AIR COMMAND AND STAFF COLLEGE, AIR UNIVERSITY MAXWELL AFB United States
This study first examines the problems which necessitate cyber defense of critical infrastructure, then develops criteria necessary for successful cyber defense. Five alternative solutions are introduced as evolutions from two solutions by Kuipers and Fabro Stand Alone Networks, Converged Enterprise Networks, Logically Isolated Enclaves, Logically Isolated Enterprises, and Stand Alone Enterprises. Based on their estimated ability to fulfil the criteria derived from Department of Defense doctrine, commercial best practice, and recommendations from the Department of Homeland Security and the National Security Agency, this study found that for short term mission assurance of specific cyber key terrain, creation and defense of a Logically Isolated Enclave can be accomplished immediately and with near zero cost by a Cyber Protection Team. Long term mission assurance still requires an enterprise solution for cyber defense of critical infrastructure. The pursuit of a Logically Isolated Enterprise is estimated to provide the best solution for cyber defense of critical infrastructure by extending and enhancing the existing capabilities in the corporate network operations and security center to the logically isolated control system enterprise.