Tag Archive for Department of Defense

DoD Cybersecurity Discipline Implementation Plan February 2016

Inspections and incidents across the Department of Defense (DoD) reveal a need to reinforce basic cybersecurity requirements identified in policies, directives, and orders. In agreement with the Secretary of Defense, the Deputy Secretary of Defense, and the Joint Chiefs of Staff, the DoD Chief Information Officer (CIO) identified key tasks needed to ensure those requirements are achieved. The DoD Cybersecurity Campaign reinforces the need to ensure Commanders and Supervisors at all levels, including the operational level, are accountable for key tasks, including those identified in this Implementation Plan. The Campaign does not relieve a Commander’s and Supervisor’s responsibility for compliance with other cybersecurity tasks identified in policies, directives, and orders, but limits the risk assumed by one Commander or Supervisor in key areas in order to reduce the risk to all other DoD missions.

Joint Staff Strategic Multi-Layer Assessment on Bio-Psycho-Social Applications to Cognitive Engagement

The underlying concept of this paper is how bio-psycho-social approaches to cognitive engagement, described in greater depth by DeGennaro, may be put to use to collect, analyze, and/or apply information to meet a tactical, operational, or strategic end. This White Paper will focus on the proverbial “rubber meets the road” approaches of behavioral operations in the human domain where the former is “the study of attributes of human behavior and cognition that impact the design, management, and improvement of operating systems, and the study of the interaction between such attributes and operating systems and processes” and the latter is “the presence, activities (including transactions both physical and virtual), culture, social structure/organization, networks and relationships, motivation, intent, vulnerabilities, and capabilities of humans (single or groups) across all domains of the operational environment (Space, Air, Maritime, Ground, and Cyber).” Information Operations (IO) doctrine defines the cognitive domain as the component of the information environment (IE) that encompasses the gray matter of those who transmit, receive, and act upon information. Cognitive operations such as information processing, perception, judgment, and decision-making are the most vital aspect of the IE. Cognition is influenced by individual and cultural beliefs, norms, vulnerabilities, motivations, emotions, experiences, morals, education, mental health, identities, and ideologies and thus requires research and analysis methods from the bio-psycho-social sciences to understand and manipulate. When, how, and most importantly why to apply that understanding to US advantage at the tactical, operational, and strategic level is the focus of this effort.

DoD Online Privacy and Operational Security Smart Cards: Smartphone EXIF Removal

EXIF (Exchangeable image File Format) is a standard format for storing and exchanging image metadata. Image metadata is included in a captured image file and provides a broad range of supplemental information. Some social networks and photo-sharing sites, such as Flickr, Google+, and Instagram, have features that share EXIF data alongside images. Others, including Facebook and Twitter, do not share EXIF data but my utilize the information internally. EXIF data is stored as tags, some of which reveal unique identifying information.

DoD Online Privacy and Operational Security Smart Cards: LinkedIn

LinkedIn is a professional networking service that allows you to establish connections with co-workers, customers, business contacts, and potential employees and employers. You can post and share information about current and previous employment, education, military activities, specialties, and interests. To limit exposure of your personal information, you can manage who can view your profile and activities.

DoD Online Privacy and Operational Security Smart Cards: Facebook Mobile

As of January 2015, Facebook Mobile hosts 745 million daily mobile active users who accounts for over 60% of all mobile posts published to any online social networking service. Though privacy can still be achieved, mobile users place their personal identity data at a greater risk when compared to users logging in via desktop computer. This is in large part due to the fact that mobile devices provide Facebook with a means to access additional location information, contact lists, photos, and other forms of personal data. Use the following recommendations to best protect yourself against oversharing.

DoD Online Privacy and Operational Security Smart Cards: Opting Out of Public Records Aggregators

To locate your presence on the web, search for your name, names of family members, email addresses, phone numbers, home addresses, and social media usernames using Google. Once you have located information that you want removed, record your findings to keep track of the removal process. Please note that the information presented here about how to remove personal details from data aggregators is subject to change.

DoD-NORTHCOM Defense Support of Civil Authorities Republican National Convention 2016 Presentation

On order and in response to natural/manmade incidents, the Defense Coordinating Officer / Defense Coordinating Element (DCO/DCE) anticipates and conducts Defense Support of Civil Authorities (DSCA) operations coordinating Title 10 forces and resources in support of the Federal Primary Agency (PA) in order to minimize impacts to the American people, infrastructure and environment.

Joint Staff Strategic Assessment: Maneuver and Engagement in the Narrative Space

This paper was produced in support of the Strategic Multi-layer Assessment (SMA) of the Islamic State of Iraq and the Levant (ISIL) led by Joint Staff J39 in support of the Special Operations Command Central (SOCCENT). The paper leverages and melds the latest thinking of academic and operational subject matter experts in fields of organizational and social dynamics, network analysis, psychology, information operations and narrative development, social media analysis, and doctrine development related to aspects of maneuver and engagement in the narrative space.

(U//FOUO) DoD Biometrics Capstone Concept of Operations

A biometric is a measurable physical characteristic or personal behavior trait used to recognize the identity or verify the claimed identity of an individual. Fingerprints are an example of a physical biometric characteristic. Behavioral biometric characteristics like handwriting are learned and acquired over time. Biometrics is the process of recognizing an individual based on measurable anatomical, physiological and behavioral characteristics. Employing biometrics can help positively identify adversaries, allies and neutral persons. This is particularly useful when facing adversaries who rely on anonymity to operate. Biometrics is not forensics even though the two can, and often are, employed in concert. Forensics involves the use of scientific analysis to link people, places, things and events while biometrics involves the use of automated processes to identify people based on their personal traits. Because of the interrelationship between biometrics and forensics, the Department of Defense (DOD) intends to develop a single concept of operation (CONOP) in the future describing how biometrics and forensics can be employed in a complementary manner.

(U//FOUO) Department of Defense Mission Analysis for Cyber Operations

This report fulfills the requirement contained in the National Defense Authorization Act (NDAA) for Fiscal Year 2014, Section 933 “Mission Analysis for Cyber Operations of the Department of Defense (DoD).” The Department undertook an accelerated but deliberate process to conduct the analysis, the outcomes of which are contained in this report. The analysis addressed each sub-section of the statute and was fully vetted across the Department. The results of this analysis reflect the Department’s current view of its requirements for successful conduct of cyberspace operations, leveraging a Total Force solution. As cyberspace capabilities, force structure, and command and control (C2) constructs evolve, the Department will conduct periodic reviews of its cyberspace requirements and adjust them as necessary.

American Psychological Association Review of Ethical Guidelines, Interrogations and Torture

In November 2014, the Board of Directors of the American Psychological Association engaged our Firm to conduct an independent review of allegations that had been made regarding APA’s issuance of ethical guidelines in 2002 and 2005, and related actions. These ethical guidelines determined whether and under what circumstances psychologists who were APA members could ethically participate in national security interrogations. The gist of the allegations was that APA made these ethics policy decisions as a substantial result of influence from and close relationships with the U.S. Department of Defense (DoD), the Central Intelligence Agency (CIA), and other government entities, which purportedly wanted permissive ethical guidelines so that their psychologists could continue to participate in harsh and abusive interrogation techniques being used by these agencies after the September 11 attacks on the United States. Critics pointed to alleged procedural irregularities and suspicious outcomes regarding APA’s ethics policy decisions and said they resulted from this improper coordination, collaboration, or collusion. Some said APA’s decisions were intentionally made to assist the government in engaging in these “enhanced interrogation techniques.” Some said they were intentionally made to help the government commit torture.

Department of Defense Law of War Manual June 2015

The law of war is part of who we are. George Washington, as Commander in Chief of the Continental Army, agreed with his British adversary that the Revolutionary War would be “carried on agreeable to the rules which humanity formed” and “to prevent or punish every breach of the rules of war within the sphere of our respective commands.” During the Civil War, President Lincoln approved a set of “Instructions for the Government of the Armies of the United States in the Field,” which inspired other countries to adopt similar codes for their armed forces, and which served as a template for international codifications of the law of war.

DoD-DoJ-CIA-NSA-ODNI Inspectors General Report on the President’s Surveillance Program

A declassified report from 2009 compiled by the offices of the Inspectors General of the Department of Defense, Department of Justice, Central Intelligence Agency, National Security Agency and Office of the Director National Intelligence on the President’s Surveillance Program.

DHS Privacy and Civil Liberties Assessment Report on Executive Order 13636

Section 5 of Executive Order 13636 (Executive Order) requires the DHS Chief Privacy Officer and Officer for Civil Rights and Civil Liberties to assess the privacy and civil liberties impacts of the activities the Department of Homeland Security (DHS, or Department) undertakes pursuant to the Executive Order and to provide those assessments, together with recommendations for mitigating identified privacy risks, in an annual public report. In addition, the DHS Privacy Office and the Office for Civil Rights and Civil Liberties (CRCL) are charged with coordinating and compiling the Privacy and Civil Liberties assessments conducted by Privacy and Civil Liberties officials from other Executive Branch departments and agencies with reporting responsibilities under the Executive Order.

Department of Defense Cyber Strategy April 2015

In concert with other agencies, the United States’ Department of Defense (DoD) is responsible for defending the U.S. homeland and U.S. interests from attack, including attacks that may occur in cyberspace. In a manner consistent with U.S. and international law, the Department of Defense seeks to deter attacks and defend the United States against any adversary that seeks to harm U.S. national interests during times of peace, crisis, or conflict. To this end the Defense Department has developed capabilities for cyber operations and is integrating those capabilities into the full array of tools that the United States government uses to defend U.S. national interests, including diplomatic, informational, military, economic, financial, and law enforcement tools.

Defense Personnel Security Research Center Counterintelligence Reporting Essentials (CORE) Guide

Supervisors and coworkers are willing to report on behaviors that have a clear connection to security, such as transmitting classified documents to unauthorized personnel, but they are unwilling to report on colleagues’ personal problems, such as alcohol abuse. Because it was difficult to discern which reporting requirements were clearly related to security, there was very little reporting. PERSEREC, in collaboration with counterintelligence professionals, developed a clear, succinct list of “Coworker Reporting Essentials” (CORE) behaviors that could pose a possible threat to national security and thus should be reported if observed. The draft CORE was reviewed and edited by counterintelligence professionals at the Counterintelligence Field Activity (CIFA), and was coordinated by the DoD Investigative Working Group (IWG).

DoD Cloud Computing Security Requirements Guide (SRG) Version 1

Cloud computing technology and services provide the Department of Defense (DoD) with the opportunity to deploy an Enterprise Cloud Environment aligned with Federal Department-wide Information Technology (IT) strategies and efficiency initiatives, including federal data center consolidation. Cloud computing enables the Department to consolidate infrastructure, leverage commodity IT functions, and eliminate functional redundancies while improving continuity of operations. The overall success of these initiatives depends upon well executed security requirements, defined and understood by both DoD Components and industry. Consistent implementation and operation of these requirements assures mission execution, provides sensitive data protection, increases mission effectiveness, and ultimately results in the outcomes and operational efficiencies the DoD seeks.