Monday, October 20, 2014
What is it?
With ever-increasing cyber threats, collective and team training for commanders, Army system administrators, cyber professionals, information assurance managers and network owners is critical for managing risk and safeguarding Army networks and information. Commanders are ultimately responsible for ensuring that incorporating cybersecurity into command exercises, conducting cyber tabletop exercises to test incident response plans and conducting regular network penetration testing provides cybersecurity professionals valuable opportunities to improve the Army security posture.
Why is this important to the Army?
Malicious state actors, hacktivists, and insider threats endanger Army networks, systems and critical infrastructure, with the intent to jeopardize warfighting and business operations. Assessing and managing risks to the Army enterprise from these persistent threats demand flexible and adaptive safeguards and security practices. Comprehensive, thorough and reiterative training for leaders and cybersecurity professionals is paramount for protecting Army assets and improving the Army security posture in order to ensure Army operational success.
What has the Army done?
The Army offers numerous training opportunities, both in-residence and online, to train and certify cybersecurity personnel. Network Enterprise Centers provide collective training for leaders and system users at multiple levels. Cybersecurity programs at the Naval Postgraduate School as well as Army training institutions, including the Cyber Center of Excellence, address the demand for building a highly skilled cyber workforce. The Army also leverages graduate school programs, such as the Information Assurance Scholarship Program, to keep leaders and administrators current and informed on tactics, techniques and procedures for mitigating cyber threats and improving the Army security posture.
Commanders at all levels are ultimately responsible for actively attempting to prevent and mitigate cyber threats against the networks that are part of the LandWarNet. The establishment of Regional Cyber Centers (RCCs) improves our ability to defend the nation’s networks against these threats to the economy and national security.
What does the Army have planned for the future?
Army commanders and leaders are responsible for establishing cybersecurity teams, and ensuring the continuing training of those security professionals. Army collective training will evolve in anticipation of and response to cyber threats and incidents that put Army networks and information at risk. Army policy requires organizations to develop and implement processes and procedures for incident response planning and execution, as well as contingency operations. The Army will continue to monitor and evaluate organizational inspections for those requirements in order to ensure policies provide safeguards for risk management operational sustainment. Guidance in AR 25-1, AR 25-2, and DOD Directive 8570.01 outline the certification and appointment processes for all DOD network users (military, civilian, and contractor), analysts, administrators, and managers.
Resources:
Subscribe to STAND-TO! to learn about the U.S. Army initiatives.