Defensive Cyberspace Personnel - 20100303
advertisement
UNCLASSIFIED/FOUO Defensive Cyberspace Workforce Study IPT #1 March 4, 2010 Phil Ventura OPNAV N81F Information Dominance FY-10 Studies Overall Classification of this brief is UNCLASSIFIED//FOUO UNCLASSIFIED/FOUO Pre-decisional – Not for release without N81 approval Draft UNCLASSIFIED/FOUO Agenda • Study Plan • Task Framework • Way-ahead UNCLASSIFIED/FOUO Pre-decisional – Not for release without N81 approval Draft UNCLASSIFIED/FOUO Objectives • • Issue – The Joint Staff has a working framework to establish how many people are required for Computer Network Exploitation and Computer Network Attack. However, a corresponding defensive cyberspace framework doesn’t exist. How may personnel does the Navy need for defensive cyberspace? Objectives – Document the Navy requirements for defending cyberspace in the functional areas of Network Operations (NETOPS), Computer Network Defense (CND), and Information Assurance (IA) – Document where the requirements should be done – Decompose the steps and skills needed to meet the requirements including where they should be done – Determine how much one person can do as a functional skill and longevity at each location for each requirement – Show how new approaches or planned technologies can reduce personnel required – Make recommendations for the number and type of cyberspace defenders the Navy needs Resource issues that this study is designed to illuminate: 1. Navy Total Force Manpower Mix required for IA, NETOPS, and CND 2. MPT&E changes necessary to mitigate threats 3. Material changes necessary to mitigate threats UNCLASSIFIED/FOUO Pre-decisional – Not for release without N81 approval Draft UNCLASSIFIED/FOUO Background [This slide intentionally blank.] UNCLASSIFIED/FOUO Pre-decisional – Not for release without N81 approval Draft UNCLASSIFIED/FOUO Scope Scope • Focus on Navy CND, IA, and NETOPS manpower requirements – Network Operations: Configuring and operating our networks. – Information Assurance: Ensuring information availability, integrity, authentication, confidentiality and non-repudiation. – Computer Network Defense: Protect, detect and respond functions in securing DoD information systems and networks. Cyberspace Operations Computer Network Exploitation (CNE) Computer Network Defense (CND) Network Operations (NetOps) Computer Network Operations (CNO) Computer Network Attack (CNA) Information Assurance (IA) Source: Computer Network Exploitation and Attack UNCLASSIFIED/FOUO Manpower Requirements, JROC Briefing, 15 July 2009 Pre-decisional – Not for release without N81 approval Source: Cyber Warfare Manpower Strategy, OPNAV N1, January 2010 Draft UNCLASSIFIED/FOUO Study Approach Data Collection Requirements Game Changing* Approaches Instructions # of Networks Active Defense CTOs Type of Networks Future Technologies Regular Duties Ownership of Networks Standup of CYBERCOM Red Teams Etc. and 10th Fleet Blue Teams Etc. Hunt Teams Personnel skill sets required CNE Officers in IW, Intel, IP CND/RA CT, IT, IS enlisted rates required Acquisition Chain protection Civilians Etc. Contractors Other applicable military Final Analysis Recommend the number and type of cyberspace defenders the Navy needs Defended Networks Modeling/Analysis • Evaluate how the game changing approaches or technologies would affect personnel required • Model personnel requirement to realworld scenarios developed for this study Understand the Current Problem • Decompose the steps and skills needed to meet requirements • Document where the requirements should be done (Tier 1, 2, 3, etc.) • Determine how much one person can do as a function of skill and longevity on station • Document what type of person (Navy designator, rate, NEC, Civilian, Contractor) fits the skill set required • Ensure the revisit rate to each network to be effective for each requirement is included (e.g. Blue Team, Red Team, Hunt Teams) • Factor in training pipeline requirements * Game Changing = Substantial reduction or addition of personnel required or shift in mission focus or approach UNCLASSIFIED/FOUO Pre-decisional – Not for release without N81 approval Draft UNCLASSIFIED/FOUO Approach FFC Ashore Afloat C2F SIPR NIPR C3F SIPR NIPR SIPR NIPR C4F SIPR NIPR C5F SIPR NIPR C6F C7F SIPR NIPR FCC / C10F IA IA IA IA IA IA IA NETOPS NETOPS NETOPS NETOPS NETOPS NETOPS NETOPS CND CND CND CND CND CND CND MIL/CIV/CTR MIL/CIV/CTR MIL/CIV/CTR MIL/CIV/CTR MIL/CIV/CTR MIL/CIV/CTR CBCA-MOC Data Elements being added to TWMS Naval War College CBCA Booz Allen Hamilton 9 Final Analysis & Reporting UNCLASSIFIED/FOUO Stakeholder Workshops Capability Analysis Understanding the Problem Pre-decisional – Not for release without N81 approval Data Collection MIL/CIV/CTR Navy NETWARCOM Navy CYBERFOR IO, Space, Comms Norfolk, VA Navy Information Operations Commands (NIOCs) (10) IO, SIGINT Various CONUS/OCONUS Navy Cyber Defense Operations Command (NCDOC) CND Norfolk, VA Navy Computer & Telecom Area Master Station (NCTAMS) NETOPS Various CONUS/OCONUS Draft Approach (cont.) 1 Mar 4 Data Collection Key Activities Inputs ✔• NSPD 54/HSPD 23 ✔• USCYBERCOM Implementation Plan ✔• CNO NMETLS ✔• NWP-3-63 driving ✔• Review strategy and directives and Develop ✔• Identify Navy Cyber Capability Statements Output ✔ • Establish Stakeholders and participant list • Navy Cyber Capability Requirements and Tasks ✔• Comprehensive Terms of Reference and Study Plan UNCLASSIFIED 2 Understanding The Problem Apr 1 3 Capability Analysis 4 May 1 Stakeholder Wargame • Navy Cyber Capability Statements • Selected Navy Cyber Scenarios • Scenarios • Study Plan • Mission Analysis • Workforce Requirements WS#1 • Establish Stakeholder teams to include Red and Blue teams • Design Scenarios at different Cyber Threat Levels • Map Capabilities and Tasks to Scenarios • Identify supporting and supported task relationships • Establish performance standards (MOP/MOE) • Identify competency requirements for each task • Tasks aligned to operational and tactical units •Competencies Required •Roles Defined •Longevity of Personnel Required May 27 Final Analysis & Reporting • Wargame AAR • Capabilities and Task List WS#2 • Validate workforce requirements • Select future tasks and mission requirements by timeframe • Prioritize workforce gaps and shortfalls • Scale workforce requirements • ID “Game Changing” Technologies • Operational View Workforce Architecture descriptions of Requirement by each scenario Scenario/Role: 5 • Wargame after action report (AAR) WS#3 • Manpower Gap Analysis • Develop total workforce requirement recommendation • Identify cross training and performance efficiencies from across the Information Dominance Corps • Describe impact of “Game Changing” technologies • Comprehensive Navy Cyber Workforce Recommendation • Roles & Billet information in TWMS •Skill Proficiency required •Bold items are deliverables •Recommended personnel composition •Facilitated Workshop 8 Approach (cont.) 9 UNCLASSIFIED/FOUO IPT / Study Team OPNAV N1/NPC/PERS • Mr. Dave Smith, N112 • CAPT Boticario, N122 • CDR Maurice Fischer, N122 – Requirements Officer • CDR Don Wilkinson, N131D – Head, Officer Force Shaping • Mr. Ralph DeFalco – IDC MPT&E Strategies • CDR Sean Heritage – IW OCM OPNAV N2/N6 • CAPT John Post – Head, Cyber Branch • CAPT Michael Ortwein • CAPT(s) Mickey Batson • CDR Theresa Everette • CDR Joe Brennan • LCDR Ken Gregoire – IA & CND SPAWAR / PEO(C4I) • Mr. Ken Bible • Mr. Ted Follas • Mr. Chris Newborn OPNAV N814 • CDR Karan Schriver UNCLASSIFIED/FOUO • CDR Sue Himes – N2/N6 IDC Manpower • CDR Carri Robbins – Intelligence OCM • CDR Julie Schroeder – IP OCM • LCDR Stacy Bowman – ECM (IT, CT, IS) • LCDR Ken Matthias – Intelligence ECM • LCDR Joey Harrison • LCDR Zimmerman – N2N6 Manpower • Sue Prose – NNWC NNWC • CAPT Len Abbatiello • CAPT Eric Exner • CAPT Craig Eaton • CDR Stone Davis • CDR Vanessa Hamm CID • Mr. Sam Kelly, N31 USFF • CAPT Teresa Fairbanks, N1 • CAPT Rich Saunders, N2/N3 • Ms. Jane Barclift, N1D • LCDR Ashley Rose, N2 • Mr. James Cooney, N9 PACFLT • CAPT Jean Benfer, N2 • Ms. Linda Newton, N6 C10F • CAPT Jim Brokaw, N3 • CAPT Daryl Hancock, N2 • CDR Stone Davis Navy CYBERFOR • Mr. Mike Knight, IA Wkforce • CWO4 Greg Stone NIOC Hawaii • CAPT James Hagy, CO • Mr. Noah Smith, N9 NCDOC • CAPT Stephanie Keck, CO OPNAV N095/CNRFC • CAPT Bill Carney • CAPT Carlisle Wilson NCIS • CAPT Gus Otero Naval War College • Prof. Rich Suttie Pre-decisional – Not for release without N81 approval DOD DIAP • Mr. Steve Bush DON CIO • Mr. Chris Kelsall • Ms. Mary Purdy • Ms. Jennifer Harper ASN(M&RA) • Mr. Rich Delaquis ASD(NII) • Ms. Sandy Smith SECNAV OPA • LCDR Vic Spears NSA • Ms. Michele Iverson – IA Campaign Mgr. • Mr. Keith Denton NTOC • Mrs. Patricia Ihnat, Deputy CYBERCOM • Mr. Rob Schrier, Dep. J33 Booz Allen Study Team • Mr. Scott Gooch (PM) • Mr. Bob Breitbeil (Lead) • Mr. Gerald Williams (Cyber) • Mr. Gene Marc (Cyber) • Mr. Mark Monti (CBCA) • Ms. Erin Kordis (CBCA) • Mr. Jim Monahan (HCS) • Ms. Liz Fairweather (M&S) Draft UNCLASSIFIED/FOUO Study Plan and Terms of Reference • Study Plan (4 Phases) – – – – Data Collection and Framework Development (3 weeks) Scenario Process, Roles & Competencies, and Surveys (4 weeks) Workforce Analysis and Game Changing Technologies (4 weeks) Final Analysis (3 weeks) • Terms of Reference – Strategy-to-Task Mapping Terminology – Capabilities-Based Competency Assessment Terminology – NETOPS, CND, IA Definitions UNCLASSIFIED/FOUO Pre-decisional – Not for release without N81 approval Draft UNCLASSIFIED/FOUO Plan of Action and Milestones FEB MAR APR MAY Week 1 Week 2 Week 3 Week 4 Week 1 Week 2 Week 3 Week 4 Week 1 Week 2 Week 3 Week 4 Week 1 Week 2 Week 3 Week 4 POM 12 Timeline IPT IPT Kick-off N81F Timeline Kick -off Deliverables Study Plan WS AAR Reqmt & Tasks DUE 2/15 Develop OV-4 for key organizations Virtual Review of Role Framework 2/15 Competency Workshop Rehearsal Develop draft OV-6C diagrams for 3 2/19 scenarios: Task mapping to scenarios 2/25 IPT/Workshop #1: Roles/Competencies/Skills (3 Days) 2/26 on- Map Training to Competencies going Review/Finalize Core Competency 2/26 Data Survey Development IPT/Workshop #2: OV-6C Review 3/2 (Full-Day) 3/2 ✔ ✔ ✔ ✔ Identify SMEs (criteria, geographic regions, event coordinator) Write scenarios (x3) Develop role framework for NETOPS/CND/IA IPT Review of Study Plan & STT ✔ Legend: POM Events Study Events UNCLASSIFIED/FOUO PLANNED Mid-course Review OV-6c Scenario Process, Roles & Competencies, and Surveys Data Collection / Framework Development Methodology Development Meeting Conduct Literature Review (National/DOD/Navy directives) Study Plan/TOR Development Conduct Strategy-to-Task Analysis: Task Binning Collect baseline manpower data for key nodes (AMDs, TWMS) IPT Sponsor Program Proposals IPT IPT Initial Results W/F Reqmt Workforce Analysis and Game Changing Technologies DUE 3/10 3/11 3/16 3/23 3/23 to 3/25 3/29 3/30 4/1 4/1 Administer survey to all key organizations (Includes short VTC instruction period) Revise OV-6Cs IPT: Identify Game-Changing Technologies (2-3 Hours: future systems/vulnerabilities and role impacts) Review/Process Survey results (clean data/initial database creation) Generate initial manpower requirements based on roles Map Game-Changing Impacts to Roles IPT/Workshop #3 (Full-day): Validate workforce requirements based on role/scenarios; gap analysis; gamechanging impact analysis Sponsor Program Proposals Integrated Program Assessment IPT Final Brief and Report Final Analysis DUE 4/7 Revise workforce requirements based on workshop feedback 4/14 Develop manpower 4/15 deliverables for Final Report (Database, Key Survey Findings, Workforce 4/21 gaps/excesses) Integrate results from all 4/28 phases into Final Report Request TWMS submission 4/29 IPT Final Brief-out: 5/5 Comprehensive Navy Cyber Workforce Requirements DUE 5/12 5/14 5/21 5/24 5/27 3/4 IN PROGRESS COMPLETED LATE Pre-decisional – Not for release without N81 approval Draft UNCLASSIFIED/FOUO Strategy-to-Task Framework Strategic Objectives CONDUCT NETOPS: CONDUCT INFORMATION CONDUCT IA PROCEDURES: ASSURANCE PROCEDURES: PROTECT PROTECT Establish a secure network CONDUCT NETOPS: DEFEND NETWORK: MONITOR/ANALYZE/DETECT MONITOR/ANALYZE/DEFEND Ensure Operation Capabilities RESPOND Ensure Operation Capabilities Identify and Mitigate Intrusions Establish a secure network Net Centric, Force Application/ Engagement, Protection, Command and Control (Capabilities required to Operate, Secure, and Defend the GIG) JCA UJTL NMETL OP 5.6.5.3 Conduct CND NTA 5.5.5 Perform Information Assurance SN 5.5.5 Defend the GIG NTA 2.4.4.1 Identify Issues and Threats ST 5.1.6 Establish IA Procedures SN 2.4.1 Evaluate, Integrate, Analyze and Interpret Information ST 5.5.7.3 Direct CND NTA 5.2 Analyze and Assess Information ST 5.1.2.3 Manage Information Assurance Policies OP 5.4.7 Integrate Computer Investigations & Operations in CND NTA 3.1.6.X Develop Cyber CounterTargeting Plans NTA 2.4.5.3 Provide Indications & Warning of Threat OP 5.3 Prepare Plans and orders NTA 5.5.5.1 Provide Computer Network Defense NTA 5.5.X Conduct Incident Response Management Operational Activities & Processes Verify Security controls Identify database Security concerns Analyze Packet Headers Identify Access Control List Maintain/ Troubleshoot System Re-image affected systems Develop Intrusion Detection Signatures Implement INFOSEC Detect Malicious Activity on Network Implement Network Firewall Analyze/ Audit System logs Analyze File System Timelines Analyze Incident for Intelligence value Perform virus scans Validate Network Intrusion incident Perform Forensic Analysis UNCLASSIFIED/FOUO Pre-decisional – Not for release without N81 approval Draft UNCLASSIFIED/FOUO References • NSPD-54/HSPD-23, Cybersecurity Policy, Jan 8, 2008 (TS) USCYBERCOM Implementation Plan CNO NMETLS NWP 3-63, CNO, Jan 2008 JROCM 023-09 Cyberspace Operations Way Ahead Navy Strategic Plan in support of POM-12, 09 Oct 2009 FY2011-2015 Guidance for the Development of the Force, Jul 28, 2009 DoDD O-8530.1, CND, Jan 8, 2001 DoDI O-8530.2, Support to CND, Mar 9, 2001 DoDI 8500.1, IA, Oct 24, 2002 DoDI 8500.2, IA Implementation, Feb 6, 2003 DoDM 8570.01-M, IA Workforce Improvement Program, May 15, 2008 CJCSI 6510.01E, IA and CND, Aug 15, 2007 SECNAVINST 5239.3a, DON IA Policy, Dec 20, 2004 Naval Studies Board, IA for Network Centric Naval Forces Cyber Warfare Manpower Strategy, OPNAV N1, Jan 20, 2010 Cyberspace Defense Study, OPNAV N81, Oct 29, 2009 CNO Tasker, Health of Navy Networks – Operational & Tactical Networks, OPNAV N6, Oct 21, 2009 CND Increment 2 CPD, Nov 23, 2009 CNE/CNA Manpower Requirements, FS FCB, JROC Briefing, Jul 15, 2009 USSTRATCOM & USJFCOM Final Report for the Cyberspace Operations (Manning) Objective Experiment, Feb 12, 2009 USSTRATCOM and NSA/CSS Cyber DCR, Oct 8, 2008 USSTRATCOM Operational Concept for Cyberspace, Apr 10, 2008 DI-1577-37-07, Information Operations Capstone Threat Assessment, Apr 2007 ONI-CTA-005-06, Naval Electronics, Navigation, and Network Systems Capstone System Threat Assessment, Sep 2006 USSTRATCOM, CND ICD, Jul 14, 2004 N2/N6 Cyber Roadmap UNCLASSIFIED/FOUO Pre-decisional – Not for release without N81 approval Draft UNCLASSIFIED/FOUO Way Ahead Study Plan & Task Framework • Comments by 10 March Workshop #1, 23-25 March • Scenario Development • Role Framework Development UNCLASSIFIED/FOUO Pre-decisional – Not for release without N81 approval Draft UNCLASSIFIED/FOUO BACKUP UNCLASSIFIED/FOUO Pre-decisional – Not for release without N81 approval Draft UNCLASSIFIED/FOUO Assessing Strategic Guidance DoD, Joint, and Navy Guidance National Guidance National Military Strategy for Cyber Operations • Strategic approach to use Cyberspace to ensure Military Strategic superiority in Cyber domain DOD DoD Information Management and Information Technology Strategic Plan (20082009) • Provide timely access to authoritative, relevant, trusted, and actionable information for all authorized users • Support national security missions by sharing information with DoD and external partners • Enable assured information sharing across domains and Communities of Interest • Ensure that capabilities support the information assurance needs of the netcentric vision • Streamline and unify foundational information assurance processes across the DoD and Intelligence Community enterprises Operation ** ( Apr 2009) • Establishes USSTRATCOM as responsible entity to direct GIG Operations and Defense • Shifts operational focus from individual to enterprise framework across enclaves centralizing planning and decentralizing execution • Establishes operations and capabilities within the Six Phase Campaign process via established “Pillars” and Lines of Operations (LOOs) DoD 8570.01M IA Workforce Improvement Program • Identifies Workforce & Capability level requirements JOINT USSTRATCOM and NSA/CSS Cyber DCR ( Oct 2008) • Continue development of Cyberspace as a mission area through enhanced capability, intelligence, acquisition, and interagency coordination • Identify shortfalls to address a clear solutions matrix Final Report for Cyber OPS Manning Limited Objective Experiment (Feb 2009) • Study assigned objective to determine manning requirements for the conduct of CNA/CNE in support of COCOM operations Operational Concept for Cyberspace ( Apr 2008) • Addresses vision for achieving Cyberspace dominance through development of new capabilities, C2 relationships, organizational constructs, training, and policy NAVY Navy Strategic Plan (NSP-12) • Provides CNO strategic guidance for effective resource acquisition and allocation for projection of Century Seapower (CS-21) initiatives addressing shortfalls and projected future conflicts NWP 3-63 Computer Network Operations Vol I • • Overview of Computer Network Operations and its respective disciplines and their Supporting roles within the Information Operations domain Naval Network Warfare Command Instruction 5450.4A • Describes Missions, Functions, and Tasks (MF&T) for Computer Network Defense operations at Navy Cyber Defense Operations Command (NCDOC) FLT Cyber Command/ 10th FLT Implementation Plan • • Way Ahead to conduct operations in Cyberspace leveraging NSA and DISA efforts and capabilities to achieve FOC DOTMLPF paradigm inclusion across all Agencies, Services, Multi-National stakeholders CNO Tasker- Health of Navy Networks (Operational & Tactical) • • • ID near and long term Security & Reliability Identify network life cycle requirements POA&M to mitigate network shortfalls 17 UNCLASSIFIED/FOUO Identifying Cyber Workforce Strategic Objectives CONDUCT INFORMATION ASSURANCE PROCEDURES: CONDUCT NETOPS: DEFEND NETWORK: MONITOR/ANALYZE/DETECT RESPOND PROTECT Ensure Operation capabilities Identify and Mitigate Intrusions Establish a secure network Apply and monitor system hardware and software configurations and applications IAW directed policy and procedures Ensure network(s) effectiveness to support Commanders intent and the decision making process Apply Intrusion Detection, Intrusion Protection and mitigative TTPs to protect the enterprise services 18 UNCLASSIFIED/FOUO Task Definitions (UJTL) Label OP 5.6.5.3 Task Name Task Description Conduct CND To conduct actions taken through the use of computer networks to protect, monitor, analyze, detect, and respond to unauthorized activity within DOD information systems and computer networks Defend the GIG Direct and lead Information Assurance and Computer Network Defense (IA/CND) actions to protect, monitor, analyze, detect and respond to unauthorized activity within DOD GIG assets, information systems and computer networks. Employ IA protection activity and deliberate actions to modify an assurance configuration or condition in response to a CND alert or threat information. CND response actions include defensive and restoration actions. Provide assured system and network availability, assured information protection, and assured information delivery. ST 5.1.6 Establish IA Procedures To establish information assurance procedures for deployed operations. This task includes developing IO appendices including defensive information operations (IO) and IA for all deliberate plans and operations orders as required. IA may be used to ensure information and information systems availability, integrity, authentication, confidentiality, and nonrepudiation. This includes providing for restoration of information systems by incorporating protection, detection, and reaction capabilities. ST 5.5.7.3 Direct CND To direct actions taken through the use of computer networks to protect, monitor, analyze, detect, and respond to unauthorized activity within DOD information systems and computer networks. ST 5.1.2.3 Manage Information Assurance Policies Establish and enforce policies and procedures to design, operate, maintain, and protect theater command, control, communications, and computers (C4) systems. OP 5.4.7 Integrate Computer Investigations & Operations in CND To coordinate, facilitate and deconflict computer investigations and operations between investigative and member agencies. Prepare Plans and Orders To make detailed plans, staff estimates, and decisions for implementing the geographic combatant commander's theater strategy, associated sequels, and anticipated campaigns or major operations. Plans and orders address, among other things, centers of gravity, branches, sequels, culminating points, and phasing. Planning includes organizing an effective staff, structuring and organizing the force, considering multinational capabilities/ limitations, and cross-leveling or balancing Service component, joint, and national command, control, communications, and computers (C4) means. Plans should address specific missions and tasks for subordinate joint or multinational task forces, Service 19 and functional components and supporting commands and agencies. SN 5.5.5 OP 5.3 UNCLASSIFIED/FOUO Task Definitions (NMETL) Label NTA X.X.X NTA 5.5.5 NTA.2.4.4.1 Task Name Task Description Plans and Policy Perform Information Assurance Protect and defend information and Information Systems ensuring their Confidentiality, Integrity, Availability, Authentication, and non-repudiation. Provide Restoration procedures by implementing protection, detection, and reaction capabilities Identify Issues and Threats Assess and identify threats which may impact national security interests and operations Evaluate, Integrate, Analyze and Interpret Information Appraise the credibility, reliability, accuracy of information through a process of identifying patterns, conducting analysis, and interpreting its significance NTA 5.2 Analyze and Assess Information Continuously evaluate information to determine and refine COA NTA 2.4.5.3 Provide Indications & Warning of Threat Provide early warning of attacks to prevent surprise and reduce risk on planning assumptions Develop Cyber Counter- Targeting Plans Prevent enemy from attaining own force Cyber Targeting Plans SN 2.4.1 NTA 3.1.6.X 20 UNCLASSIFIED/FOUO Task Definitions (NMETL) Label NTA 5.5.5.1 NTA 5.5.X NTA X.X Task Name Task Description Provide Computer Network Defense Protect and defend Information and Information Systems from disruption, denial, degradation, and destruction Conduct Incident Response Management Employment of Cyber Incident response management techniques to restore cyber combat capabilities damaged by attack or natural occurences Provide Trained Personnel Provide personnel trained to effectively and efficiently apply Commanders concept, intent, and objectives 21 UNCLASSIFIED/FOUO STT Primary References • • • • • • • • • • • • • • Net-Centric Data Strategy DoD 8570.01-M Information Assurance Workforce Improvement Program NSTISSI No. 4011 National Training Standard For Information Systems Security (INFOSEC) Professionals Navy Enlisted Manpower Occupations and Standards Vol I & II OPNAVINST 3500.34F Navy PQS Program Joint Pub 3-13 Information OPS DoDINST 8410.02 NetOPS for the GIG NIST SP 800-53 Information Security NTTP 3-32.1 Maritime Operations Center TTP CONOPS for NETOPS, Information Operations and Space Center (NIOSC) National Military Strategy for Cyberspace Operations NNWC NMETL for IO and SIGINT Capability Area Development CJCSI 6510.01/ 01A/01E IO and CND Series NWP3-63 Vol1 Computer Network Operations 22
