摘要 :
Cyber attacks could have a potentially devastating impact on the nation's computer systems and networks, disrupting the operations of government and businesses and the lives of private individuals. Increasingly sophisticated cyber...
展开
Cyber attacks could have a potentially devastating impact on the nation's computer systems and networks, disrupting the operations of government and businesses and the lives of private individuals. Increasingly sophisticated cyber threats have underscored the need to manage and bolster the cybersecurity of key government systems as well as the nation's critical infrastructure. GAO has designated federal information security as a government-wide high-risk area since 1997, and in 2003 expanded it to include cyber critical infrastructure. GAO has issued numerous reports since that time making recommendations to address weaknesses in federal information security programs as well as efforts to improve critical infrastructure protection. Over that same period, the executive branch has issued strategy documents that have outlined a variety of approaches for dealing with persistent cybersecurity issues. GAO's objectives were to (1) identify challenges faced by the federal government in addressing a strategic approach to cybersecurity, and (2) determine the extent to which the national cybersecurity strategy adheres to desirable characteristics for such a strategy. To address these objectives, GAO analyzed previous reports and updated information obtained from officials at federal agencies with key cybersecurity responsibilities. GAO also obtained the views of experts in information technology management and cybersecurity and conducted a survey of chief information officers at major federal agencies.
收起
摘要 :
Pursuant to Initiative Three of the Comprehensive National Cybersecurity Initiative, DHS is engaging in an exercise to demonstrate a suite of technologies that could be included in the next generation of the Departmentfs EINSTEIN ...
展开
Pursuant to Initiative Three of the Comprehensive National Cybersecurity Initiative, DHS is engaging in an exercise to demonstrate a suite of technologies that could be included in the next generation of the Departmentfs EINSTEIN network security program. This demonstration, (commonly referred to as the 'Initiative Three Exercise' or, more simply, as 'the Exercise') will use a modified complement of system components currently providing the EINSTEIN 1 and EINSTEIN 2 capabilities, as well as a DHS test deployment of technology developed by the National Security Agency (NSA) that includes an intrusion prevention capability (collectively referred to as 'the Exercise technology'). The purpose of the Exercise is to demonstrate the ability of an existing Internet Service Provider that is a designated as a Trusted Internet Connection Access Provider (TICAP) to select and redirect Internet traffic from a single participating government agency through the Exercise technology, for US-CERT to apply intrusion detection and prevention measures to that traffic and for US-CERT to generate automated alerts about selected cyber threats. This PIA is being conducted because the Exercise will analyze Internet traffic which may contain personally identifiable information (PII).
收起
摘要 :
The insider threat issue is a problem faced by all industries and sectors today. It is an issue of growing concern as the consequences of insider incidents can include not only financial losses, but the loss of clients and busines...
展开
The insider threat issue is a problem faced by all industries and sectors today. It is an issue of growing concern as the consequences of insider incidents can include not only financial losses, but the loss of clients and business days. The actions of a single insider can cause damage to an organization ranging from a few lost staff hours to negative publicity and financial damage so extensive that a business may be forced to lay off employees or even close its doors. Furthermore, insider incidents can have repercussions extending beyond the affected organization to include disruption of operations or services critical to a specific sector. In The National Strategy to Secure Cyberspace, the Presidents Critical Infrastructure Protection Board emphasizes the importance of continual evaluation to identify vulnerabilities in, and threats to, government and private information networks and systems.
收起
摘要 :
Cybersecurity vulnerabilities challenge governments, businesses, and individuals worldwide. Attacks have been initiated against individuals, corporations, and countries. Targets have included government networks, companies, and po...
展开
Cybersecurity vulnerabilities challenge governments, businesses, and individuals worldwide. Attacks have been initiated against individuals, corporations, and countries. Targets have included government networks, companies, and political organizations, depending upon whether the attacker was seeking military intelligence, conducting diplomatic or industrial espionage, engaging in cybercrime, or intimidating political activists. In addition, national borders mean little or nothing to cyberattackers, and attributing an attack to a specific location can be difficult, which may make responding problematic.
收起
摘要 :
Cybersecurity vulnerabilities challenge governments, businesses, and individuals worldwide. Attacks have been initiated against individuals, corporations, and countries. Targets have included government networks, companies, and po...
展开
Cybersecurity vulnerabilities challenge governments, businesses, and individuals worldwide. Attacks have been initiated against individuals, corporations, and countries. Targets have included government networks, companies, and political organizations, depending upon whether the attacker was seeking military intelligence, conducting diplomatic or industrial espionage, engaging in cyber crime, or intimidating political activists. In addition, national borders mean little or nothing to cyber attackers, and attributing an attack to a specific location can be difficult, which may make responding problematic.
收起
摘要 :
In past work, we presented a value based measure of cybersecurity that quantifies the security of a system in concrete terms, specifically, in terms of how much each system stakeholder stands to lose (in dollars per hour of operat...
展开
In past work, we presented a value based measure of cybersecurity that quantifies the security of a system in concrete terms, specifically, in terms of how much each system stakeholder stands to lose (in dollars per hour of operation) as a result of security threats and system vulnerabilities; our metric varies according to the stakes that each stakeholder has in meeting each security requirement. In this paper we discuss the specification and design of a system that collects, updates and maintains all the information that pertains to estimating our cybersecurity measure, and offers stakeholders quantitative means to make security-related decisions.
收起
摘要 :
Critical infrastructure is defined in the USA PATRIOT Act (P.L. 107-56, Sec. 1016(e)) as “systems and assets, physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would ...
展开
Critical infrastructure is defined in the USA PATRIOT Act (P.L. 107-56, Sec. 1016(e)) as “systems and assets, physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health and safety, or any combination of those matters.” Presidential Decision Directive 63, or PDD-63, identified activities whose critical infrastructures should be protected: information and communications; banking and finance; water supply; aviation, highways, mass transit, pipelines, rail, and waterborne commerce; emergency and law enforcement services; emergency, fire, and continuity of government services; public health services; electric power, oil and gas production; and storage. In addition, the PDD identified four activities in which the federal government controls the critical infrastructure: (1) internal security and federal law enforcement; (2) foreign intelligence; (3) foreign affairs; and (4) national defense.
收起
摘要 :
The primary objective of the work described in this report is to review the National Institute of Science and Technology (NIST) guidelines and foundational publications from an automotive cybersecurity risk management stand-poin...
展开
The primary objective of the work described in this report is to review the National Institute of Science and Technology (NIST) guidelines and foundational publications from an automotive cybersecurity risk management stand-point. The NIST approach is often used as a baseline to develop a more targeted risk management approach for the specific use cases and issues in specific industries and sectors. This report can be considered as a primer that establishes a baseline conceptual understanding of the NIST approach for the readers and a common vocabulary for discussing risk management for the automotive sector. Additional work would be needed to more effectively apply this framework to the automotive sector. This publication is part of a series of reports that describe our initial work under the goal of facilitating cybersecurity best practices in the automotive industry (Goals 1 and 2). The information presented herein increase the collective knowledge base in automotive cybersecurity; help identify potential knowledge gaps; help describe the risk and threat environments; and help support follow-on tasks that could be used to establish security guidelines. 17. Key
收起
摘要 :
The primary objective of the work detailed in this report is to describe a composite modeling approach for potential cybersecurity threats in modern vehicles. Threat models, threat descriptions, and examples of various types of co...
展开
The primary objective of the work detailed in this report is to describe a composite modeling approach for potential cybersecurity threats in modern vehicles. Threat models, threat descriptions, and examples of various types of conceivable threats to automotive systems are included, along with a matrix containing a condensed version of the various potential attacks. This publication is part of a series of reports that describe our initial work under the goal of facilitating cybersecurity best practices in the automotive industry (Goals 1 and 2). The information presented herein increase the collective knowledge base in automotive cybersecurity; help identify potential knowledge gaps; help describe the risk and threat environments; and help support follow-on tasks that could be used to establish security guidelines. 17. Key
收起