The Office of Cyber Assessments is responsible for the independent evaluation of the effectiveness of classified and unclassified cybersecurity policies and programs throughout the Department. The Office operates two cyber security testing facilities for conducting internal and external penetration testing using state-of-the-art techniques to challenge and probe computer network security. The Office conducts announced penetration tests to evaluate internal and external threats, and unannounced penetration tests that are executed by a red team of cyber experts playing the role of an adversary to identify weak links that could expose a network to a cyber attack. The Office also analyzes cybersecurity trends and studies complex-wide issues to provide feedback on essential information assurance practices to DOE Headquarters and sites.
Fred West, Director