We have all been reading about the increasing number of cyber attacks in today's news, with increasingly more menacing—and successful "worms" dispensed against government and industry networks. As alarming as these attacks are, they represent just one aspect of the dramatically changing nature of modern-day vandalism and, on a larger scale, modern day warfare.
Ensuring operational readiness for Naval warfighters within this changing environment has led, via National and DoD initiatives, to the formation of the Department of the Navy's Critical Infrastructure Protection (DON CIP) Program.
Today's Defense Environment Emphasized the Need for CIP
The world of the black and white, bipolar balance of power that shaped our defense efforts in years past is gone. We now face a new, more insidious threat called asymmetric warfare. This new brand of warfare is unconventional, and brings the danger of being promulgated not only by large or small groups, but by just a single person with a computer and modem.
As the threat has grown in complexity, so has the business of national defense. Today, our defense establishment includes the following realities:
•Over 90% of the services required for day to day and war fighting operations of defense components now come from the private/commercial sector. (Many were previously "inherently governmental.")
•Mergers and acquisitions within the international defense industry have led to the globalization of weapon systems sustainment.
•Old defense mechanisms are no longer sufficient.
These realities, with the increasing potential for asymmetric/unconventional warfare, led to the 1998 approval and release of Presidential Decision Directive/NSC-63 (PDD-63) titled "Critical Infrastructure Protection."
PDD-63 initiated the CIP evolution.
What is DON Critical Infrastructure Protection?
Critical infrastructures are those physical and cyber-based systems needed to operate the economy and government. These systems include telecommunications, energy, banking and finance, transportation, water systems, and emergency services—both government and private. As part of National/DoD implementation of PDD-63, the DON CIP program was designed to develop, administer, and coordinate an enterprise-wide CIP effort.
For the Department of the Navy, CIP is a comprehensive, enterprise-wide initiative to:
•Identify infrastructures, both cyber and physical, essential to Naval warfighters
•Assess their vulnerability to loss
•Develop a coordinated physical and cyber indications and warnings capability against acts of terrorism, natural disaster, or error
•Take necessary action to ensure achievement of Navy/Marine Corps objectives during critical infrastructure loss.
Each of these six phases has its own set of activities, summarized in Table 1.
DON CIP Goals Flow From DON Policy
There are six primary DON CIP Goals, each with its own separate set of implementing actions and organizational leads.
DON CIP GOALS
•Ensure the Development of an Integrated CIP Capability
•Support the Development of Sector Assurance Plans
•Integrate the Efforts of Other Related DON Programs Into CIP
•Support the Development of an Integrated Indications and Warning Capability
•Establish a Web-Based Clearinghouse for DON CIP Specific Information and Guidance
•Establish Long Term Programmatic Objectives for DON CIP
Achieving these goals involves teamwork from many quarters. Key participants include:
DON CIO, Navy and Marine Corps Infrastructure Leads, Naval Criminal Investigative Service (NCIS), Headquarters Marine Corps Security and Law Enforcement Branch, Fleet Information Warfare Cen