Navy conducts first shipboard cyber inspection

Monday - 8/15/2011, 7:47pm EDT

Navy Chief Petty Officer Eric Wishard speaks to WFED's Jared Serbu

Download mp3

By Jared Serbu
Reporter
Federal News Radio

In the Navy, conducting scheduled inspections to evaluate a command's cybersecurity posture is new. Conducting them aboard a 1,100 foot aircraft carrier while it's at sea is even newer.

In late July, the U.S.S. Abraham Lincoln, a Nimitz-class carrier, became the first ship in the Navy fleet to undergo a command cyber readiness inspection while underway. The carrier passed with a score 11 percent higher than the Navy had previously seen in shore-based inspections, officials said.

"We have a crew of roughly 2,700 ship's company. Our information assurance division had to do a lot of work preparing," said Chief Petty Officer Eric Wishard in a phone interview with Federal News Radio from the Lincoln. "Our various networks and systems are all owned by different agencies throughout the government, and it was a big thing to make sure they were all up to the DoD standards."

Wishard said the biggest challenge turned out to be making sure his crew kept all the computing equipment aboard the Lincoln up to date with security patches, given the lack of an always-on connection to DoD's Global Information Grid.

"When you're underway, you have a whole different element of communications to be looking at," he said." We get our IP connectivity over satellite links. You just don't have a constant connection, and everything changes when you're afloat. The big thing is staying up to date with vulnerability patches to make sure all 1,000 workstations fully patched and come up with ways to make sure they're all online when the patches come out. The limited bandwidth makes it very difficult to receive them."

The Naval Network Warfare Command (NETWARCOM) in Norfolk, Va., led the inspections with oversight by the Defense Information Systems Agency.

In June, Rear Adm. Ned Deeds, NETWARCOM's then-commander, announced the Navy planned to begin routine "stem-to-stern" cyber inspections on 900 command units across the service.

"We've never had a [cyber] inspection force. We do now—nascent, but growing," Deeds said at the time. Wishard said preparation for the Lincoln's inspection involved the entire crew—not just its IT professionals.

"This is a very intense inspection," he said. "It reaches down to every crew member's life, because it involves physical security and challenging people when you see them and you don't know who they are. It involves personnel security, making sure people maintain their clearances and that they're doing what they're supposed to be doing within their spaces."

RELATED STORIES:

Navy begins routine cybersecurity inspections

(Copyright 2011 by Federal News Radio. All Rights Reserved.)