Starting today, the Pentagon’s main network defense command, Joint Force Headquarters-Department of Defense Information Network (JFHQ-DODIN), will launch the Cyber Operational Readiness Assessment (CORA) program, a new model for measuring the readiness of the network shifting from compliance to operational preparedness.
CORA is intended to be risk-informed for defensive cyber operations internal defense measures, for specific actions taken on the network in response to either intelligence, a threat or an incident. Officials explained it as a “living inspection” that can flex to operational, emerging needs given the unpredictability of future vulnerabilities.
“[CORA] enables commanders and directors to make the right decision when applying resources to increase the security posture of their network. It allows us to iterate and change on a dime to figure out what is important now. As everyone understands, technology changes so frequently, so fast, it’s hard for everyone else to keep up. […] With the flexibility of CORA, we’re able to shift and adapt and overcome to start focusing on those unknown or newly discovered vulnerabilities for what is important to JFHQ-DODIN because of intel and threat reporting,” Nicholas DePatto, inspections branch chief said.
Officials began the shift by developing key indicators of risk to assure alignment with JFHQ-DODIN’s cybersecurity priorities and to direct focus onto the most critical areas of remediation. In turn, this will allow organizations to focus their mitigation efforts on risk and exposure to common adversaries’ TTPs allowing the DOD to concentrate resources and staffing on high-risk areas.
Troy Batterberry, CEO and Founder, EchoMark had this comment:
“Shifting to a threat-informed approach, the CORA program aligns closely with our ethos of operational readiness and agile responsiveness, focusing on risk-informed defenses and ability to address emerging threats quickly. This aspirational standard underscores the importance of evolving security measures to outpace rapid technological changes and often unpredictable and sophisticated threats. It’s not just about being prepared; it’s about staying ahead.
“This initiative and directed focus on risk indicators prioritizes adaptability and informed decision-making in security practices which will bring companies closer to where our security is as dynamic and resilient as the threats we face.”
Stephen Gates, Principal Security SME, Horizon3.ai follows with this:
“To gain the highest level of consistent mission readiness, organizations must view their cyber infrastructures through the eyes of their adversaries. Therefore, it makes complete sense to establish the Cyber Operation Readiness Assessment (CORA) program and shift from mere compliance to actual operational readiness. Trying to remain complaint to a host of different regulations and standards does not always mean you are more secure. Continuous assessment of risk has been proven to vastly improve operational effectiveness.
“Today, organizations are equipping their security teams with offensive-based autonomous assessment solutions allowing them to perform adversarial exercises against their internal, external, and cloud infrastructures with nothing more than click. Being able to load, aim, and fire an autonomous assessment solution against yourself tells organizations where their greatest weaknesses are so they can remediate them before adversaries discover them.
“This cyber terrain assessment approach goes way beyond simple network and vulnerability scans since autonomous assessment solutions are using the exact same TTPs that attackers are using – and can be safely launched against any production environment. The advancements of autonomous assessment technologies are increasing the security postures for those that capitalize on this emerging technology and massively reducing risk in the context of the cyber threat landscape.”
This is a good move by the Pentagon as this will make it far easier to defend against cyber threats because this will be far simpler for defenders to navigate. Which means they will be in a better position to defend.
UPDATE: Troy Batterberry, CEO and Founder, EchoMark added an additional comment:
“Given the ever-changing environment, being both risk-informed and agile are paramount to establishing modern security practices. In addition, and akin to good general systemic design, organizations also need to continue to utilize ”defense in depth” through multiple layers of protection and access control governance to help avoid a single point of failure causing a broad breach.”
Like this:
Like Loading...
Related
This entry was posted on March 1, 2024 at 8:56 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
CORA – Pentagon’s shift from Compliance to Operational Readiness
Starting today, the Pentagon’s main network defense command, Joint Force Headquarters-Department of Defense Information Network (JFHQ-DODIN), will launch the Cyber Operational Readiness Assessment (CORA) program, a new model for measuring the readiness of the network shifting from compliance to operational preparedness.
CORA is intended to be risk-informed for defensive cyber operations internal defense measures, for specific actions taken on the network in response to either intelligence, a threat or an incident. Officials explained it as a “living inspection” that can flex to operational, emerging needs given the unpredictability of future vulnerabilities.
“[CORA] enables commanders and directors to make the right decision when applying resources to increase the security posture of their network. It allows us to iterate and change on a dime to figure out what is important now. As everyone understands, technology changes so frequently, so fast, it’s hard for everyone else to keep up. […] With the flexibility of CORA, we’re able to shift and adapt and overcome to start focusing on those unknown or newly discovered vulnerabilities for what is important to JFHQ-DODIN because of intel and threat reporting,” Nicholas DePatto, inspections branch chief said.
Officials began the shift by developing key indicators of risk to assure alignment with JFHQ-DODIN’s cybersecurity priorities and to direct focus onto the most critical areas of remediation. In turn, this will allow organizations to focus their mitigation efforts on risk and exposure to common adversaries’ TTPs allowing the DOD to concentrate resources and staffing on high-risk areas.
Troy Batterberry, CEO and Founder, EchoMark had this comment:
“Shifting to a threat-informed approach, the CORA program aligns closely with our ethos of operational readiness and agile responsiveness, focusing on risk-informed defenses and ability to address emerging threats quickly. This aspirational standard underscores the importance of evolving security measures to outpace rapid technological changes and often unpredictable and sophisticated threats. It’s not just about being prepared; it’s about staying ahead.
“This initiative and directed focus on risk indicators prioritizes adaptability and informed decision-making in security practices which will bring companies closer to where our security is as dynamic and resilient as the threats we face.”
Stephen Gates, Principal Security SME, Horizon3.ai follows with this:
“To gain the highest level of consistent mission readiness, organizations must view their cyber infrastructures through the eyes of their adversaries. Therefore, it makes complete sense to establish the Cyber Operation Readiness Assessment (CORA) program and shift from mere compliance to actual operational readiness. Trying to remain complaint to a host of different regulations and standards does not always mean you are more secure. Continuous assessment of risk has been proven to vastly improve operational effectiveness.
“Today, organizations are equipping their security teams with offensive-based autonomous assessment solutions allowing them to perform adversarial exercises against their internal, external, and cloud infrastructures with nothing more than click. Being able to load, aim, and fire an autonomous assessment solution against yourself tells organizations where their greatest weaknesses are so they can remediate them before adversaries discover them.
“This cyber terrain assessment approach goes way beyond simple network and vulnerability scans since autonomous assessment solutions are using the exact same TTPs that attackers are using – and can be safely launched against any production environment. The advancements of autonomous assessment technologies are increasing the security postures for those that capitalize on this emerging technology and massively reducing risk in the context of the cyber threat landscape.”
This is a good move by the Pentagon as this will make it far easier to defend against cyber threats because this will be far simpler for defenders to navigate. Which means they will be in a better position to defend.
UPDATE: Troy Batterberry, CEO and Founder, EchoMark added an additional comment:
“Given the ever-changing environment, being both risk-informed and agile are paramount to establishing modern security practices. In addition, and akin to good general systemic design, organizations also need to continue to utilize ”defense in depth” through multiple layers of protection and access control governance to help avoid a single point of failure causing a broad breach.”
Share this:
Like this:
Related
This entry was posted on March 1, 2024 at 8:56 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.