Inside the Pentagon - 08/11/2011 More milestones anticipated
http://defensenewsstand.com/component/option,com_ppv/Itemid,287/id,2372549/ PACOM's Joint Test Project For Cyber Ops Signs First Field Test Report A major Defense Department cyberdefense exercise aimed at developing new techniques has completed a key milestone and expects to release a draft of tactics, techniques and procedures developed during the test this fall. U.S. Pacific Command has been working with the Pentagon's operational testing shop on a Joint Cyber Operations Joint Test project since Michael Crisp, the deputy director for air warfare within the testing office, signed off on the initiative's charter in August 2010 (Inside the Pentagon, March 2, p1). The Joint Cyber Operations (JCO) Joint Test completed its first field test in April and May, and officials signed out a report last month, PACOM joint test director Matt Goda said. "It provided informal feedback to the Joint Program Office (JPO) on the accomplishment of the test event objectives, problems or issues encountered and the Joint Test director's comments on the way ahead," Goda said of the "for-official-use-only" report. The command plans to release a revision of the cyberdefense tactics, techniques and procedures tested during the project this fall. A classified draft of the TTP was prepared during the recently wrapped-up field test, Goda said. Additionally, the Pentagon and PACOM will hold meetings to review field test findings, conclusions and recommendations, as well as the project's Concept of Operations and TTP development. A Joint Warfighter Advisory Group (JWAG) and the General Officer Steering Committee (GOSC) will be held next month to "share our assessments with the cyber community leadership," Goda said. According to a July 2011 newsletter from the Pentagon's Joint Test and Evaluation shop, the project's director "chaired several Test Readiness Reviews" prior to field test 1 with test team participants and two main test events were used. The first scenario, a test which took place April 18-29 in Hawaii, "involved conducting [Virtual Secure Enclave] network protection and malicious attack detection using the Adaptive Cyber Defense (ACD) TTP." Participants from the military services then used the ACD TTP to "conduct defense cyber operations and VSE installation in both laboratory and realistic operational environments." The second scenario occurred on the live Secret Internet Protocol Router Network May 20-25 in conjunction with the PACOM exercise, Terminal Fury 2011. "VSE nodes were established at six locations and involved personnel from PACOM, COMPACFLT, Seventh Fleet, Pacific Air Forces, Marine Forces Pacific and Joint Warfighting Center," the newsletter states. Inside the Pentagon previously reported that the virtual secure enclave (VSE) strategy was a particular focus of the test project. A VSE could look like "a little part on a computer rack," but pragmatically, the operational strategy "provides some interior boundaries," Goda told ITP at the time. "The thing about the cyber domain is, we created it. We can change it and we can adapt it. And so we're building up these interior defenses, because a computer defense is always going to be a defense-in-depth," Goda said. "It's always going to be a layered defense. Any time you're going to put all your eggs into one basket, so to speak, if that one criteria . . . is discovered to have one vulnerability, everything is vulnerable." A VSE works by beginning to lay out those additional layers, working similar to a "high ground" strategy in the land domain of warfare. -- Amanda Palleschi _______________________________________________ Infowarrior mailing list [email protected] https://attrition.org/mailman/listinfo/infowarrior
