What is a CCRI and how to be ready

  • Published
  • By 2nd Lt. Josiah Johnson
  • 97th Communications Squadron

From April 15 -19, 2019, the Defense Information Systems Agency (DISA) will conduct a Command Cyber Readiness Inspection (CCRI) of Altus Air Force Base unclassified and classified networks, standalone computers, classified processing areas, communication closets and organization-specific systems.

DISA is responsible for the operation and protection of the Department of Defense Information Network (DoDIN), which provides the 97th Air Mobility Wing connectivity to other bases and agencies, as well as the internet. During the inspection, DISA evaluates the cyber readiness of the base networks and all its users.

Much of the inspection is technical in nature. DISA scans systems for vulnerabilities and reviews documentation and procedures for compliance. The 97th Communications Squadron is leading the base preparation on gathering information on networked systems, and specifically, those applications and systems owned by Program Management Offices (PMOs). Additionally, client server technicians are already ensuring all systems are patched and properly configured to reduce the number of vulnerabilities.

In addition to the technical inspections, an important part of the inspection will involve DISA teams visiting Altus AFB host and tenant organizations to verify information protection compliance. During these visits, DISA focuses on traditional security. However, as they walk through buildings around the base, they will observe general information protection and information assurance practices and may stop to ask questions of personnel they encounter.

 

Each individual's cyber readiness is just as important as a system's readiness.

How to be cyber ready:

 

  • Know your organization's CSL (Client Service Liaison) and security manager.

  • Do not leave your common access card or SIPRNet token unsecured. You are responsible for any misuse of your card.

  • Reboot your desktop/laptop daily. If a co-worker is away for a few days, reboot their computer, too. This allows for patching to close vulnerabilities.

  • If you have an office laptop, ensure you regularly connect it to the Altus AFB network for updates.

  • Mark and properly store documents and other media.

  • Know when and how to encrypt and digitally sign messages.

  • Protect passwords and personal identification numbers (PINs).

  • Do not connect unauthorized devices, such as cell phones, tablets, USB drives, etc., to network computers.

  • Know what to do if a security incident, such as a virus or classified messaging incident occurs.  

  • Report improper or unusual system behavior to your CSL.

  • Prevent shoulder surfing.

  • Immediately contact your security manager and CSL if your classified display is visible from any windows, doorways or other openings.

  • Guard against, and immediately report classified messaging incidents or other data spillages. Pay close attention to document markings, especially if you work with classified information.

  • Keep wireless devices away from classified areas and systems.

This is not an inspection on the 97th CS; it is an inspection of the entire installation, to include all missions and all employees. The 97th CS is leading the CCRI preparation, but we need each organization and each employee to fully prepare as well.

Users are the most critical part in maintaining the security of base systems and information. For this inspection, the work force's cyber readiness impacts whether Altus AFB passes the CCRI or not.


For questions about information assurance or information protection, contact your organization CSL or security manager, or contact the 97th CS CCRI team at DSN 481-5341.