Title: Cybersecurity and the Logistics Professional Date: 31 January 2018 Presenters: Roy Wilson and Vincent Lamolinara, Professors of Acquisition Cybersecurity, Defense Acquisition University, Mid-Atlantic Region Moderator: Jim Davis, Logistics Department Chair, Defense Acquisition University, Mid-Atlantic Region
23
Embed
Title: Cybersecurity and the Logistics Professional...2018/01/31 · the Logistics Professional Date: 31 January 2018 Presenters: Roy Wilson and Vincent Lamolinara, Professors of
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Title: Cybersecurity and
the Logistics Professional
Date: 31 January 2018
Presenters: Roy Wilson and Vincent Lamolinara, Professors
of Acquisition Cybersecurity, Defense Acquisition
University, Mid-Atlantic Region
Moderator: Jim Davis, Logistics Department Chair, Defense
Acquisition University, Mid-Atlantic Region
Purpose
Webinar for DoD Logistics Professionals & Product Support
Managers (PSM), focused on enhancing success in fielding
and sustaining cyber secure ACAT I MDAP/MAIS, and/or
Major Weapon Systems
2
Cyber Threat to DoD systems
“The DoD should expect cyber attacks to
be part of all conflicts in the future, and
should not expect competitors to play by
our version of the rules” (p. 5)
3
The Rules Don’t Apply To Cyber
4
Think like
a hacker
Threat Vector
5
The Targets
• Information Systems• Defense Business Systems
• C3I
• System Development (government/contractor)
• T&E
• Logistics
• Weapon Systems
• Other Information Technology• Critical Infrastructure
• Technical Order/ Manual Validation, Verification, and Quality Assurance Plans
• Training System Requirements Analysis (TSRA)
• System Training Plan (STP)
18
Open Discussion
19
Cybersecurity in the Defense Acquisition System (DAS)
Overarching Tenets• Cybersecurity will be fully considered and implemented in
all aspects of acquisition programs across the life cycle
• Responsibility for cybersecurity extends to all members of the acquisition workforce
• Cybersecurity is a requirement for all DoD Programs
• Program Managers are responsible for the cybersecurity of their programs, systems and information
• Cybersecurity applies to systems that reside on networks and stand alone systems that are not persistently connected to networks during tactical and strategic operations
20
New Cybersecurity Enclosure 14 to DoDI 5000.02 Operation of the DAS
Effective 02 February, 2017
21
Integrating Cybersecurity into Systems Engineering
System
Authorization
Decision
Cyber Risk
Assessment
Secure Code
Practices
Continuous Monitoring
Cybersecurity
Stakeholders
Security
Architecture and
Design
Blue Team / Vulnerability
Assessments
System
Survivability KPP
Ref: ISO/IEC/IEEE 15288, Systems and Software Engineering- System Lifecycle Processes, 15 May 15