UNCLASSIFIED JFHQ-DODIN Update
The overall classification of this briefing is: UNCLASSIFIED
Lt Col Patrick Daniel JFHQ-DODIN J5 As of: 21 April 2016
UNCLASSIFIED
1
UNCLASSIFIED
Presentation Disclaimer
"The information provided in this briefing is for general information
purposes only. It does not constitute a commitment on behalf of the United
States Government to provide any of the capabilities, systems or equipment
presented and in no way obligates the United States Government to enter into
any future agreements with regard to the same. The information presented
may not be disseminated without the express consent of the United States
Government. This brief may also contain references to Unite States
Government future plans and projected system capabilities. Mention of these
plans or capabilities in no way guarantees that the U.S. Government will
follow these plans or that any of the associated system capabilities will be
available or releasable to foreign governments."
UNCLASSIFIED
2
UNCLASSIFIED Cyberspace Ops Mission Alignment USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action
UNCLASSIFIED
JFHQ-Cyber 3
UNCLASSIFIED Mission Statement JFHQ-DODIN exercises command and control of DODIN operations & DCO-IDM globally in order to synchronize the protection of DOD component capabilities to enable power projection and freedom of action across all warfighting domains.
0
UNCLASSIFIED
4
Combatant Commands
UNCLASSIFIED
Secure, Operate & Defend the DODIN Command and Control Structure
Operational Control (OPCON)
LEGEND Supporting/Supported OPCON TACON DACO - Directive Authority For Cyberspace Operations
Tactical Control (TACON)
Directive Authority For Cyberspace Operations (DACO)
UNCLASSIFIED
Service Cyber Components
All Defense Agencies & Field Activities 5
UNCLASSIFIED JFHQ-DODIN The Year in Review · JFHQ-DODIN established 15 Jan 15 · Accomplishments Led 17 named operations for DODIN defense Produced 517 DODIN intelligence products Assumed Operational Control (OPCON) of DODIN Cyber Protection Teams (CPTs) Assumed control of Command Cyber Readiness Inspection (CCRI) process Participated in 9 exercises and 2 war games Began development of first-ever deliberate plan for DODIN defense Established JTF in support of Combatant Command mission
UNCLASSIFIED
6
UNCLASSIFIED DODIN Defined
Platform IT Service Networks
"The are
DaepgalorCtbmloauleldnytSineotrfevriccDeoesnfneencsteedi,nefonrdm-taot-ieoAnngdensneecttywoNoferikntwsfoo(rrkDmsOatDioInN)
capabilities for collecting, processing, storing, disseminating,
CDCs
DODIN and managing information on demand to warfighters, policy makers, and support personnel. The DODIN includes owned and leased communications and computing systems and services,
software (including applications), data, security services, other
associated services, and national security systems." JP 3-12 Educational Institutions
Industrial Control Systems UNCLASSIFIED
Coalition & Multi-national Tactical Communications
Networks
Systems
Leased Telecom Services
Mobile Devices
7
UNCLASSIFIED Paradigm Shift within the DoD Building an "immune system" for the DODIN
JFHQ-DODIN provides unity of command to enable this new paradigm
UNCLASSIFIED
8
UNCLASSIFIED
A Day in the life of the DODIN
8.2M E-Mails Received
Malicious
14%
(Blocked)
86%
Valid
(Allowed
Through)
30 Suspicious Events that require further analysis
43K Attempted Intrusions Detected and Blocked
Each Year: 3B E-Mails Received, 16M Attempted Intrusions, 11K Events to be analyzed
UNCLASSIFIED
9
UNCLASSIFIED The Big Data Tsunami
- We must transform data into information, then further refine that information into intelligence - Better automation is critical
Network and threat data (Four Vs) -Volume (Data at rest): Hundreds of terabytes daily -Velocity (Data in motion): Data is constantly flowing -Variety (Data in different forms): No single format -Veracity (Data in doubt): False positives and ambiguity UNCLASSIFIED
Limited number of analysts Missed Data Limited storage can cause data to be dropped, how much should we store and what is the cost? 10
UNCLASSIFIED Takeaways · JFHQ-DODIN leverages new command relationships to synchronize DODIN defense · Technology-agnostic C2 framework helps us be flexible and responsive · We must increase use of automation to solve the "big data tsunami" problem How can industry help? · Focus on "combined arms" approach to DODIN defense
UNCLASSIFIED
11
Questions? UNCLASSIFIED
UNCLASSIFIED 12