Defense Security Service Industrial Security Field Operations Green.pdf · DSS Industrial Security...

DSS Industr ia l Secur i ty F ield Operations

Defense Security Service Industrial Security Field Operations

DoD Industrial Security

April 5, 2016

Gus Greene

Director, IO


Overview

▌ Where We Have Been

▌ Where We Currently Are

▌ Where We Are Going

▌ Industry’s Role

2


Responsibilities for Managing Risk

The Field

ISR

IO CI FIL

Industry



CI

CFIUS

NID

FCL

CI

CFIUS



• Integrated

• Supported

• Empowered

CISA

The Field

ISSP ISR

CI

IO CI FIL

Industry

• Integrated

• Supported

• Empowered

CI

NID

FCL

CFIUS

Risk Assessment

Development

Policy Requirements

Threat /Value Analysis

Financial and Business Intelligence

Analysis

“Policy – Driven

Partner – Enabled

Security – Focused”

R I S K - B A S E D

A N A L Y S I S A N D

M I T I G A T I O N

M O D E L

Stakeholder Partner Integration

Risk Assessment Mitigation Strategy

R B A M C O N C E P T O F F R A M E W O R K

Security Posture/Consequence

Analysis

Education and Training (Learning)

Information Technology


Imp

ac

t

Facility Posture in Context

Impact

Thre

at

0 100

Impact

Vu

lne

rab

ility

0 100

Score 0 100

Or…

Or…

Facility Posture is a filter for the assessment, but Threat and Impact drive

the effort, moving from compliance-focused to risk-focused


Risk Management Framework (RMF) is…

▌ …a key component of an organization’s information security program used in the overall management of organizational risk

▌ …a unified information security framework for the entire federal government that replaces legacy Certification and Accreditation (C&A) Processes applied to information systems

8


RMF is a Six-Step Process

9

Security Lifecycle

(1)

CATEGORIZE SYSTEM

(2)

SELECT SECURITY

CONTROLS

(3) IMPLEMENT SECURITY

CONTROLSS

(4)

ASSESS SECURITY

CONTROLS

(5) AUTHORIZE

SYSTEM

(6)

MONITOR SECURITY

CONTROLS


Questions

10


Back-Ups

11


RMF Training Already Provided by CDSE

12

Step 1

Step 2

Step 3

Step 4

Step 5

Step 6

Introduction to RMF (CS124.16)

Continuous Monitoring (CS200.16)

Categorization of the System (CS102.16)

Selecting Security Controls (CS103.16)

Implementing Security Controls (CS104.16)

Monitoring Security Controls (CS107.16)

Authorizing Systems (CS106.16)

Assessing Security Controls (CS105.16)


PSMO-I PSI Processing Delays

• Industry E-QIP Processing –

– PSI-I funding constraints are significantly impacting steady state

– Submissions are being prioritized by KMP status, Initial PCLs and Overdue PRs based on mission critical needs and risk


OPM Cybersecurity Breach

• OPM started sending notification letters and PIN codes out to individuals who's Social Security Number and other personal information was stolen in a cyber intrusion involving background investigation records. • https://www.opm.gov/cybersecurity

• Notification process is expected to take up to 3 months

• Posted on OPM site: "While we are not aware of any misuse of your information, we are offering you, and any of your dependent minor children who were under the age of 18 as of July 1, 2015, credit and identity monitoring, identity theft insurance, and identity restoration services for the next three years through ID Experts, a company that specializes in identity theft protection.“

• List of Names and Address (no longer required) • Obtained through Third Party Vendor

• Thanks to Industry Companies for providing

https://www.opm.gov/cybersecurity




Statistics on Security Violations for past four years

15

67%

13%

7%

7%

4% 3%

Security Violation Type

1 Jan 12- 21 Mar 16

IT Contamination

Improper Storage

Physical Transfer

Other

Physical Loss

Access Breach

54% 25%

21%

Security Violation Culpability

1 Jan 12- 21 Mar 16

Employee

Other Contractor

Government

Defense Security Service Industrial Security Field Operations Green.pdf · DSS Industrial Security...

Documents

Transcript of Defense Security Service Industrial Security Field Operations Green.pdf · DSS Industrial Security...