This cyber baseline is a modern web-based application that certifies ship systems comply with Department of Defense and Department of Navy cybersecurity requirements during ships’ availability, or scheduled modernization, prior to departure. It offers a searchable, easy-to-use, platform-specific record of all Navy networks, including hosted and connected, afloat and ashore systems, enabling the ability to independently manage and maintain a ship’s information technology capabilities.
“Despite today’s current circumstances, our Navy and our nation are continuing to experience an unprecedented degree of competition in the maritime environment,” said FRD Executive Director Mike Spencer. “As the technical leader for Navy cybersecurity we must continue to drive implementation of cyber standards, creating a secure, defensible information domain. By delivering, installing and managing cyber baselines, we are able to provide a validated end-to-end cyber compliant network improving cyber readiness across the fleet.”
Since its launch in January 2018, FRD 300 has delivered cyber baselines to 80 Navy ships as of June 2020, with a goal to deliver the web-based tool across 180 ships by fiscal year 2022, expanding the fleet’s cyber posture Navy-wide.
FRD 300 works directly with the fleet to rapidly address operational challenges, improve maintenance processes and isolate cyber threats to ensure ships are cyber ready and prepared to meet all mission requirements now and into the future. Ensuring cyber readiness is a cross-organizational effort that involves NAVWAR Headquarters, Naval Information Warfare Center (NIWC) Pacific and NIWC Atlantic working together with program offices to support the delivery and installation of the cyber baseline.
“Delivering cyber baselines allows us to identify capability risks during a ship’s availability or scheduled modernization, assuring a cyber-ready platform prior to departure,” said FRD 300 Director Duane Phillips. “We are using an end-to-end approach, ensuring that all hosted and connected systems, including the Consolidated Afloat Networks and Enterprise Services (CANES) and Integrated Shipboard Network System (ISNS) comply with DoD and DoN requirements and are approved to meet cyber security technical authority standards.”
To meet the current operational needs of each ship amid the coronavirus disease 2019 (COVID-19) crisis, FRD 300 is providing a combination of both in-person and distance training to protect the health and safety of NAVWAR and ship personnel. This in-person and distance learning ensures the warfighter has confidence in operating platforms and systems in a dynamic cyber environment and in accordance with established standards. FRD 300 supports 10 to 15 platforms at any given time and is currently providing critical support to 15 ships worldwide including those located in Bahrain, Japan, California, Virginia, Washington and more to ensure future force readiness.
“During the COVID-19 pandemic, we have faced multiple challenges associated with restricted access to ships, either through travel restrictions or active cases onboard platforms,” said FRD 300 Deputy Director Albert Mangles. “Despite these challenges, we have been able to safely adapt and continue to provide essential support to ensure that Sailors are able to operate and maintain the advanced C4I systems installed in support of fleet and national objectives worldwide.”
In addition to the cyber baseline and in coordination with NIWC Pacific and the Program Executive Office for Command, Control, Communications, Computers, Intelligence (C4I) and Space Systems, NAVWAR is leading an initiative to stand up a C4I certification process that assesses systems’ level of cyber readiness by the end of FY 2021.
The C4I certification process confirms all warfighter tools and capabilities are cyber secure through consistent and pervasive implementation of cybersecurity specifications and standards, so that Sailors can successfully execute their mission while underway. By deploying cyber resilient platforms FRD 300 is ensuring mission success in cyber-contested environments for decades to come.