The objective of this project is to provide a capability to the Department of Defense (DoD) that will provide resiliency to installations and missions by continuously monitoring control systems networks from internal and external threats and identify/manage device vulnerabilities. The capability will enable automated mitigation and response actions that will secure network devices and segments from identified threats and protect from exploitation of identified vulnerabilities without interrupting operational processes. The capability will be easy to install and operate and will not require extensive training or staffing for normal operational functions.

The solution represents an integration of asset management, vulnerability management, threat detection, and incident response paired with automated mitigation and response techniques. Prior to this integration, many of these capabilities were provided from multiple vendors and required extensive infrastructure. This capability is reduced to two vendors. The project team will also provide real-time visibility into the operational technology (OT) cyber threat landscape to guide defenders and threat hunters in their activities, reducing time to detect events and increasing energy system resiliency through speed of action.

The integration of these capabilities is integral to the enablement of zero trust security control implementation within the OT environment. The Dragos Platform, a continuous monitoring and vulnerability management solution for OT ecosystems, will leverage the secure segmentation and network traffic controls provided by OnClave, a provider of zero-trust architected OT network solutions, to automate responses based on Dragos threat detections and identified vulnerabilities.

The integration will also show the utility of commercial off-the-shelf solutions that leverage minimal vendors while still providing appropriate risk-based security controls and capabilities.

Technical performance of this project will be executed through an actual physical deployment at the testing environment of Naval Facilities Engineering Systems Command at Port Hueneme, CA. Financial execution of the project will be milestone-focused based on the delivery of services and products and execution of the testing scenario.

Key to the successful completion of this project is a deployment of the capability set at Port Hueneme, CA.

The solution will enable the DoD to visualize risk factors within mission-supporting critical infrastructure. As a result, commanders can include critical infrastructure in risk-based decisions. The DoD will also gain insight into best practices around incident response and vulnerability management in industrial control systems/OT environments.

This project will also inform stakeholders and leadership on viable cybersecurity processes, work roles, and job functions inclusive of engineering, cybersecurity, and information technology staff that will support OT networks in the field.