Information Assurance for Network-Centric Naval Forces (2010) / Chapter Skim
Currently Skimming:
5 Application of Risk Analysis as a Basis for Prioritizing Needs
5 Application of Risk Analysis as a Basis for Prioritizing Needs
Pages 97-109
The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.
From page 97... ...
The committee has further found that the current naval efforts to apply mission risk analysis relevant to IA issues are limited and inadequate, given the magnitude of the challenge currently faced. The information assurance posture of the Navy and Marine Corps should be based on the need to maintain mission assurance at levels of risk commensurate with those accepted from other threat sources.
|
From page 98... ...
OVERVIEW AND BACKgROUND OF RISK ANALYSIS The committee recognizes that information assurance goals and other goals for naval information systems will often be in conflict. Assurance is often expen sive, and more strongly assured systems may require compromises in other areas.
|
From page 99... ...
PAST NAVY MISSION RISK ANALYSIS CONSEQUENCES While the information assurance area may be lacking with regard to mission risk analysis, this process is not new to the Navy, and its value has been well proven. The Navy's standard practice is as follows: • Drive system architectural choices based on desired missions capabilities, • Recognize the threats that adversaries pose to those missions, and 3 For example, the Navy's Consolidated Afloat Networks and Enterprise Services (CANES)
|
From page 100... ...
RISK ANALYSIS AND INFORMATION ASSURANCE IN THE FIELD Risk analysis is widely, but inconsistently, used in government and industry. During its deliberations, the committee was exposed to dramatically different levels of rigor and completeness in the descriptions of how different organizations use risk analysis to drive their architectural choices.
|
From page 101... ...
The risk analysis approach was coupled with a set of IA principles, for example rigorously isolating every Internet-facing application. The example of Citigroup demonstrates that thorough and ongoing risk analyses can be conducted at multiple levels of abstraction (the Citigroup method extends from business processes to network design)
|
From page 102... ...
A particular example discussed with the committee was a communications risk analysis carried out by the Pacific Fleet showing the impact of reduced communications capabilities on a particular operations plan, including a variety of possible threat scenarios.6 However, the committee did not find that these scenarios and analyses are currently being used across multiple DON organizations. While a particular combatant command may have worked out risk analyses for their OPLANs, the threat scenarios and analyses of the consequences are often not used by the type commands and others who supply critical services on which the combatant com mands depend for execution.
|
From page 103... ...
• It needs to be representative, in that the incidents tracked need to be similar to those that can potentially pose high-impact threats to mission success. FINDINgS AND RECOMMENDATIONS MAJOR FINDINg: The Navy has not comprehensively translated adversary capabilities into risk analysis assumptions or into an operational threat, and it does not routinely share the risk analyses and threat models that exist across the various Navy and Marine Corps organizations that have responsibility for information assurance.
|
From page 104... ...
Responsible organizations should make trade-offs related to informa tion assurance based on the shared risk analyses. Information Assurance Risk Considerations Ultimately, information assurance risks to individual systems and subsystems are only relevant if they project into important mission risks -- that is, if the threat can potentially prevent the Navy and Marine Corps from accomplishing their assigned missions or cause casualties during the execution of those missions.
|
From page 105... ...
If the mission impact of losing or compromising certain Internet-hosted applications is much greater for some applications than for others (as is almost certain) , then the Navy needs to take measures to provide assurance for those applications consistent with their mission risk.
|
From page 106... ...
The committee finds that current intelligence support must be expanded to support IA needs. To elaborate on the committee's recommendation that intelligence collection and analysis must be expanded to support the impact of information assurance (and failures thereof)
|
From page 107... ...
For active and/or offensive techniques to be incorporated into the defensive information assurance strategy, intelligence collection on cyberthreats must be greatly improved, shared, and deeply integrated into the operational plans. -- A great deal of effort is being expended in defending against and clean ing up after less sophisticated attack vectors.
|
From page 108... ...
None of these examples provides exact count measures, but they do provide estimates based on real data. Extensive guidance on the use of honeypots is provided in cyberdefense publications, such as those found at |
From page 109... ...
The DON justifies very large expenditures on platforms and weapons systems precisely because their absence is estimated to place mis sions of great national security importance at risk. The committee believes that, increasingly, failures of information assurance will have the same large impacts on mission performance and so will justify equivalent prioritization.
|
Key Terms
This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More
information on Chapter Skim is available.