Network Session II
From AFCEAWiki
Contents |
[edit] Session II: Global Infrastructure Resiliency for National Security Missions
JOIN THE ONGOING SOLUTIONS DIALOGUE ON THE GOOGLE GROUP SITE
[edit] Abstract
National Security depends on assured global information infrastructures that are reliable and resilient. Real-time risk management and situational awareness between the government and private sector are essential to responding to a cyber crisis, as is the consideration of what national security missions are affected, potential cascade effects, and the prioritized approaches for restoration.
[edit] Moderator
- Mr. Perry Luzwick
[edit] Panel
- Capt. Daryl Caudle, JCS/J5
- Ms. Kathryn Condello, IES Chair/NSTAC, Qwest
- Mr. Lawrence Hale, Chief, Customer Service Branch, National Communications System, DHS
Panelists were introduced and gave brief introductory comments.
Daryl Caudle comments:
He’s a warfighter, been with the cyber division about a year. Works in portfolio management, etc…Asked to speak about resiliency. 1) Would like to speak about cyber deterrence; 2) Graceful degradation; and 3) Cooperation with industry.
1) By having a resilient network, get a bar raising event – attribution. By making the bar high enough, there are only certain parties that can rise above that, so helps with resiliency and attribution.
2) Graceful degredation is a key attribute. We lack a unified policy/way to fight through attacks. We need clear, concise direction. We are experiencing culture shifts…
3) Resiliency program at DoD would need to be in cooperation with industry.
Kathryn Condello comments:
Here in role as a chair of NSTAC committee. Discussed three groups: NSTAC, SCC, and NCC.
The NSTAC is devised to advise President of what government should do. 22 CEOs of major communication carriers/providers….Advice is more strategic/longer term in nature.
Sector Coordinating Committee – NIPP / What is it that we as a sector should be doing to address government concerns…
National Coordinating Center – joint Government and Private Sector…agencies and companies…convene every Monday morning to talk about everything going on in the country as a whole. Address issues on daily basis. It is an operational component.
Would like to point out that when situations arise, very few of them haven’t already been discussed.
Cyber threats are relatively new. If you’re a critical user or function, you need to find a way to let your carrier/providers to know you are, through such methods as contract mechanisms. If you want to tell us how you plan to fight through, we can discuss options.
Lawrence Hale comments:
National Communications System – NCC is part of NCS Resiliency is a government need. Users need to identify what you need to do, what services you need, etc..and need to plan. National Continuity Policy – The government is telling us we need to plan for when the systems are stressed. You know your systems the best and understand what you need. Is it redundancy? Satellite back-up? Diversity of how you get your signal?
We do have challenges, but there are tools available.
Q1: It’s difficult for us in DoD to look up without having to look right…Where do our network/telecommunication initiatives/policies/directives come from?
A1: Networks come from policy directives from Presidential directives and subordinate directives, ex: Secretary of Defense A2: DoD and DHS are part of NCS…
Follow-up: Is there a top-level DoD Directive?
A1: When NCS was part of DoD chain there was a clear chain. But in transition to DHS, that got confused. DoD was no longer the chair/executive agent of program, but a member. Mr. Grimes is still a member and knows where it fits in. It’s up to him and to his staff to translate into policy that you see.
Q2: With regards to Continuity of Operations, what are the government’s requirements for COOP to help us know what to provide? Are there requirements for security? A1: Requirements are contractual, depending on particulars. It is a large question that has to do with level of service, it would be hard to give a list.
Someone from DISA or NSA business offices could answer that question.
Q3: A question was asked regarding learning how to fight through an attack. A1: In general, the discussion centered around the fact that continuity plans need to be in place. People need to be made aware of how important it is to plan beforehand. DoD, agencies, etc…need to practice and plan.
Q4: We may have a terminology issue: What are the new terms we are using so that we are using the same language? Maybe we as a community should look at terminology…For example, is there a formal/joint publication definition of resiliency? A1: No, there is not a joint publication definition of resiliency. Resiliency is thought of from a systems perspective.
Note: BASE DEFINITION OF RESILIENCY Resiliency is the ability to anticipate, avoid, withstand, minimize, and recover from the effects of adversity, whether natural or manmade, under all circumstances of use. Provided by Don O'Neill in Session I
Q5: A question was asked about the DIB, Defense Industrial Base. A brief explanation was given and it was pointed out that it is a critical sector.
Q6: CONUS vs Global? In what way are we addressing friend/foe in global telecommunications? A1: We work very closely with global partners. We speak of resiliency at the global level. A2: From private sector perspective, it is global as well. There is no CONUS. We meet/peer/deal with each other.
Q7: A question was asked about denial of service, ex: Estonia. Where does that come from? How does denial of service take place? A1: During denial of service, computers are doing their job, but they get overwhelmed. There are tools available to deal with denial of service attacks. A2: We can’t rest on our laurels. This is an infrastructure, tools, resiliency problem. All of service providers/agencies know that this is a problem. Criminals are not complacent.
Q8: Where does NCC responsibility end? If satellite, where does the responsibility end? A1: We think the answer is contractual – Where the carrier ends and the customer begins. As for the NCC, it is end to end.
Q9: Regarding the definitions question previously, are our panelists tied into work done by Bill Bryant and a report he did a few years ago that got into definitions? A1: The panel was not.
Q10: A question was asked regarding TSPs. A1: http://TSP.NCS.GOV has a description, form, guides, etc…In developing a TSP, you need to decide what is important. Ex: Warfighting mission vs. cafeteria. It is described as very cheap insurance.
During 9/11, at first, the carriers only worked the Presidential priorities and TSP customers.
Q11: In working Continuity of Operations plans, I’ve noticed there are 3 areas we should focus on: loss of people, things, functions. Does the panel have advice what we should focus on? A1: Command and Control is number one thing you should focus on. C2 is the communications necessary. Without the C2 circuits, anything that is important to you is not going to be effective. Also, need to exercise and update the plan regularly. A2: Discuss the plan in relation to different scenarios.
A discussion took place regarding the importance of exercising and updating continuity plans. It was seen as important that if you are tasked with developing a plan, that you seek training to develop a sufficient plan.
Regarding definitions, George Mason does a regular, well-written report regarding critical infrastructures that is recommended reading.
Q12: A question was asked regarding GETS and wireless priority.
A1: Who qualifies for GETS and priority services is under Government control that is communicated to carriers. Wireless priority is a different thing. You are given the opportunity to be in line for the next available signal/channel from cell site.
