17 November 2016

Army honing in on cyber defense

November 11, 2016

Army officials have seen the growth in cyber defense coming down the pike. This is in part to its Defensive Cyberspace Operation infrastructure program. For its part, the Program Executive Office for Enterprise Information Systems is tasked with providing DCO the non-tactical, enterprise network.

PEO EIS is executing a four pronged approach based upon an operational needs statement for DCO, which includes DCO infrastructure, cyber protection team tools, web vulnerability, and the big data platform – developed by DISA and Army Cyber Command.

To augment DCO, the Army is undertaking a new effort to acquire defensive cyber tools for cyber protection teams (CPT) falling under the cyber protection team tools prong of the DCO program. “It’s designed to deploy tools and an infrastructure to defend the network and do some forensic operations and analysis to identify trends and catch the bad guys,” Ralph Ocasio, the deputy program manager for installation information infrastructure communications and capabilities, was quoted as saying to Federal News Radio. “It’s not so much for offensive operations, but that first line of defense across the network.”

Ocasio also reportedly said that rather than having teams procure cyber tools from industry under previous models, which he termed “a hodgepodge from an acquisition perspective,” a new process would be more formalized and break some of the impediments related to purchasing cyber capabilities in a quick manner.

According to talking points on the program obtained by C4ISRNET, this DCO tool suite, as it’s called, will be a critical element of the DCO and facilitate a CPT maneuver baseline, the ability to run software packages that defend the network. The tool suite will provide CPTs sensors, active detection network analysis, threat emulation, forensic analysis, web scanning, planning and visualization tools for conducting defensive cyberspace operations, according to talking points.

While a program of record is being initiated, anticipated contract awards will be occurring in 2018. However, the cyber protection brigade received the initial tools procured based upon an operational needs statement.

This DCO infrastructure initiative, according to talking points, will provide hardware, software and firmware to enable the instantiation and execution of software platforms and tools on the network. This infrastructure will allow CTPs to maneuver on the network and provide mission protection, discover and counter infiltration, cyberspace readiness, cyberspace support and threat emulation capabilities.

No comments: