|
There's no natural or man-made disaster, but don't tell the staff
of the Cyber Crisis Action Team there's nothing to be anxious about.
This year (2015) was a watershed moment for cybersecurity:
Hackers infiltrated key military and federal government cyber
networks and personal email accounts of senior government officials.
More than 30 million malicious intrusions were attempted against
the Department of Defense Information Networks or .mil domain in the
past year. Security clearance records were discovered stolen in
April from the Office of Personnel Management's network. The CIA
director's personal email account was hacked by a high school
student.
|
Coast Guard Cyber Command Crisis Action Team Nov. 21, 2015, at the Coast Guard Headquarters in Washington. The Cyber CAT/Operation Blue Harvest Incident Command Post was established August 2015 as a unified response to mitigate known vulnerabilities in IT infrastructure throughout the Coast Guard organization. (U.S. Coast Guard photo by Petty Officer 2nd Class Emaia Rise, Cyber CAT multimedia specialist)
|
In July, DOD's US Cyber Command ordered basic cyber
security requirements implemented by early 2016. Coast Guard
Commandant Adm. Paul Zukunft immediately directed Coast
Guard Cyber Command to comply with the DOD order.
By
August, the 140-member Cyber CAT Incident Command Post stood
up at Coast Guard Headquarters in Washington, to bolster the
layers of cyber defenses and enforce standardization for
networked systems throughout the Coast Guard.
“We're
taking the necessary steps to mitigate the known
vulnerabilities of our IT infrastructure,” said Capt. Glenn
Hernandez, Cyber CAT deputy incident commander.
Guided by the Coast Guard Cyber Strategy, CG Cyber Command
leveraged the Incident Command System to accomplish response
objectives at “operational speed."
“What the Cyber
CAT is accomplishing in 72 days is what we've been trying to
do within the Coast Guard in the past 10 years,” said Rear
Adm. Marshall B. Lytle, Cyber CAT incident commander. “We're
getting closer to standardization, compliance and
configuration management.”
Cyber CAT's response
include physical security space assessments and deploying
teams of IT specialists, known as Cyber Discipline Tiger
Teams or Tiger Teams, who are bringing Coast Guard units
into cyber compliance. Checking for vulnerabilities, Tiger
Teams are testing and scanning the security of all Web-based
interfaces and applications interfacing the Coast Guard
unclassified network.
As the Cyber CAT moves forward
to sustainment and culture change, commands are being
educated on their responsibility to the Coast Guard network
infrastructure.
“The need to secure Coast Guard
networks is a responsibility and a burden that each and
every one of us share,” said Capt. James Cash, Cyber CAT
operations section chief, analogizing the response to
setting general quarters aboard a Coast Guard Cyber-Cutter.
“As a part of the cybersecurity team, our responsibility is
to make sure that the cutter is defended.”
One key
element to enforce a heightened cybersecurity posture is to
instill the importance of cyber awareness.
“History
has shown that the biggest threat within any given
information systems are our end users,” Chief Warrant
Officer Eric Wilson, Tiger Team network switch lead said.
“They have the ability to cause harm if they don't take
cyber threats seriously.”
“Our cyber network is a
utility; we expect it to be ‘on' all the time,” said Cmdr.
Amy Grable, Enterprise Information Systems Infrastructure
(EISI) Product Line manager at Telecommunications and
Information Systems Command (TISCOM) in Alexandria,
Virginia. “No one notices except when it stops working.”
Despite work unseen or unrecognized; the Cyber CAT's
tireless efforts will diminish anxieties when Coast Guard
units reach compliance and when each network user takes
stock to protect the integrity of our operational domain.
By U.S. Coast Guard Petty Officer 2nd Class Emaia Rise, Cyber CAT
multimedia specialist
Provided
through DVIDS
Copyright 2015
Comment on this article |
