Owing to the expansion of network-centric operating concepts across the Department of Defense (DOD) and the growing threat to information and cybersecurity from lone actors, groups of like-minded actors, nation-states, and malicious insiders, information assurance is an area of significant and growing importance and concern. Because of the forward positioning of both the Navy's afloat and the Marine Corps expeditionary forces, IA issues for naval forces are exacerbated, and are tightly linked to operational success. Broad-based IA success is viewed by the NRC's Committee on Information Assurance for Network-Centric Naval Forces as providing a central underpinning to the DOD's network-centric operational concept and the Department of the Navy's (DON's) FORCEnet operational vision. Accordingly, this report provides a view and analysis of information assurance in the context of naval 'mission assurance'.
Table of Contents
Front Matter
Summary
1 Background - Naval Network-Centric Operations, Information Assurance, and Current Cyberthreats
2 The Immediate Response - Current Information Assurance and Cyberdefense Initiatives
3 Mission Resilience - Viewing the Threat in Operational Terms
4 A Suggested Technical Response to Cyberthreats and Information Assurance Needs
5 Application of Risk Analysis as a Basis for Prioritizing Needs
6 Organizational Considerations
Appendixes
Appendix A: Acronyms and Abbreviations
Appendix B: Terms of Reference
Appendix C: Biographies of Committee Members
Appendix D: Summary of Recent Naval Operations and Department of Defense Reports Related to Information Assurance
Appendix E: Naval Information Assurance Architectural Considerations
Appendix F: Suggested Elements of a Naval Information Assurance Research and Development Program