1 / 5

UNCLASSIFIED//FOUO

Cybersecurity Threat Systems Management Office (TSMO). Briefer: Mr. Brad Thomason Title: Acting Director Date: 25 Jul 2018 E-mail/Phone: bradley.o.thomason.civ@mail.mil/256-876-8700. UNCLASSIFIED//FOUO. UNCLASSIFIED//FOUO. Cybersecurity Test and Evaluation Functions & Tasks.

vadams
Télécharger la présentation

UNCLASSIFIED//FOUO

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cybersecurity Threat Systems Management Office(TSMO) Briefer: Mr. Brad Thomason Title: Acting Director Date: 25 Jul 2018 E-mail/Phone: bradley.o.thomason.civ@mail.mil/256-876-8700 UNCLASSIFIED//FOUO

  2. UNCLASSIFIED//FOUO Cybersecurity Test and Evaluation Functions & Tasks • Identify the cyber-attack surface • Examine system architecture, components, and data flows • Analyze and decompose system mission • Map mission dependencies • Analyze the attack surface • Characterize the cyber threat • Examine cyber effects on the system and mission • Develop cyber kill chain • Perform or update MBCRA • Document results and update test planning and artifacts • Document results of cyber-attack surface analysis in a cyber-attack surface analysis report • Prepare for Phase 3 and Phase 4 cybersecurity DT&E events • Formulate test strategy • Plan adversarial assessment • • Coordinate with the OTA team • • Execute the adversarial • assessment • • Document results • Threat objectives based mission impact assessment of capability • World-class operators and infrastructure • Event planning, coordination, deconfliction, and reporting • Plan CVI Test Activities • Develop cybersecurity test objectives • Contractor testing • Plan test events • Document test plans • Plan cyber test infrastructure • Integrate system testing • Conduct CVI events and document results • Obtain reports • Cybersecurity evaluation • Update mission-based cyber risk assessment • Prepare for Phase 4 adversarial cybersecurity DT&E event • Compile list of cybersecurity and resiliency requirements • • Prepare for cybersecurity T&E Events • Develop the initial DEF • Identify supporting cybersecurity T&E resources • Develop the initial OT evaluation framework • Align RMF activities with the TEMP • Plan and schedule an MBCRA • • Plan for cybersecurity T&E • Develop cybersecurity T&E strategy • Review PPP, System Engineering Plan • Intelligence analysis • Update cyber threat assessment and kill chain analysis • Plan adversarial DT&E • Develop test objectives • Define metrics • Identify resources • Develop rules of engagement • Define process and test cases • Plan integrated tests • Document test plans • Finalize preparation of test infrastructure • Conduct TRR • Review threat assessments (e.g. VOLT) • Review red team personnel assignment • Conduct adversarial cybersecurity DT&E • Perform ACD events • Obtain reports • Cybersecurity evaluation • Exit criteria for cybersecurity DT&E • Plan CVPA • Coordinate with a cybersecurity vulnerability assessment team • Execute CVPA • Document results Blue Team Red Team

  3. UNCLASSIFIED//FOUO Securing the Information Environment

  4. UNCLASSIFIED//FOUO Thoughts on Way Ahead • Expand test philosophy to evaluate information pathways • Compromise of Mission vs Compromise of System • NDAA Section 1647 • Up Front Analysis of Mission • CVPA on Operational Networks • Persistent Red Team

  5. UNCLASSIFIED//FOUO Questions

More Related