Security

From EITLC Wiki

Contents 1 Rating of this issue is closed 2 Issue Overview 3 Opportunity Space 4 Issue Components/Considerations Rating of this issue is closed Thank you for providing your ratings on this issue as a potential focus for an EITLC Priority Action Team. Results of voting and top issues will be announced shortly.

Issue Overview

As described by the the Resources, Science, and Industry Division of the Library of Congress, cybersecurity refers to three things: measures to protect information technology; the information it contains, processes, and transmits, and associated physical and virtual elements (which together comprise cyberspace); the degree of protection resulting from application of those measures; and the associated field of professional endeavor.

The United States Computer Emergency Readiness Team (US-CERT) provides the following examples of cybersecurity protections (see below), which aim to protect electronic data and systems by preventing, detecting, and responding to cyber related attacks (e.g. virus, spam, spyware, Trojans, hijackers, and worms).

• Firewalls
• Intrusion detection
• Network and physical security
• Cryptography
• Public key
• Authentication
• Forensic security

Opportunity Space

Taking into account the current security landscape, there is a need for information technology and and information management departments to adequately protect environmental information and data exchange from being compromised by various forms of computer attacks.

Issue Components/Considerations

National Cyberspace Response System (Homeland Security - National Cybersecurity Division)

• Cybersecurity Preparedness and the National Cyber Alert System - Cyber threats are constantly changing. Both technical and non-technical computer users can stay prepared for these threats by receiving current information by signing up for the National Cyber Alert System.
• US-CERT Operations - US-CERT is responsible for analyzing and reducing cyber threats and vulnerabilities, disseminating cyber threat warning information, and coordinating incident response activities.
• National Cyber Response Coordination Group - Made up of 13 federal agencies, this is the principal federal agency mechanism for cyber incident response. In the event of a nationally significant cyber-related incident, the NCRCG will help to coordinate the federal response, including US-CERT, law enforcement and the intelligence community.
• Cyber Cop Portal – Coordination with law enforcement helps capture and convict those responsible for cyber attacks. The Cyber Cop Portal is an information sharing and collaboration tool accessed by over 5,300 investigators worldwide who are involved in electronic crimes cases.

Cyber-Risk Management Programs (Homeland Security - National Cybersecurity Division) - Examples of current cyber risk management programs include:

• Cyber Exercises: Cyber Storm - Cyber Storm is a nationwide cybersecurity exercise series that takes place ever two years (February 2006, March 2008) to assess preparedness capabilities in response to a cyber incident of national significance. Cyber Storm was the Department of Homeland Security’s first cyber exercise testing response across the private sector as well as international, federal and state governments.
• National Outreach Awareness Month - Every October the National Cybersecurity Division coordinates with multiple states, universities and the private sector to produce National Cybersecurity Awareness month.
• Software Assurance Program - This program seeks to reduce software vulnerabilities, minimize exploitation, and address ways to improve the routine development and deployment of trustworthy software products. Together, these activities will enable more secure and reliable software that supports mission requirements across enterprises and the critical infrastructure.