How to Address the Department of Defense Cybersecurity Discipline Implementation Plan
In September 2015, the Secretary of Defense and Chairman of the Joint Chiefs of Staff published a document titled, “Department of Defense Cybersecurity Culture and Compliance Initiative.” In it they identified several key cyber security requirements that all agencies must address in order to improve the resilience of the Department of Defense (DoD) IT networks. One of the outcomes was the Cybersecurity Discipline Implementation Plan.
The plan identifies four Lines of Effort, each representing a prioritization of all the DoD’s cyber security requirements. The four Lines of Effort are:
- Strong authentication – to degrade the adversaries' ability to maneuver on DoD information networks.
- Device hardening – to reduce internal and external attack vectors into DoD information networks.
- Reduce attack surface – to reduce external attack vectors into DoD information networks.
- Alignment to cybersecurity / computer network defense service providers – to improve detection of and response to adversary activity.
The purpose of this document is to summarize each of the DoD’s Lines of Effort, and enumerate how The BeyondTrust IT Risk Management Platform for Federal Agencies can address them.