I read that DoD plans to hold a security stand-down on 29 November "to focus on information assurance and network security." Apparently United States Strategic Command, one of nine Unified Commands, issued the order. The news came from Air Force Lt. Gen. Charlie Croom, director of the Defense Information Systems Agency and commander of the Joint Task Force - Global Network Operations (JTF-GNO).
FCW says "some DOD officials are concerned about the amount of hardware and software manufactured overseas and whether they might incorporate malicious code. [Croom] said one way to fight the problem is to require companies to assure DOD that their products are safe and for the military to monitor them closely." (emphasis added)
I like the fact Lt Gen Croom understands the importance of monitoring.
A separate article conveys this story, indicating Lt Gen Croom is a fair guy:
"The first time Croom showed up for a meeting at DISA, someone announced his presence and everyone in the room snapped to attention, as they did with previous DISA commanders, a headquarters employee said.
Croom told everyone at the meeting that that was the first and last time anyone was to announce him and have everyone stand at attention."
That's amazing. I have seen commanders institute similar policies on operations floors, but generally you're expected to stand when the commander enters a meeting room.
The FCW article did not say much about what constitutes a network "stand-down," other than "changing passwords" and "conduct[ing] certain activities to strengthen and become more aware of network security." Can anyone elaborate on this? A department-wide password change sounds like an immense incident response action. I believe we instituted a similar action once when I was still in uniform.
Typically stand-downs are held in the flying community when an aircraft crashes due to a mechanical problem. The rest of the community wants to verify that their aircraft are not also afflicted. I believe the Titan Rain intrusions may be the "crash" that prompted this stand-down. FCW reports "Croom said DOD networks are being intruded on. 'The enemy is among us,' he said."