DISA evaluates DODIN defense through adversary’s eyes

DISA evaluates DODIN defense through adversary’s eyes

To address evolving cyber threats, Pentagon is drafting an implementation roadmap for securing the Department of Defense Information Network (DODIN).

NSCSAR -- which stands for the Non-secure Internet Protocol Router Network (NIPRNet) and Secret Internet Protocol Router Network (SIPRNet) Cybersecurity Architecture Review -- seeks to answer three questions, according to Pete Dinsmore, Defense Information Security Agency’s risk technology executive: “Which cybersecurity solution do we need, how much is enough and where can we take risk?”

The NSCSAR effort examines the DODIN from an adversary’s perspective to better prepare network defenders.  Current cybersecurity measures will scored based on their effectiveness against tactics and techniques used by adversaries.

This effort will inform planners and budgeting.  “At the end of the day, the budgets available for cybersecurity capabilities are either stagnant or decreasing,” Dinsmore said. “And we need to figure out how to best use our dollars. ”  To that end, NSCSAR routinely releases recommendation, affirmation and observation reports to stakeholders.

NSCSAR is being implemented as an agile process, in which NSCSAR regularly reassesses the environment to determine what needs to be changed.

“Every 90 days were taking a new look -- adding capabilities, adding questions, adding ability for analysis, and adding new threats,” Dinsmore said. The cycle allows us to make regular adjustments, he noted, rather than saying, ‘We’ll be back to you in a year with a new report.”

The first NSCSAR assessment was completed in April, and the second "spin" is scheduled to be completed in June. 

About the Author

Mark Pomerleau is a former editorial fellow with GCN and Defense Systems.

Featured

  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected