SlideShare uma empresa Scribd logo

NASA Project Management Challenge

N
NASAPMC
TecnologiaEducação
1 de 52
Baixar para ler offline
National Aeronautics and Space Administration NASA Project Management Challenge 2009 Effective PM Response for Protecting NASA’s Mission Critical Technologies in a Growing Threat Environment Terry E. Odum, CPP,1† Ryan Averbeck,2† G. A. Gaddy, Ph.D. 2 1. NASA Marshall Space Flight Center, Huntsville, AL 2. Concurrent Technologies Corporation, Huntsville, AL † Presenter 25 February 2009
Why Technology Protection? – Advantage There is a strong symbiotic relationship between space research and national security…We've worked too hard and accomplished too much, to willfully forfeit our leadership in space. Let's make the necessary adjustments to maintain our supremacy. Our future depends on it. Kay Bailey Hutchinson Member of the Senate Commerce, Science And Transportation, and Appropriations, Committees Special Section: Defense & Aerospace October 2007
Protection Needs Assessment We asked ourselves… • Does NASA and its industrial base develop state-of-the-art systems and technologies that are of strong interest to other countries? • Is the risk of loss or compromise to NASA’s technologies growing? • Could the loss impact mission success, reputation, or national security? • Is a process in place to assist the PM in effectively managing security risks? ESMD addressed these questions by piloting a system protection program • Tailored for NASA after gleaning the “best of breed” approaches, methodologies and techniques from DoD protection programs. The need to implement a systematic protection process may never be greater
Policy Guidelines – Cohesive Implementation Strategy Is Needed NPR 1600.1 NASA Security Procedural Requirement Chapter 8 Program Security NPR 7120.5D NASA Space Flight Program and Project Management Requirements Section 3.13 NASA/SP-2007-6105 NASA Systems Engineering Handbook Appendix Q NPR 8000.4 NASA Risk Management Procedural Requirements P.1; 2.6.1 NPR 1660.1 NASA Counterintelligence Policy Para 2.10 NPR 2810.1A Security of Information Technology Preface P.1 NPR 2190.1 NASA Export Control P.1 Chapter 2 Referenced policies all serve to provide national level security guidance.
Why Technology Protection? - The Threat The targeting and theft of U.S. innovation has significant dire effects on our nation. Chamber of commerce estimates 750,000 jobs lost annually due to the theft of innovation Department of Justice estimates the loss of research and technology costs U.S. companies as much as $250 billion annually The National Counterintelligence Executive (NCIX) estimates the loss associated with foreign espionage directed at the U.S. to be $300 billion and rising NASA is a world leader in innovation, and thus, a highly targeted organization. Exploitation of cyberspace to attempt to gain access to space systems technologies and information is growing exponentially and requires constant diligence.
Why Now? What is the national priority at this time? • President’s Vision for Space Exploration directed NASA to design and build systems and infrastructure to return the nation to the Moon, Mars, and beyond. • Exploration Systems represent NASA’s future and one of its highest priorities. • Under the “10 Healthy Centers” concept, all ten (10) NASA Centers have Exploration Systems Work Assignments. • The Constellation architecture involves new systems, technologies, tooling and equipment, and manufacturing processes that may provide the U.S. a technological advantage. • National Space Policy states that the U.S. will take those actions necessary to “protect its space assets”. Recently completed counterintelligence threat products address specific threats to NASA research, technologies, and programs. Contact your Center Security or Counterintelligence Office for availability.
The ESMD Model The Technology Protection Working Group (TPWG) Multi-discipline Agency-wide forum with the core skills necessary for managing security risks on major high priority programs / projects Facilitates Technology Protection Program planning and implementation: Assists the PM in identifying Mission Critical Information Enhances operational readiness and mission success Protects national security interests against threats Prevents unauthorized disclosure of sensitive information Helps maintain the U.S. technological advantage in Space Ensures the proper horizontal protection of inherited technologies from DoD and other government entities TPWG processes and recommendations do not hinder the authorized sharing of NASA information. The process is designed to quickly and precisely identify the information requiring protection.
Technology Protection Program Full Integration NPR 7123.1A Technology Protection Working Group NASA Systems Engineering Processes and Requirements Charter Purpose: Goal: The stakeholder expectations definition process is used to “The goal of the TPWG is to assist Program Managers in elicit and define use cases, scenarios, operational the identification and protection of Mission Critical concepts, and stakeholder expectations for the applicable Information (MCI) generated by the research, product-line life-cycle phases and WBS model. This development and acquisition communities that provides includes requirements for: and maintains NASA’s competitive advantage in Space.” This includes requirements for: a. operational end products and life-cycle-enabling products of the WBS model; a. identifying MCI in the WBS model b. expected skills/capabilities of operators or users; b. operational protection end products and life- cycle-enabling protection processes of the WBS c. expected number of simultaneous users; model d. system and human performance criteria; c. performance criteria for protection e. technical authority, standards, regulations, and d. technical authority, standards, regulations, and laws; laws with respect to protection/security f. factors such as safety, quality, security, context e. security factors (vulnerability and threat) of use by humans, reliability, availability, maintainability, electromagnetic compatibility, f. local management constraints on how protection interoperability, testability, transportability, will be implemented (e.g., operating procedures) supportability, usability, and disposability; g. local management constraints on how work will be done (e.g., operating procedures) The TPWG mitigates program security risks, improves the efficiency of the protection program, reduces regulatory compliance costs, and streamlines security operations.
Protection Products Full Range of Tailored Security Product Offerings Include… • Security Management Plan • Security Classification Guide • Technology Assessment and • Life-cycle Cost Analysis Control Plan (TA/CP) • Transportation Security Plan • Export Control Plan • Preliminary System Security • Security Surveys Concept • Security Trade Studies • Systems Security Authorization • Threat & Vulnerability Reports Agreement for IT Systems • Counterintelligence Surveys • Mission Critical Information • TP Process Assurance Maps Assessment (MCIA)
Protection Services Comprehensive Set of Security Services to Include… • Security Requirements Definition • Risk Management and Decision • Security Policy Reviews Support • Export Control Guidance • Threat & Vulnerability Analysis • Information Technology • Protection and Mitigation Planning Security/Information Protection • Multi-Center/Multi-Agency Coordination Coordination • Technology Protection Working • Industry Partner Security Interface Group Facilitation and Performance Monitoring • Education & Awareness (e.g., • International Cooperation SBU) Interface • Counterintelligence Support • Secure Communications Planning
TPWG Organization Structure Exploration Systems Mission Directorate Office of Security and Program Protection (ESMD ) Associate Administrator (OSPP) Directorate Integration Assistant Officer Administrator Technology Protection Working Group Chair CxP OCIO, S&MA, Management • Program TPOs • Counterintelligence • Center IPOs Export, etc. • Center TPOs • Industry partners • ESMD RM ACD • Scientists • Center security • Engineers Center Management Management Program Technology System Security Threat and Horizontal Policy Protection Trending Engineering Vulnerability Protection Compliance Program Project Element System Component “Complex System” Distributed Organizations Implementation Technology Policy Information Execution
TPWG NASA Representation – Full Integration Constellation Program fully engaged Scientists and engineers supported Ares I and Orion Technology Protection Portfolios 70% complete “Ten healthy Centers”
Technology Protection Program – A Project Resource
ESMD TPWG Community of Practice (CoP) Oversight by ESMD Directorate Integration Office Community in excess of 60 active members Risk Managers, Engineers, Export Officials, Security Industry partners
Technology Protection Program IPT ES MD ou ction an ng Prote d p n Pro ea atio Gr Pro nd E e n f o rm gr a m Wo logy gra ng a m sm In tT m inee rki no ses itical Ma Sc ch ien rs na r Te C tis ge on ts As ss i me Mi nt Center Chiefs of Security NASA Office of Security and Program Protection
ESMD Technology Protection Program Model CI Program TPWG Information Project Protection TPO IPO MCI Information Technology Security
What is Mission Critical Information (MCI)? NASA information related to research, technologies, projects, programs, or systems that, if released outside established protocols could: Significantly affect NASA resources, requiring additional research, development, tests, or evaluation to overcome the adverse effects of unauthorized releases - and / or - Significantly reduce the performance or effectiveness of NASA research, projects, technologies, programs, or systems - and / or - Have a significantly adverse affect on the United States’ advantage in space and other current and emerging technologies With a multitude of technologies and systems under review, the definition of significant will be specific to each potential MCI during an assessment, with a basis of concepts such as Evolutionary/Revolutionary, State-of-the- Art (SOA) vs. State-of-the-World (SOW), and specific impacts to NASA’s programs and missions.
Technology Protection Program Full Integration The TP Program Model The TP Program Team ES CI MD ou ction nd a ng Prote n p ea atio Pro Pro nd E Gr en form Program TPWG Information m g Wo ology gra ng a ram Project Protection ssm l In tT m inee rki TPO IPO sse itica Sc Ma n ch ien rs MCI n Cr Te ag tis on ts em ssi A en Mi t Center Chiefs of Security Information Technology Security NASA Office of Security and Program Protection The NASA TP Program model works because of the MCI team’s understanding of the Program’s cost, schedule and performance drivers. The technology protection team is respectful of the NASA mission, history and culture. These characteristics are the key to minimizing the impact to the Program schedule and is one of the reasons for the Program’s success.
MCI Assessment Participants PM PM Selected Project SMEs (as needed) TPO Mission Critical Information Assessment TPWG Team Oversight Counterintelligence, IA, IT, security, etc. Mission Critical Information Assessment Team • Team of scientists, engineers, and security analysts • Technical connection with NASA Program personnel • Recommends MCI for PM consideration • Develops and delivers all associated documentation (Technology Protection Portfolio) • Collaborates with the Security and Intelligence functions of the TPWG team
MCI Assessment NASA Personnel and Contributions NASA Scientists and Engineers MCI Project/Element Manager Protective Services (OSPP)
Technology Protection Cycle Requires NASA Program P1 Level Decision Discovery Activities P2 P4 Assessment Initiate NASA Perform Preparation TVA Process Risk Analysis Technical Initiate Select Final Discussions Controls v Controls P3 P5 Technical Discussion Evaluate Develop Analysis Vulnerabilities Protection Plan MCI Continuously Develop Confirmation Implementation Plan Periodically
Technology Protection Program Full Integration NASA Project Life Cycle NASA Systems Engineering Handbook, page 20, DECEMBER 2007 *MCI re-assessments performed as required MCI review Technology MCI assessment completion Protection Identify initial controls and threats Activities Identify vulnerabilities and validate threat Final controls selection / continuous risk management
Technology Protection Phases and Associated Activities Element Technology Determine Determine impact Utilize security “best P2 - Initiate TVA P5 - Protection Implementation P1 - MCI Assessment P4 - Risk Analysis Information adversary intent on NASA if practices” (trade gathering and and capability to exploitation occurs studies, etc.) review exploit technology Determine Implement cost Conduct technical Determine facilities, appropriate / effective and discussions with personnel acceptable level of efficient controls scientists, (government and risk based on risk engineers, security, contractor, US and analysis and CI professionals foreign), Develop controls components where Review final which mitigate risks Continuously P3 - Evaluate Vulnerabilities Reach back to MCI resides (element specific) and bring risk into monitor and contractor threat product “acceptable” limits improve the teammates Implement initial protection process scientists and transparent controls Determine threats engineers as to MCI in programs, Ensure necessary facilities, systems, improvements are components, and documented and MCI and information personnel considered for requiring controls implementation identified Prioritize vulnerabilities of Immediate controls MCI placed on information as Adjust initial required controls if necessary MCIA Report Initial Controls Final Controls Report Implementation Plan Significant Issues Report Portfolio Sections I - V Portfolio Section VI Portfolio Section VII Portfolio Section VIII
Element, Project, Technology Protection Portfolios Program Management Technology Protection Process Brief Section I This brief provides an overview of the NASA Technology Protection (TP) Process. This overview includes key participants, defines key terminology, outlines the phases of the TP Process and provides details of the products from the various phases of the TP Process. Technology Protection Process Execution Plan (EP) Section II This plan describes in detail the TP Process phases and associated documentation. The plan also provides a schedule, personnel selected by the Element Manager (EM), and NASA TP Program points of contact. Scientist and Engineers Technology Protection Process Brief Section III This brief provides an overview of the NASA TP Program and outlines the roles and responsibilities of the scientists and engineers identified by the EM. The brief also presents the initial results of the discovery phase of the TP Process. Mission Critical Information (MCI) Technical Discussions Results Brief Section IV This brief provides the EM MCI recommendations from the Technology Protection Working Group (TPWG) based on the analysis of the technical discussions with Element scientists and engineers. Mission Critical Information Assessment Report (MCIA-R) Section V This report documents the EM determination of MCI. The report also provides detailed information about Element MCI and highlights any significant issues identified during the TP Process. Initial Controls Report (ICR) Section VI This report documents the TPWG recommendations for initial Element controls to immediately enhance the protection of MCI based on the baseline threats to the Element MCI. The report also includes Element general threat awareness. Final Controls Report (FCR) Section VII This report contains the NASA Headquarters Counterintelligence (CI) validated threats to Element MCI, vulnerability analysis, and TPWG recommended final controls based on the level of risk acceptable to the EM and metrics obtained from the initial controls selected in the ICR. Implementation Guidance Section VIII This document provides recommendations to the EM detailing the manner in which the EM selected final controls may be implemented. This guidance is focused on the MCI only.
Example: J-2X Technology Protection Portfolio
The Information Dilemma Desire / need Department of to publish Commerce Mandate to Department of collaborate State International National partnerships Security Need to Share Need to Protect National Aeronautics and Space Act of 1958 calls National Space Policy, 2006, states that space for the widespread dissemination of newfound capabilities are vital to the Nation’s interests and technologies to the public. the U.S. will “take those actions necessary to protect its space capabilities.”
ESMD Technology Protection Program To-date On center activities Planned center activities (< 6 months) Planned center activities (> 6 months)
Technology Protection Program Full Integration Pilot Program (Years 1-2) Year 3 Year 4+ Program Development Lunar Lander Ares V Ares I Extravehicular Activities Science and Technology Elements Orion Program refinement Systems Integration Elements
Constellation Program Work Breakdown Structure Pilot Program Year 3 Sustainment
Horizontal Protection and Awareness of NASA MCI Element SM US MCI Location Threat
Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location Threat
Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location Threat
Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat
Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat
Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat α β γ δ
Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat α β γ δ
Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat α β γ δ
Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat α β γ δ
Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat α β γ δ
Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat α β γ δ
Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat α β γ δ
Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat α β γ δ
Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat α β γ δ
Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat α β γ δ
Technology Protection Program Benefits to the PM Increased Project Manager Control • Puts PM in control of Technology Protection process • Program specific tailored execution plan • Programs will be proactive instead of remaining reactive • Function is responsive to the Program • Real time Technology Protection status and metrics • Not an audit or inspection Increased Value • Multi-disciplinary team of unbiased subject matter experts • Extremely useful products (TP Portfolio with 8 sections) which is 100% consistent with existing NPR and other policy requirements • Horizontal aspects Communication Integration Protection resulting in consolidated ESMD MCI List • Team develops all Technology Protection related documents Coordinating with all relevant Program, Center, Directorate, and NASA HQ Technology Protection stakeholders
Results Oriented We Moved From… …To Not Knowing Program Expectations and Security Needs Direct PM Involvement and Decision Making Minimal Direct Security Staff Involvement w/ Projects Cohesive Team w/ Core Security Competencies Implementation of Security Risk Management; No candidate program security risks Mitigation of two Top Directorate Security Risks Inconsistent Adherence to Security Policy and Practices PM approved comprehensive Security Management Plan “Reactive” Security Response to Projects “Proactive” Security Response/Results Oriented Greater Employee Security Awareness, online education Negligible Program Workforce Security Awareness tools, and quality briefings Minimal Understanding of Threats directed at NASA Current Program Threat Assessment No Process to Determine Mission Critical Information Model Process for Determining MCI Few Quality Security Products Multiple High Quality Security Products No Cross-cutting Communications Established Integrated Product Team (IPT) No overall Program Protection Strategy Protection Strategies Designed to Ensure Success TPWG is the controlling element of a Closed-Loop Security System
Acronyms ACD - CI - Counterintelligence CoP - Community of Practice CPP - Certified Protection Professional CxP - Constellation Program DIO - Directorate Integration Office EP - Execution Plan ESMD - Exploration Systems Mission Directorate FCR - Final Controls Report HQ - Headquarters IA - Information Assurance ICR - Initial Controls Report IPO - Information Protection Officer IT - Information Technology MCI - Mission Critical Information MCIA - Mission Critical Information Assessment MCIA-R - Mission Critical Information Assessment Report NCIX - National Counterintelligence Executive NPR - NASA Procedural Requirements OCIO - Office of the Chief Information Officer OSPP - Office of Security and Program Protection RM - Risk Manager S&MA - Safety and Mission Assurance SM - Service Module TBD - To be determined TP - Technology Protection TPO - Technology Protection Officer TPWG - Technology Protection Working Group TVA - Threat and Vulnerability Assessment US - Upper Stage WBS - Work Breakdown Structure
Backup
When Technology Protection? Earlier the better… Desired Capability X >> Y X Y Capability s ss s re gre g ro rp pro a ne Li ted elera Acc We are here….. But on this track? Or, on this track? Capability / maturation level when initial implementation of TP is too late Time http://www.foresight.org/UTF/Unbound_LBW/chapt_4.html
CxP Security Documentation Tree Program Plan A1: Needs, Goals & Objectives CxP 70003 A2: Integrated Master Plan A3: Acquisition Plan System s M anagem ent Architecture Cx Architecture Safety, Reliability & Program Description Engineering Risk M anagem ent System s Plan Requirement Quality Assurance M anagem ent Plan Docum ent M anagem ent Plan Plan (RM ) (M SP) Docum ent (CARD ) (SR&QA) (PMP) (ADD ) (SEMP) 70056 70072 70000 70055 70070 70077 70013 CxP 70070-ANX05-03 - SMP CxP 70171 – Information CxP 70170 - Functional CxP 70070-ANX05 Book 3: Information Systems Contingency Planning & Technology Security Security Requirements Security Reporting Architecture (Form erly (Formerly SMP Book 1) SMP Book 2) M anagement Plan CxP 70070-ANX05-04 - SMP Book 4: Technology Protection (SMP) Program Plan (TPPP) CxP 70070-ANX05-05 - SMP Book 5: Emergency Response & Continuity of Operations Plan (COOP) M ission Ground EVA System s Lunar System s Orion Ares Operations Operations Altair (ES) Surface Project Plan Project Plan (M O) (GO) Project Plan Project Plan Project Plan Project Plan Project Plan
Technology Protection Program – The Early Days • Focused on the “bigger picture” – broader national perspective • Performed an early Gap Analysis to determine in-place vs. desired end state for security • Identified and applied security Lessons Learned from past NASA and DoD programs • Heavily leveraged use of institutional security support, thus gaining PM backing • Tracked the program “flow of events” to establish what issues are most important to attack first • Recruited team players; valued all contributions • Brought energy, intensity, and a creative new approach to security planning • Took small steps over time and quietly overcame objections or obstacles • Established a holistic approach for prioritizing security goals based on mission objectives • Leveraged use of in-house (no cost) software tools to enhance efficiency Building future capability and gaining respect from within the intelligence and DoD communities
Benefits/Value • Customer Focused – better able to satisfy most urgent ESMD security needs • Early life-cycle Planning – so that resources can be applied and managed; early discovery and resolution of problems • Maximum Flexibility – encourage creative problem solving • Event Driven – to ensure security product maturity is incrementally demonstrated, i.e., response to key decision point / critical milestone reviews • Multi-disciplinary Teamwork – Synergy: right people at the right place and at the right time to make timely decisions • Seamless Management and Communication Tools – to ensure teams have all available information, i.e., risk management tool, community of practice, etc. • Proactive Risk Identification – rapid reduction of risk/uncertainty Technology Protection must demonstrate a Return on Investment

Recomendados

Dittemore.gary
Dittemore.garyDittemore.gary
Dittemore.garyNASAPMC
 
Baldwin.kristen
Baldwin.kristenBaldwin.kristen
Baldwin.kristenNASAPMC
 
Kirsch.mike
Kirsch.mikeKirsch.mike
Kirsch.mikeNASAPMC
 
Dawn.schaible
Dawn.schaibleDawn.schaible
Dawn.schaibleNASAPMC
 
Saltzman.john
Saltzman.johnSaltzman.john
Saltzman.johnNASAPMC
 
Fuller.david
Fuller.davidFuller.david
Fuller.davidNASAPMC
 
Barth simpkins
Barth simpkinsBarth simpkins
Barth simpkinsNASAPMC
 
Bizier.brenda
Bizier.brendaBizier.brenda
Bizier.brendaNASAPMC
 

Recomendados

Dittemore.gary
Dittemore.garyDittemore.gary
Dittemore.garyNASAPMC
 
Baldwin.kristen
Baldwin.kristenBaldwin.kristen
Baldwin.kristenNASAPMC
 
Kirsch.mike
Kirsch.mikeKirsch.mike
Kirsch.mikeNASAPMC
 
Dawn.schaible
Dawn.schaibleDawn.schaible
Dawn.schaibleNASAPMC
 
Saltzman.john
Saltzman.johnSaltzman.john
Saltzman.johnNASAPMC
 
Fuller.david
Fuller.davidFuller.david
Fuller.davidNASAPMC
 
Barth simpkins
Barth simpkinsBarth simpkins
Barth simpkinsNASAPMC
 
Bizier.brenda
Bizier.brendaBizier.brenda
Bizier.brendaNASAPMC
 
Thomas.mc vittie
Thomas.mc vittieThomas.mc vittie
Thomas.mc vittieNASAPMC
 
Chen.tim
Chen.timChen.tim
Chen.timNASAPMC
 
Jim.free
Jim.freeJim.free
Jim.freeNASAPMC
 
Snow lee
Snow leeSnow lee
Snow leeNASAPMC
 
Kremic.tibor
Kremic.tiborKremic.tibor
Kremic.tiborNASAPMC
 
Hughitt brian
Hughitt brianHughitt brian
Hughitt brianNASAPMC
 
Dezfuli youngblood
Dezfuli youngbloodDezfuli youngblood
Dezfuli youngbloodNASAPMC
 
Cook.richard
Cook.richardCook.richard
Cook.richardNASAPMC
 
Sally godfreyheatherrarick
Sally godfreyheatherrarickSally godfreyheatherrarick
Sally godfreyheatherrarickNASAPMC
 
Bladwin.kristen
Bladwin.kristenBladwin.kristen
Bladwin.kristenNASAPMC
 
Canga.m.wood.j
Canga.m.wood.jCanga.m.wood.j
Canga.m.wood.jNASAPMC
 
Schaible.dawn
Schaible.dawnSchaible.dawn
Schaible.dawnNASAPMC
 
Gaydar.michael
Gaydar.michaelGaydar.michael
Gaydar.michaelNASAPMC
 
Vonnie simonsen
Vonnie simonsenVonnie simonsen
Vonnie simonsenNASAPMC
 
David.oberhettinger
David.oberhettingerDavid.oberhettinger
David.oberhettingerNASAPMC
 
Costello kenneth
Costello kennethCostello kenneth
Costello kennethNASAPMC
 
Mullane stanley-hamilton-wise
Mullane stanley-hamilton-wiseMullane stanley-hamilton-wise
Mullane stanley-hamilton-wiseNASAPMC
 
Thomas.coonce
Thomas.coonceThomas.coonce
Thomas.coonceNASAPMC
 
Graham dave
Graham daveGraham dave
Graham daveNASAPMC
 
Lawrence.jim
Lawrence.jimLawrence.jim
Lawrence.jimNASAPMC
 
Dan galorath
Dan galorathDan galorath
Dan galorathNASAPMC
 
Law.richard
Law.richardLaw.richard
Law.richardNASAPMC
 

Mais conteúdo relacionado

Mais procurados

Thomas.mc vittie
Thomas.mc vittieThomas.mc vittie
Thomas.mc vittieNASAPMC
 
Chen.tim
Chen.timChen.tim
Chen.timNASAPMC
 
Jim.free
Jim.freeJim.free
Jim.freeNASAPMC
 
Snow lee
Snow leeSnow lee
Snow leeNASAPMC
 
Kremic.tibor
Kremic.tiborKremic.tibor
Kremic.tiborNASAPMC
 
Hughitt brian
Hughitt brianHughitt brian
Hughitt brianNASAPMC
 
Dezfuli youngblood
Dezfuli youngbloodDezfuli youngblood
Dezfuli youngbloodNASAPMC
 
Cook.richard
Cook.richardCook.richard
Cook.richardNASAPMC
 
Sally godfreyheatherrarick
Sally godfreyheatherrarickSally godfreyheatherrarick
Sally godfreyheatherrarickNASAPMC
 
Bladwin.kristen
Bladwin.kristenBladwin.kristen
Bladwin.kristenNASAPMC
 
Canga.m.wood.j
Canga.m.wood.jCanga.m.wood.j
Canga.m.wood.jNASAPMC
 
Schaible.dawn
Schaible.dawnSchaible.dawn
Schaible.dawnNASAPMC
 
Gaydar.michael
Gaydar.michaelGaydar.michael
Gaydar.michaelNASAPMC
 
Vonnie simonsen
Vonnie simonsenVonnie simonsen
Vonnie simonsenNASAPMC
 
David.oberhettinger
David.oberhettingerDavid.oberhettinger
David.oberhettingerNASAPMC
 
Costello kenneth
Costello kennethCostello kenneth
Costello kennethNASAPMC
 
Mullane stanley-hamilton-wise
Mullane stanley-hamilton-wiseMullane stanley-hamilton-wise
Mullane stanley-hamilton-wiseNASAPMC
 
Thomas.coonce
Thomas.coonceThomas.coonce
Thomas.coonceNASAPMC
 
Graham dave
Graham daveGraham dave
Graham daveNASAPMC
 
Lawrence.jim
Lawrence.jimLawrence.jim
Lawrence.jimNASAPMC
 

Mais procurados (20)

Thomas.mc vittie
Thomas.mc vittieThomas.mc vittie
Thomas.mc vittie
 
Chen.tim
Chen.timChen.tim
Chen.tim
 
Jim.free
Jim.freeJim.free
Jim.free
 
Snow lee
Snow leeSnow lee
Snow lee
 
Kremic.tibor
Kremic.tiborKremic.tibor
Kremic.tibor
 
Hughitt brian
Hughitt brianHughitt brian
Hughitt brian
 
Dezfuli youngblood
Dezfuli youngbloodDezfuli youngblood
Dezfuli youngblood
 
Cook.richard
Cook.richardCook.richard
Cook.richard
 
Sally godfreyheatherrarick
Sally godfreyheatherrarickSally godfreyheatherrarick
Sally godfreyheatherrarick
 
Bladwin.kristen
Bladwin.kristenBladwin.kristen
Bladwin.kristen
 
Canga.m.wood.j
Canga.m.wood.jCanga.m.wood.j
Canga.m.wood.j
 
Schaible.dawn
Schaible.dawnSchaible.dawn
Schaible.dawn
 
Gaydar.michael
Gaydar.michaelGaydar.michael
Gaydar.michael
 
Vonnie simonsen
Vonnie simonsenVonnie simonsen
Vonnie simonsen
 
David.oberhettinger
David.oberhettingerDavid.oberhettinger
David.oberhettinger
 
Costello kenneth
Costello kennethCostello kenneth
Costello kenneth
 
Mullane stanley-hamilton-wise
Mullane stanley-hamilton-wiseMullane stanley-hamilton-wise
Mullane stanley-hamilton-wise
 
Thomas.coonce
Thomas.coonceThomas.coonce
Thomas.coonce
 
Graham dave
Graham daveGraham dave
Graham dave
 
Lawrence.jim
Lawrence.jimLawrence.jim
Lawrence.jim
 

Destaque

Dan galorath
Dan galorathDan galorath
Dan galorathNASAPMC
 
Law.richard
Law.richardLaw.richard
Law.richardNASAPMC
 
Mc namara.karen
Mc namara.karenMc namara.karen
Mc namara.karenNASAPMC
 
Ken poole
Ken pooleKen poole
Ken pooleNASAPMC
 
Humphreys.gary
Humphreys.garyHumphreys.gary
Humphreys.garyNASAPMC
 

Destaque (6)

Dan galorath
Dan galorathDan galorath
Dan galorath
 
Law.richard
Law.richardLaw.richard
Law.richard
 
Shinn
ShinnShinn
Shinn
 
Mc namara.karen
Mc namara.karenMc namara.karen
Mc namara.karen
 
Ken poole
Ken pooleKen poole
Ken poole
 
Humphreys.gary
Humphreys.garyHumphreys.gary
Humphreys.gary
 

Semelhante a NASA Project Management Challenge

FRAMEWORK FOR EPU OPERATORS TO MANAGE THE RESPONSE TO A CYBER-INITIATED THREA...
FRAMEWORK FOR EPU OPERATORS TO MANAGE THE RESPONSE TO A CYBER-INITIATED THREA...FRAMEWORK FOR EPU OPERATORS TO MANAGE THE RESPONSE TO A CYBER-INITIATED THREA...
FRAMEWORK FOR EPU OPERATORS TO MANAGE THE RESPONSE TO A CYBER-INITIATED THREA...Power System Operation
 
Cybersecurity Discipline
Cybersecurity DisciplineCybersecurity Discipline
Cybersecurity DisciplineMark Stockman
 
Health Informatics – Application of Clinical Risk Management to the Manufactu...
Health Informatics – Application of Clinical Risk Management to the Manufactu...Health Informatics – Application of Clinical Risk Management to the Manufactu...
Health Informatics – Application of Clinical Risk Management to the Manufactu...Plan de Calidad para el SNS
 
Technology: Built for Attack : Dr. Emma Garrison-Alexander
Technology: Built for Attack : Dr. Emma Garrison-Alexander Technology: Built for Attack : Dr. Emma Garrison-Alexander
Technology: Built for Attack : Dr. Emma Garrison-Alexander EC-Council
 
Cissp exam-outline
Cissp exam-outlineCissp exam-outline
Cissp exam-outlineAhmet E
 
Architecture centric support for security orchestration and automation
Architecture centric support for security orchestration and automationArchitecture centric support for security orchestration and automation
Architecture centric support for security orchestration and automationChadni Islam
 
Closing Often Missed Vulnerabilities that Leave Organizations Exposed
Closing Often Missed Vulnerabilities that Leave Organizations ExposedClosing Often Missed Vulnerabilities that Leave Organizations Exposed
Closing Often Missed Vulnerabilities that Leave Organizations ExposedSecPod
 
Closing Often Missed Vulnerabilities that Leave Organizations Exposed
Closing Often Missed Vulnerabilities that Leave Organizations ExposedClosing Often Missed Vulnerabilities that Leave Organizations Exposed
Closing Often Missed Vulnerabilities that Leave Organizations ExposedSecPod
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathClubHack
 
Dhs cybersecurity-roadmap
Dhs cybersecurity-roadmapDhs cybersecurity-roadmap
Dhs cybersecurity-roadmapAjay Ohri
 
In what ways do you think the Elaboration Likelihood Model applies.docx
In what ways do you think the Elaboration Likelihood Model applies.docxIn what ways do you think the Elaboration Likelihood Model applies.docx
In what ways do you think the Elaboration Likelihood Model applies.docxjaggernaoma
 
Database development and security certification and accreditation plan pitwg
Database development and security certification and accreditation plan pitwgDatabase development and security certification and accreditation plan pitwg
Database development and security certification and accreditation plan pitwgJohn M. Kennedy
 
Securing Nuclear Facilities
Securing Nuclear FacilitiesSecuring Nuclear Facilities
Securing Nuclear FacilitiesOPSWAT
 
It secuirty policy guidelines and practices
It secuirty policy guidelines and practicesIt secuirty policy guidelines and practices
It secuirty policy guidelines and practiceswaruireuben
 
Security Introspection for Software Reuse
Security Introspection for Software ReuseSecurity Introspection for Software Reuse
Security Introspection for Software ReuseIRJET Journal
 
Mejores practicas en proyectos
Mejores practicas en proyectosMejores practicas en proyectos
Mejores practicas en proyectosLisbethRoosRoos
 

Semelhante a NASA Project Management Challenge (20)

FRAMEWORK FOR EPU OPERATORS TO MANAGE THE RESPONSE TO A CYBER-INITIATED THREA...
FRAMEWORK FOR EPU OPERATORS TO MANAGE THE RESPONSE TO A CYBER-INITIATED THREA...FRAMEWORK FOR EPU OPERATORS TO MANAGE THE RESPONSE TO A CYBER-INITIATED THREA...
FRAMEWORK FOR EPU OPERATORS TO MANAGE THE RESPONSE TO A CYBER-INITIATED THREA...
 
Cybersecurity Discipline
Cybersecurity DisciplineCybersecurity Discipline
Cybersecurity Discipline
 
Health Informatics – Application of Clinical Risk Management to the Manufactu...
Health Informatics – Application of Clinical Risk Management to the Manufactu...Health Informatics – Application of Clinical Risk Management to the Manufactu...
Health Informatics – Application of Clinical Risk Management to the Manufactu...
 
Technology: Built for Attack : Dr. Emma Garrison-Alexander
Technology: Built for Attack : Dr. Emma Garrison-Alexander Technology: Built for Attack : Dr. Emma Garrison-Alexander
Technology: Built for Attack : Dr. Emma Garrison-Alexander
 
Cissp exam-outline
Cissp exam-outlineCissp exam-outline
Cissp exam-outline
 
Architecture centric support for security orchestration and automation
Architecture centric support for security orchestration and automationArchitecture centric support for security orchestration and automation
Architecture centric support for security orchestration and automation
 
Closing Often Missed Vulnerabilities that Leave Organizations Exposed
Closing Often Missed Vulnerabilities that Leave Organizations ExposedClosing Often Missed Vulnerabilities that Leave Organizations Exposed
Closing Often Missed Vulnerabilities that Leave Organizations Exposed
 
Closing Often Missed Vulnerabilities that Leave Organizations Exposed
Closing Often Missed Vulnerabilities that Leave Organizations ExposedClosing Often Missed Vulnerabilities that Leave Organizations Exposed
Closing Often Missed Vulnerabilities that Leave Organizations Exposed
 
Cyber risks in supply chains
Cyber risks in supply chains Cyber risks in supply chains
Cyber risks in supply chains
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy Hiremath
 
Dhs cybersecurity-roadmap
Dhs cybersecurity-roadmapDhs cybersecurity-roadmap
Dhs cybersecurity-roadmap
 
In what ways do you think the Elaboration Likelihood Model applies.docx
In what ways do you think the Elaboration Likelihood Model applies.docxIn what ways do you think the Elaboration Likelihood Model applies.docx
In what ways do you think the Elaboration Likelihood Model applies.docx
 
Dossier 2008 V3
Dossier 2008 V3Dossier 2008 V3
Dossier 2008 V3
 
Database development and security certification and accreditation plan pitwg
Database development and security certification and accreditation plan pitwgDatabase development and security certification and accreditation plan pitwg
Database development and security certification and accreditation plan pitwg
 
Securing Nuclear Facilities
Securing Nuclear FacilitiesSecuring Nuclear Facilities
Securing Nuclear Facilities
 
It secuirty policy guidelines and practices
It secuirty policy guidelines and practicesIt secuirty policy guidelines and practices
It secuirty policy guidelines and practices
 
Security Introspection for Software Reuse
Security Introspection for Software ReuseSecurity Introspection for Software Reuse
Security Introspection for Software Reuse
 
Herklotz - Information Operations and Security - Spring Review 2013
Herklotz - Information Operations and Security - Spring Review 2013Herklotz - Information Operations and Security - Spring Review 2013
Herklotz - Information Operations and Security - Spring Review 2013
 
Mejores practicas en proyectos
Mejores practicas en proyectosMejores practicas en proyectos
Mejores practicas en proyectos
 
Ssdf nist
Ssdf nistSsdf nist
Ssdf nist
 

Mais de NASAPMC

Bejmuk bo
Bejmuk boBejmuk bo
Bejmuk boNASAPMC
 
Baniszewski john
Baniszewski johnBaniszewski john
Baniszewski johnNASAPMC
 
Yew manson
Yew mansonYew manson
Yew mansonNASAPMC
 
Wood frank
Wood frankWood frank
Wood frankNASAPMC
 
Wood frank
Wood frankWood frank
Wood frankNASAPMC
 
Wessen randi (cd)
Wessen randi (cd)Wessen randi (cd)
Wessen randi (cd)NASAPMC
 
Vellinga joe
Vellinga joeVellinga joe
Vellinga joeNASAPMC
 
Trahan stuart
Trahan stuartTrahan stuart
Trahan stuartNASAPMC
 
Stock gahm
Stock gahmStock gahm
Stock gahmNASAPMC
 
Smalley sandra
Smalley sandraSmalley sandra
Smalley sandraNASAPMC
 
Seftas krage
Seftas krageSeftas krage
Seftas krageNASAPMC
 
Sampietro marco
Sampietro marcoSampietro marco
Sampietro marcoNASAPMC
 
Rudolphi mike
Rudolphi mikeRudolphi mike
Rudolphi mikeNASAPMC
 
Roberts karlene
Roberts karleneRoberts karlene
Roberts karleneNASAPMC
 
Rackley mike
Rackley mikeRackley mike
Rackley mikeNASAPMC
 
Paradis william
Paradis williamParadis william
Paradis williamNASAPMC
 
Osterkamp jeff
Osterkamp jeffOsterkamp jeff
Osterkamp jeffNASAPMC
 
O'keefe william
O'keefe williamO'keefe william
O'keefe williamNASAPMC
 
Muller ralf
Muller ralfMuller ralf
Muller ralfNASAPMC
 
Mulenburg jerry
Mulenburg jerryMulenburg jerry
Mulenburg jerryNASAPMC
 

Mais de NASAPMC (20)

Bejmuk bo
Bejmuk boBejmuk bo
Bejmuk bo
 
Baniszewski john
Baniszewski johnBaniszewski john
Baniszewski john
 
Yew manson
Yew mansonYew manson
Yew manson
 
Wood frank
Wood frankWood frank
Wood frank
 
Wood frank
Wood frankWood frank
Wood frank
 
Wessen randi (cd)
Wessen randi (cd)Wessen randi (cd)
Wessen randi (cd)
 
Vellinga joe
Vellinga joeVellinga joe
Vellinga joe
 
Trahan stuart
Trahan stuartTrahan stuart
Trahan stuart
 
Stock gahm
Stock gahmStock gahm
Stock gahm
 
Smalley sandra
Smalley sandraSmalley sandra
Smalley sandra
 
Seftas krage
Seftas krageSeftas krage
Seftas krage
 
Sampietro marco
Sampietro marcoSampietro marco
Sampietro marco
 
Rudolphi mike
Rudolphi mikeRudolphi mike
Rudolphi mike
 
Roberts karlene
Roberts karleneRoberts karlene
Roberts karlene
 
Rackley mike
Rackley mikeRackley mike
Rackley mike
 
Paradis william
Paradis williamParadis william
Paradis william
 
Osterkamp jeff
Osterkamp jeffOsterkamp jeff
Osterkamp jeff
 
O'keefe william
O'keefe williamO'keefe william
O'keefe william
 
Muller ralf
Muller ralfMuller ralf
Muller ralf
 
Mulenburg jerry
Mulenburg jerryMulenburg jerry
Mulenburg jerry
 

Último

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 

Último (20)

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 

NASA Project Management Challenge

  • 1. National Aeronautics and Space Administration NASA Project Management Challenge 2009 Effective PM Response for Protecting NASA’s Mission Critical Technologies in a Growing Threat Environment Terry E. Odum, CPP,1† Ryan Averbeck,2† G. A. Gaddy, Ph.D. 2 1. NASA Marshall Space Flight Center, Huntsville, AL 2. Concurrent Technologies Corporation, Huntsville, AL † Presenter 25 February 2009
  • 2. Why Technology Protection? – Advantage There is a strong symbiotic relationship between space research and national security…We've worked too hard and accomplished too much, to willfully forfeit our leadership in space. Let's make the necessary adjustments to maintain our supremacy. Our future depends on it. Kay Bailey Hutchinson Member of the Senate Commerce, Science And Transportation, and Appropriations, Committees Special Section: Defense & Aerospace October 2007
  • 3. Protection Needs Assessment We asked ourselves… • Does NASA and its industrial base develop state-of-the-art systems and technologies that are of strong interest to other countries? • Is the risk of loss or compromise to NASA’s technologies growing? • Could the loss impact mission success, reputation, or national security? • Is a process in place to assist the PM in effectively managing security risks? ESMD addressed these questions by piloting a system protection program • Tailored for NASA after gleaning the “best of breed” approaches, methodologies and techniques from DoD protection programs. The need to implement a systematic protection process may never be greater
  • 4. Policy Guidelines – Cohesive Implementation Strategy Is Needed NPR 1600.1 NASA Security Procedural Requirement Chapter 8 Program Security NPR 7120.5D NASA Space Flight Program and Project Management Requirements Section 3.13 NASA/SP-2007-6105 NASA Systems Engineering Handbook Appendix Q NPR 8000.4 NASA Risk Management Procedural Requirements P.1; 2.6.1 NPR 1660.1 NASA Counterintelligence Policy Para 2.10 NPR 2810.1A Security of Information Technology Preface P.1 NPR 2190.1 NASA Export Control P.1 Chapter 2 Referenced policies all serve to provide national level security guidance.
  • 5. Why Technology Protection? - The Threat The targeting and theft of U.S. innovation has significant dire effects on our nation. Chamber of commerce estimates 750,000 jobs lost annually due to the theft of innovation Department of Justice estimates the loss of research and technology costs U.S. companies as much as $250 billion annually The National Counterintelligence Executive (NCIX) estimates the loss associated with foreign espionage directed at the U.S. to be $300 billion and rising NASA is a world leader in innovation, and thus, a highly targeted organization. Exploitation of cyberspace to attempt to gain access to space systems technologies and information is growing exponentially and requires constant diligence.
  • 6. Why Now? What is the national priority at this time? • President’s Vision for Space Exploration directed NASA to design and build systems and infrastructure to return the nation to the Moon, Mars, and beyond. • Exploration Systems represent NASA’s future and one of its highest priorities. • Under the “10 Healthy Centers” concept, all ten (10) NASA Centers have Exploration Systems Work Assignments. • The Constellation architecture involves new systems, technologies, tooling and equipment, and manufacturing processes that may provide the U.S. a technological advantage. • National Space Policy states that the U.S. will take those actions necessary to “protect its space assets”. Recently completed counterintelligence threat products address specific threats to NASA research, technologies, and programs. Contact your Center Security or Counterintelligence Office for availability.
  • 7. The ESMD Model The Technology Protection Working Group (TPWG) Multi-discipline Agency-wide forum with the core skills necessary for managing security risks on major high priority programs / projects Facilitates Technology Protection Program planning and implementation: Assists the PM in identifying Mission Critical Information Enhances operational readiness and mission success Protects national security interests against threats Prevents unauthorized disclosure of sensitive information Helps maintain the U.S. technological advantage in Space Ensures the proper horizontal protection of inherited technologies from DoD and other government entities TPWG processes and recommendations do not hinder the authorized sharing of NASA information. The process is designed to quickly and precisely identify the information requiring protection.
  • 8. Technology Protection Program Full Integration NPR 7123.1A Technology Protection Working Group NASA Systems Engineering Processes and Requirements Charter Purpose: Goal: The stakeholder expectations definition process is used to “The goal of the TPWG is to assist Program Managers in elicit and define use cases, scenarios, operational the identification and protection of Mission Critical concepts, and stakeholder expectations for the applicable Information (MCI) generated by the research, product-line life-cycle phases and WBS model. This development and acquisition communities that provides includes requirements for: and maintains NASA’s competitive advantage in Space.” This includes requirements for: a. operational end products and life-cycle-enabling products of the WBS model; a. identifying MCI in the WBS model b. expected skills/capabilities of operators or users; b. operational protection end products and life- cycle-enabling protection processes of the WBS c. expected number of simultaneous users; model d. system and human performance criteria; c. performance criteria for protection e. technical authority, standards, regulations, and d. technical authority, standards, regulations, and laws; laws with respect to protection/security f. factors such as safety, quality, security, context e. security factors (vulnerability and threat) of use by humans, reliability, availability, maintainability, electromagnetic compatibility, f. local management constraints on how protection interoperability, testability, transportability, will be implemented (e.g., operating procedures) supportability, usability, and disposability; g. local management constraints on how work will be done (e.g., operating procedures) The TPWG mitigates program security risks, improves the efficiency of the protection program, reduces regulatory compliance costs, and streamlines security operations.
  • 9. Protection Products Full Range of Tailored Security Product Offerings Include… • Security Management Plan • Security Classification Guide • Technology Assessment and • Life-cycle Cost Analysis Control Plan (TA/CP) • Transportation Security Plan • Export Control Plan • Preliminary System Security • Security Surveys Concept • Security Trade Studies • Systems Security Authorization • Threat & Vulnerability Reports Agreement for IT Systems • Counterintelligence Surveys • Mission Critical Information • TP Process Assurance Maps Assessment (MCIA)
  • 10. Protection Services Comprehensive Set of Security Services to Include… • Security Requirements Definition • Risk Management and Decision • Security Policy Reviews Support • Export Control Guidance • Threat & Vulnerability Analysis • Information Technology • Protection and Mitigation Planning Security/Information Protection • Multi-Center/Multi-Agency Coordination Coordination • Technology Protection Working • Industry Partner Security Interface Group Facilitation and Performance Monitoring • Education & Awareness (e.g., • International Cooperation SBU) Interface • Counterintelligence Support • Secure Communications Planning
  • 11. TPWG Organization Structure Exploration Systems Mission Directorate Office of Security and Program Protection (ESMD ) Associate Administrator (OSPP) Directorate Integration Assistant Officer Administrator Technology Protection Working Group Chair CxP OCIO, S&MA, Management • Program TPOs • Counterintelligence • Center IPOs Export, etc. • Center TPOs • Industry partners • ESMD RM ACD • Scientists • Center security • Engineers Center Management Management Program Technology System Security Threat and Horizontal Policy Protection Trending Engineering Vulnerability Protection Compliance Program Project Element System Component “Complex System” Distributed Organizations Implementation Technology Policy Information Execution
  • 12. TPWG NASA Representation – Full Integration Constellation Program fully engaged Scientists and engineers supported Ares I and Orion Technology Protection Portfolios 70% complete “Ten healthy Centers”
  • 13. Technology Protection Program – A Project Resource
  • 14. ESMD TPWG Community of Practice (CoP) Oversight by ESMD Directorate Integration Office Community in excess of 60 active members Risk Managers, Engineers, Export Officials, Security Industry partners
  • 15. Technology Protection Program IPT ES MD ou ction an ng Prote d p n Pro ea atio Gr Pro nd E e n f o rm gr a m Wo logy gra ng a m sm In tT m inee rki no ses itical Ma Sc ch ien rs na r Te C tis ge on ts As ss i me Mi nt Center Chiefs of Security NASA Office of Security and Program Protection
  • 16. ESMD Technology Protection Program Model CI Program TPWG Information Project Protection TPO IPO MCI Information Technology Security
  • 17. What is Mission Critical Information (MCI)? NASA information related to research, technologies, projects, programs, or systems that, if released outside established protocols could: Significantly affect NASA resources, requiring additional research, development, tests, or evaluation to overcome the adverse effects of unauthorized releases - and / or - Significantly reduce the performance or effectiveness of NASA research, projects, technologies, programs, or systems - and / or - Have a significantly adverse affect on the United States’ advantage in space and other current and emerging technologies With a multitude of technologies and systems under review, the definition of significant will be specific to each potential MCI during an assessment, with a basis of concepts such as Evolutionary/Revolutionary, State-of-the- Art (SOA) vs. State-of-the-World (SOW), and specific impacts to NASA’s programs and missions.
  • 18. Technology Protection Program Full Integration The TP Program Model The TP Program Team ES CI MD ou ction nd a ng Prote n p ea atio Pro Pro nd E Gr en form Program TPWG Information m g Wo ology gra ng a ram Project Protection ssm l In tT m inee rki TPO IPO sse itica Sc Ma n ch ien rs MCI n Cr Te ag tis on ts em ssi A en Mi t Center Chiefs of Security Information Technology Security NASA Office of Security and Program Protection The NASA TP Program model works because of the MCI team’s understanding of the Program’s cost, schedule and performance drivers. The technology protection team is respectful of the NASA mission, history and culture. These characteristics are the key to minimizing the impact to the Program schedule and is one of the reasons for the Program’s success.
  • 19. MCI Assessment Participants PM PM Selected Project SMEs (as needed) TPO Mission Critical Information Assessment TPWG Team Oversight Counterintelligence, IA, IT, security, etc. Mission Critical Information Assessment Team • Team of scientists, engineers, and security analysts • Technical connection with NASA Program personnel • Recommends MCI for PM consideration • Develops and delivers all associated documentation (Technology Protection Portfolio) • Collaborates with the Security and Intelligence functions of the TPWG team
  • 20. MCI Assessment NASA Personnel and Contributions NASA Scientists and Engineers MCI Project/Element Manager Protective Services (OSPP)
  • 21. Technology Protection Cycle Requires NASA Program P1 Level Decision Discovery Activities P2 P4 Assessment Initiate NASA Perform Preparation TVA Process Risk Analysis Technical Initiate Select Final Discussions Controls v Controls P3 P5 Technical Discussion Evaluate Develop Analysis Vulnerabilities Protection Plan MCI Continuously Develop Confirmation Implementation Plan Periodically
  • 22. Technology Protection Program Full Integration NASA Project Life Cycle NASA Systems Engineering Handbook, page 20, DECEMBER 2007 *MCI re-assessments performed as required MCI review Technology MCI assessment completion Protection Identify initial controls and threats Activities Identify vulnerabilities and validate threat Final controls selection / continuous risk management
  • 23. Technology Protection Phases and Associated Activities Element Technology Determine Determine impact Utilize security “best P2 - Initiate TVA P5 - Protection Implementation P1 - MCI Assessment P4 - Risk Analysis Information adversary intent on NASA if practices” (trade gathering and and capability to exploitation occurs studies, etc.) review exploit technology Determine Implement cost Conduct technical Determine facilities, appropriate / effective and discussions with personnel acceptable level of efficient controls scientists, (government and risk based on risk engineers, security, contractor, US and analysis and CI professionals foreign), Develop controls components where Review final which mitigate risks Continuously P3 - Evaluate Vulnerabilities Reach back to MCI resides (element specific) and bring risk into monitor and contractor threat product “acceptable” limits improve the teammates Implement initial protection process scientists and transparent controls Determine threats engineers as to MCI in programs, Ensure necessary facilities, systems, improvements are components, and documented and MCI and information personnel considered for requiring controls implementation identified Prioritize vulnerabilities of Immediate controls MCI placed on information as Adjust initial required controls if necessary MCIA Report Initial Controls Final Controls Report Implementation Plan Significant Issues Report Portfolio Sections I - V Portfolio Section VI Portfolio Section VII Portfolio Section VIII
  • 24. Element, Project, Technology Protection Portfolios Program Management Technology Protection Process Brief Section I This brief provides an overview of the NASA Technology Protection (TP) Process. This overview includes key participants, defines key terminology, outlines the phases of the TP Process and provides details of the products from the various phases of the TP Process. Technology Protection Process Execution Plan (EP) Section II This plan describes in detail the TP Process phases and associated documentation. The plan also provides a schedule, personnel selected by the Element Manager (EM), and NASA TP Program points of contact. Scientist and Engineers Technology Protection Process Brief Section III This brief provides an overview of the NASA TP Program and outlines the roles and responsibilities of the scientists and engineers identified by the EM. The brief also presents the initial results of the discovery phase of the TP Process. Mission Critical Information (MCI) Technical Discussions Results Brief Section IV This brief provides the EM MCI recommendations from the Technology Protection Working Group (TPWG) based on the analysis of the technical discussions with Element scientists and engineers. Mission Critical Information Assessment Report (MCIA-R) Section V This report documents the EM determination of MCI. The report also provides detailed information about Element MCI and highlights any significant issues identified during the TP Process. Initial Controls Report (ICR) Section VI This report documents the TPWG recommendations for initial Element controls to immediately enhance the protection of MCI based on the baseline threats to the Element MCI. The report also includes Element general threat awareness. Final Controls Report (FCR) Section VII This report contains the NASA Headquarters Counterintelligence (CI) validated threats to Element MCI, vulnerability analysis, and TPWG recommended final controls based on the level of risk acceptable to the EM and metrics obtained from the initial controls selected in the ICR. Implementation Guidance Section VIII This document provides recommendations to the EM detailing the manner in which the EM selected final controls may be implemented. This guidance is focused on the MCI only.
  • 25. Example: J-2X Technology Protection Portfolio
  • 26. The Information Dilemma Desire / need Department of to publish Commerce Mandate to Department of collaborate State International National partnerships Security Need to Share Need to Protect National Aeronautics and Space Act of 1958 calls National Space Policy, 2006, states that space for the widespread dissemination of newfound capabilities are vital to the Nation’s interests and technologies to the public. the U.S. will “take those actions necessary to protect its space capabilities.”
  • 27. ESMD Technology Protection Program To-date On center activities Planned center activities (< 6 months) Planned center activities (> 6 months)
  • 28. Technology Protection Program Full Integration Pilot Program (Years 1-2) Year 3 Year 4+ Program Development Lunar Lander Ares V Ares I Extravehicular Activities Science and Technology Elements Orion Program refinement Systems Integration Elements
  • 29. Constellation Program Work Breakdown Structure Pilot Program Year 3 Sustainment
  • 30. Horizontal Protection and Awareness of NASA MCI Element SM US MCI Location Threat
  • 31. Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location Threat
  • 32. Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location Threat
  • 33. Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat
  • 34. Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat
  • 35. Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat α β γ δ
  • 36. Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat α β γ δ
  • 37. Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat α β γ δ
  • 38. Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat α β γ δ
  • 39. Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat α β γ δ
  • 40. Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat α β γ δ
  • 41. Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat α β γ δ
  • 42. Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat α β γ δ
  • 43. Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat α β γ δ
  • 44. Horizontal Protection and Awareness of NASA MCI Element SM US MCI 1 2 3 4 5 6 7 Location A B C D E F G H I J K L M Threat α β γ δ
  • 45. Technology Protection Program Benefits to the PM Increased Project Manager Control • Puts PM in control of Technology Protection process • Program specific tailored execution plan • Programs will be proactive instead of remaining reactive • Function is responsive to the Program • Real time Technology Protection status and metrics • Not an audit or inspection Increased Value • Multi-disciplinary team of unbiased subject matter experts • Extremely useful products (TP Portfolio with 8 sections) which is 100% consistent with existing NPR and other policy requirements • Horizontal aspects Communication Integration Protection resulting in consolidated ESMD MCI List • Team develops all Technology Protection related documents Coordinating with all relevant Program, Center, Directorate, and NASA HQ Technology Protection stakeholders
  • 46. Results Oriented We Moved From… …To Not Knowing Program Expectations and Security Needs Direct PM Involvement and Decision Making Minimal Direct Security Staff Involvement w/ Projects Cohesive Team w/ Core Security Competencies Implementation of Security Risk Management; No candidate program security risks Mitigation of two Top Directorate Security Risks Inconsistent Adherence to Security Policy and Practices PM approved comprehensive Security Management Plan “Reactive” Security Response to Projects “Proactive” Security Response/Results Oriented Greater Employee Security Awareness, online education Negligible Program Workforce Security Awareness tools, and quality briefings Minimal Understanding of Threats directed at NASA Current Program Threat Assessment No Process to Determine Mission Critical Information Model Process for Determining MCI Few Quality Security Products Multiple High Quality Security Products No Cross-cutting Communications Established Integrated Product Team (IPT) No overall Program Protection Strategy Protection Strategies Designed to Ensure Success TPWG is the controlling element of a Closed-Loop Security System
  • 47. Acronyms ACD - CI - Counterintelligence CoP - Community of Practice CPP - Certified Protection Professional CxP - Constellation Program DIO - Directorate Integration Office EP - Execution Plan ESMD - Exploration Systems Mission Directorate FCR - Final Controls Report HQ - Headquarters IA - Information Assurance ICR - Initial Controls Report IPO - Information Protection Officer IT - Information Technology MCI - Mission Critical Information MCIA - Mission Critical Information Assessment MCIA-R - Mission Critical Information Assessment Report NCIX - National Counterintelligence Executive NPR - NASA Procedural Requirements OCIO - Office of the Chief Information Officer OSPP - Office of Security and Program Protection RM - Risk Manager S&MA - Safety and Mission Assurance SM - Service Module TBD - To be determined TP - Technology Protection TPO - Technology Protection Officer TPWG - Technology Protection Working Group TVA - Threat and Vulnerability Assessment US - Upper Stage WBS - Work Breakdown Structure
  • 49. When Technology Protection? Earlier the better… Desired Capability X >> Y X Y Capability s ss s re gre g ro rp pro a ne Li ted elera Acc We are here….. But on this track? Or, on this track? Capability / maturation level when initial implementation of TP is too late Time http://www.foresight.org/UTF/Unbound_LBW/chapt_4.html
  • 50. CxP Security Documentation Tree Program Plan A1: Needs, Goals & Objectives CxP 70003 A2: Integrated Master Plan A3: Acquisition Plan System s M anagem ent Architecture Cx Architecture Safety, Reliability & Program Description Engineering Risk M anagem ent System s Plan Requirement Quality Assurance M anagem ent Plan Docum ent M anagem ent Plan Plan (RM ) (M SP) Docum ent (CARD ) (SR&QA) (PMP) (ADD ) (SEMP) 70056 70072 70000 70055 70070 70077 70013 CxP 70070-ANX05-03 - SMP CxP 70171 – Information CxP 70170 - Functional CxP 70070-ANX05 Book 3: Information Systems Contingency Planning & Technology Security Security Requirements Security Reporting Architecture (Form erly (Formerly SMP Book 1) SMP Book 2) M anagement Plan CxP 70070-ANX05-04 - SMP Book 4: Technology Protection (SMP) Program Plan (TPPP) CxP 70070-ANX05-05 - SMP Book 5: Emergency Response & Continuity of Operations Plan (COOP) M ission Ground EVA System s Lunar System s Orion Ares Operations Operations Altair (ES) Surface Project Plan Project Plan (M O) (GO) Project Plan Project Plan Project Plan Project Plan Project Plan
  • 51. Technology Protection Program – The Early Days • Focused on the “bigger picture” – broader national perspective • Performed an early Gap Analysis to determine in-place vs. desired end state for security • Identified and applied security Lessons Learned from past NASA and DoD programs • Heavily leveraged use of institutional security support, thus gaining PM backing • Tracked the program “flow of events” to establish what issues are most important to attack first • Recruited team players; valued all contributions • Brought energy, intensity, and a creative new approach to security planning • Took small steps over time and quietly overcame objections or obstacles • Established a holistic approach for prioritizing security goals based on mission objectives • Leveraged use of in-house (no cost) software tools to enhance efficiency Building future capability and gaining respect from within the intelligence and DoD communities
  • 52. Benefits/Value • Customer Focused – better able to satisfy most urgent ESMD security needs • Early life-cycle Planning – so that resources can be applied and managed; early discovery and resolution of problems • Maximum Flexibility – encourage creative problem solving • Event Driven – to ensure security product maturity is incrementally demonstrated, i.e., response to key decision point / critical milestone reviews • Multi-disciplinary Teamwork – Synergy: right people at the right place and at the right time to make timely decisions • Seamless Management and Communication Tools – to ensure teams have all available information, i.e., risk management tool, community of practice, etc. • Proactive Risk Identification – rapid reduction of risk/uncertainty Technology Protection must demonstrate a Return on Investment