|< Day Day Up >|| |
DHS also released The National Strategy to Secure Cyberspace in February 2003. It provides a framework for protecting technology assets from electronic or hacking attacks. The documents sets forth several priorities:
Priority I: A National Cyberspace Security Response System
Priority II: A National Cyberspace Security Threat-and-Vulnerability Reduction Program
Priority III: A National Cyberspace Security Awareness and Training Program
Priority IV: Securing Governments' Cyberspace
Priority V: National Security and International Cyberspace Security Cooperation
There are several steps that organizations can take to stay in sync with the national strategy to secure cyberspace. The following action steps and modifications to disaster-recovery plans (DRPs) and procedures are appropriate for each of the five priorities for securing cyberspace.
Chapters 6 through 11 provide managers with an analysis of the steps required to meet the goals of The National Strategy to Secure Cyberspace.
To meet the goals of priority I and participate in a national cyberspace security response system, an organization should take or be prepared to take the following steps:
Prepare to participate in a public-private architecture for responding to national-level cyberincidents. This may mean that under certain alert conditions organizations will need to report various types of activities and intrusion attempts.
Prepare to contribute to the development of tactical and strategic analysis of cyberattacks and vulnerability assessments. This will require more detailed reporting of activities and intrusion attempts on an ongoing basis.
Join in a shared synoptic view of the health of cyberspace with government agencies and other organizations.
Be a recipient of information from an expanded Cyber Warning and Information Network (CWIN) when DHS is coordinating crisis management activities for cyberspace security, and participate in national incident-management efforts.
Participate in the development of national public-private continuity and contingency planning efforts as well as mobilization exercises to test plans.
To meet the goals of priority II and participate in a national cyberspace security threat and vulnerability-reduction program an organization should take or be prepared to take the following steps:
Assist in enhancing law-enforcement's capabilities for preventing and prosecuting cyberspace attacks. This will mean reporting more incidents and filing necessary complaints to support the prosecution of perpetrators.
Be forthwith in providing information that will contribute to national vulnerability assessments so that all organizations will better understand the potential consequences of threats and vulnerabilities.
Deploy new and more secure protocols and routing technology in order to reduce vulnerabilities. This will require upgrading or replacing less secure technology.
Deploy and use digital control systems and supervisory control and data-acquisition systems that the government has labeled as trusted or that in some other way meets government standards.
Deploy and upgrade software that can reduce and remediate vulnerabilities. This will mean installing patches more frequently or eliminating less secure software from the product mix used by the organization.
Help to analyze infrastructure interdependencies and improve the physical security of cybersystems and telecommunications systems to make them meet potential government standards
Contribute to a process that helps to prioritize federal cybersecurity research and development agendas and assess and secure emerging systems.
To meet the goals of priority III and participate in a national cyberspace security awareness and training effort, an organization should take or be prepared to take the following steps:
Participate in a comprehensive national awareness program to help enable businesses, the general workforce, and the general population to secure their own parts of cyberspace.
Improve in-house training and education programs to support national cybersecurity needs.
Accept and have staff participate in private-sector-supported and widely recognized professional cybersecurity certifications.
To meet the goals of priority IV and participate in securing governments' cyberspace, an organization should take or be prepared to take the following steps:
Provide information to the government that helps to assess continuously threats and vulnerabilities to federal cybersystems.
Assure that all users in an organization that may need to use federal cybersystems are trustworthy individuals and are trained on security issues.
Provide information to the government that may help to secure federal wireless local area networks and keep those networks secure.
Assist in improving security in government outsourcing and procurement by providing information as requested about contractors, equipment, software, and services.
Assist state and local governments in establishing information technology security programs, and encourage such entities to participate in information sharing and analysis centers with similar governments.
To meet the goals of priority V and participate in developing greater national security and international cyberspace security cooperation, an organization should take or be prepared to take the following steps:
Help strengthen cyber-related counterintelligence efforts by providing the government with information about known activities that may be relevant to these efforts.
Provide information to the government that can improve capabilities for attack attribution and response before, during, and after an incident.
Assist the government in improving the coordination of responses to cyberattacks within the U.S. national security community by providing information or technical assistance.
Assist the government to facilitate dialog and partnerships among international public and private sectors focused on protecting information infrastructures.
Participate in the government's national and international watch and warning networks to detect and prevent cyberattacks as they emerge.
Use influence to get other countries to accept the Council of Europe Convention on Cybercrime.
Chapter 12 provides a look into the future of homeland security and a road map for implementing homeland security initiatives by organization level. Appendix A covers the acronyms used in this book. Appendix B lists homeland security resources.
The Digital Press team that worked on this book provided outstanding comments and input. They did a great job. The technical reviewers, John Vacca and John W. Rittinghouse, were extremely helpful.
I also want to acknowledge my associate Baley Montag for his insight, support, and the summary of his novel ExopaTerra, which depicts how terrorist attacks will likely occur in the future. Of course, I always need to acknowledge the support of my close friends, who never cease to encourage me to analyze and write.
The National Strategy to Secure Cyberspace (February 2003).
|< Day Day Up >|| |