On August 4, 2022, Secretary Del Toro released a Strategic Intent for Cyber Ready memorandum that provides guidance for transforming the Department of the Navy’s approach to cybersecurity by pivoting from a compliance mindset to a dynamic model rooted in the philosophy of readiness and currency. This shift to a preemptive and active Cyber Ready state builds on the DON’s Information Superiority Vision, and will improve the DON’s cyber defenses while also speeding the process of acquiring cyber secure systems.
Cyber Ready is a continuous state of cybersecurity awareness, where the right to operate is earned and managed every day. A Cyber Ready posture ensures secure delivery of information into the right hands at the right time, through the acquisition and deployment of systems that are designed to be cyber secure.
To transition from the current compliance-based approach for cybersecurity to Cyber Ready, DON will pursue the following seven lines of effort (LOEs):
- Cyber Metrics: Measure cybersecurity holistically with a risk and readiness Zero Trust mindset.
- Build on Risk Management Framework (RMF) Reform. Accelerate the Authority to Operate (ATO) process with automation and leverage inheritance models to reduce the allocated control sets that programs are responsible and accountable for.
- Cyber Currency: Move to an ongoing ATO that is maintained through Cyber Currency.
- Adversarial Assessment. Adopt a “trust but always verify” mindset (leverage automated penetration testing, audits, and data from continuous monitoring).
- Data Analytics: Democratize insight by providing visibility into the Cyber Ready posture to those who need to know the risks they are assuming.
- Acquisition Changes: Provide programs the tools to develop systems that are “born” Cyber Ready and remain ready through Cyber Currency.
- Workforce: Deliver ongoing training to keep the acquisition and cyber workforce informed on the current processes and tools.
Within 30-days of this memo, the DON Chief Information Officer (CIO), Deputy Assistant Secretary of the Navy for Information Warfare and Enterprise Services, and DON Deputy CIOs for both the Navy and Marine Corps will appoint leads and supporting organizations for each of the LOEs.
Read Strategic Intent for Cyber Ready.
TAGS: CISO: Cybersecurity, Cybersecurity, IA, InfoSharing, Strategy, Workforce
Related Policy
Strategic Intent for Cyber Ready
DON Migration to Windows 11 Operating System
DON Best Practices for Public Use of Wi-Fi
Related News
Stronger Industry Engagement Needed to Bolster Cybersecurity
DON Migration to Windows 11 Operating System Must Occur Prior to Oct. 2025
CNO Releases Navigation Plan 2022
Missed the 2022 DON IT East Conference?
Related CHIPS Magazine
How U.S. Cyber Command, NSA Are Defending Midterm Elections: One Team, One Fight
CHIPS Act Advances DoD’s Emphasis on Microelectronics
Partnership in Action: Croatian, U.S. Cyber Defenders Hunting for Malicious Actors
Related Resources
Chief of Naval Operations Navigation Plan 2022
Featured Articles: July – Sept. 2022
PII Breach Reporting Resources