Retour aux nouvelles

6 juillet 2020 | International, Naval, C4ISR

The Navy aims to install cyber baselines aboard 180 ships

Naval Information Warfare Systems Command plans to deploy technology that will certify a ship's compliance with cybersecurity requirements to 180 vessels by fiscal 2022.

The cyber baseline system — deployed by FRD 300, which is short for the Cybersecurity Office of the command's Fleet Readiness Directorate — is a web-based application. It allows the directorate to ensure a ship's systems comply with cybersecurity requirements set by the departments of Defense and the Navy prior to departure, according to a June 29 news release from NAVWAR.

A baseline “offers a searchable, easy-to-use, platform-specific record of all Navy networks, including hosted and connected, afloat and ashore systems, enabling the ability to independently manage and maintain a ship's information technology capabilities,” the release said.

Cyber baselines have been deployed aboard 40 ships in fiscal 2019, the release said. The program, which started in January 2018, has implemented cyber baselines on 80 Navy ships as of June 2020, according to the release.

“Delivering cyber baselines allows us to identify capability risks during a ship's availability or scheduled modernization, assuring a cyber-ready platform prior to departure,” FRD 300 Director Duane Phillips said. “We are using an end-to-end approach, ensuring that all hosted and connected systems, including the Consolidated Afloat Networks and Enterprise Services (CANES) and Integrated Shipboard Network System (ISNS), comply with DoD and DoN requirements and are approved to meet cyber security technical authority standards.”

The tool is delivered and installed in coordination with NAVWAR Headquarters, Naval Information Warfare Center Pacific and Naval Information Warfare Center Atlantic.

According to the release, FRD 300 supports 10 to 15 platforms at any given time. It is currently working on ships in Bahrain, Japan, California, Washington “and more,” the release said. Because of the coronavirus pandemic, FRD 300 is providing both distance and in-person training on the system.

“Despite today's current circumstances, our Navy and our nation are continuing to experience an unprecedented degree of competition in the maritime environment,” FRD 300 Executive Director Mike Spencer said. “As the technical leader for Navy cybersecurity we must continue to drive implementation of cyber standards, creating a secure, defensible information domain. By delivering, installing and managing cyber baselines, we are able to provide a validated end-to-end cyber compliant network improving cyber readiness across the fleet.”

NAVWAR is also working with NIWC Pacific and Program Executive Office Command, Control, Communications, Computers and Intelligence and Space Systems to create a C4I certification by the end of fiscal 2021 that assess a system's cyber readiness. According to the release, the certification process will confirm “all warfighter tools and capabilities are cyber secure through consistent and pervasive implementation of cybersecurity specifications and standards.”

The efforts come as the Navy continues to work to improve its cybersecurity after an assessment last year found the service lacked effective cyber hygiene and recommended that it restructure its cybersecurity governance.

https://www.c4isrnet.com/battlefield-tech/it-networks/2020/06/30/the-navy-aims-to-install-cyber-baselines-aboard-180-ships/

Sur le même sujet

  • Air Force wants to expand training for cyber teams

    17 juillet 2020 | International, Aérospatial, C4ISR, Sécurité

    Air Force wants to expand training for cyber teams

    Mark Pomerleau The Air Force has selected the Air National Guard's training and education center at McGhee Tyson Air National Guard Base in Tennessee to be the focal point for training a cadre of defensive focused cyber teams, according to a news release. These teams, called mission defense teams (MDTs), will protect critical Air Force missions and installations such as critical infrastructure or computers associated with aircraft and remotely piloted systems. The teams are an outgrowth of the service's communications squadrons, which have performed much of the IT and cyber defense at the base or wing level. Now, with the Air Force outsourcing much of its IT management, the service was able to free up personnel and resources to focus on protecting these critical assets. The new crews differ from the cyber protection teams that the Air Force, and other services, provide to U.S. Cyber Command as part of the cyber mission force. At first, 20 students will participate in the mission defense team pilot class in mid-August. If that is successful, it will expand to six 20 student classes in 2021. The ultimate goal is to graduate 1,000 students each year across the service beginning in fiscal year 2023, the Air Force said. These teams will be stationed at 84 locations around the world. “This is an exciting moment for TEC and its future as an agile, innovative, and resilient center of learning for the total Air Force and the National Guard Bureau,” Col. Kenneth Lozano, the commander of the traning and education center, said. The Air Force has taken a “total Air Force approach” to cyber, to include its cyber mission force teams and mission defense teams, meaning, these forces are made up of combined active duty, guard and reserve forces. Prior training efforts for mission defense teams began at the 223rd Cyberspace Operations Squadron at Little Rock Air Force Base with a Cyber-Protect and -Defend course. The first classes were held in August 2019. The Air Force said to date, the schoolhouse has trained 160 airmen. The goal is for the training and education center at McGhee Tyson to assume 1,000 graduates a year, with the majority of training to transition there in 2022. One of the biggest hurdles thus far, is procuring a range for trainees to operate on. The Air Force is working through the Defense Cybercrimes Center to procure a cyber range and certify instructors. The price tag associated with this for the initial 20 students is $1.5 million. https://www.c4isrnet.com/cyber/2020/07/16/air-force-wants-to-expand-training-for-cyber-teams/

  • Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console

    4 décembre 2024 | International, C4ISR, Sécurité

    Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console

    Veeam fixes critical Service Provider Console flaws, including CVE-2024-42448 (RCE), urging immediate updates.

  • Leonardo, Siemens sign deal to create cybersecurity platform

    7 avril 2023 | International, C4ISR

    Leonardo, Siemens sign deal to create cybersecurity platform

    Leonardo and Siemens on Thursday said they signed a memorandum of understanding to offer cybersecurity solutions for infrastructure in the energy, oil and gas and industrial sectors.

Toutes les nouvelles