sherri hanson executive director - c.ymcdn.com · intel misreps sitreps effects cto spins mcop...
TRANSCRIPT
24 AF / JFHQ-CYBER / AFCYBER
WARFIGHTER PERSPECTIVE
Sherri Hanson
Executive Director
Challenges and Opportunities
• Proliferation & Sophistication of Threats
• Instilling an Innovative Operational Culture
• Integrated Command & Control
• Multi-Domain Integration
• Cyber Mission Force
• Force Development
• Added Capacity & Capabilities
• Total Force Integration
• Rapid Cyber Acquisition
• Real-time Situational Awareness & Fused ISR
2UNCLASSIFIED
UNCLASSIFIED
Build … Extend … Operate … Defend … Engage
Today’s Warfighting Perspective
Increasingly “Commander’s Business” to Succeed in Today’s Fight
• Cyberspace is a Domain…Not a Mission or Functional area
• Cyberspace is Man-Made…Primary Architect is Private Industry
…Innovation Occurring at Unprecedented Pace
• Cyberspace is Contested…Potential Risk to Main Street, Wall Street and Combat Ops
…Warfighting Principles Influence Mission Success
• Cyberspace is Complex…Challenges Existing Policy and Legal Framework
…Challenges Traditional C2 Constructs
3UNCLASSIFIED
UNCLASSIFIED
Past:
• Focus on CNE/Cyber Crime
• Increase in disruptive attacks
• Initial foray into destructive attacks
Future:
• Increased sophistication and obfuscation
• Focus on embedded/isolated systems
• More destructive attacks
Destruction
Exploitation
Disruption
Destruction
TITAN
RAIN
RED OCTOBER
Discovered;
operating since 2007Morris
Worm
1998 2003 2008 2009 2010 2011 2012 2013 2014 2015
NASA
Forced
to block
attachments
Estonia
DDoS
SECDEF
NIPR
US Election
Campaigns
Compromised
Georgian
Gov’t
websites
DDoS vs.
Israeli
Gov’t
STUXNET
Iraqi Insurgents
hack US
UAV Feeds
Classified data
stolen from
India Defense
Ministry
WikiLeaks
“enemies” attacked
after Assange arrest
Canadian Gov’t agencies
forced to disconnect
from Internet
US DIB Hacked
>24,000 files
Stolen
FLAME
Skype/Bluetooth
Exploit
Spear
Phishing
Attack on US Gas
pipeline systems
Saudi Oil Co
Aramco
attacked
US Banking
Industry
DDoS Attack
South Korean
Media Outlet
Networks Attacked
New York Times
Websites
disrupted
for 20 hours
Sony
Entertainment
Attacked
OPM Hacked
TS/SCI applicant
data exfil’d
US State Dept
shuts down
network parts to
remove exploit
Target
Discloses
40M+ customers’
CC data stolen
…//… …//…
Charlie Hebdo
Attacks
The Evolving Cyber Threat
Exploitation
Disruption
Destruction
4UNCLASSIFIED
UNCLASSIFIED
STRATEGY
DEVELOPMENT
MASTER CYBER
PLANNING
CTOEXECUTION
ASSESSMENTS
TARGET
DEVELOPMENT
(ADVERSARY &BLUE)
RSTA ANNEX
TCNO/MTO/CCOPRODUCTION
Intel
MISREPS
SITREPS
EFFECTS
CTO
SPINS
MCOP
BRIEF
CYOD
CYOP
SRD
CPD
ISRD
COD
MISREP ANALYSIS
TOOL (MAT)
AFCYBER
PORTALSTRATEGIC
WORLDWIDE
INTEGRATION
CAPABILITY
(SWIC)
ACUMEN
Cyber Tasking Cycle
Cyberspace Multi-Domain
Innovation Team (CMIT)
• CSAF directed CMIT to integrate complementary ISR and EW functions with cyberspace operations to meet the op needs of the air component commanders.
• Facilitate the development of urgent operational capabilities to deliver multi-functional cyberspace effects to air component commanders as fast and cheaply as possible.
• 24 AF and 25 AF CMIT working group: consists of 24/25 AF leaders, EW, ISR, DoD, industry & academia
(U) Black Dart OV-1
(U) Required Coordination:-24 AF/624 OC
-67 CW/67 COG/91NWS
-688 CW/318 COG/ 90 IOS
-BLACK DART/JIAMDO
-Compass Call SPO
-Compass Call
(U) Required Equipment:-ECCO
-TP- Link: TL-WN722N
-688 CW/318 COG/ 90 IOS
-SMA Connector
-90 IOS developed S/W
UNCLASSIFIED
UNCLASSIFIED
AF’s CMF Force Structure
= 24 AF
= 25 AF*
• Total contribution: 1,700+ Airmen; 39 Teams
• AFCYBER presents forces to USCYBERCOM
• Jointly manned by 24 AF & 25 AF (1,000+ and 700+ Airmen)
• 2 teams currently FOC / 17 teams IOC
Combat
Mission Team
Combat
Support Team
COCOM Support
13 x CMTs/CSTs
National
Mission Team
National
Support Team
Defend the Nation
6 x NMTs/NSTs
Cyber DefenseCyber
Protection Team
14 x CPTs (All 24 AF)
6 x DTN CPTs (24/25 AF)*
8UNCLASSIFIED
UNCLASSIFIED
CMF Numbers
• 39 CMF Air Force provided teams
• 4 NMT / 2 NST / 8 CMT / 5 CST / 20 CPT
• 1700 personnel – 80% Enl / 10% Off / 10% Civ
• Total Force CMF
• 2 ANG CPTs manned by 12 squadrons
• 1 ANG NMT manned by 3 squadrons
• 3 CPTs supported by 1 AFRC CAU
• 2 teams currently FOC / 17 teams currently IOC
Cyber Acquisition Challenge
Provide Life Cycle Management at the “Speed of Need”
Technology Projects
Acquisition Demilitarization
Product Support
LogisticsMaintenanceMateriel
Management
Continuous threat changes
Reactive environment
Ongoing “cyber arms race” in a
continuous cyber war
Potential for “unknown unknowns”
Industry drives technology advances
Fast Pace
of Change
in Cyber
Cyber Solution Cell
AFLCMCCyber Solutions Cell
Advise/assist operator Develop COAs Cyber knowledge base
Needs
Needs
IdeasSolutionsTechnologies
Operational CyberUser
ProposedCOAs
RTOI
Foundational
Rapid
Other Services & Agencies
S&T Community
Industry
AFLCMC
AFLCMC
24 AF
24th AF Cyber Services Forecast
12
Customer Title/Description Buyer/CO Info Phone Email
Procure. Type:
(Services/Constr
uct/Supplies…et
c)
Solicitation Type: (Set-
Aside?)
Anticipated
RFP Date
Anticipated
Need/Award
Date
38CEIG
CIPSII (Cyberspace Infrastructure Planning System): Provide
maintenance, sustainment, documentation of the CIPS on both
classified and unclassified networks. Gary Ethridge (405)[email protected] Services (8(a) Competitive 15-Sep-15 1-Apr-16
38CYRS
SE-CODE: (Formerly:SCOPE EDGE): The purpose of this procurement
is to provide the 38 Cyberspace Readiness Squadron (CYRS) Scope
EDGE mission with technical support in network compliance
assessment, analysis, performance-tuning, baselining, and
optimizing networks. Tracie Holman (405)[email protected] Services TBD by Market Research 1-Oct-15 18-May-16
90IOS
INDS II:Provide subject matter expertise to perform rapid
reprogramming of cyber weapon systems to include: Air Force
Cyberspace Defense (ACD), Cyberspace Vulnerability Assessment-
Hunter (CVA/Hunter), and Air Force Intranet Control (AFINC), with
modular components and payloads for tailored execution
countering mission critical threats. Tony Owens (405)[email protected] Services 8(a) Competitive (OASIS) 6-Nov-15 5-Jul-16
90 IOS
SHELTER: ACCAFE & RIDDLES : Services supporting AFOSI and Law
Enforcement Agencies to Counter Enemy Use of Internet and
Scanning/Defending Against BIOS Level Malware and Rapidly
Integrate Technology into AF Weapons Systems. VECTORII : Provide
assistance to the 688th and the 90th IOS in the identification,
detection, and analysis of previously unknown software
vulnerabilities; development or identification of capabilities to
exploit. (OCO/DCO RTO&I) Kirsten Hawley (210)[email protected] Services (8(a) Compettive) 26-Aug-15 14-Jul-16
UNCLASSIFIED
UNCLASSIFIED
24th AF Cyber Services Forecast
13
Customer Title/Description Buyer/CO Info Phone Email
Procure. Type:
(Services/Constr
uct/Supplies…et
c)
Solicitation Type: (Set-
Aside?)
Anticipated
RFP Date
Anticipated
Need/Award
Date
92 IOS DCRIOS: Network Defense Services Betsy Fanning (405)[email protected]
SDVOSB Set-Aside/ CMMI
Level III 28-Sep-15 14-Aug-16
24AF
24AF/624th Analytical Support: The purpose of this procurement is
to provide the 24 AF Air Forces (AFFOR) staff with technical and
analytical support in areas relating to Command and Control (C2),
planning, implementing, and executing the Air Force Cyberspace
mission, including support to develop and implement tools and
procedures for Net Defense (Net D) and Net Warfare (NW)
operations, and related incorporation of Net Support (Net S) and
Net Exploitation (Net E) support capability and functions. Belinda Gallo (210)[email protected] Services TBD by Market Research 30-Oct-15 30-Sep-16
39IOS
CyOFTS (Cyber Operations Formal Training Support):Augment and
Support Formal Training Unit Instruction Tony Owens (405)[email protected] Services TBD by Market Research 25-Mar-16 18-Oct-16
90IOS
CSC (Cyber Simulation Center) Multi-Year (Formerly ACE-IOS):
Provide the preeminent live-virtual-constructive environment to
enable cyber weapons development/fielding and
training/exercising of Airmen operating in the Command and
Control and Cyberspace domains. Kirsten Hawley (210)[email protected] Services TBD Market Research 7-Apr-16 6-Apr-17
**All information is designed to simply increase understanding of each requirement and could change. Please stay in touch with 38CEIG/SB for latest status**Information with risk to change and/or is unofficial.
UNCLASSIFIED
UNCLASSIFIED
38 CEIG Small Business Programs
• 38 CEIG Small Business Programs Office acts as an industry liaison and tracks future 24th AF Cyber Services opportunities
• 38 CEIG Director, Small Business ProgramsChristopher Hathaway
4029 Hilltop Road, Suite 206
Tinker AFB, OK 73145
E-mail: [email protected]
Voice: (405) 734-2961
14
UNCLASSIFIED
UNCLASSIFIED
ISR-Cyber-EW IntegrationUNCLASSIFIED
UNCLASSIFIED
Ecosystem of Government, Academia & Industry Leaders