Notification Technologies: The Integrated Public Aler...
Antwayne Johnson: Alert/Notification Technologies: The Integrated Public Aler...
 
Justin Chiarodo: Government Contracts & Insurance Issues: How Prepared is You...
Justin Chiarodo: Government Contracts & Insurance Issues: How Prepared is You...Justin Chiarodo: Government Contracts & Insurance Issues: How Prepared is You...
Justin Chiarodo: Government Contracts & Insurance Issues: How Prepared is You...
 
Todd Jasper: How Can We Leverage Technology to Improve Performance: Social Me...
Todd Jasper: How Can We Leverage Technology to Improve Performance: Social Me...Todd Jasper: How Can We Leverage Technology to Improve Performance: Social Me...
Todd Jasper: How Can We Leverage Technology to Improve Performance: Social Me...
 
Kevin Delin: How Can We Leverage Technology to Improve Performance: The Senso...
Kevin Delin: How Can We Leverage Technology to Improve Performance: The Senso...Kevin Delin: How Can We Leverage Technology to Improve Performance: The Senso...
Kevin Delin: How Can We Leverage Technology to Improve Performance: The Senso...
 
Brian Lepore: The Evolving Threats: GAO's Report on DOD's Infrastructure Adap...
Brian Lepore: The Evolving Threats: GAO's Report on DOD's Infrastructure Adap...Brian Lepore: The Evolving Threats: GAO's Report on DOD's Infrastructure Adap...
Brian Lepore: The Evolving Threats: GAO's Report on DOD's Infrastructure Adap...
 
Brian Usher: The Evolving Threats: A Local Government Perspective
Brian Usher: The Evolving Threats: A Local Government PerspectiveBrian Usher: The Evolving Threats: A Local Government Perspective
Brian Usher: The Evolving Threats: A Local Government Perspective
 
David Kaufman: FEMA's Preparedness: A Leading, Agile, Focused Agency
David Kaufman: FEMA's Preparedness: A Leading, Agile, Focused AgencyDavid Kaufman: FEMA's Preparedness: A Leading, Agile, Focused Agency
David Kaufman: FEMA's Preparedness: A Leading, Agile, Focused Agency
 
GSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through AcquisitionGSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through Acquisition
 
Homeland Security: Understanding Funding and Spending
Homeland Security: Understanding Funding and SpendingHomeland Security: Understanding Funding and Spending
Homeland Security: Understanding Funding and Spending
 

Recently uploaded

H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 

Recently uploaded (20)

H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 

Robert Carey, Principal Deputy CIO, DOD Insight session

  • 1. DoD CIO UNCLASSIFIED DoD CIO Priorities for 2014 Robert J. Carey Principal Deputy Chief Information Officer U.S. Department of Defense January 17, 2014 SUPPORT THE WARFIGHTER
  • 2. DoD CIO UNCLASSIFIED Agenda • DoD CIO Focus • DoD IT Environment • Movement toward the Joint Information Environment o Major Components of JIE o Work in Progress o Way Ahead • Additional Significant Work Streams o Cybersecurity o Mobility o Spectrum Strategy and Implementation Plan • How Can Industry Help SUPPORT THE WARFIGHTER 2
  • 3. DoD CIO UNCLASSIFIED DoD CIO Focus • Deliver the Joint Information Environment o Major effort and change within the Department towards IT modernization • Strengthen Cyber Security o Improve information security from desktop to data center o Cyber workforce strategy o DoD strategy for defending networks and data • Deliver Secure Mobile Devices o Deploy and manage secure modern mobile devices • Manage RF Spectrum to support mission SUPPORT THE WARFIGHTER 3
  • 4. DoD CIO UNCLASSIFIED What We’re About: Mission Assurance Warfighter Needs We must ensure access to information … on any device, at anytime, under all conditions, wherever the warfighter needs it … Mission assurance is DoD’s top priority SUPPORT THE WARFIGHTER 4
  • 5. DoD CIO UNCLASSIFIED DoD IT Environment: Cyber Footprint DoD IT User Base IT Systems • ~1.4 million active duty • >10,000 operational systems (20% mission critical) • ~783,000 civilian personnel • ~1700 data centers • ~65,000 servers • ~7+ million computers and IT • ~1.2 million National Guard and Reserve devices • 5.5+ million family members and military retirees • Thousands of networks/enclaves Total IT Budget • 146 + countries • 5,000 + locations • 600,000 + buildings and structures • > $39.6B in FY14 • > $17.4B in IT Infrastructure • > $4.7B for cybersecurity • Thousands of email servers, firewalls, proxy servers, etc. • Mobile devices ~ 493,000 Blackberries ~ 41,000 iOS Systems (Pilots) ~ 8,700 Android Systems (Pilots) Scale of the footprint … scope of the challenge SUPPORT THE WARFIGHTER 5
  • 6. DoD CIO UNCLASSIFIED What is the Joint Information Environment? • JIE (when delivered fully) will consist of: o ~25 Core Data Centers using common computing environment, ~800 smaller installation data centers (reduced from ~2000) that are secure, resilient and efficient o Coherent security architecture / protected networks with enhanced resiliency to int/ext threats o Common Enterprise Services that support the entire Department o Component built business/warfighter applications on a joint technology infrastructure • JIE implements joint network standards, specifications, and architectures driving commonality across a diverse DoD computing environment to drive greater security and information sharing This DoD-wide effort toward the JIE will: • Realign, restructure, modernize how IT (NIPRnet and SIPRnet) networks and systems are constructed, operated, and defended • Consolidate and standardize the design and architecture of the Department’s networks • Change Cyber Security Tactics, Techniques and Procedures SUPPORT THE WARFIGHTER 6
  • 7. DoD CIO UNCLASSIFIED Benefits of the JIE • Enhanced Mission Effectiveness o o • Rapidly and dynamically respond to changing mission information needs for all operational scenarios Users and Systems will have timely and secure access to the data services needed to accomplish their assigned missions, regardless of their location or device Increased Security o Able to jointly See, Block, Maneuver across the whole of the DoD information Network • Allow Commanders to manage risks within regional domains o o Users and systems can trust their connection from end to end o Knowledge of the network, the data, and accesses with role and persona attribution o • C2 of the Network from USCC and component cyber commands Capabilities are remain available during contested or degraded cyber events Achieved IT Efficiencies o Information assets are joint assets, leverage by all for Department missions o Constant visibility into it expenditures through increased transparency o Maximize Enterprise purchasing and minimize variations SUPPORT THE WARFIGHTER 7
  • 8. DoD CIO UNCLASSIFIED JIE Capabilities Provided to Programs Joint Information Environment Program Considerations Enterprise Operations Defined Enterprise IT Service Management Processes - Incident Mgmt Event Mgmt Problem Mgmt Change Mgmt Network Normalization End to End IP Transport Predictable Security Boundaries MPLS Virtual Networks with QoS Architecture patterns for Security - Monitoring C2 Architecture Patterns Single Security Architecture Data Center Consolidation Standard Approach to Security GFE Computing (e.g., cloud computing) - - - Zoned Approach Boundaries provided and managed at DoD Enterprise Standard Network Configurations for Security - Monitoring C2 - Capacity Services Storage Services Standard Network Configurations Enterprise Services Email IdAM Single Identity linked to DEERS Portal Services Instant Messaging/Chat/Pr esence Awareness VOIP/SVOIP Directory Services Single Security Architecture Architecture Patterns Authentication via Direct PKI or Gateway Service On-demand account provisioning Access management patterns for CND Help Desk What’s needed: Technical Documentation leading to the development of an Acquisition Baseline Transparent Documentation of IT Infrastructure Costs and Cost Recovery Approaches SUPPORT THE WARFIGHTER 9
  • 9. DoD CIO UNCLASSIFIED JIE Progress to Date Network Consolidation Consolidating networks and IT infrastructure across the Department IOT increase operational effectiveness • Converging voice, data, video networks via EoIP & migrating to Enterprise (DISA provided )VoIP (call management) Services • Upgrade to network(MPLS) routers - managed by DISA, • USMC upgrading network (MPLS) routers • Service reduced gateways from 203 to 16 • Services reducing legacy networks • COCOM’s pursuing consolidated desktop initiative • COCOM’s consolidating HQs and component networks Enterprise Capabilities and Applications Reducing costs through movement to enterprise licensing, capability delivery and application reduction Enhancing Cyber Operations Security Improving ability to see and respond to Cyber Threats • Improved Security Architecture (~400 TLAs to 15 regional TLAs) supporting CONUS & SWA • USMC centralized Operations Center • Mandated use of Enterprise Directory Services and an authoritative identity data source • Established initial Enterprise Operations Center in Europe 1/24/2014 • • • • USA reduce applications by 30%; ID’d 2.5K of 10.6K to sunset Microsoft Joint Enterprise License Agreement USMC Data Center hosting Navy and DoJ apps DON adopts USMC PMO for DON ELAs; USN to complete 3 of 12 ELAs in FY 13 • USN reduced 25K applications to 6K • Coordinating Mission Partner Environment • Commercial cloud service offering pilot efforts SUPPORT THE WARFIGHTER 10
  • 10. DoD CIO “All requirements set for IOC for JIE Increment-1 in the European and specified Africa Commands AORs have been met.” UNCLASSIFIED Key JIE Policies and Guidance 5 Oct 2011 5 Dec 2012 JIE Management Charter CDC DoD Chief Information Officer 1 Nov 2012 9 NOV 2012 Migration of Apps and systems by FY18 DoD CDC DoD UC Memo 11 Jul 2013 11 Jul 2013 JTSO Establishment Memo CJCS JIE Whitepaper 22 Jan 2013 JIE Operations CONOPS 1.0 JIE Management Construct CYBERCOM Tasking Order J3-13-0688 CC/S/A 31 Jul 2013 22 Jan 2013 5 SEP 2013 Directs implementation of key capabilities and sets conditions for future planning 23 Oct 2012 JIE Increment-1 Transition JIE Operations CONOPS CONOPS 2.0 25 Jul 2013 In progress 11 Jul 2013 6 SEP 2013 Implementation Guidance 26 Sep 2013 JIE ICD “JIE represents the largest restructuring of IT management in the history of the Depart of Defense.” In progress JIE Increment-1 Business Case Analysis “BCA…is the first step in aligning PPBE processes for JIE stakeholders” “…describes roles, responsibilities, functions and tasks…” 25 Jan 2013 DEE JOSG Establishment Memo 29 Aug 2012 12 Aug 2013 JIE Inc2 JIE Inc 1 IOC in Europe PACOM EDS Key JIE planning forums stood up with CC/S/A support and participation “First and foremost, JIE will improve mission effectiveness.” Joint Staff Places all JIE related capabilities under DOT&E oversight. 6 May 2013 12 SEP 2013 Identification of Data Center Types OT&E Oversight Memo DoD is committed to multi-year JIE effort directed by DoD CIO Directs DoD Components to participate and align resources to enable JIE Office of the Secretary of Defense 1/24/2014 JIE Implementation Memo JIE EXORD Modification 1 JIE EXORD Inactive/Not Complete Designates Defense Enterprise Email as an Enterprise Service and states inclusion in DoD Information Enterprise Architecture for compliance purposes SUPPORT THE WARFIGHTER Acronym Key CDC – Core Data Center DOT&E – Director of Operational Test & Evaluation EDS – Enterprise Directory Services EXORD – Execution Order DEE- Defense Enterprise Email ICD - Initial Capabilities Document IOC – Initial Operational Capability ITESR – IT Enterprise Strategy and Roadmap JMC – JIE Management Construct JOSG – JIE Operational Sponsor Group JTSO – JIE Technical Synchronization Office OT&E – Operational Test & Evaluation UC- Unified Capabilities UCP – Unified Command Plan DoD Acquisition, Budget & Requirements Processes DoD ITESR 11
  • 11. DoD CIO UNCLASSIFIED Key JIE Related Architecture Artifacts DoDI 8100.04 Policy & Guidance 9 DEC 2010 Establishes governing policy for Unified Capabilities products and services supported on DoD networks. In Progress Provides direction for identifying, developing, and prescribing IT, including NSS and DBS, standards In Progress architecture-based approach for interoperability analysis; Establishes the requirement for enterprise services to be certified for interoperability. IdAM Data Dictionary DoDI 8270.bb Establishes the role of the DoD EA in providing context and rules for accomplishing the mission of the Department. In Progress In Progress In progress Merges the architecture content and guidance of DoD IEA v2.0 and the JIE EA into a single, integrated, authoritative architecture for the Information Enterprise. EANCS ADORA CDC RA SSA RA UC RA IdAM RA EOC RA 24 AUG 2010 29 Aug 2012 18 SEP 2012 MAY 2013 8 FEB 2013 In Review In Progress Reference Architectures Solution Architectures 1/24/2014 14 AUG Naming Specification Informational Guidance; Currently Under TWG 2013 Review DoD IEA v3.0 In Formal Review; expected to be approved for JIE RA and SA development in 1QFY14 Approved 10 Aug 2012; Foundation for the JIE EA 10 AUG 2012 DoDI 8330.aa capability-focused, JIE EA v0.4 DoD IEA v2.0 Enterprise Architecture Establishes a DoDI 8310.aa SAs Under Development by IDTs: IdAM: Directory Services, Synchronization Services, Authentication GW Services, People & Organization Discovery Services, Enclave Attribute Services, and DoD Visitor SSA: Enterprise Perimeter Protection, Base Area Network(ICAN), and Enterprise IA Security CDC: Core Data Center, Installation Process Node (IPN), and Installation Services Node (ISN) NNT: Wide Area Network (WAN), SATCOM Gateway, and Mobility Gateway Unified Capabilities EOC/OOB Instrumentation SUPPORT THE WARFIGHTER EC RA Provide Strategic Purpose, Principles, Patterns, Technical Positions and Vocabulary for Solution In progress Architecture development Acronym Key IEA – Information Enterprise Architecture JIE EA – Joint Information Environment Enterprise Architecture EANCS – Enterprise-wide Access to Network and Collaboration Services ADO – Active Directory Optimization CDC – Core Data Center SSA – Single Security Architecture UC – Unified Capabilities IdAM – Identity and Access Management EOC – Enterprise Operations Center EC – Enterprise Cloud NNT – Network Normalization and Transport OOB – Out Of Band 12
  • 12. DoD CIO UNCLASSIFIED JIE Way Ahead • Continue to leverage COCOMs, Services and Agencies IT initiatives to achieve end-state • Drive implementation and execution actions necessary to deliver capabilities o Acquire via component normal tech refresh process to standards and architectures defined as JIE norms • Improve IT Budget transparency to align spend • Develop and deploy policies, procedures, oversight, and culture that enables info sharing • Accelerate initiatives where feasible to move effort forward • Consolidate/standardize elements of networks to more effectively defend them and confront threats with agile information sharing SUPPORT THE WARFIGHTER 13
  • 13. DoD CIO UNCLASSIFIED Additional Significant Work Streams • Cybersecurity • Mobility • Spectrum Strategy and Implementation Plan 1/24/2014 SUPPORT THE WARFIGHTER 14
  • 14. DoD CIO UNCLASSIFIED Sophistication of available tools is GROWING Growth of the Cyber Threat ? High Sophistication Sophistication required of Actors is DECLINING sophisticated C2 cross site scripting “stealth” / advanced scanning techniques packet spoofing sniffers denial of service sweepers staging Distributed attack tools www attacks automated probes/scans graphic user interface back doors disabling audits “Cyberspace is real. And so are the risks that come with it.” -President Obama, 29 May 09 exploiting known vulnerabilities password cracking self-replicating code password guessing 1980 1985 ? network mgmt. diagnostics hijacking sessions burglaries Low phishing 1990 1995 2000 SUPPORT THE WARFIGHTER 2010 2015 15
  • 15. DoD CIO UNCLASSIFIED Defending DoD Networks & Systems: Cyber Strategic Choices for 2020 Shift to Proactive Cyber Defense Operations Deliver Adaptable Cyber Defense Solutions Enhance Cyber Situational Awareness and Partnering Fully employ active cyber defense Architect a defensible information environment Improve the cyber sensing infrastructure Provide forces to maneuver and influence Strengthen data defenses Harness the power of Big Data analytics Mitigate all phases of cyber aggression Engineer unpredictable defenses Implement a multimission cyber operational picture Institutionalize cyber threat-based engineering & acquisition Capitalize on the strengths of publicprivate partnerships Defend beyond DoD boundaries Assure Survivability against Catastrophic Cyber Attacks High priority mission areas Prepare for success against large-scale cyber- attack S P P O R T H W A R F I Mission Focusing CyberUDefense TonEAssuredG H T E R Execution 16
  • 16. DoD CIO UNCLASSIFIED JIE Security Architecture Overview The intent of the security architecture is to: • Create a coherent, uniform and standards-based security construct o Uniform Service/Capability Delivery o Ability to Standardize Ingress/Egress connectivity as well as O&M processes • Improve Performance of Security o Provide full security suite capability to every Base / Post / Camp / Station o Fill known holes in the current security architecture o Provide full visibility, move away from standalone to an enterprise security solution o Reduced lateral movement beneath the Regional Security Stacks o Enclave boundaries clearly defined and centrally managed o Provide a Security Infrastructure that is Always On, Always Connected • Improve Cost of Security o Cost avoidance associated with life-cycle of hardware, eliminate localized Security Stacks, by delivering the same services through 11 Centralized Security Stacks. o o Cost avoidance associated with scaling to meet emerging requirements o 1/24/2014 Cost avoidance associated with operations and maintenance No new hardware simply add virtual instances SUPPORT THE WARFIGHTER 17
  • 17. DoD CIO UNCLASSIFIED JIE SSA Architecture Overview (V2.0) • JIE Single Security Architecture team delivered the JIE SSA RA Version 2.0 and receiving comments from the Architecture Working Group (AWG) – Enterprise Perimeter Protections – NIPR & SIPR – Cross Domain Security – Common Network Interfaces – CND views • Version 3.0 will include Mission Partner Environment (MPE), SATCOM, UC, and IdAM 1/24/2014 SUPPORT THE WARFIGHTER 18
  • 18. DoD CIO UNCLASSIFIED What actions are we taking? • Evolving DoD’s defenses: o o o o Standardization and consolidation of the infrastructure Layering defenses Deploying identity tools – PKI all network domains Improving monitoring • Multiple efforts to contain, dampen, detect, diagnose, and respond to successful or partially successful cyber intrusions and attacks include: o o Network hardening Moving toward more automation via continuous monitoring SUPPORT THE WARFIGHTER 19
  • 19. DoD CIO UNCLASSIFIED DoD Mobility Strategy • DoD Mobile Device Strategy, Jun 2012 • DoD CMD Implementation Plan, Feb 2013 • Mobility STIGs (iOS, Android, BB), May 2013 • Commercial Classified Solution (Secret), May 2013 • DISA MDM/MAS award, Jun 2013 • Defense Enterprise Email, Sept 2013 • DoD Enterprise MDM and Mobile App Storefront, Dec 2013 • Commercial Classified Solution (Top Secret), May 2013 • Modified CMD Security Approval Process, July 2014 • SME PED end-of-life, Dec 2014 SUPPORT THE WARFIGHTER 20
  • 20. DoD CIO UNCLASSIFIED DoD Mobility Strategy & Implementation Plan Mobile Device Policies and Standards Promote the development and User of DoD Mobile & Web-Enabled Apps An enterprise Mobility services for Classified & Unclassified capabilities DoD Mobility Strategy NEW SPEC ? MAM MAS MDM Business Case Analysis CAC/PIV 2012 Integration MDM/MAS Award BYOD TBD FY13 FY14 FY15 - 17 FY17 - Beyond Enterprise Solution Information Enterprise Infrastructure to support Mobile Devices BCA – Business Case Analysis BYOD – Bring Your Own Device CMD – Commercial Mobile Device DoDI – DoD Instruction MAM – Mobile Application Management MAS – Mobile Application Store MDM – Mobile Device Management MILDEP – Military Department PIV – Personal Identity Verification SME PED – Secure Mobile Environment Portable Electronic Device Expedite Approval Process CMD Pilot Consolidation DoDI 8100.02 Mobility Gateways FY13-14 DoD CIO Consolidation Plan Phase-out SME PED Federal Digital Strategies New Classified Capability Federal Standards SUPPORT THE WARFIGHTER Primary Communication for ROUTINE DoD Users is Wireless Technology Insertion 21
  • 21. DoD CIO UNCLASSIFIED Challenge: Rapidly Changing Spectrum Use Battlefield Training/Testing • Constraining Regulatory Environment • Cyber warfare •Mobility Strategy •More unmanned systems • More powerful radars to combat stealthier threats • Increasing data rates • Connectivity to lower echelons Increasingly Contested & Congested • Repurposing/Spectrum Sharing • Auctions of Federal spectrum in US • Reallocation of military spectrum in host nations Wireless Industry Mobile International Coalition • Jamming • Exponential increase in wireless devices worldwide DoD’s exclusive access to spectrum WILL BE reduced and challenged – in US and overseas spectrum sharing and co-use is a certainty SUPPORT THE WARFIGHTER 22
  • 22. DoD CIO UNCLASSIFIED Response: DoD Electromagnetic Spectrum Strategy Vision: Spectrum access when and where needed to achieve mission success Goal 1: Increase efficiency, flexibility, and adaptability • • • • Spectrum Operations Goal 2: Increase agility • Develop near real-time spectrum operations • Advance ability to mitigate interference • Modify policy, regulation and standards to allow agile spectrum operations Spectrum Regulation and Policy Goal 3: Sharpen responsiveness • Reform DoD’s ability to assess regulatory/policy proposals • Expand DoD participation in regulatory/policy discussions • Institutionalize DoD’s ability to adapt to regulatory/policy changes Spectrum Dependent Systems Expedite development of spectrum efficient and flexible technologies Accelerate sharing technologies Adopt commercial services where feasible Strengthen enterprise oversight • A paradigm shift - Improvements to spectrum management and spectrum efficiency are necessary, but not sufficient - spectrum access through sharing is required to increase DoD’s spectrum access opportunities • Advancements in technology and associated policy/regulations are needed • Required for success: Collaboration/partnerships AND Leadership/ Accountability Working toward “win-win” for DoD, other federal users, and the wireless industry SUPPORT THE WARFIGHTER 23
  • 23. DoD CIO UNCLASSIFIED How can you Help? • Ask hard questions…propose answers in the context of our problem set • Leverage your best and brightest • Help us find lasting, innovative solutions • Be part of our success Collaboration – Key to conquering our challenges SUPPORT THE WARFIGHTER 24