Assessments & Evals Cyber Vulnerabilities
Abstract
The Cyber Vulnerability Assessments and Evaluations program funds for cyber vulnerability assessments of major Navy weapons systems and cyber vulnerability assessments of critical shore infrastructure as directed by Sec. 1647 of the FY16 National Defense Authorization Act (NDAA) and Sec. 1650 of the FY17 NDAA, respectively. Funding will be used for assessments and non-recurring engineering for mitigations related to the Navy's major weapons systems identified in Joint Requirements Oversight Committee Memorandum (JROCM) 039-16 and on prioritized critical shore infrastructure prioritized. Sec. 1647 of the FY16 NDAA directs the Secretary of Defense to complete an evaluation of the cyber vulnerabilities of each major weapon system of the Department of Defense by not later than December 31, 2019. Funded vulnerability assessments will build upon existing efforts regarding the identification and mitigation of cyber vulnerabilities of major weapons systems, and shall not duplicate similar ongoing efforts such as Task Force Cyber Awakening or conduct redundant assessment on systems that have already been evaluated. Sec. 1647 assessment will be formalized in Vulnerability Assessment Reports (VARs), Cyber Table Top Exercises (CTTXs), Cyber Risk Analysis (CRAs) and other reporting. Sec. 1650 of the FY17 NDAA directs the Secretary of Defense to submit a plan for assessing the cyber vulnerability of critical defense infrastructure and begin assessment of this infrastructure during a preliminary pilot program that will assess no fewer than two installations by December, 31 2019. Funded vulnerability assessments will end by calendar year 2020 and will build upon existing mission assurance, blue team, and red team capabilities. As instructed by the Congressional language, the assessments will utilize Department of Energy (DoE) and Department of Defense (DoD) national laboratory partnerships. Assessments will end with the submission of a final report to Congress. Strategies and procedures for mitigating the risk of cyber vulnerabilities should be identified during the course of evaluation.
Document Details
- Document Type
- R2 Budgetary Justification
- Publication Date
- Oct 01, 2021
- Source ID
- 0606942N_6_1319_PB_2021
- Change Summary Explanation
- The funding decrease from FY 2019 to FY 2020 is due to the completion of the one year Cyber Vulnerability assessments of major Navy weapon systems and critical infrastructure. Technical: Not applicable. Schedule: Not applicable.
- Service Agency Name
- Navy
Entities
Organizations
- United States Navy
Related Documents
- Child Project: Cyber Vulnerability Evaluation
- Child Accomplishment: Cyber Vulnerability Evaluation for Ship Weapons Systems:
- Child Accomplishment: Cyber Vulnerability Assessments of Other Aviation Platforms
- Child Accomplishment: E6B
- Child Accomplishment: SWS Cyber Evaluations
- Child Accomplishment: Trident System Cyber Hardening
- Child Accomplishment: Cyber Vulnerability Assessments of Information Warfare Weapons Systems
- Child Accomplishment: Cyber Vulnerability Assessments of Critical Infrastructure