Towards Centralized Orchestration of Cyber Protection Condition (CPCON)
Mark Timmons, Daniel Lukaszewski, Geoffrey Xie, Thomas Mayo, Donald McCanless
TL;DR
This paper introduces a prototype system for centralized, automated management of CPCON security postures, improving response speed, accuracy, and consistency across DoD networks through policy-driven orchestration and real-time threat handling.
Contribution
It presents a novel centralized orchestration system for CPCON, enabling automated enforcement and verification of security policies in heterogeneous network environments.
Findings
Enhanced speed and accuracy in CPCON transitions
Effective isolation of compromised network segments
Improved verifiability of security enforcement
Abstract
The United States Cyber Command (USCYBERCOM) Cyber Protection Condition (CPCON) framework mandates graduated security postures across Department of Defense (DoD) networks, but current implementation remains largely manual, inconsistent, and error-prone. This paper presents a prototype system for centralized orchestration of CPCON directives, enabling automated policy enforcement and real-time threat response across heterogeneous network environments. Building on prior work in host-based intrusion response, our system leverages a policy-driven orchestrator to standardize security actions, isolate compromised subnets, and verify enforcement status. We validate the system through emulated attack scenarios, demonstrating improved speed, accuracy, and verifiability in CPCON transitions with human-in-the-loop oversight.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSoftware-Defined Networks and 5G · Information and Cyber Security · Security and Verification in Computing