“We should change our cybersecurity method to raised compete in right now’s contested our on-line world,” mentioned Rear Adm. Tracy Hines, Director of the Navy’s Enterprise Networks and Cybersecurity Division. “Cybersecurity can’t be an afterthought. Our adversaries are continuously leveraging the cyber area to erode our nation’s benefits, and for that purpose, cyber should be part of the acquisition course of from the start.”
In August 2022, Secretary of the Navy Carlos Del Toro launched a strategic intent memo offering steerage for reworking the Division of the Navy’s method to cybersecurity. On this memo, Secretary Del Toro directed the division to pivot from a compliance-based mindset to a extra dynamic mannequin rooted within the philosophy of readiness. And consequently, “Cyber Prepared” got here to be.
Cyber Prepared is a steady state of cybersecurity consciousness, the place the Authority to Function (ATO) on the Navy’s community is earned and managed day-after-day. A Cyber Prepared posture ensures safe supply of knowledge into the appropriate fingers on the proper time and permits applications with community purposes to constantly consider their safety for threats and vulnerabilities.
“Cyber Prepared is the right instance of us getting actual and getting higher,” mentioned Rear Adm. Hines. “The usual for figuring out whether or not programs are safe will now not be primarily based completely on finishing static checklists at common intervals. As a substitute, it is going to be a steady means of verification and validation of a system’s cybersecurity.”
All the things that exists on the Division of the Navy’s community right now should have an ATO, which is a prolonged course of usually reevaluated each three years. This is named a compliance-driven method. Nonetheless, with the cyber setting continuously altering, being Cyber Prepared equates to steady monitoring of networks and programs, thus making the system proprietor liable for staying updated and on the prepared for somebody or one thing to check the system for vulnerabilities.
“In less complicated phrases, the Navy used to deal with cybersecurity with a ‘set it and neglect it’ mentality,” mentioned Rear Adm. Hines, “However Cyber Prepared tells us to as a substitute ‘set it…but additionally monitor, check, test, and constantly search for alternatives to enhance it.’”
Whereas Nationwide Cybersecurity Consciousness Month has come to a detailed, keep in mind that cybersecurity, whereas targeted on in October, actually has no season and should be prioritized 24/7/365. Thanks on your dedication as we proceed to be CYBER WARRIORS!
For the freshest coverage and information about Navy cybersecurity go to doncio.navy.mil and search “cybersecurity.”