Information Sys Security Program

Abstract

The Information Systems Security Program (ISSP) ensures the protection of Navy and joint cyberspace systems from exploitation and attack. The ISSP will extend cybersecurity and resiliency by addressing the acquisition and modernization of our platforms, systems, and information technology networks; by instituting quality assurance programs to protect critical warfighting capabilities to sustain the readiness of our cyber programs and systems. The ISSP cyberspace programs include wired and wireless telecommunications systems, Information Technology (IT) systems, and the content processed, stored, or transmitted therein. Cyberspace operations include both defensive and offensive measures, which preserve the ability to utilize friendly cyberspace capabilities; protect data, networks, net-centric capabilities, and other designated systems; and project power by the application of force in or through cyberspace. An attack, via cyberspace, targets an enterprise's use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information. The ISSP includes the protection of the Navy's National Security Systems and Information (NSSI). The ISSP must be rapid, predictive, adaptive, and tightly coupled to cyberspace technology. The ISSP provides architectures, products, and services based on mission impacts, cybersecurity threats, information criticality, vulnerabilities, and required defensive countermeasure capabilities. The ISSP focuses on efforts that address the risk management of cyberspace, which provides capabilities to protect, detect, restore and respond. The ISSP provides the Navy with the following cybersecurity elements: (1) defense of NSSI, including the Nuclear Command, Control, and Communications, Navy (NC3-N) system, naval weapons systems, critical naval infrastructure for Command, Control, Communications, Computers, & Intelligence (C4I) afloat and shore networks, joint time and navigation systems, and industrial control systems, using modern cryptographic solutions and cyber security tools; (2) technologies supporting the Navy's Computer Network Defense (CND) service provider that will accelerate the Navy's ability to prevent, constrain, and mitigate cyber attacks and critical vulnerabilities; (3) Navy Cyber Situational Awareness (NCSA) technologies that will provide greatly improved cyber threat intelligence and situational awareness, from external boundaries to tactical edge infrastructures; (4) assurance of the Navy's Crypto telecommunications infrastructure and the wireless spectrum; (5) sensing cyber threats across all Navy shore and afloat networks to reduce the complexities of monitoring, assessing, and detecting adversary activities across multiple enclaves through the collection of tools in SHARKCAGE; (6) alignment to Navy's Insider Threat program; (7) assurance of joint-user cyberspace domains, using a Defense-In-Depth (DiD) security architecture and its alignment with the Joint Information Environment (JIE)/Joint Regional Security Stack (JRSS); (8) assurance technologies, including the Key Management (KM) and Public Key Infrastructure (PKI). FY18 increase aligns to the following capabilities in support of National Defense due to recent cybersecurity threats: (1) Modernize Navy Cryptography common software for Transmission Security (TRANSEC), including the KGV-11M crypto core, based on the THORNTON TRANSEC Algorithm Modernization (TTAM). Specification algorithm modernization is mandated by Chairman of the Joint Chiefs of Staff Instruction (CJCSN) 6510 to meet mandated National Security Agency (NSA) cease key dates. The TRANSEC algorithm modernization mandate protects critical UHF circuits from unauthorized access, spoofing, and denial of service. (2) Accelerate SHARKCAGE development efforts to provide Defensive Cyberspace Operations (DCO) forces with the ability to detect adversary activities and analyze cyber attacks against Navy networks via protected, isolated networks, and integrate intelligence and Navy data to assess potential cyber threats. DCO are passive and active cyberspace defense activities that allow us to outmaneuver an adversary. SHARKCAGE will provide the capability to analyze active cyber threats and take actions to contain/stop threat activities. The data that is collected and analyzed via SHARKCAGE will be presented and visualized via the NCSA capability. (3) Accelerate NCSA development activities that provide Navy forces near real-time cyber risk and readiness information of Navy networks and their associated mission impacts across the Navy enterprise as an enabler of assured Command and Control (C2). NCSA will also be able to receive cyber threat analysis from SHARKCAGE. As a result, operational level of war cyber situational awareness will be provided to Fleet Cyber Command (FCC) and Navy Geographic Maritime Operations Centers (MOC) through visualization capabilities via web-accessible cyber Common Operational Pictures (COP) established through the correlation of relevant cyber data sources; combining asset data, baseline configuration data, event data, and real-time threat data critical for defending Navy networks and Navy network infrastructure. (4) Increase in Information Assurance supports investment in efforts to improve effectiveness of cyber defenses and critical infrastructure protection, and adequately fund continuing efforts. Increased investment in cyber defense includes programs addressing asset criticality and management and a new generation of cross-domain technology that focuses on critical infrastructure protection.

Open PDF

Document Details

Document Type
R2 Budgetary Justification
Publication Date
Oct 01, 2018
Source ID
0303140N_7_1319_PB_2018
Change Summary Explanation
TECHNICAL: Computer Network Defense (CND): - Begin development, integration, and testing of Navy's Insider Threat program capabilities in order to fulfill the Presidential, Department of Defense (DoD), and Department of Navy (DoN) directives to reduce the risk of Insider Threats as well as provide enhancements to the Vulnerability Remediation Asset Manager (VRAM) to improve DoD cyber readiness. Navy Cryptography (Crypto): - Modernize KGV-11 to support National Security Agency (NSA) mandated cryptographic modernization, which provides for secure access to the Ultra High Frequency (UHF) Demand Assigned Multiple Access (DAMA) network. Key Management (KM): - Key Management Infrastructure (KMI) Capability Increment (CI)-2 Spiral 2/Spin 4 capabilities has been programmatically realigned from KMI CI-2 to KMI CI-3 per NSA. SHARKCAGE & Navy Cyber Situational Awareness (NCSA): - SHARKCAGE and NCSA development efforts previously budgeted under CND have been broken out for greater visibility into cybersecurity. SCHEDULE: CND: - Due to the dynamic nature of cybersecurity and increasing complexity of technology CND builds were adjusted to include various cybersecurity/remediation capabilities to include Joint Regional Security Stack (JRSS), the Navy's Insider Threat Program as well as cybersecurity enhancements to the VRAM capability to improve DoD cyber readiness. Crypto: - VINSON/Advanced Narrowband Digital Voice Terminal (ANDVT) Cryptographic Modernization (VACM) Full Rate Production (FRP) decision was achieved in 3QFY16 in accordance with the revised United States Air Force (USAF) schedule. - VACM Initial Operational Capability (IOC) accelerated from 4QFY16 to 3QFY16 due to the installations of operational Low Rate Initial Production (LRIP) devices on Nuclear Command, Control, and Communications, Navy (NC3-N) circuits and was achieved in 3QFY16. - Transmission Security (TRANSEC) studies and analysis completion accelerated from 4QFY16 to 2QFY16 to prepare for NSA release of THORNTON TRANSEC Algorithm Modernization (TTAM) specifications in 3QFY16. - TRANSEC Development and Product Testing extended from 4QFY19 to 3QFY20 to meet fielding requirements in accordance with national mandates. - Advanced Cryptographic Capability (ACC) Solutions Development and Product Tests extended from 4QFY19 to 4QFY22 to meet fielding requirements in accordance with national mandates. - KGV-11M key milestones added in accordance with the development schedule to support NSA mandated cryptographic modernization. KM: - KMI CI-2 Development updated to reflect development of Spiral 1 though Spiral 3 in accordance with NSA's schedule. - KMI CI-2 Spiral 2 Spin 2 Fielding Decision (FD) updated from 4QFY16 to 4QFY17 in accordance with NSA's schedule. - KMI CI-2 Spiral 2 Spin 3 FD removed in accordance with NSA's schedule. - KMI CI-2 Spiral 2 Spin 4 Developmental Testing (DT), Operational Assessment (OA), and FD removed in accordance with NSA's schedule. KMI CI-2 Spiral 2 Spin 4 capability has been programmatically realigned from KMI CI-2 to KMI CI-3. - KMI CI-2 Spiral 2 Full Deployment Decision (FDD) updated from 4QFY17 to 2QFY18 in accordance with NSA's schedule. - KMI CI-2 Spiral 2 Spin 2, CI-2 Spiral 2 Spin 3, and CI-3 DT and OA events have been incorporated into Development, Integration, and Test cycles. SHARKCAGE & NCSA: - SHARKCAGE and NCSA development efforts previously budgeted under CND have been broken out for greater visibility into cybersecurity. - SHARKCAGE and NCSA are planned Rapid Deployment Capability's (RDC). An RDC is the Navy's implementation of the Department of Defense (DoD) 5000 defined "Accelerated Acquisition Program." It provides the ability to react immediately to a newly discovered enemy threat(s) or potential enemy threat(s) through tailored procedures, to allow for fielding of mature capabilities based on Commercial Off-The-Shelf (COTS) and Non-Developmental Item (NDI) products within a two year period. At the end of that period SHARKCAGE and NCSA are planned to transition to respective ACAT programs. FUNDING: CND: - SHARKCAGE and NCSA development efforts previously budgeted under CND have been broken out for greater visibility into cybersecurity. - Additional funding provided for cybersecurity enhancements for VRAM to improve DoD cyber readiness. Crypto: - Increase in FY18 will develop and implement common software for TRANSEC modernization, including the KGV-11M crypto core, based on the TTAM. Specification algorithm modernization is mandated by Chairman of the Joint Chiefs of Staff Instruction (CJCSI) 6510 to meet mandated NSA cease key dates. The TRANSEC algorithm modernization mandate protects critical UHF circuits from unauthorized access, spoofing, and denial of service. SHARKCAGE: - SHARKCAGE development efforts previously budgeted under CND have been broken out for greater visibility into cybersecurity. - Increase in FY18 will accelerate SHARKCAGE development efforts to provide Defensive Cyberspace Operations (DCO) forces with the ability to detect adversary activities and analyze cyber attacks against Navy networks via protected, isolated networks, and integrate intelligence and Navy data to assess potential cyber threats. SHARKCAGE will provide the capability to analyze active cyber threats and take actions to contain/stop threat activities. The data that is collected and analyzed via SHARKCAGE will be presented and visualized via the NCSA capability. NCSA: - NCSA development efforts previously budgeted under CND have been broken out for greater visibility into cybersecurity. - Increase in FY18 will accelerate NCSA development activities that provide Navy forces near real-time cyber risk and readiness information of Navy networks and their associated mission impacts across the Navy enterprise as an enabler of assured Command and Control (C2). NCSA will be able to receive cyber threat analysis from SHARKCAGE. As a result, operational level of war cyber situational awareness will be provided to Fleet Cyber Command (FCC) and Navy Geographic Maritime Operations Centers (MOC) through visualization capabilities via web-accessible cyber Common Operational Pictures (COP) established through the correlation of relevant cyber data sources; combining asset data, baseline configuration data, event data, and real-time threat data critical for defending Navy networks and Navy network infrastructure. The FY 2018 funding request was reduced by $2.313 million to account for the availability of prior year execution balances.
Service Agency Name
Navy

Entities

Organizations

  • United States Navy

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Communication Systems
  • Computer Network Security
  • Computer Networks
  • Computer Security Techniques
  • Control Systems
  • Cross Domain
  • Cyberattacks
  • Cybersecurity
  • Cyberspace Operations
  • Information Systems
  • National Security
  • Network Protocols
  • Risk Analysis
  • Situational Awareness
  • Systems Engineering
  • Test And Evaluation
  • Unmanned Aerial Vehicles

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Enterprise Information Systems Architecture and Joint Command Capability Interoperability Support.

Technology Areas

  • Cyber
  • Fully Networked C3
  • Fully Networked C3 - Command and Control

Related Documents