navigation-background arrow-down-circle Reply Icon Show More Heart Delete Icon wiki-circle wiki-square wiki arrow-up-circle add-circle add-square add arrow-down arrow-left arrow-right arrow-up calendar-circle chat-bubble-2 chat-bubble check-circle check close contact-us credit-card drag menu email embed facebook-circle snapchat-circle facebook-square facebook faq-circle faq film gear google-circle google-square googleplus history home instagram-circle instagram-square instagram linkedin-circle linkedin-square linkedin load monitor Video Player Play Icon person pinterest-circle pinterest-square pinterest play readlist remove-circle remove-square remove search share share2 sign-out star trailer trash twitter-circle twitter-square twitter youtube-circle youtube-square youtube

Navy: Cyber resilience also means having a plan to operate without a network

May 3, 2017 (Photo Credit: Daniel Woolfolk/Staff)
Defending the Navy’s networks in cyberspace isn’t always about leveraging the latest innovative technology. Sometimes, it’s about knowing how to restore a system manually in the physical domain, according to Rear Adm. Danelle Barrett, director of the Navy Cyber Security Division in the Office of the Chief of Naval Operations.

“You’re never going to have an impenetrable network, that is a fool’s errand. You will have the ability to fight through the hurt, and that’s where we focus our effort in the Navy,” she said during a panel discussion at the annual C4ISRNET Conference on May 3. That ability will often require nontechnical solutions.

“That involves making sure commanders — operational commanders — understand: What is our no-fail mission? Not our cyber mission — our no-fail mission,” such as missile defense or disaster relief, Barrett explained. “Then: What’s the cyber key terrain that supports that mission and needs to be 100 percent reliable or resilient in a way that you can operate through hurt?”

Once those areas are identified, a mature cyber support team should have plans in place for any eventuality, including total loss of the network. That also includes making sure commanders understand what resiliency should mean to them.

“It could mean: Today, you don’t have your network, not for a couple hours during an exercise. But what if you don’t have any for a month? And you’ve built all your processes around being reliant on your data that way?” Barrett said. “How are you then employing processes that are not technology to work around that and get your no-fail mission done without your network?”

“By identifying our cyber key terrain, we’re able to identify where to put our resources and where to put our highest levels of readiness to support those no-fail missions. For us in Navy, that’s been a big emphasis.”

Next Article