Cybersecurity

NAVWAR Completes Systems Transition to Risk Management Framework

The Navy has announced that the Naval Information Warfare Systems Command has finished transitioning its systems to a new cybersecurity framework.

In line with cybersecurity requirements, NAVWAR completed its transition of more than 1,300 systems from the Department of Defense Information Assurance and Accreditation Process to the Risk Management Framework, the Navy reported Monday.

“This was an incredible achievement for both NAVWAR and the Navy. Maintaining and accelerating this transition schedule during the COVID-19 telework environment was very challenging,” said Ed Lazarski, director of cybersecurity for Program Executive Office for Command, Control, Communications, Computers and Intelligence and Space Systems.

RMF incorporates early-stage cybersecurity into the enterprise-level authorization process for information technology systems and services.

The framework involves a strict six-step process aimed at eventually receiving the authorization to operate on the Navy’s network.

The Navy said NAVWAR reached the transition ahead of the deadline set by U.S. Fleet Cyber Command. The command issued an operational order in August 2019 requiring the Navy to align its systems with cybersecurity standards set by the federal government and DOD.

NAVWAR consolidated more than 1,300 system packages to less than 500. According to the Navy, the consolidation will reduce the time and effort needed to manage and maintain authorizations.

Lazarski said that as the RMF becomes more ingrained into the development cycle, the more it will result in increased cyber resilience, allowing systems to remain operational even when under attack.

With the transition complete, NAVWAR now plans to improve and streamline the overall process and reduce the authorization timeline, which currently lasts up to 12 months.