In 2003, I was recruited to set up and lead a new cyber security initiative for the Army Materiel Command (AMC), a 53 Billion dollar year logistics command that serves as the army version of amazon for the army’s current inventory of weapons, supplies and vehicles. AMC, at this time, had over a 100k workforce spread across 140 locations worldwide. During this timeframe, the Department of Defense was still trying to define Cyber Security and mature the process they had in place. DOD was a large target and AMC ranked high due to the research we performed for the Army and the DoD. The attacks came from all types of hackers ranging from, high school and college kids to state sponsored attacks using everything from off the shelf scripts to specialized tools designed to specifically break down our security systems. At this time my command had one of the worst records in the army for cyber security incidents. These attacks were, due to their ferocity and complexity, having a devastating impact on our ability to support the war efforts in Iraq and some attacks resulted in exfiltration of sensitive but unclassified data. AMC, during this timeframe, owned 50% of the Army’s computing power and this took the form of workstations, servers, applications and communication circuits so the impact was significant. Coupled with these ongoing attacks, the Army changed the way security incidents were being reported, directing all incidents to be reported to the Chief Of Staff (COS) of the
There were no breaches in security and the law enforcement agencies that played an active part in this operation worked together as one team upholding a strong commitment to the mission. As Incident Commander of this operation it was my main objective to make sure all security related matters were addressed and corrective action was swiftly implemented. My position required quick decisive decision making without hesitation, developing a strategy that could be implemented effectively yet simplistic in nature. Prior to this operation, it was imperative that I had a full understanding of the area to include the resources that where available. This example shows my ability to quickly adapt to an ever-changing environment, promote teambuilding and achieve operational success through effective
VAH6500 provides a concise policy which states any individuals that access sensitive information or systems must complete annual security training. Key persons with “significant” roles must attend additional training. All training is monitored for completeness. Policy indicates before employees can use systems security training must be completed.
This is the greater context facing the U.S. Army’s 516th Signal Brigade based in Hawaii. The 516th Signal Brigade consists of 2,500 soldiers and federal employees responsible for the installation, operation, and defense of tactical and strategic information technology (IT) networks for the U.S. Army in the Pacific Theater (from Japan to Alaska). Every day the 516th Signal Brigade must defend against cyber-attacks, provide IT service support to many thousands of users, and remain prepared to deploy quickly its mobile communications teams in the event of conflict or a natural disaster. However, during my tenure within the brigade from 2013-2015, I discovered
While working as the Chief Information Security Officer (CISO) at the Army Materiel Command, the command was under constant attack by hackers. The Army’s current network defense system was woefully inadequate for protecting the commands 140 locations worldwide. After sustaining a couple of very high profile attacks using these tools, it became evident that something else was needed. One of the command’s subordinate commands was the Army Research Labs and is on one the foremost research labs in the world. One of the labs mission was Cyber Defense and came under my preview as it program manager. The lab had developed several cyber security tools and had been testing them very successfully on a several platforms. The power of this tool
The issue at hand is the ability for the Army to balance the need to remain globally responsive while balancing the distinct possibility the United States will face a substantial
Within this security profile three controls and two family controls were selected to be enforced in order to explore the security awareness and the training being done that can be used as counter measures against any cyber security threats that may pose a problem to the network. The three controls that are being examined within management, technical, and operational families will be based on the needs of the VA and how best to implement them.
On October 31, 2010, The United States Cyber Command (USCYBERCOM) achieved Full Operational Capability becoming a sub-unified command under the United States Strategic Command. As a newly formed armed forces command, USCYBERCOM was given the mission for centralizing cyberspace operations, organizing existing cyber resources and synchronizing the defense of military networks. In order to achieve this mission, prior Secretary of Defense, Robert M. Gates, directed the USCYBERCOM to focus on developing cyber capability and capacity via the DoD’s Cyber Strategy. The purpose of this strategy is to guide the development of DoD's cyber forces and strengthen the United States cyber defense and cyber deterrence posture while building cyber capabilities
In order carry out this mission DoD must have the ability to first defend its most important networks, data identify and prioritize of important networks and data to the department. This plan will allow DoD to work and operate within a disrupted and degraded cyber environment in any event that an attack on their networks. In other words, DOD strategic plan should protect its critical infrastructure and operations to improve its contingency plans in case of any attack. The idea is to build and maintain a strong security architecture and joint Information Environment to move the focus from protecting just one service-specific networks but to secure the entire DoD enterprise including agencies under the DOD. In addition, the strategic plan should have staff and personnel with the capability to mitigate all known vulnerabilities that present a high risk to the department. Also work strong layered defense by working with the counterintelligence, and whole of government agencies to defend any type of
Unite state cyber reserve is armed forces sub-unified commands / commanded aiding Strategic Command of America . This command is stuated in Maryland , its supposed to ensures that all cyberspace operations are centralized , Its also responsible for the organization of available cyber resources and synchronizes defense of united states ' military networks . (Protect your workplace , report any abnormal behavior , activity , and cyber incidents . (2006 ) [Washington , D . C . ] : United States Dept . of Homeland Security . )
In 2009 the DOD created the US Cyber command, a sub-unified command led by the Director of the NSA, this allows US Cyber Command to utilize both the experience and assets of the NSA. By this point in time both the Airforce and the Navy had already created their own respective cyber commands. Those commands were made subordinate to the US Cyber Command upon its creation, and the Army was made to create their own cyber command that would be subordinate as well. While this created a definitive organization tasked with defending the US in cyberspace this did not solve the problem of a lack of requirements and regulation, there were still no standards or set expectations of capabilities. This issue left the US wide open to attack, and exploitation by enemy nations or anyone else capable in the realm of cyberspace.
As technology and innovation advances, the Department of Defense must be ready to conform to protect cyberspace from cyber criminals. In order for the Department of Defense to effectively manage cyber space, it is extremely important that the Department of Defense develop and implement constant training programs for new and existing customers so that they are aware and prepared for any cyber attack or vulnerability that may be present. Employees must also be held accountable for proper maintenance and use of information. Programs should be created to move employees throughout various roles and duties within the Department of Defense to prevent both a single point of failure, as well as any situation that may arise due to job complacency. Real world scenarios should be created and rehearsed unknowingly to employees, this could prevent another security breach such as Operation Buckshot Yankee. The Department of Defense and the Defense Advanced Research Projects Agency should continue to develop software that can not be exploited. By maintaining these programs and growing with cyber space as innovation continues to grow and advance, the Department of Defense will be able to successfully defend the United States from any major attack that foreign nations or cyber criminals
“Our enemies have made the mistake that America’s enemies always make. They saw liberty and thought they saw weakness. And now, they see defeat.” Quoted President George W. Bush, as he reflected on what happened on September, 11 2001. 2,977 people were killed and since that day so much as changed in our world and for our military. The military includes the Marines, Army, Navy and the Air Force, all who play a role to keep Americans safe and free. Military defense spending, is the number of financial resources devoted by a nation to maintaining and raising armed forces or other essential methods for defense purposes only. 598 billion dollars is what the United States allows for military defense spending. This is a little more than half of
The dual-status command construct is an essential element to command and control of a complex catastrophe. As demonstrated in any military operation, having an understanding and knowledge of the chain of command minimizes the chances for confusion and disorganization. This is especially critical when both Title 10 and Title 32 forces are responding to a defense support for civil authorities (DSCA) event.
In July 2011, I attended the IASO training. The IASO training focused on threat and vulnerability management of information systems, as well as what countermeasures could be implemented to minimize these treats. This was my first true experience into Cybersecurity, and I’ve never looked back. I got my first taste of creating and enforcing security policies, and was responsible for creating the Brigade Headquarters Tenant Security Plans for both the Non-Classified Internet Protocol Routing (NIPR) and Secret Internet Protocol Routing (SIPR) networks. As the IASO, I conducted monthly vulnerability scans for the SIPR computers, and conducted quarterly and yearly risk assessments for the Brigade and Battalion headquarters. As my role changed with the Brigade, I was asked to prepare reports and present weekly updates on the Brigades network readiness. This task was completely foreign to me, as most of the interactions I had up to this point had been with other technicians or IT professionals. I had to quickly learn to fully explain each process in a way that made sense for non-technical individuals. I was exposed to the process of creating an IT roadmap, as well as planning a budget to support the outcomes of the roadmap.
Any effective cybercrime prevention plan has two major dimensions and this is no less true of law enforcement and/or military agencies like the Department of Defense. Those two dimensions are internal threats and external threats. Internal threats include internal negligence or incompetence as well as people on the inside including employees and contractors that have nefarious motives and intentions. External threats include "white hat" hackers, thieves and terrorists that just seek to disrupt vital systems like banks and utilities through their actions. Government agencies like the Department of the Defense are targets of both domestic hackers as well as foreign nation states and hackers that have some sort of grudge or motive against the United States.