UNCLASSIFIED
UNCLASSIFIED Cyber Services "Protect and Defend" Patrice C. Wilmot Chief, Cyber Services Division 21 April 2016 UNITED IN SERVICE TO OUR NATION
Presentation Disclaimer
UNCLASSIFIED
"The information provided in this briefing is for general information purposes only. It does not constitute a commitment on behalf of the United States Government to provide any of the capabilities, systems or equipment presented and in no way obligates the United States Government to enter into any future agreements with regard to the same. The information presented may not be disseminated without the express consent of the United States Government. This brief may also contain references to Unite States Government future plans and projected system capabilities. Mention of these plans or capabilities in no way guarantees that the U.S. Government will follow these plans or that any of the associated system capabilities will be available or releasable to foreign governments."
UNCLASSIFIED
UNITED IN SERVICE TO OUR NATION
2
Panel Members
UNCLASSIFIED
MODERATOR:
PANEL MEMBER PANEL MEMBER
PANEL MEMBER
PANEL MEMBER
Patrice Wilmot
Jeff Buss, CAPT, USN Tony Purvis
Michael Sandell
Kate Felts
Chief,
Chief, DISA
Director,
Chief, Vulnerability Chief, Information
Cyber Services Division Command Center DECC Oklahoma City Management Branch Technology Services
UNCLASSIFIED
UNITED IN SERVICE TO OUR NATION
3
Cyber Protect Lifecycle
Identify
UNCLASSIFIED
Monitor & Report UNCLASSIFIED
Assess
Mitigate
UNITED IN SERVICE TO OUR NATION
4
Panel Questions -- DCC
UNCLASSIFIED
· Speaking from a boundary defense position in the Headquarters, how are events, incidents and information delivered (notification and escalations) to Mission Partners and COCOMs? What command and control feedback mechanisms are in place that enable senior leaders (Echelon Level I) to make informed decisions? · From DISA's C2 perspective how does the DCC employ assets and shift priorities to defend the network? · Do you find the Alignment to Cybersecurity / Computer Network Defense Service is contributing to an effective boundary defense effort? How are you meeting the challenge of the layering of networks and overlapping roles and responsibilities?
UNCLASSIFIED
UNITED IN SERVICE TO OUR NATION
5
Panel Questions -- DISANET
UNCLASSIFIED
· How you, as an enclave manager, evaluate and remediate findings? · How are mitigations determined and implemented while balancing impact to mission? · What criteria is used to test and prioritize remediation efforts?
UNCLASSIFIED
UNITED IN SERVICE TO OUR NATION
6
Panel Questions -- DECC
UNCLASSIFIED
· How does the DECC prioritize remediation efforts when critical vulnerabilities effect multiple workloads? · What is your greatest challenge with maintaining risk posture for workloads? · How do you maintain readiness given the number of threats and attacks on a given day?
UNCLASSIFIED
UNITED IN SERVICE TO OUR NATION
7
Panel Questions ISC/SE
UNCLASSIFIED
· How do we handle planned versus unplanned exploits? · What are the challenges we face with regard to the diverse environments supported by DISA? Example convergence of Voice, Video, and desktop? · What actionable information do you provide to systems owners related to security posture?
UNCLASSIFIED
UNITED IN SERVICE TO OUR NATION
8
UNITED IN SERVICE TO OUR NATION
UNCLASSIFIED
9