NCMS Project #: 140859
Problem: Vulnerabilities can exist in all systems, networks, and applications (hardware & software) and threats can be intentionally implanted (e.g., malicious code insertion) or via unintentional vulnerabilities that are maliciously exploited (e.g., poor quality or fragile software). Consequences can be loss of critical data and technology, software vulnerabilities that are targeted or surface in sustainment, and exploitation of development and manufacturing supply chain. This can result in damage to national security or critical warfighting capabilities.
Benefit: Results from the GCSS-MC RMF assessment should be able to be directly transferrable to large commercial enterprises with similar cybersecurity issues. The public’s personal and financial information, which is stored in many industries’ consumer databases, will be more secure as a result of this effort. Companies will be able to protect investments pertaining to day-to-day operations, specialized operating systems and more importantly, they will have the ability to protect intellectual property from unauthorized use and from piracy.
Solution/Approach: Global Combat Support System, Marine Corps (GCSS-MC) has been the technology centerpiece for logistics modernization in the Marine Corps and is based on Oracles’ EBS. It is proposed that a major review of all systems, applications, and environments in the GCSS-MC Portfolio be undertaken. The foundation of the solution is to use the Risk Management Framework (RMF) as a guide to achieve software assurance and maintain compliance with security requirements, reinforce vulnerability assessments and guide industry in their requirements to support the public sector with commercial software development.
Impact on Warfighter:
- Reduces risks and vulnerabilities and increases cyber defense posture
- Expanded national security
- U.S. Marine Corps Systems Command
- Anglicotech, LLC
Technology Focus Area(s):
- Cost savings
- Obsolescence management & continued maintenance capabilities
- Maintenance management improvement