APPENDIX G – PRIVATE INDUSTRY TESTIMONIALS

APPENDIX G – PRIVATE INDUSTRY TESTIMONIALS
1. G1. Intrepid Response
  1. G.1.1. Findings
  2. G.1.2. Analysis
2. Table of Contents

APPENDIX G – PRIVATE INDUSTRY TESTIMONIALS

G1. Intrepid Response

Intrepid Response is a simple-to-use and affordable, mission-critical, mobile and web-based software solution that enables instant team communication, coordination, and collaboration over a common operating picture. It is uniquely designed to support the day-to-day operations of users in the field as well as incident/emergency management, base security, and surveillance operations. Intrepid Response can integrate with strategic-layer tools that would be found in a command and/or operations center. The software can operate with any cellular network, including Verizon, AT&T, etc. Intrepid Response is the only application of its kind that is FirstNet-certified for public safety, meaning it meets stringent requirements for usability, security, reliability and availability. As such, the application can be utilized in scenarios in which user priority and preemption are enabled.

Intrepid Response is a user-friendly shared situational awareness system that comprises Android/iOS smartphone and web-based applications. The ecosystem provides an integrated suite of capability that comprises realtime geospatial data, emergency notifications, push-totalk voice communications, and multimedia sharing for resource management, team collaboration, and incident management. The platform may be deployed on a customer-hosted on-premise server or via secure cloudhosted solutions, including Amazon Web Services GovCloud. The mobile platform creates a real-time common operating picture for tactical and supervisory units while integrating with strategic tools for top-to-bottom command and control. The Intrepid Response platform supports all major operating systems, including native applications for both iOS and Android, plus browser apps for all significant modern browsers (Chrome, Internet Explorer 11, Edge, Firefox, and Safari).

Figure 25: Intrepid Response

Figure 25: Intrepid Response is a user- friendly situational awareness system comprised of Android/iOS smartphone and web-based applications.

Intrepid Networks was invited to participate in the JV 3.0 exercise as an industry partner to provide its situational awareness and collaboration platform, Intrepid Response, for participants to utilize during the decision-making process. Intrepid Networks’ FirstNet-certified Intrepid Response platform provided a common operating picture and the ability to exchange information in real time across federal, state, and local government and civilian participants. For the JV 3.0 exercise, Intrepid Response provided a turn-by-turn common operating picture of events unfolding as a result of organized cyberattacks in the cities of Charleston and Savannah, providing visualization of valuable data over the Intrepid Response common operating picture to participants instantly, without the added latency of manual interpretation and relay. This capability is a key enabler of more rapid and accurate decision making; dispatch; and response communication, coordination, and collaboration. The capability ensures a more effective response and more timely recognition of seemingly random events as being related (or not related) to an organized and persistent cyberattack.

Situational awareness is a concept that military personnel have discussed and been trained on for decades. Numerous definitions, books, dissertations, and white papers have been published on the concept. For its observations, Intrepid Networks utilized the framework of “perception, comprehension, projection, and prediction,” as discussed in the report Defining and Measuring Shared Situational Awareness by Albert Nofi.⁴⁸

For the sake of clarity, perception, comprehension, projection, and prediction are defined below:

Perception: Gathering information that is available.
Comprehension: Understanding the information gathered and the impacts it has on one’s domain.
Projection: Estimating how a situation will evolve in the future.
Prediction: Evaluating how other forces or events may impact one’s projection.

Intrepid Networks’ observed results are discussed below from the shared situational awareness perspective.

G.1.1. Findings

Intrepid Networks’ observations were gathered during the JV participants’ discussion and decisionmaking sessions that occurred throughout the experiment. Intrepid Networks intended to observe how decision-making processes may evolve while utilizing a common operating picture and collaboration platform. As a result of the exercise transitioning to a virtual venue due to COVID-19, Intrepid Networks pivoted from providing live mobile and web application access to participants for communication, collaboration, and coordination to providing static map images that evolved as the exercise proceeded. Intrepid Networks’ observations revealed that even these static map images provided a valuable means for participants to perceive; comprehend; project; and, to some extent, predict outcomes based on the variables realized in the earlier processes. Table 7 lists some issues encountered during the JV 3.0 exercise, Intrepid Networks’ observations, and Intrepid Response capabilities that can address these issues.

Table 7: Issues, Observations, and Intrepid Response Capabilities

G.1.2. Analysis

Intrepid Response provides a flexible platform that enables disparate, cross-domain entities to enhance to the situational awareness loop, both individually and collectively. Intrepid Networks’ observations led to the conclusion that a true common operating picture is achievable in cybersecurity response operations by providing a means for cross-domain entities to connect seemingly disparate cybersecurity issues (perception) to a larger, coordinated cyber threat (comprehension). This leads to a more informed response posture, both at the organizational and collective, cross-domain levels (projection and prediction). Ultimately, the Intrepid Response platform expedites activities such as dispatching a particular unit to a threat and, as such, garners a more holistic, cross-domain cyber threat response while tightening the communication loop between organizations. Intrepid Response significantly increases the ability to effectively and efficiently respond to cyberattacks and allows organizations to minimize damage and chaos.

While Intrepid Response enhances situational awareness and collaboration, reducing the impact of cyberattacks, Intrepid Networks recognizes improvements to the platform would provide an even more seamless cross-domain cyber threat response tool that would allow its teams to evolve as our adversaries’ capabilities improve. Intrepid Response provides a flexible, upgradeable platform that can be used out of the box today, but it can be updated to provide increased capability as it becomes available. Intrepid Networks has identified the following features that would evolve Intrepid Response to meet near-term needs for its cyber response teams:

Federating channels and/or organizations to provide more rapid information sharing, whether geospatial or specific documentation. This may be realized with an approach that many commercial interteam/intrateam communication tools take, such as providing common workspaces that any organization with a proper invitation may join. This approach would also prevent the ubiquitous “data fog” found in today’s digital era.
Visualizing network- and cyber-related issues and threats on the map to further increase the capability for perception and comprehension in the situational awareness loop. As an example, enhancements can be made to allow for user-friendly input and visualization of vulnerable cyber elements in a geographic area of interest, such as wireless network systems, strategic servers, infrastructure supervisory control and data acquisition (SCADA) systems, etc., to get a snapshot view of location and other key information about this type of strategic infrastructure vulnerable to cyberattack.
Providing a mechanism for the Intrepid Response map to ingest layers from disparate geospatial systems (for example, traffic light or electrical grid statuses). This would further contribute to a true common operating picture for cross-domain cyber threat responses (expedite perception, comprehension, projection, and prediction).
Integrating data analytics into the Intrepid Response platform for improved automated recognition of a coordinated attack.
Implementing an automated after-action reporting feature that is tailored to a nationally accepted format to allow for continuous information sharing; evaluations; and improvements to tactics, policies, and procedures across disparate organizations in various areas of the country.