Throughout the rigorous assessment window, inspectors will be examining the installation’s classified and unclassified computer networks to validate security compliance across Nellis and Creech Air Force Bases as well as the Nevada Test & Training Range.
The CCRI is conducted by the Defense Information Systems Agency and it is designed to assess an installation’s overall cyber readiness and security of its Non-secure Internet Protocol Router Network (NIPRNet) and Secure Internet Protocol Router Network (SIPRNet) systems.
Previous versions of this inspection merely assessed for compliance; today’s version is designed to assess an installation’s operational readiness for its cyber operations.
The U.S. Cyber Command has three areas of focus: defending the Department of Defense Information Network, providing support to combatant commanders for execution of their missions around the world and strengthening our nation’s ability to withstand and respond to cyber-attack.
While the 99th Communication Squadron has the lead during this inspection and will do most of the preparation for the inspection itself, it is every Team Nellis/Creech/NTTR members’ duty to remain cognizant of basic cyber security pitfalls.
Cyber security is everyone’s responsibility, so everyone, not just 99th CS, will be inspected during the CCRI.
For Team Nellis/Creech/NTTR to be successful during this inspection, all network users must adhere to traditional physical security, information security and information assurance policies.
While this inspection takes place in the Communications Squadron’s backyard, it will also require a lot of leadership involvement. Information protection and unit security managers, unit cyber liaisons and functional systems administrators, as well as facility managers will be key participants as the inspectors do walk-throughs all around the bases.
There is a multitude of preventative measures network users can take in thwarting cyberspace vulnerabilities.
Take to heart these key points from your information assurance training:
• Never leave your Common Access Card behind when getting up from your desk.
• Leave all NIPRNet machines in your organization on to ensure they receive the most up to date patches for network security.
• If your unit has SIPRNet terminals, make sure you do your part by powering them on every Wednesday between the hours of 0800 to 1600 so they can be scanned for vulnerabilities.
• Seek out and get to know your unit cyber liaisons; they are a wealth of information and can provide assistance for your cyber needs.
• Properly labeling disc media is also important to remember. The first action to accomplish once you take the disc out of the computer is to properly label it and log it appropriately.
• Exercising your mental skills by memorizing login credentials is also vital. Stay away from writing them down.
• Continue to be wary of phishing attempts; each and every day people fall victim to cyber hacks conducted via adversary phishing tactics, techniques and procedures.
With countless moving pieces during the CCRI, teamwork and communication are key to a passing inspection grade. This is a team effort, and there are a lot of entities all across the base that are involved in this inspection. The coordination of this whole team is critical to drive our installation to mission success.