CNCI2 Fills-in Cybersecurity Blueprint

Information Security
CNCI2 Fills in Cybersecurity Blueprint

By Teri Robinson

When President Obama launched a review of federal efforts to mitigate the economic and national security challenges caused by cybersecurity issues he made it clear that this country must:
*Establish a shared situational awareness network that identifies vulnerabilities, threats and events.

*Enhance  U.S. counterintelligence capabilities and increase security of the supply chain

*Expand cyber education

On the recommendations of the Cyberspace Policy Review the government has begun to build on the Comprehensive National Cybersecurity Initiative (CNCI) as part of CNCI2 and this spring the White House released details of what agencies and the public can expect.

Manage the federal enterprise network as a single network enterprise with Trusted Internet Connections. Led by OMB, the TIC initiative will consolidate the government’s external access points to create a common security solution. Agencies can do this as TIC Access Providers, operating it themselves, or by using commercial Managed Trusted IP Service (MTIPS) providers found in GSA-managed NETWORX contract.

Deploy an intrusion detection system of sensors across the federal enterprise. As part of EINSTEIN 2, DHS is deploying signature-based sensors that can inspect Internet traffic coming into federal systems to unearth unauthorized access and malicious content.

Pursue deployment of intrusion prevention systems across the federal enterprise.
Aimed at civilian departments and agencies of the federal Executive Branch, EINSTEIN 3 will inspect packets and make decisions on the threat of  network traffic over executive branch networks.

Coordinate and redirect research and development (R&D) efforts. Coordinating cyber-related R&D activities across government agencies is no easy task. This initiative tackles identifying those activities and directing R&D where it’s needed.

Connect current cyber ops centers to enhance situational awareness.
Government information security offices and strategic operations must share information on malicious activities and accommodate privacy protections to determine the threat against government then exploit different agencies’ unique abilities to provide cyber defense. Responsibility for securing government networks will fall under the umbrella of the National Cybersecurity Center (NCSC) in the Department of Homeland Security.

Develop and implement a government-wide cyber counterintelligence (CI) plan.
Aimed to coordinate across federal agencies, the plan will “detect, deter, and mitigate the foreign-sponsored cyber intelligence threat to U.S. and private sector information systems” by expanding “cyber CI education and awareness programs and workforce development to integrate CI into all cyber operations and analysis, increase employee awareness of the cyber CI threat, and increase counterintelligence collaboration across the government.”

Increase the security of classified networks. They store the government’s most sensitive data so any breach could seriously compromise national security.

Expand cyber education. Technology is a must for a solid security strategy but it is people that execute it. The government needs more cybersecurity experts. Recommendations include a national strategy.

Define and develop enduring “leap-ahead” technology, strategies, and programs. The government will seek strategies and programs to enhance R&D for high risk/high payoff solutions to cybersecurity issues that are the most pressing. Under this initiative, new technology should be deployable within five to 10 years.

Define and develop enduring deterrence strategies and programs.
This component encourages government to take a long-range approach to cybersecurity. Among the initiatives: improve warning systems, define the roles of both the private sector and international entities and determine responses.

Develop a multi-pronged approach for global supply chain risk management. Globalization has extended to information and communications technology so the U.S. must be able to manage risks that spring from domestic and globalized supply chains.

Define the federal role for extending cybersecurity into critical infrastructure domains. Privately owned and operated critical infrastructures are critical to carrying government’s mission to serve its people. This Initiative extends and expands the “partnership between the federal Government and the public and private sector owners and operators of Critical Infrastructure and Key Resources (CIKR).” The Department of Homeland Security in concert with private-sector partners have a plan for shared action that includes “aggressive” milestones.