Add to collection(s) Add to saved
  1. Business
  2. Management

Defensive Cyberspace Personnel Study Plan and TOR

advertisement 
UNCLASSIFIED/FOUO
(**DRAFT**)
Defensive Cyberspace Workforce
Study Plan,
Terms of Reference,
and Plan of Action and Milestones
v 0.90
March 4, 2010
FY 10 Analytic Agenda
Information Dominance
OPNAV N81F
UNCLASSIFIED/FOUO
1
UNCLASSIFIED/FOUO
Study Plan
1. Purpose. The purpose of the Defensive Workforce study is to inform key resourcing
decisions determining the Navy manpower requirement for Network Operations
(NETOPS), Computer Network Defense (CND), and Information Assurance (IA). This
study plan will guide and synchronize the efforts of participants. It outlines the
objectives,
methodology,
analytical
processes,
organization,
governance,
responsibilities, timeline, and products required. Although we will not address
Computer Network Attack (CNA) or Computer Network Exploitation (CNE) in regards to
personnel in this study, we will consider how those two disciplines impact NETOPS,
CND and IA. The study will be scenario-driven, and will consider requirements ranging
from steady-state to various surge operations.
2. Background. State, non-state actors, and individuals all operate within cyberspace,
and the Navy must operate, defend, and attack on the same platform as its adversaries.
Public, high profile adversary successes will breed additional actors using means that
are inexpensive, anonymous, and effective. As a result, cyber operations require a
dedicated force that lives on the network, providing a global cyber common operational
picture with a predictive cyber threat/response capability, and integrated NETOPS,
Defense, Exploitation, and Offensive operations. In response to this dynamic threat
environment, the Secretary of Defense released a memo in June 2009 that directed
U.S. Strategic Command (USSTRATCOM) to establish U.S. Cyber Command
(USCYBERCOM). As the Navy component of USCYBERCOM, the Navy established
U.S. Fleet Cyber Command (FLTCYBERCOM) and re-commissioned 10th Fleet (C10F)
in January 2010.
3. Objectives. The objectives of this study are:
a. Document the Navy requirements for defending cyberspace in the functional
areas of Network Operations (NETOPS), Computer Network Defense (CND), and
Information Assurance (IA)
b. Document where the requirements should be done.
c. Identify the roles, competencies, processes and activities performed by each role
in support of NETOPS, CND and IA.
d. Determine how much one person can do as a functional skill; and longevity 1 at
each location for each requirement.
1
Longevity refers to length of time at an organization
UNCLASSIFIED/FOUO
2
UNCLASSIFIED/FOUO
e. Show how new approaches or planned technologies can reduce personnel
required.
f. Make recommendations for the number and type of cyberspace defenders the
Navy needs required by the Navy (military, civilian, and contractor).
4. Scope. This study will focus on Navy NETOPS, CND, and IA manpower
requirements, excluding CNA and CNE. NETOPS is defined as the DoD-wide
operational, organizational, and technical capabilities for operating and defending the
Global Information Grid (GIG)2. NETOPS includes, but is not limited to, enterprise
management3, net assurance4, and content management5. Since this study is focused
on Navy’s defensive cyber manpower, only the Net Assurance functions of NETOPS
are considered. Computer Network Defense (CND) and Information Assurance (IA) are
functions within Net Assurance. According to JP 1-02, CND consists of actions taken to
protect, monitor, analyze, detect, and respond to unauthorized activity within DoD
information systems and computer networks. IA includes measures that protect and
defend information and information systems by ensuring their availability, integrity,
authentication, confidentiality, and non-repudiation. This includes providing for
restoration of information systems by incorporating protection, detection, and reaction
capabilities.
5. Assumptions. The following are the key assumptions for this study plan:
a. The Navy will provide access to an integrated manpower information system
database that will allow capability-based manpower requirements to determine billet-torole mapping.
b. This study will require unity of effort across institutional boundaries to enhance
the analysis and support understanding of manpower, personnel, training and education
2
DoD Net-Ops Strategic Vision, December 2008
Enterprise Management is the set of functional capabilities and operational processes necessary to
monitor, manage, and control the availability, allocation, and performance within and across the GIG. It
includes Enterprise Services Management, Applications Management, Computing Infrastructure
Management, Network Management, Satellite Communications Management, and Electromagnetic
Spectrum Management.
4 Net Assurance is the set of functional capabilities and operational processes necessary to protect and
defend the GIG. This includes the operational responsibilities for information assurance, computer
network defense (to include Computer Network Defense Response Actions), and critical infrastructure
protection in defense of the GIG.
5 Content Management is the set of functional capabilities and operational processes necessary to
manage, and facilitate the visibility and accessibility of information within and across the GIG
3
UNCLASSIFIED/FOUO
3
UNCLASSIFIED/FOUO
requirements; NETOPS, CND, and IA processes; and NETOPS, CND, and IA system
functions.
c. This study will use and assess existing navy NETOPS, CND, and IA structures
and organizations.
d. This study will determine current (i.e. as-is) Navy NETOPS, CND, and IA
manpower requirements.
6. Approach. This study will use an integrated methodology approach to describe how
Navy’s NETOPS, CND, and IA manpower meets DoD, Joint, and Navy defensive cyber
capabilities (and desired effects) and objectives. These manpower requirements are
linked directly to Mission Essential Tasks (METs) in order to understand the effect of
manpower decisions on6 Navy’s ability to defend against attacks against its networks or
information systems.
To realize this end state, this study will identify all Navy organizations, both at the
National and regional levels, with personnel that perform a cyber defense role.
Associated with the cyber defense roles are the requisite knowledge, skills, and abilities
(KSAs), or competencies, required to perform that role7 to a specified standard.
Manpower requirements analysts will then be able to understand the workload and
worker requirements of each role as expressed by the task process/task relevance,
importance, frequency, and duration; and the relevance, importance, and level of each
competency8.
This study plan will be executed in four phases:
1.
Phase I. Data Collection (3 weeks)
2. Phase II. Understanding the Problem: Scenario Process, Role/Competency
Development, and Survey Development (4 weeks)
3.
Phase III. Manpower Analysis and Game-Changing Technologies (4 weeks)
4.
Phase IV. Final Analysis (3 weeks)
6
Capability Based Competency Assessment (CBCA) Concept, 13 May 2009, p. 4
Ibid, p. 12
8 Ibid, p. 5
7
UNCLASSIFIED/FOUO
4
UNCLASSIFIED/FOUO
Phase I. Data Collection
1. Methodology Development Meeting.
2. Develop Study Plan.
3. Conduct Literature Review.
4. Conduct Strategy-to-Task (STT) Analysis. Map strategic guidance down to
operational tasks that are required to achieve the desired effects. This will involved a
literature review of key national DoD and Navy guidance. These tasks will then be
associated to NETOPS, CND, and IA roles.
5. Collect Baseline Manpower Data. Research current data/information available
for key nodes, pulling from Activity Manning Documents (AMDs), the Total Manpower
Management Service System (TWMS), and the current Capability Based Competency
Assessment (CBCA) framework, NETOPS, CND, and IA roles.
6. Identify SMEs. Identify SMEs based upon the scope of the population
researched, taking into account geographic location, and predetermined criteria (see
Enclosure 1: Terms of Reference).
7. Write Scenarios. Develop three scenarios based on real-world events that cover
increasing threat levels.
8. Develop Role Framework. Identify established roles for NETOPS, CND, and IA
from existing doctrine. These roles will be vetted and refined through the IPT (including
protocol, terminology, and role-to-task integration).
9. IPT Review of Study Plan and STT.
Phase II. Understanding the Problem: Scenario Process, Role/Competency, and
Survey Development
1. Develop OV-4.
relationships.
Define key NETOPS, CND, and IA organizations and
2. Review Role Framework (Virtual Review).
3. Develop OV-6c Diagrams.
Develop event trace description based upon
scenarios to assess NETOPS, CND, and IA tasks.
4. IPT Workshop: Competencies / Skills. Identify roles and associated processes
and tasks, determine competencies for each role, and align to previously identified
roles. Identify experiences, and map to roles. Identify training courses for mapping to
UNCLASSIFIED/FOUO
5
UNCLASSIFIED/FOUO
competencies. Conduct one workshop consisting of two groups, with each group
conducted simultaneously. Each workshop will identify associated processes, activities,
and competencies for each previously identified role. Training courses and experiences
will also be identified during this workshop. Last, participants will identify current
NETOPS, CND and IA systems that are required for proficiency in identified roles.
5. Map Formal Training to Competencies. Gather course data (syllabi, etc) from
training courses identified in IPT workshop. Create tool/template to aid
instructors/graduates to map competencies to course objectives.
6. Review / Finalize Core Competency Data. Consolidate data obtained from
workshops and lead SMEs to review and validate data gathered.
7. Survey Development. Finalize core data gathered from workshops/IPT and
compile in survey format. Provide instructions to survey participants and administrator
via VTC. Develop an online survey comprised of questions to collect participant
demographic data, workload based on time and frequency, networks utilized and
required experience. Survey will be based on the role and competency data gathered
from workshops/IPT. Ensure survey results are captured in alignment with TWMS.
Provide instructions to survey participants and administrator via VTC.
8. IPT Workshop: OV-6c Review. Technical SME review of Navy cyber tasks and
roles processes used within the scenario.
Phase III. Manpower Analysis and Game-Changing Technologies
1. Administer Survey.
Administer survey to predetermined government POC.
Survey will be emailed to participants for a one-day turn around based on the
predetermined availability of staff, and will include a short VTC instruction period.
2. Revise OV-6c Diagrams. The core study team will update the OV-6c diagrams
based on recommendations from Technical SMEs at the IPT Workshop.
3. Workshop: Identify Game-Changing Technologies. This will be a 2-3 hour
workshop that will identify future systems that could change workload requirements for
cyber roles, and also identify the vulnerabilities of future systems. Participants should
include Technical SMEs from SPAWAR and PMW-160.
4. Review / Process Survey Results. Core study team manpower analysts will
process survey data to create an analytic ready dataset and conduct descriptive
statistics analyses on the survey data.
5. Generate Initial Manpower Requirements. Study team manpower analysts will
identify initial manpower requirements based on the workload data collected in the
survey.
UNCLASSIFIED/FOUO
6
UNCLASSIFIED/FOUO
6. Map Game-Changing Impacts to Roles. This mapping will be based upon the
Game-Changing Technologies Workshop.
7. Workshop: Validate Manpower Requirements. Validate manpower requirements
based on roles and tasks described within the scenarios; review gap/excess analysis
based upon AMDs and associated Unit Identification Codes (UICs); review gamechanging impact analysis.
Phase IV. Final Analysis
1. Revise Manpower Requirements. Manpower requirements will be revised based
on workshop recommendations.
2. Develop Final Manpower Deliverables. Final manpower deliverables are: a Final
Report and Final Brief-out to the IPT. Final Report required inputs are: Database, Key
Survey Findings, and manpower gaps/excesses.
3. Integrate Results into Final Report. Methodology, analysis, and results from
each phase will be integrated into a final report.
4. Prepare for TWMS Submission. Prepare documentation in appropriate format for
TWMS submission.
5. IPT Final Brief-out. The final out-brief will be presented to the IPT and include
the comprehensive Navy defensive cyber manpower requirements.
7. Organization, Responsibilities, and Governance. The Defense Cyberspace Workforce
Study will be conducted by an Integrated Product Team (IPT) drawn from OPNAV and
Navy Cyber Organizations at national and regional levels, and augmented by a Core
Study Team consisting of contractor support to N81.
a. Leadership. OPNAV N81 will serve as lead for the study, and will have approval
authority over scope, methodology, and timeline as well as deliverables.
b. Core Study Team. The Core Study Team will consist of Booz Allen staff
including Navy / cyber SMEs and analysts. The team will develop and present the study
deliverables to the IPT or Technical IPT for refinement and further development.
c. Integrated Product Team. The IPT members will be a group of military, civilian,
and contractor study stakeholders and NETOPS, CND and IA subject matter experts
drawn from: OPNAV (N1, N2/N6, and N81), USFF, USSTRATCOM, USCYBERCOM,
FLTCYBERCOM, C10F, NNWC, NCDOC, CID, NOCs, NIOCs, NCTAMS, CNRFC,
Naval War College, NSA, OSD, SECNAV, DoN CIO, PEO C4I, SPAWAR, and
UNCLASSIFIED/FOUO
7
UNCLASSIFIED/FOUO
augmented by the Core Study Team. The IPT’s primary task is to keep members’
respective leadership apprised of study progress, milestones, or issues that may impact
their organization. The IPT will meet once a month or as required.
d. Technical IPT. This is a sub-set of the IPT that consists of qualified Navy
enlisted, civilian and contractor personnel in Cryptology and Information Technology as
well as officers in the Information Warfare (IW) and Information Professional (IP)
communities. Their technological expertise and operational experience should cover
protecting the enterprise through patching the network and implementing various
protective measures in accordance with standard operating procedures. Battle Watch
Captains (BWC) and Computer Network Defense Officers (CNDO) should also have
experience identifying and mitigating adverse actions on the network such as Intrusion
Detection and Incident Handling.
The Technical IPT will review draft study deliverables, and provide assistance to the
Core Study Team as required to refine these products. IPT members will represent
their organizations during scheduled workshops and serve as conduits for additional
SME support required from their organizations. These meetings and workshops will
require a significant level of effort from the Technical SMEs. For example, this study
currently plans for three workshops, one of which is up to three days in duration; other
meetings will occur on a bi-weekly basis. Technical SMEs from OPNAV and other
stakeholder organizations provide specific expertise (without reachback) to the study in
the areas of NETOPS, CND, IA and Navy manpower, personnel, training and education.
8. Communication.
a. Surveys. Surveys will be released via NIPRNet or SIPRNet email depending on
classification.
b. Recurring Updates. OPNAV N81 leadership will receive status updates on a
recurring weekly basis. These meetings will be conducted via VTC/ teleconferencing or
in-person when available.
c. Workshops, Conferences.
Invitations will be disseminated for each
workshop/conference to be conducted via VTC/ teleconferencing or in-person when
available.
UNCLASSIFIED/FOUO
8
UNCLASSIFIED/FOUO
9. Risks. The following risks are associated with the successful completion of this study:
a. Participation by technical SMEs is critical to successful completion of this study.
This includes SMEs within the Navy and at the national level, but also at regional and
geographic organizations. Technical SMEs are required at each step of the process,
from role identification to manpower surveys. To ensure maximum participation, N81
will communicate study objectives, timeline, and events to leadership of stakeholder
organizations.
b. This study incorporates some aspects of the CBCA methodology that requires a
number of sequenced SME-driven workshop as well as stakeholder feedback;
IPTs/workshops also build on each other. If identified technical SMEs do not attend
these events or do not provide timely feedback, the study schedule will be at risk.
c. The manpower survey is a critical component to generating workload
requirements. This study is scheduled to be conducted in April. There are several
command level exercises planned for the month of April which may impact the
availability of SMEs to participate in the survey.
d. The manpower and workload survey is a critical component to generating
workforce requirements and requires rapid analysis. If the survey is administered on a
classified network such as SIPRNet, the restricted accessibility will impact the ability to
conduct the required analysis and data development as described in the study plan.
Recommend that the survey event in this workforce study be conducted at the
unclassified level as much as possible to ensure project milestones are met.
e. This study requires baseline manpower documentation. If this is not provided,
the core study team will not be able to conduct a gap analysis. Results will then be
based only on identified manpower requirements.
10. Relevant References. The following documents and efforts will be used to
determine the Navy’s NETOPS, CND, and IA integrated manpower requirements. This
list is not all-inclusive, and will include other sources discovered during the course of
this study.
a. USSTRATCOM Cyber Command Implementation Plan.
This document
describes the process and steps for the establishment of USCYBERCOM. It addresses
the roles, responsibilities, reporting relationships, authorities, and initial operational
capability (IOC)/full operational capability (FOC) phasing requirements. The
Implementation Plan emphasizes how missions, functions, and manpower will transition
from JTF-GNO, JFCC-NW, NSA, and DISA without loss of operational continuity or
capabilities. In addition to a phased stand-up, the plan includes a recommendation to
stand up a Joint Intelligence Operations Center (JIOC) as a USCYBERCOM subUNCLASSIFIED/FOUO
9
UNCLASSIFIED/FOUO
activity. Relevant annexes to the plan are A (Mission, Roles, and Organization
Structure) and E (Personnel).
b. USSTRATCOM Operational Concept for Cyberspace. The Concept addresses
the need to connect and operate militarily across the Electro-Magnetic Spectrum (EMS)
and control that spectrum; deny and mitigate adversary use of the spectrum (addressed
in Classified OPORD); develop and establish DOTMLPF to enhance spectrum’s
capabilities; identify, build, and secure the information infrastructure; mature with the
technology.
The Concept recommends establishment of applicable Rules of
Engagement (ROE) and lines of authority within Areas of Responsibility (AOR). Lastly,
the Concept provides risk, assumption, and implication assessment to achieve
Cyberspace superiority.
c.
U.S. Fleet Cyber Command/Commander 10th Fleet Implementation Plan. The
CNO established FLTCYBERCOM/C10F in a 23 July 2009 memo that also delineated
the mission, roles, and responsibilities. It established the Command and Control,
Reporting, and support relationships across Navy and with USCYBERCOM. Lastly, it
provided initial manpower, facilities, and resource requirements. An early focus area for
C10F is dynamic network defense operations that are integrated with national defense
operations. Other early focus areas are dynamic cyberspace operations, operational
employment of cyber forces, an assessment of the NETOPS reporting system, and
partnering with C2F and C3F in certification of cyberspace and EW operations.
Operationalizing cyber focuses on the ability to operate, defend, exploit, and attack
networks. Cyber crosses the following Joint Functional Areas: C2, Intelligence, Fires,
Movement & Maneuver, Protection, and Sustainment. It is centered around the following
nodes: Afloat, NIOC, NCDOC, and NNWC.
d. DoD Information Assurance Workforce Improvement Program Manual. The IA
WIP is a reference document describing the Categories, Specialties, Levels, and
functions/certification requirements associated with the IA Workforce. There are two
general categories (IA Technical, IA Management) and two Specialties (IA Workforce
System Architect & Engineer, CND – Service Provider). IAT, IAM, and IASAEs are
broken up into three levels having the three responsibilities. The CND-SP specialty has
five positions with varying skill sets mapped to required certifications. There is also a
Designated Approving Authority (DAA) which is an official appointed for each
Information System operating within or on behalf of the DoD. They have the authority to
formally assume responsibility for operating a system at an acceptable level of risk.
This is foundational data for identifying key roles and competencies associated with
CND.
e. N81 Cyberspace Defense Study. The purpose of this study was to determine the
Navy’s ability to provide required network support to a carrier in a major combat
operation under attack or exploitation from most likely Red CNE and CNA CoAs. The
main goals were to understand the adversary’s long-term capabilities and to determine
UNCLASSIFIED/FOUO
10
UNCLASSIFIED/FOUO
the most cost-effective countermeasures. The study recommended a balanced mix of
tools/technology and personnel for potential reduction in penetration likelihood. The
Defensive Cyberspace Workforce Analysis Study is the follow-on to this study to
specifically look at CND manpower requirements.
f. N1 Cyber Manpower Brief. This briefing recommended a Total Force approach to
manpower to generate the optimum mix of a work force. The briefing recommended
military for CNA/CNE, civilian for NETOPS, and a mix of military and civilian for CND.
The Navy will phase in Cyber Warfare Engineer (1820), develop the Cyber Warrant
Officer will be out of NEC 9308, and develop Select Reserve (SELRES) focus at four
NIOCs located in close proximity to large civilian sector cyber markets. Accessions at
current pace are insufficient to support Cyber Warrant Officer growth.
g.
Final Report for Cyberspace Operations (Manning) Limited Objective Experiment
(LOE). The purpose of the LOE was to apply analytical, systematic, and repeatable
approach to determine appropriate cyberspace forces to conduct CNA/CNE. The LOE
did not include CND/NETOPS manpower requirements, but concluded that
CND/NETOPS manning numbers must be included to accurately portray the total
cyberspace manning requirement. The LOE assessed that no separate surge forces are
required from day-to-day manning; the surge would be handled by reprioritization of
daily manning with some augmentation from guard/reserve personnel. Services will not
create discrete MOS/NEC/AFSC for each of the roles; manning will be multi-functional.
h. USSTRATCOM and NSA/CSS Cyber DOTMLPF Change Recommendation
(DCR). USSTRATCOM and NSA/CSS conducted a gap analysis to identify shortfalls in
cyber capabilities, and then identified non-materiel (DOTMLPF) recommendations to
mitigate the shortfalls. This document focused on computer network attack (CNA) and
computer network exploitation (CNE).
i.
OPNAV N6 Study: Health of the Network. This study provided CNO a
comprehensive review of Navy’s operational and tactical networks. It addressed near
and short term security and reliability, a modernization plan to include migration and
consolidation recommendations, network shortfalls, and methods to maintain and
improve health of the network. One challenge is the lack of integration and
standardization of networks to conduct C2, business processes, and provide real-time
network security and capability information to the warfighter. The majority of networks
were also found to have a medium to high level of risk in the following areas: C2,
operations, and defense. The study identified a near and long term way ahead for the
network, but did not include changes to personnel or processes.
j.
FLTCYBERCOM/COMTENTHFLT OPORD 2000. This document directs Navy
cyberspace operations globally to achieve military operations through cyber space. It
directs applying a trained Navy Cryptological community in conjunction with Numbered
Fleet Naval assets globally to execute NETOPS, ensure Information Assurance, and
UNCLASSIFIED/FOUO
11
UNCLASSIFIED/FOUO
defend the Global Information Grid (GIG) as directed by USSTRATCOM. The OPORD
outlines the roles and responsibilities of the organizations which operate under and
within the FFC/10th FLT enterprise.
k.
Navy Mission Essential Task List (NMETLS). This provides justification for
training NIOC and NCDOC personnel in the IO community tasked with providing global
force commitment, availability, and readiness to affect operational planning and
resourcing. This document helps identify tasks that apply to initiatives to build a
community of personnel trained to identify threats, mitigate threats to ensure the
availability, integrity, authentication, confidentiality, and non-repudiation of Navy
information and information systems.
UNCLASSIFIED/FOUO
12
UNCLASSIFIED/FOUO
Enclosure 1. Terms of Reference
Role - People perform roles within operational teams that work together in a process to
accomplish the mission. The level of effort needed to perform a role determines the
number of people required to execute the tasks within operational processes. Since a
person may perform more than one role, several roles may be related to one billet in
order to capture the total workload for one person. The total billets required form the
“quantity” manpower requirement for a given mission. Also associated with the role are
the tools and technologies (systems) that provide functions needed to accomplish the
tasks and have a tremendous impact on level of effort.
In an operational architecture, the capability producing nodes are roles (not billets).
Roles are related to systems/equipment through processes and activities. In an
operational construct these tasks in turn produce warfighting capability. From a good
understanding of roles (competencies and workload), billets can be derived.
Competency – A characteristic of a human being most often defined as an aggregate
of knowledge, skills, abilities, and behaviors. The competency framework provides the
link from education-to-billet-to-capability-to-readiness. Once those links are understood,
mission essential competencies are prioritized and the total outcome constructs a
manpower strategy that produces sailors ‘ready for work.’ Work in this context is
defined as the combination of organizational processes and role based understandings
(mapped to systems) able to produce the desired effects intended by the operational
command.
Capability – The ability to achieve a desired effect under specified standards and
conditions through combinations of means and ways across the doctrine, organization,
training, materiel, leadership and education, personnel, and facilities (DOTMLPF) to
perform a set of tasks to execute a specified course of action9.
Task – A clearly defined and measurable action, activity, or event (derived from an
analysis of the mission and concept of operations) assigned to an individual or
organization to provide a capability.10
OV-6C – DoDAF product known as the Operational Event-Trace Description. This is
one of three products used to describe operational activity sequencing and timing. It
identifies business process responses to events (i.e. scenarios).
OV-4 – DoDAF product known as the Organizational Relationships Chart. It depicts
relationships within or between organizations.
9
CJCSI 3170.01G, 1 March 2009
CJCSI 3500.02, Universal Joint task List (UJTL) Policy and Guidance for the Armed forces of the
United States, 01 Feb 08.
10
UNCLASSIFIED/FOUO
13
UNCLASSIFIED/FOUO
Integrated Product Team (IPT) – A group of Navy stakeholders whose role is to
provide comment, recommendation and feedback to the study. IPT members will keep
their respective leadership apprised of study progress, milestones, or issues that may
impact their organization.
Technical IPT – This is a sub-set of the IPT that consists of technical SMEs (military,
contractor and civilian) from OPNAV and other stakeholder organizations that provide
specific expertise (without reachback) to the study in the areas of NETOPS, CND, IA,
and Navy manpower, personnel, training and education.
Workshop – Similar to a Technical IPT review but with greater emphasis on operational
requirements driven by specific missions; longer in duration and with a specific
purpose/objective. Workshops will be used during this study to define NETOPS, CND,
and IA roles, processes and determine competencies for each respective role.
Technical Subject Matter Expert (SME) – An individual who attends Technical IPTs
and workshops, reviews and provides inputs to study products, and with requisite
experience as defined as:
-
Four years work and one year supervisory experience in areas directly related to
NETOPS/CND/IA Occupational Expert (OE).
Occupational experts are
considered qualified to define competencies necessary within a particular area of
study.
-
Defensive Cyberspace Manpower SMEs should have expert knowledge and skill
in the missions, operations, and tasks of the OE (or one of the OEs within the
cluster) under study. Expert knowledge may include training, evaluation, or
supervisory experience.
-
Knowledgeable in the following cyber related documents (or draft documents):
DODD 8500.1, DODD O-8530.1, DODI 8500.2, DODI O-8530.2, CJCSM
6510.01, Joint Concept of Operations (CONOPS) for the GIG NETOPS, NWP 363, NTTP 3-32.1, CJCSM 6510.01E, CJCSM 6510.01A, DODD 8500.01E,
DODD 8100.01, 43357-1C, 43358A, 43469.
-
Recommended by their command for their expertise and have the ability to assist
others in developing skills needed to accomplish operational mission tasks
related to the organizational element/cluster to be studied.
-
In order to eliminate potential, unintentional bias by just including Fleet active
duty personnel, SMEs will be sought within reserve augmentation commands,
government civilians, academia, and contractors. A Navy total manpower mix of
SMEs is highly encouraged. SME selection should also include NETOPS, CND,
and IA system and software engineers.
UNCLASSIFIED/FOUO
14
UNCLASSIFIED/FOUO
NETOPS – The DoD-wide operational, organizational, and technical capabilities for
operating and defending the Global Information Grid (GIG). NETOPS includes, but is
not limited to, enterprise management, net assurance, and content management. Since
this study is focused on Navy’s defensive cyber manpower, only the Net Assurance
functions of NETOPS are within scope. 11
-
Enterprise Management is the set of functional capabilities and operational
processes necessary to monitor, manage, and control the availability, allocation,
and performance within and across the GIG. It includes Enterprise Services
Management, Applications Management, Computing Infrastructure Management,
Network Management, Satellite Communications Management, and
Electromagnetic Spectrum Management.
-
Net Assurance is the set of functional capabilities and operational processes
necessary to protect and defend the GIG. This includes the operational
responsibilities for information assurance, computer network defense (to include
Computer Network Defense Response Actions), and critical infrastructure
protection in defense of the GIG.
-
Content Management is the set of functional capabilities and operational
processes necessary to manage, and facilitate the visibility and accessibility of
information within and across the GIG.
Computer Network Defense – CND consists of actions taken to protect, monitor,
analyze, detect, and respond to unauthorized activity within DoD information systems
and computer networks.12
Information Assurance – IA includes measures that protect and defend information
and information systems by ensuring their availability, integrity, authentication,
confidentiality, and non-repudiation. This includes providing for restoration of
information systems by incorporating protection, detection, and reaction capabilities.13
11
DoD Net-Ops Strategic Vision, December 2008
JP 1-02
13 Ibid
12
UNCLASSIFIED/FOUO
15
UNCLASSIFIED/FOUO
Enclosure 2. Plan of Action and Milestones
Event
Phase I: Data Collection / Framework Development
Methodology Development Meeting
Study Plan/TOR Development
Conduct Literature Review
Conduct Strategy-to-Task Analysis (STT)
Collect Baseline Manpower Data
Identify SMEs
Write Scenarios
Develop Role Framework
IPT Review of Study Plan and STT
Phase II: Understanding Problem: Scenario Process,
Role/Competency, and Survey Development
Develop OV-4
Virtual Review of Role Framework
Competency Workshop Rehearsal
Develop Draft OV-6c Diagrams
IPT/Workshop #1: Roles/Competencies/Skills (3 Days)
Map Training to Competencies
Review/Finalize Core Competency Data
Survey Development
IPT/Workshop #2: OV-6c Review (Full-Day)
Phase III: Manpower Analysis and Game-Changing Technologies
Administer Survey (Includes short VTC instruction period)
Revise OV-6c Diagrams
IPT: Identify Game-Changing Technologies (2-3 Hours)
Review/Process Survey Results
Generate Initial Manpower Requirements
Map Game-Changing Impacts to Roles
IPT/Workshop #3: Validate Manpower Requirements (Full-Day)
Phase IV: Final Analysis
Revise Manpower Requirements
Develop Manpower Deliverables for Final Report
Integrate Results into Final Report
Request TWMS Submission
IPT Final Brief-out: Comprehensive Navy Cyber Manpower Requirements
UNCLASSIFIED/FOUO
16
Due Date
Early March
2/15/2010
2/15/2010
2/19/2010
2/25/2010
2/26/2010–ongoing
2/26/2010
3/2/2010
3/2/2010
3/4/2010
Early April
3/10/2010
3/11/2010
3/16/2010
3/23/2010
3/23–25/2010
3/29/2010
3/30/2010
4/1/2010
4/1/2010
Early May
4/7/2010
4/14/2010
4/15/2010
4/21/2010
4/28/2010
4/29/2010
5/5/2010
Late May
5/12/2010
5/14/2010
5/21/2010
5/24/2010
5/27/2010
Related documents
Teach Peace Pack - Assembly 1 `What is peace?`
Teach Peace Pack - Assembly 1 `What is peace?`
- Department of Community Medicine ACME Pariyaram
- Department of Community Medicine ACME Pariyaram
MMR-MAR-12
MMR-MAR-12
MMR-Nov-11
MMR-Nov-11
Cyber Command - Skinner
Cyber Command - Skinner
星星 - 整全的教育
星星 - 整全的教育
Recruiting mathematicians as codebreakers
Recruiting mathematicians as codebreakers
Child Pornography
Child Pornography
Download
advertisement