Improving Cyber Survivability for Weapon System’s Mission Assurance

Presented: April 13, 2023 12:00 pm
Presented by: Steve Pitcher

In 2015, the DepSecDef (DSD) directed the Joint Staff to develop a Cybersecurity KPP.  The tasking was a response to the Director of Operational Test & Evaluation (OT&E) highlighting multiple weapon systems with the same “dirty dozen” high risk vulnerabilities reported every year that should have been fixed prior to OT&E and would now be harder and more costly to mitigate.

The probable root cause was that almost all legacy systems’ only contractually binding cyber requirement was “enough cybersecurity compliance to obtain an ATO”.  Despite all the tested systems having an ATO and cyber guidance from 40+ DoDIs, there were (1) no threshold performance requirements for cybersecurity or cyber resilience, (2) no adapt resourcing to achieve and sustain a meaningful cyber risk posture, and (3) no actionable cyber threats to justify the appropriate level of protection for resource sponsor action.

Instead of a Cybersecurity KPP, a Cyber Survivability Endorsement (CSE) was added to the Joint Staff’s System Survivability Key Performance Parameter (SS KPP), which places cyber within a PM’s operational risk trade-space for functionality (cost, schedule and performance).

This webinar training will provide a brief introduction to the Cyber Survivability Endorsement and how its framework is applicable for any acquisition pathway to improve Weapon Systems Cyber Survivability.  The webinar will address:

  • How and Why Cyber Survivability
  • Long Lifecycle Challenges
  • Hidden Costs and Risks of Defects
  • Cyber Survivability and RMF
  • Resource and Mission Risk Benefits

Focus Areas

Computer Icon

Host a Webinar with CSIAC

Are you interested in delivering a webinar presentation on your DoD research and engineering efforts?

Want to find out more about this topic?

Request a FREE Technical Inquiry!