Chapter 10: Working to Secure Governments Cyberspace

Overview

The U.S. government has increased IT security spending and has been hiring more IT security professionals. As mentioned in previous chapters, the government is also building a cybercorps by funding scholarships for individuals going to certified IA programs at schools that have been designated as centers of excellence in IA education. Private-sector organizations will derive several benefits from the efforts of the government to make its computers and networks more secure, including the following:

• Potential technology transfer in the form of practices, standards, and research and development efforts

• A larger and better-trained computer security workforce

• Fewer computers that can become the source of viruses and worms

• Fewer computers that can be used as slaves or drones during largescale information warfare attacks

To meet the goals of priority IV and participate in securing governments' cyberspace, an organization should take or be prepared to take the following steps:

• Provide information to the government that helps to assess threats and vulnerabilities to federal cybersystems continuously.

• Assure that all users in an organization who may need to use federal cybersystems are trustworthy individuals trained on security issues.

• Provide information to the government that may help to secure federal wireless local area networks and keep those networks secure.

• Assist in improving security in government outsourcing and procurement by providing information as requested about contractors, equipment, software, and services.

• Assist state and local governments in establishing IT security programs and encourage such entities to participate in information-sharing and analysis centers with similar governments.