Information Operations Conditions (INFOCONs) In The Real World

Slides:



Advertisements
Similar presentations
UJTL Ontology Effort TMCM Nelson And Marti Hall. Overview Vision for the UJTL and METLs Scenario Mapping Findings Proposed POA&M outline.
Advertisements

THE FOLLOWING MINI PRESENTATION ON OPSEC IS TAKEN FROM A US AIR FORCE BRIEFING. ALTHOUGH THIS IS A MILITARY PRESENTATION, IT PROVIDES A GOOD OVERVIEW OF.
CYBERSPACE A Global War-fighting Domain Every minute of every day, Airmen in the United States Air Force are flying and fighting in cyberspace.
Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.
Department of Defense Information Assurance Range: A Venue for Test and Evaluation In Cyberspace DISA-JITC/JTG1 August 2011 UNCLASSIFIED.
DHS, National Cyber Security Division Overview
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Bringing Governments, Industry and Academia Closer Together to Assure Global Cyber Security Terry L. Janssen, PhD Science and Technology Advisor Network.
Developing Information Security Policy. Why is Developing Good Security Policy Difficult? Effective Security/IA Policy is more than locking doors and.
1 Telstra in Confidence Managing Security for our Mobile Technology.
Cyberspace and the Police Mamoru TAKAHASHI Head of Computer Forensic Center, Hi-tech Crime Technology Division National Police Agency, Japan.
(Geneva, Switzerland, September 2014)
Stephen S. Yau CSE , Fall Security Strategies.
IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.
Army Doctrine Publication (ADP) 3-37; and Army
Workshop Summary ISPS Drills & Exercises Workshop Port Moresby 2006.
China and space security National Defense University, PLA, China National Defense University, PLA, China Zhong Jing.
IAEA International Atomic Energy Agency International Cooperation in Nuclear Security David Ek Office of Nuclear Security.
ARTIFICIAL INTELLIGENCE IN HOMELAND SECURITY Patrick Hathaway CS572 – Advanced Artificial Intelligence.
Operations Security (OPSEC) Introduction  Standard  Application  Objectives  Regulations and Guidance  OPSEC Definition  Indicators.
Advanced Systems and Concepts Office 20-Sep-15 What are National Security Threats? 2 nd Annual JTAC Workshop 4 April 2006 ASCO and DTRA Update and Welcome.
EDS Incident Command System Tabletop Exercise [Exercise Location] [Exercise Date] [Insert Logo Here]
I n t e g r i t y - S e r v i c e - E x c e l l e n c e Headquarters U.S. Air Force 1 Lt Gen Bill Lord, SAF/CIO A6 Chief of Warfighting Integration and.
Information Assurance Program Manager U.S. Army Europe and Seventh Army Information Assurance in Large-Scale Practice International Scientific NATO PfP/PWP.
STRATEGIC INTELLIGENCE MANAGEMENT Chapter by Paul de Souza Chapter 18 - National Cyber Defense Strategy, Pg. 224.
Critical Infrastructure Protection Overview Building a safer, more secure, more resilient America The National Infrastructure Protection Plan, released.
Force Protection. What is Force Protection? Force protection (FP) is a term used by the US military to describe preventive measures taken to mitigate.
0 Peter F. Verga U.S. Department of Defense 2 Definitions Homeland Security – A concerted national effort to prevent terrorist attacks within the United.
Air Force Doctrine Document 2-5.4: Public Affairs Operations.
Shift Left Feb 2013 Page-1 DISTRIBUTION STATEMENT A – Cleared for Open Publication by OSR on January 17 th, 2013 – SR case number 13-S-0851 Dr. Steven.
OVERALL CLASSIFICATION OF THIS BRIEFING IS UNCLASSIFIED United States Southern Command SOUTHCOM’s Role and Responsibilities in Foreign Humanitarian Assistance.
Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.
A Global Approach to Protecting the Global Critical Infrastructure Dr. Stephen D. Bryen.
The IT Vendor: HIPAA Security Savior for Smaller Health Plans?
Visual 1. 1 Lesson 1 Overview and and Risk Management Terminology.
Defense Daily Cyber Summit
Latest Strategies for IT Security Margaret Myers Principal Director, Deputy CIO United States Department of Defense North American Day 2006.
1 27 August 2009 Maryfrances Herrera Safety and Security Interface.
Coast Guard Cyber Command
INMM Nuclear Security and Physical Protection Technical Division.
UNCLASSIFIED 6/24/2016 8:12:34 PM Szymanski UNCLASSIFIED Page 1 of 15 Pages Space Policy Issues - Space Principles of War - 14 June, 2010.
Risk Assessments in Many Flavors George J. Dolicker, CISA, CISSP.
Overall Classification of this Briefing is UNCLASSIFIED//FOUO
Maritime Security as an Integral Part of an
“Existing world order is being redefined.” Henry Kissinger Jan 2015
INFORMATION SECURITY IN ARMENIA: PRESENT STATUS AND TASKS
OACCA Residential Transformation Conference
Compliance with hardening standards
AFOSI and the First Sergeant
Critical Infrastructure Protection Policy Priorities
United States Coast Guard
Risk Management in Plain English
Cyber defense management
“The Link” - Continuity of Operations and Emergency Management
I have many checklists: how do I get started with cyber security?
8 Building Blocks of National Cyber Strategies
Command Indoctrination Operations Security DD MMM YY
Threat Trends and Protection Strategies Barbara Laswell, Ph. D
NERC Critical Infrastructure Protection Advisory Group (CIP AG)
Chapter 21:Security Beyond Computer Networks: Information Assurance
How to Mitigate the Consequences What are the Countermeasures?
Operations Security (OPSEC)
Cybersecurity ATD technical
Overall Classification of this Briefing is UNCLASSIFIED
Phase Zero Social Media Applications
IS Risk Management Framework Overview
Training at the Awareness Level Review
Cyber Security For Civil Engineering
Command Indoctrination Operations Security DD MMM YY
Presentation transcript:

Information Operations Conditions (INFOCONs) In The Real World Although our mission is Strategic Nuclear Deterrence, we are fully aware of the impacts that information operations can have on our ability to execute that mission. The consequences of not being prepared are clear. Information Operations may not be a kinetic weapon system, but clearly it can have serious consequences. Our job in J6 is to defend against such an attack. Our bottom line is that a strong Information Assurance (IA) program is absolutely essential to provide assured information services to the warfighter. Major George L. McMullin II UNCLASSIFIED

INFOCONs What Why How UNCLASSIFIED - What is the most powerful unified Command on the face of the earth doing about it? UNCLASSIFIED

VIRTUAL COMMUNITY, VIRTUAL THREAT “Virtual” Enemy “Virtual” Country Vulnerabilities Global Info Flow - Virtual Country: no geographic boundaries or borders in cyberspace - Global Information Flow: Information exchange is instantaneous--that does not mean we should believe everything we read in cyberspace - Proliferating Attack Weapons: more weapons, easier to use -- Example: Search utility on Internet found 50,000 hits on “hacking” - Vulnerabilities: Are increasing exponentially with the continuing rapid increase in technology -- DISA has over 400 known Internet vulnerabilities they’ve posted on their bulletin board. - Growing Technology & Targets: The growth of technology has resulted in a proportional growth in opportunities to exploit - No laws: Virtually no International laws exist on computer crimes (a crime in U.S. may not be a crime in Sweden) -- more international cooperation is critical to bringing violators to justice - Virtual Enemy: The enemy is invisible. Growing Technology & Targets Proliferating “Attack” Weapons Technology Leads Laws UNCLASSIFIED

COUNTERING THE THREAT Protect Detect React People Processes Systems Facilities To build the foundations of our program, we started with a basic formula of “protect, detect, and react”--a fairly standard DoD concept. We then applied this formula to the building blocks of “people, processes, systems, and facilities.” The result has been a well-balanced program with a strong foundation. Policy/Concepts: Strong policies are vital, from how to accredit your systems to enforcing computer passwords, our team keeps current with leading edge practices and technologies, and integrates them into Command guidance and planning efforts. Earlier this year we hosted a workshop with Joint Staff, pulling together CINCs, Services, and component Info Assurance players. This year’s workshop also focused on pulling the Task Forces together. Awareness: We put great emphasis on security awareness and training. Newcomer’s programs and recurring training have paid big dividends. The results of Global Guardian 98 yielded a 98.5% OPSEC effectiveness rate. We attribute this success primarily to training and awareness programs. We have always had strong CINC sponsorship in this area. Security Assessments: Find the vulnerabilities before your enemies! We have built an in-house “Red Team” to test our systems in real time. We also assess readiness by exercising our capabilities during Command exercises such as Global Guardian. Response: The final ingredient is the ability to respond to any IO attack. We have formed a home-grown response capability called the STRATCOM Computer Emergency Response Team (STRATCERT). This team has forged strong operational ties both internal to STRATCOM and with other DoD agencies. Policy/Concepts Awareness Security Assessments & Exercises Response Capabilities UNCLASSIFIED

DEFCON THREATCON INFOCON National Geographical Organizational - What is the most powerful unified Command on the face of the earth doing about it? UNCLASSIFIED

USSTRATCOM’s RESPONSE Training and Awareness Info Operations Conditions (INFOCONS) Computer Emergency Response Team (STRATCERT) “Red” Team Exercises/Testing New Intrusion Detection Technology Demonstration - What is the most powerful unified Command on the face of the earth doing about it? UNCLASSIFIED

INFORMATION ASSURANCE POSTURE Monitor Threats Assess Vulnerability The goal is to be able to continually manage the risk so that it is acceptable. This is a continual process that everyone in the Command is part of. We have a layered defense strategy of people and technology that allows us to monitor the threat, assess the threat to determine if we are vulnerable, and then to manage the risk to the Command if we are vulnerable. Manage Risk UNCLASSIFIED

INFORMATION OPERATIONS CONDITIONS (INFOCONs) Escalating Information Threat Conditions Normal > Alpha > Bravo > Charlie > Delta Responses for each condition Developed by USSTRATCOM personnel Defense Science Board report Exercise lessons learned Focus - C4I defense from computer network attack We are also the first DoD organization to implement the concept of Information Operations Conditions. INFOCONs are roughly analogous to Terrorist THREATCONs and the local base THREATCONs, but are designed to define and respond to an information attack. Theat changes can be simplified in another way: A DEFCON change is a national response A THREATCON change is a geographical response An INFOCON change is an organizational response Developed by USSTRATCOM personnel, we built our INFOCONs using the basic construct mentioned in the 1996 Defense Science Board report, GG 97 lessons learned, and daily operations. The focus of the INFOCONs is C4I defense, primarily against computer network attacks. UNCLASSIFIED

Advantage Hacker Technology Edge Difficult to develop perfect defense High cost in time and money Tools Free vs Expensive Simple vs Complicated Picks the time, place, medium, and method David Effect We are also the first DoD organization to implement the concept of Information Operations Conditions. INFOCONs are roughly analogous to Terrorist THREATCONs and the local base THREATCONs, but are designed to define and respond to an information attack. Theat changes can be simplified in another way: A DEFCON change is a national response A THREATCON change is a geographical response An INFOCON change is an organizational response Developed by USSTRATCOM personnel, we built our INFOCONs using the basic construct mentioned in the 1996 Defense Science Board report, GG 97 lessons learned, and daily operations. The focus of the INFOCONs is C4I defense, primarily against computer network attacks. UNCLASSIFIED

Effective Employment Hostile intent identified? Accomplish aims of aggressors? Increase in probes/attacks? Recommended? Mitigating circumstances? We are also the first DoD organization to implement the concept of Information Operations Conditions. INFOCONs are roughly analogous to Terrorist THREATCONs and the local base THREATCONs, but are designed to define and respond to an information attack. Theat changes can be simplified in another way: A DEFCON change is a national response A THREATCON change is a geographical response An INFOCON change is an organizational response Developed by USSTRATCOM personnel, we built our INFOCONs using the basic construct mentioned in the 1996 Defense Science Board report, GG 97 lessons learned, and daily operations. The focus of the INFOCONs is C4I defense, primarily against computer network attacks. UNCLASSIFIED

Y2K! “El Nino Of The Cyber World!” Coming Soon. . . a Winter Blockbuster!! Y2K! One Time Only! All Shows Free!! 1 Jan 2000! All Theaters! - Year 2000--perfect time to strike - Y2K problem or computer hacker--who will be able to discern the difference. - BCOT class--you are the ones who will be tasked with solving many of these problems-- this is warfighting in the 21st Century “El Nino Of The Cyber World!” Coming Soon! UNCLASSIFIED

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.