U.S. Fleet Cyber Command‘s Office of Compliance and Assessment (OCA) launched its Command Cyber Operational Readiness Inspections (CCORI) program earlier this year, marking the first time this type of inspection will be directed and conducted by the Navy as service cyber component of U.S. Cyber Command.
The CCORI program is fundamentally different from previous Command Cyber Readiness Inspections (CCRIs).
This new inspection program is mission-based, threat-focused and operationally relevant.
It assesses risk to organizational mission by evaluating threats to, and vulnerabilities found within information systems, networks, applications and data.
Fleet Cyber Command has taken over responsibility for conducting CCORIs, which were previously only conducted by Joint Forces Headquarters-Department of Defense Information Networks (JFHQ-DODIN).
FCC OCA now conducts Navy CCORIs and CCRIs from start to finish.
(Learn More about U.S. Navy Cyber Command. U.S. Fleet Cyber Command serves as the central operational authority for networks, cryptologic/signals intelligence, information operations, cyber, electronic warfare, and space capabilities in support of forces afloat and ashore. Courtesy of the US Navy and YouTube. Posted on Aug 21, 2014.)
“This is a milestone accomplishment for OCA and the Navy as we continue to mature this inspection process by building agile cyber inspection teams,” Capt. Kristian P. Kearton, OCA director said.
“Navy CCORIs identify real-world risk by discovering vulnerabilities as they relate to mission-critical systems.”
A CCORI team consists of two dozen personnel, divided into three teams, including the OCA inspection team, supporting commands and site trusted agents.
The Mission Element provides an assessment of the impact to the organization’s mission if critical systems are compromised, the Vulnerability Element identifies technical and non-technical vulnerabilities, and the Threat Element assesses external, internal and insider attack vectors based on the identified vulnerabilities.
“CCORIs provide unit commanders with the risks to their missions based on the network’s current state of cybersecurity,” said Cmdr. James Brown, OCA Mission Support and Inspection Team OIC.
“They also provide JFHQ-DODIN and U.S. Cyber Command Commanders the level of risk that unit’s cyber security is to the DODIN.”
Since its establishment, FCC/C10F has grown into an operational force composed of more than 16,000 active and Reserve Sailors and civilians organized into 26 active commands, 40 Cyber Mission Force units, and 26 reserve commands around the globe.