JFHQ-DODIN hosts fourth Annual Defense Agency, Field Activity Senior Leader Engagement

Photo By Thomas Burton | Navy Vice Admiral Nancy A. Norton, Commander, Joint Force Headquarters-Department of...... read more read more

Photo By Thomas Burton | Navy Vice Admiral Nancy A. Norton, Commander, Joint Force Headquarters-Department of Defense Information Network, speaks virtually to commanders, directors, deputies, and chief information officers from more than 25 defense agencies and field activities during the fourth Annual Defense Agency, Field Activity Senior Leader Engagement held on Sept. 15-16. This annual event enables DoD senior leaders to engage in executive-level dialogue with JFHQ-DODIN staff regarding strategic and operational topics critical to the DODIN and defensive cyberspace operations.  see less | View Image Page

FORT MEADE, MARYLAND, UNITED STATES

09.16.2020

Courtesy Story

Joint Force Headquarters - Department of Defense Information Network

✔ ✗ Subscribe

2

Navy Vice Adm. Nancy A. Norton, Commander of Joint Force Headquarters-Department of Defense Information Network, and JFHQ-DODIN Deputy Commander Army Brig. Gen. Paul H. Fredenburgh III, hosted the fourth Annual Defense Agency & Field Activity Senior Leader Engagement Sept. 15-16.

This annual event invites commanders, directors, deputies, and chief information officers from more than 27 defense agencies and field activities to engage in executive-level dialogue regarding strategic and operational topics critical to the DODIN and defensive cyberspace operations. The theme of SLE2020, held virtually this year, was "DODIN Readiness in a New Era: Steady State, Contingency Operations and Contested Environments."

This year’s seminar focused on managing risks for mission assurance and continuing to fully transition all aspects of the Cyberspace Warfighting Domain to fall within the Command-Centric Operational Framework for cyber.

“Mission assurance is our priority. Everything we do regarding DODIN operations, and the plans and actions taken to secure and defend the DODIN trace back to ensuring DoD’s technological infrastructure, weapons systems and data are protected and available when needed,” Norton said. “But managing risks and DODIN readiness is a collective responsibility as well as an individual Area of Operations responsibility. Every one of us has a responsibility to defend the DODIN. This is fundamental to DoD’s ability to implement National Defense Strategy objectives.”

During her opening remarks, she cited two recent operations to emphasize the importance of JFHQ-DODIN working with Area of Operations teams to continually strengthen the cyber resilience of the DODIN through threat-informed cyber hygiene and rapid and thorough incident response.

The commander explained that JFHQ-DODIN worked with AOs on mitigation efforts in response to reported virtual private network vulnerabilities in various DODIN network components. She added that it was an effort of particular relevance since VPNs have become an even more critical component of the DODIN during this time of increased telework. Focused coordination with AOs took place in order to execute necessary actions while balancing operational impact with overall risk to the DODIN.

As her second example, she said the command coordinated efforts in response to network compromise incidents. She emphasized that when an incident occurs, it is JFHQ-DODIN’s job to ensure the agency or activity has the resources and expertise needed to mitigate the incidents. She added that incident responsibility and accountability remains squarely with AO commanders and directors, but at the operational level, JFHQ-DODIN provides oversight, guidance and technical assistance as needed.

Keynote speaker for the event was Army Gen. Paul M. Nakasone, commander of U.S. Cyber Command, director of the National Security Agency and chief of the Central Security Service. The three main themes for his discussion were “zero trust,” readiness, and command-centric operations. He noted that adversaries continue to evolve, weaponizing vulnerabilities at an ever faster and more aggressive pace. He underscored the vital need to look at what adversaries are doing and get left of any intrusion, or left of click, by driving continuous, integrated mission-assurance operations.

During day two of the engagement, Fredenburgh echoed comments from the previous day. He said the key takeaway is that commanders and directors are accountable for their organization’s cyber terrain and that the outcome is about mission assurance. He stressed that this is not about technical compliance. It is about out maneuvering adversaries through operations, activities, actions and investment.

“Emphasis on accountability is a natural progression in the maturity of the secure, operate and defend the DODIN mission area,” Fredenburgh said. “Our goal is to continue helping your organization understand how the various efforts fit together within the operational command framework for cyberspace operations and how to prepare for changes as they evolve.”

The deputy commander noted three elements needed for managing risks that are vital to success. These include operating within an organized command-centric approach, using threat-informed information for prioritization and decision-making to increase speed of action and understanding the linkage between the cyber terrain and mission essential tasks. All of these elements contribute to readiness and mission assurance and work together to increase the costs for cyber adversaries.

Fredenburgh explained that last year’s seminar focused on risk management, risk to the DODIN, and risk to mission. It underlined the need to think beyond the normal view of service delivery of an organization’s product or service but rather think about risk to the broader DoD mission and how individual organization mission assurance connects with the overarching DoD mission assurance. Part of this was highlighting the need for commanders, directors and JFHQ-DODIN to have increased visibility of the cyber terrain and the visualization capability that would allow for higher quality decision-making about the readiness condition of their organizations.

“All of this continues to be relevant and lays the foundation for accountability,” he said. “The secure, operate and defend mission area is commander and director level business. You must know your terrain and the interdependencies with others. Unified effort through the command-centric operational framework and using threat-informed prioritization supports speed of action. The operational view of risk management is critical. Effectiveness in operational outcomes (mission assurance) is a no-fail requirement.”

**********************************************************

Joint Force Headquarters-Department of Defense Network (JFHQ-DODIN), a component command of U.S. Cyber Command, exercises command and control of DODIN operations and defensive cyber operations-internal defense measures (DCO-IDM) globally in order to synchronize the protection of DoD component capabilities and to enable power projection and freedom of action across all warfighting domains.