[211] GAO, "Defense Department Cyber Efforts: DOD Faces Challenges In Its Cyber Activities," US Government Accountability Office, July 2011, http://www.gao.gov/products/GAO-11-75.
Organization
Figure 17-1 shows the US Department of Defense's cyber organizational structure.
Figure 17-1. The cyber organizational structure The following list outlines the DOD's cyber security organizational structure, including the cyber-related roles and responsibilities of each organization.
The Joint Staff
Establishes and develops doctrine, policies, and associated joint tactics, techniques, and procedures (TTP) for DOD's global information grid (GIG), information assurance (IA), and joint and combined operations.
Ensures all joint education, training, plans, and operations include, and are consistent with, information operations (IO) policy, strategy, and doctrine.
Global Operations (Information Operations and Computer Network Operations), J-39 Focal point for IO within the Joint Staff.
Provides recommendations and advice to the President, Secretary of Defense (SECDEF), National Security Council (NSC), and Homeland Security Council (HSC) on all aspects of computer network operations (CNO).
Information and Cyberspace Policy, J-5 Develops policy that contributes to effective execution of information and cyberspace operations.
Develops policy that contributes to military freedom of action in cyberspace.
Establishes joint cyberspace policies for effective strategic planning.
Fosters joint and interagency collaboration regarding cyberspace issues, including national cyber initiatives.
Network Operations, J-63 Develops DOD and Joint Staff strategies and positions for cyberspace and network operations.[212]
Recommends and synchronizes cyberspace and network operations guidance in joint doctrine.
Researches, reviews, and synchronizes DOD and joint network operations policies in DOD directives, instructions, and Joint Staff policies.
Joint Education and Doctrine, J-7 Coordinates with the military services and combatant commands to integrate computer network attack and information operations doctrine into joint doctrine for military operations.
Office of the Secretary of Defense
Assistant Secretary of Defense, Network information, and Integration/DOD CIO Assists SECDEF on network policies, information technology (IT), network operations, and IA.[213]
Provides strategic-level guidance and oversight for CNO including network operations and IA.
Defense Information Security Agency (DISA) Handles day-to-day management of DOD's GIG, communication, and computer-based information systems.
Office of the Under Secretary of Defense for Intelligence Assists SECDEF in IO.[214]
Develops and oversees DOD IO policy and integration activities.
Establishes and oversees specific policies for the integration of CNO, including computer network attack (CNA).
Leads on IO issues within the intelligence community.
Defense Intelligence Agency (DIA) Provides all-source intelligence to combatant commanders, defense planners, and national security policymakers.
Manages, operates, and maintains own network and IA program.
National Security Agency (NSA) Provides IA support to DOD.
Prescribes minimum standards for protecting national security systems.
Provides warning support to other DOD components.
Defense Security Service (DSS) Secures technology within the Defense Industrial Base (DIB).
Oversees the protection of US and foreign classified information in the hands of industry.
Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics Incorporates policy and processes into the DOD acquisition process that supports the protection of controlled unclassified information with unclassified DIB networks.
Maintains oversight of the process to conduct damage assessments after unauthorized access to DOD information from an unclassified DIB network.
Office of the Under Secretary of Defense for Policy Provides strategic-level guidance and oversight for CNO, IA, and IO.
Leads integration of cyber policy for interagency and international coordination.
Leads integration of the planning and employment of IO capabilities outside of the intelligence community.
Office of the Assistant Secretary of Defense for Global Strategic Affairs Develops policy for SECDEF on countering weapons of mass destruction, nuclear forces and missile defense, cyber security and space issues.
Leads in developing a cyber security strategy for the DOD and for crafting the policy for the standup of USCYBERCOM.
Defense Technology Security Administration (DTSA) Administers the development and implementation of DOD technology security policies on international transfers of defense-related goods, services, and technologies.
Ensures that critical US military technological advantages are preserved.
US Strategic Command (USSTRATCOM)
Directs DOD's GIG operations and defense.
Plans against designated cyberspace threats.
Advocates for cyberspace capabilities.
Executes cyberspace operations.
Coordinates with other combatant commands and appropriate US government agencies for matters related to cyberspace.
Joint Information Operations Warfare Center Plans, integrates, synchronizes, and advocates for IO across DOD, including CNO, electronic warfare (EW), psychological operations (PSYOPS), military deception, and operations security.
US Cyber Command (USCYBERCOM) Facilitates the integration of cyberspace operations for the military services.
Synchronizes DOD cyber missions and warfighting efforts and provides support to civil authorities and international partners.
US Army Cyber Command Plans, coordinates, integrates, synchronizes, and defends the army's army's portion of DOD network and conduct, and when directed, offensive operations in cyberspace.
Army Network Enterprise Technology Command / 9th Army Signal Command Plans, engineers, installs, integrates, protects and operates Army Cyberspace.
US Army Intelligence and Security Command Conducts intelligence, security, and information operations for military commanders and national decision makers.
1st Information Operations Command (Land) Conducts IO theory development and training.
Deploys IO support teams in order to provide IO planning support and vulnerability assessments in support of military forces.
US Fleet Cyber Command/US 10th Fleet Serves as the central operational authority for networks, intelligence, information operations, cyber, EW, and space, and operates a secure and interoperable naval network.
Naval Network Warfare Command (NNWC) Directs the operations and security of the navy's portion of the GIG.
Delivers reliable and secure net-centric and space war fighting capabilities in support of strategic, operational, and tactical missions across the navy.
Naval Information Operation Command (NIOC) Advances IO warfighting capabilities for Naval and Joint Forces by providing operationally focused training and planning support.
Develops doctrine, tactics, techniques, and procedures.
Advocates requirements in support of future effects-based warfare.
Manages functional data for IO.
Navy Cyber Defense Operations Command (NCDOC) Monitors, analyzes, detects, and responds to unauthorized activity within US Navy information systems and computer networks.
Combined Task Forces (Intentionally blank.) 24th Air Force Plans and conducts cyberspace operations in support of combatant commands.
Maintains and defends the Air Force Enterprise Network GIG.
67th Network Warfare Wing Organizes, trains, and equips cyberspace forces to conduct network defense, attack, and exploitation.
Executes air force network operations, training, tactics, and management for the 24th Air Force and combatant commands.
688th Information Operations Wing Aims to deliver proven IO and engineering infrastructure capabilities integrated across air, space, and cyberspace domains.
689th Combat Communications Wing Trains, deploys and delivers expenditionary and specialized communications, air traffic control, and landing systems for Humanitarian Relief Operations and dominant combat operations.
Conducts tactical operations in austere, deployed, and joint/coalition environments.
US Marine Corps Forces Cyber Command Supports US Cyber Command in all defensive and offensive mission areas.
National Guard Provides cyber capabilities to meet military service and combatant commander requirements.
Can be leveraged under state authorities to assist civil authorities.
Army National Guard (Intentionally blank.) Air Force National Guard (Intentionally blank.) Service Network Operations Security Centers Provides a secure, centralized, system management and monitoring environment for Network, Operations, and Applications infrastructure.
Provides direct support to the geographic combatant commands and marine corps forces for theater network operations issues and, in its entirety, fulfills its direct support responsibilities.
Army (Intentionally blank.) Navy (Intentionally blank.) Air Force (Intentionally blank.) Marine Corps (Intentionally blank.) Theater Network Operations Security Centers (JFCOM, NORTHCOM, SOUTHCOM, TRANSCOM, SOCOM, CENTCOM, AFRICOM, EUCOM, PACOM) Conducts computer network defense to secure each portion of the DOD GIG.
JFCOM is a voting member of the joint doctrine development community.
NORTHCOM is lead in assisting the Department of Homeland Security and other civilian agencies during cyber-related incidents as part of its Defense Support of Civil Authorities missions, or civil support.
Army (Intentionally blank.) Navy (Intentionally blank.) Air Force (Intentionally blank.) Marine Corps (Intentionally blank.) Department of Defense Criminal Investigative Services Conducts cyber-related criminal and counterintelligence investigations.
Army Counter Intelligence and Army Criminal Investigative Command (Army CID/IC) Investigates and prosecutes cyber-related criminal cases.
Investigates cyber-related counterintelligence cases.
Air Force Office of Special Investigations (AF OSI) Provides cyber-related criminal and counterintelligence investigative services to commanders throughout the air force.
Identifies, investigates, and neutralizes criminal, terrorist, and espionage threats to personnel and resources of the air force and Department of Defense.
Naval Criminal Investigative Service (NCIS) Prevents terrorism, protects secrets, reduces major crimes and executes advanced cyber technologies and methodologies to process, identify, and present electronic data of intelligence or evidentiary value.