Perspectives on Defense Cyber Issues

Slides:



Advertisements
Similar presentations
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
Advertisements

Privacy Impact Assessment Future Directions TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.
Child Safeguarding Standards
David A. Brown Chief Information Security Officer State of Ohio
Defence and Cyber Growing Threats - Changing Security Models The Need for a Change in Mindset ? The Kokoda Foundation Cyber Security Study
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Framework for Improving Critical Infrastructure Cybersecurity NIST Feb 2014.
RADM Ali S. Khan, MD, MPH Director, Office of Public Health Preparedness and Response Bridging the Gaps: Public Health and Radiation Emergency Preparedness.
Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE.
The Crown and Suppliers: A New Way of Working People & Security15:35 – 16:20 Channels & Citizen Engagement Social Media ICT Capability Risk Management.
OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Valerie Heil March 20, 2015 UNCLASSIFIED Industrial Security.
Module 3 Develop the Plan Planning for Emergencies – For Small Business –
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
Seán Paul McGurk National Cybersecurity and Communications
The Preparatory Phase Proposal a first draft to be discussed.
DoD Acquisition Domain (Sourcing) (DADS) Analysis of Alternatives (AoA) E-Business/SPS Joint Users’ Conference November 15-19, 2004 Houston, TX.
INTERNET2 COLLABORATIVE INNOVATION PROGRAM DEVELOPMENT Florence D. Hudson Senior Vice President and Chief Innovation.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Valerie Heil August 12, 2014 UNCLASSIFIED NISPOM Update.
IAEA International Atomic Energy Agency IAEA Nuclear Security Programme Enhancing cybersecurity in nuclear infrastructure TWG-NPPIC – IAEA May 09 – A.
Roles and Responsibilities
Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.
Homeland Security UNCLASSIFIED United States Coast Guard Office of Port and Facility Compliance (CG-FAC) Cyber Security and the Marine Transportation System.
Federal Acquisition Service U.S. General Services Administration June 3, 2013 Joint Working Group on Improving Cybersecurity and Resilience through Acquisition.
Business Continuity Program Orientation (insert presentation date) (This presentation is a template that requires adjustments to meet your needs)
Understanding Technology Stakeholders: Their Progress and Challenges John M. Gilligan Software Assurance Forum November 4, 2009.
IAEA International Atomic Energy Agency School of Drafting Regulations – November 2014 Government and Regulatory Body Functions and Responsibilities IAEA.
Of XX Government Contracts Statutes, Regulations, Executive Orders & Policies Stu Nibley, Partner, K&L Gates LLP ©2015 PubKLearning. All rights reserved.1.
Information Security IBK3IBV01 College 3 Paul J. Cornelisse.
THE SECURITY SECTOR REVIEW PROCESS. ISSUES Understanding: -Scope: What are the elements of a SS Review? -Need: Why review the Security Sector? -Process:
NATO Policy on Civil Standards Benefits of Going Civil Greg Saunders Director Defense Standardization Program Office.
Information Security tools for records managers Frank Rankin.
EMS Seminar #4 – Disaster Preparedness Joseph Ip BSc (Hon), MSc, MD VGH Emergency May 28, 2002.
OFFICE OF VA ENTERPRISE ARCHITECTURE VA EA Cybersecurity Content Line of Sight Report April 29, 2016.
By: Mark Reed.  Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
USDA 2016 Financial Management Training Transforming Shared Services
UNCLASSIFIED Homeland Security 2016 TRB Annual Meeting Cyber Risk Management CAPT Verne Gifford (CG-5PC) 1.
Monitoring the Progress and Management Plans of Cross Cutting Issues International Seminar on Governance and Development Federal Court of Accounts (TCU),
Online Safety The Campion School.
Mgt Project Portfolio Management and the PMO Module 8 - Fundamentals of the Program Management Office Dr. Alan C. Maltz Howe School of Technology.
Disaster and Emergency Planning
Cyber Security Enterprise Risk Management: Key to an Organization’s Resilience Richard A. Spires CEO, Learning Tree International Former CIO, IRS and.
Discussion of CRVS strategies
DoD Cyberspace Workforce Definitions
DOE Nuclear Safety Research and Development Program
Defense Business Systems (CLE077) Sprint
CMGT 431 STUDY Lessons in Excellence--cmgt431study.com.
NRC Cyber Security Regulatory Overview
DoD Cyberspace Workforce Definitions
#IASACFO.
IS4550 Security Policies and Implementation
By Jeff Burklo, Director
Implementation of Internal Control
Statistics Governance and Quality Assurance: the Experience of FAO
Trust and Security Unit
Amy Wilson CNS, Y12 National Security Complex
The Nova Scotia Asset Management Program
I UNDERSTAND CONCEPTS OF CYBERSECURITY
Cyber Security Culture
Cybersecurity ATD technical
Cyber Security and Traffic Data Systems
Managing IT Risk in a digital Transformation AGE
Cyber Security in a Risk Management Framework
Capabilities Briefing
Mrs.Dharshana Senanayake Director General
I4.0 in Action The importance of people and culture in the Industry 4.0 transformation journey Industry 4.0 Industry 3.0 Industry 2.0 Industry 1.0 Cyber.
IT Applications with Emerging Techniques: Security Solutions
Data for PRS Monitoring: Institutional and Technical Challenges
EFCOG Design Basis Threat Update/ Unmanned Aircraft Systems Overview
50% Introducing the Cybersecurity Assessment
Presentation transcript:

Perspectives on Defense Cyber Issues Joseph W. Kirschbaum Director, Defense Capabilities and Management U.S. Government Accountability Office 12 October 2018

Defense Cyber Challenges It’s not just a technical thing Risk management is essential Assessing effectiveness is crucial to progress

http://www.gao.gov/products/GAO-17-668 http://www.gao.gov/products/GAO-15-544 https://www.gao.gov/products/GAO-17-512

How DOD Treats IoT Devices DOD Device DODIN Interface; IT Security Standards Secure Personal Device No DODIN Interface Secure ?

Internet of Things-Unwitting Insider Threat

What Are Insider Threats? The threat that an insider will use her or his authorized access, wittingly or unwittingly, to do harm to the security of the United States. --DOD Definition Pose a danger to facilities, resources, information, and people

Information and Cyber Systems Complex Problem Information and Cyber Systems

Collaboration is Key Ensure cross-function coordination Develop, disseminate, and incorporate best practices and lessons learned. Share information as appropriate Establish formal and informal agreements

DOD Gaps Policies and guidance are insufficient for specific types or classes of device. Core DOD security policies and guidance does not incorporate IoT: Cybersecurity Operations security Information security Physical security.

DOD Gaps, continued Services are not conducting threat-based operations security assessments--as required by DOD’s operations security program. DOD is not effectively assessing effectiveness of actions taken to implement cyber strategy. DOD-wide risk management

Contact Information Joseph W. Kirschbaum Director Defense Capabilities and Management US Government Accountability Office 202-512-9971 kirschbaumj@gao.gov

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.