Information Assurance Opportunities and Requirements Doug Jimenez, IA Division Director Mary...

Information AssuranceInformation AssuranceOpportunities and Requirements

Doug Jimenez, IA Division Director

Mary Mayonado, CISSP, IA Program Manager

Marla Shipley, CND/aXiom Program Manager

January 8, 2010

© 2009 Science Applications International Corporation. All rights reserved. SAIC and the SAIC logo are registered trademarks of Science Applications International Corporation in the United States and/or other countries.

Energy | Environment | National Security | Health | Critical Infrastructure2

SAIC James Business Unit Information Assurance OverviewSAIC James Business Unit Information Assurance Overview

• Information Assurance (IA Division)– Doug Jimenez, Division Director– 200+ employees supporting SPAWAR Systems Center Atlantic, NAVAIR, and

their sponsors– 42m annually– DOD 8570 Compliant Workforce

• Certified Information Systems Security Professionals (CISSP)

• CISSP/Information System Security Engineering Professional (CISSP-ISSEP)

• Security Plus

• Vendor Certifications

– Fully Qualified Navy Certification Agents



CustomersCustomers



General Programming/Network Support SPAWAR Atlantic and SponsorsGeneral Programming/Network Support SPAWAR Atlantic and Sponsors

• Core Routing and Switching _ vendor independent

• Integration Support– Routers/Switches– IDS/IPS– Application Proxy Firewalls– Remote access solutions

• Secure Wireless (Survey, Design, and Integration)

• LAN Infrastructure

• Service Oriented Architectures (SOA)/Cloud Computing

• Virtualization/Data Centers• Application

Development/Programming (JAVA, Pearl)

• UNIX Services• Sharepoint/Web hosting• IPv6 readiness and implementation



Why Are We Here?Why Are We Here?

• High Demand for IA savvy employees

• Relocation Costs

• High Training Costs

• Lost Revenue

• We Could Do So Much More if Education/Academia and Industry were better aligned

– Capture more of those high school students who want IT/IA careers– Create more jobs for the State of SC

• Less Relocation/Bringing in talent from outside

– Chance for Recognition as a center of excellence for IA



What do we need from Academia(Education/Skill sets needed)What do we need from Academia(Education/Skill sets needed)

• Graduates who understand and are able to develop a secure IT solution, a comprehensive understanding of underlying principles is the foundation

– Networking, TCP/IP fundamentals– Programming, secure coding techniques– System Engineering – for the entire lifecycle– Configuration Management processes and techniques

• Legal Issues in Information Assurance– Forensics– HIPAA– Privacy Act

• Compliance issues – vary by customer



Shortfall Areas/Potential Research AreasShortfall Areas/Potential Research Areas

• Cross Domain/Multilevel Security– We have to share data across organizations, this is still a major area of challenge

• Active Network Defense – Within ethical and legal guidelines

• Event Correlation – Gathering attack data across diverse networks to develop comprehensive threat/risk

picture

• Anti-Tamper– Need to develop additional techniques to guard against reverse engineering hardware and

software

• Improved IA techniques for Weapons Systems– Confidentiality – generally o.k.– Integrity – area of improvement– Availability – area of improvement



SAIC

5617 North Rhett Avenue

North Charleston, SC 29406

843.740.4600

843.308.0466 – fax

[email protected]

[email protected]

[email protected]

www.saic.com

For More InformationFor More Information

Information Assurance Opportunities and Requirements Doug Jimenez, IA Division Director Mary...

Documents

Transcript of Information Assurance Opportunities and Requirements Doug Jimenez, IA Division Director Mary...