Cyber resilience for mission assurance

Abstract

Our national security and critical infrastructure sectors have become increasingly dependent on commercial information systems and technologies whose pedigree is uncertain given the globalization of the supply chain. Furthermore, these system architectures are brittle and fail or are compromised when subjected to ever-increasingly advanced and adaptive cyber attacks, resulting in failed, disrupted or compromised mission operations. While we must continue to raise the bar to protect mission critical systems from these threats by implementing best security practices, the current philosophy of trying to keep the adversaries out, or the assumption that they will be detected if they get through the first line of defense, is no longer valid. Given the sophistication, adaptiveness, and persistence of cyber threats, we can no longer assume that we can completely defend against intruders and must change our mindset to assume some degree of adversary success and be prepared to “fight through” cyber attacks to ensure mission success even in a degraded or contested environment. This paper will focus on actionable architectural and operational recommendations to address the advanced cyber threat and to enable mission assurance for critical operations. These recommendations can create transformational improvements by helping to reverse adversary advantage, minimize exploit impact to essential operations, increase adversary cost and uncertainty, and act as a deterrent. These approaches go well beyond traditional information assurance, disaster recovery and survivability techniques. The approaches and strategies to be discussed include creative applications of trust technologies and advanced detection capabilities in conjunction with combination of techniques using diversity, redundancy, isolation and containment, least privilege, moving target defense, randomization and unpredictability, deception, and adaptive management and response.