Upload
rhoda-carroll
View
216
Download
2
Tags:
Embed Size (px)
Citation preview
Information AssuranceInformation AssuranceOpportunities and Requirements
Doug Jimenez, IA Division Director
Mary Mayonado, CISSP, IA Program Manager
Marla Shipley, CND/aXiom Program Manager
January 8, 2010
© 2009 Science Applications International Corporation. All rights reserved. SAIC and the SAIC logo are registered trademarks of Science Applications International Corporation in the United States and/or other countries.
Energy | Environment | National Security | Health | Critical Infrastructure2
SAIC James Business Unit Information Assurance OverviewSAIC James Business Unit Information Assurance Overview
• Information Assurance (IA Division)– Doug Jimenez, Division Director– 200+ employees supporting SPAWAR Systems Center Atlantic, NAVAIR, and
their sponsors– 42m annually– DOD 8570 Compliant Workforce
• Certified Information Systems Security Professionals (CISSP)
• CISSP/Information System Security Engineering Professional (CISSP-ISSEP)
• Security Plus
• Vendor Certifications
– Fully Qualified Navy Certification Agents
© 2009 Science Applications International Corporation. All rights reserved. SAIC and the SAIC logo are registered trademarks of Science Applications International Corporation in the United States and/or other countries.
Energy | Environment | National Security | Health | Critical Infrastructure3
CustomersCustomers
© 2009 Science Applications International Corporation. All rights reserved. SAIC and the SAIC logo are registered trademarks of Science Applications International Corporation in the United States and/or other countries.
Energy | Environment | National Security | Health | Critical Infrastructure4
General Programming/Network Support SPAWAR Atlantic and SponsorsGeneral Programming/Network Support SPAWAR Atlantic and Sponsors
• Core Routing and Switching _ vendor independent
• Integration Support– Routers/Switches– IDS/IPS– Application Proxy Firewalls– Remote access solutions
• Secure Wireless (Survey, Design, and Integration)
• LAN Infrastructure
• Service Oriented Architectures (SOA)/Cloud Computing
• Virtualization/Data Centers• Application
Development/Programming (JAVA, Pearl)
• UNIX Services• Sharepoint/Web hosting• IPv6 readiness and implementation
© 2009 Science Applications International Corporation. All rights reserved. SAIC and the SAIC logo are registered trademarks of Science Applications International Corporation in the United States and/or other countries.
Energy | Environment | National Security | Health | Critical Infrastructure5
Why Are We Here?Why Are We Here?
• High Demand for IA savvy employees
• Relocation Costs
• High Training Costs
• Lost Revenue
• We Could Do So Much More if Education/Academia and Industry were better aligned
– Capture more of those high school students who want IT/IA careers– Create more jobs for the State of SC
• Less Relocation/Bringing in talent from outside
– Chance for Recognition as a center of excellence for IA
© 2009 Science Applications International Corporation. All rights reserved. SAIC and the SAIC logo are registered trademarks of Science Applications International Corporation in the United States and/or other countries.
Energy | Environment | National Security | Health | Critical Infrastructure6
What do we need from Academia(Education/Skill sets needed)What do we need from Academia(Education/Skill sets needed)
• Graduates who understand and are able to develop a secure IT solution, a comprehensive understanding of underlying principles is the foundation
– Networking, TCP/IP fundamentals– Programming, secure coding techniques– System Engineering – for the entire lifecycle– Configuration Management processes and techniques
• Legal Issues in Information Assurance– Forensics– HIPAA– Privacy Act
• Compliance issues – vary by customer
© 2009 Science Applications International Corporation. All rights reserved. SAIC and the SAIC logo are registered trademarks of Science Applications International Corporation in the United States and/or other countries.
Energy | Environment | National Security | Health | Critical Infrastructure7
Shortfall Areas/Potential Research AreasShortfall Areas/Potential Research Areas
• Cross Domain/Multilevel Security– We have to share data across organizations, this is still a major area of challenge
• Active Network Defense – Within ethical and legal guidelines
• Event Correlation – Gathering attack data across diverse networks to develop comprehensive threat/risk
picture
• Anti-Tamper– Need to develop additional techniques to guard against reverse engineering hardware and
software
• Improved IA techniques for Weapons Systems– Confidentiality – generally o.k.– Integrity – area of improvement– Availability – area of improvement
© 2009 Science Applications International Corporation. All rights reserved. SAIC and the SAIC logo are registered trademarks of Science Applications International Corporation in the United States and/or other countries.
Energy | Environment | National Security | Health | Critical Infrastructure8
SAIC
5617 North Rhett Avenue
North Charleston, SC 29406
843.740.4600
843.308.0466 – fax
www.saic.com
For More InformationFor More Information