National Strategy to Secure Cyber Space - PowerPoint PPT Presentation

About This Presentation
Title:

National Strategy to Secure Cyber Space

Description:

National Strategy to Secure Cyber Space Week 2 supplementary Lewis University Legal Issues in Information Security Gary A Bannister FCMA, AICPA, CGEIT – PowerPoint PPT presentation

Number of Views:745
Avg rating:3.0/5.0
Slides: 16
Provided by: SheilaFor
Category:

less

Transcript and Presenter's Notes

Title: National Strategy to Secure Cyber Space


1
National Strategy to Secure Cyber Space Week 2
supplementary
  • Lewis University
  • Legal Issues in Information Security
  • Gary A Bannister
    FCMA, AICPA, CGEIT

2
Department of Homeland Security
  • DHS Legislation signed Nov 25, 2002
  • Cabinet level department unites 22 Fed entities
    for the common purpose of improving homeland
    security.

3
DHS Secretary
  • Responsibilities
  • Develop a National protection plan for securing
    key resources and critical infrastructure
  • Provide crisis management in response to attacks
  • Provide technical assistance to government
    entities and the private sector
  • Coordinate warning information /advisories
  • Perform and fund RD

4
National Strategy to Secure Cyberspace
  • Part of overall effort to protect the Nation
  • A Component of
  • The National Strategy for Homeland Security
  • National Strategy for the Physical Protection of
    Critical Infrastructures and Key Assets
  • Purpose is to engage Americans to secure the
    portions of cyberspace that they own, operate,
    control or with which they interact.

5
5 Priorities for Cyberspace Security
  • I. A national response system
  • II. A national threat and vulnerability reduction
    program
  • III. A national awareness and training program
  • IV. Securing governments Cyberspace
  • V. National international cooperation

6
5 Priorities for Cyberspace SecurityEach has
Specific Actions and Initiatives
  • I. A national response system
  • Expand the Cyber Warning Network
  • II. A national threat and vulnerability reduction
    program
  • Enhance law enforcements
    capabilities for preventing
  • III. A national awareness and training program
  • Promote a comprehensive national
    awareness program to empower all
    Americansbusinesses the general workforce, and
    the general population to secure their own parts
    of cyberspace
  • IV. Securing governments Cyberspace
  • National Institute of Standards and
    Technology (NIST)
  • OMB, FISMA
  • V. National international cooperation
  • Work through International
    Organizations and with Industry to Facilitate and
    to Promote a Global Culture of Security

7
I. A national response system
8
Threat and VulnerabilityA Five-Level Problem
  1. The home user / small business (SOHO)
  2. Large Enterprises
  3. Critical sectors Infrastructures
  4. National issues vulnerabilities
  5. Global

9
Threat and VulnerabilityA Five-Level Problem
10
(No Transcript)
11
Information Sharing and Analysis Centers (ISACs)
  • An industry-led mechanism for gathering,
    analyzing and disseminating sector-specific
    security information and articulating and
    promoting best practices. Designed by the various
    sectors to meet their respective needs and
    financed through their membership.

12
Goal Secure the Mechanisms of the Internet
  • Improve the security resilience of key
    protocols
  • IP
  • Transition from IPv4 to IPv6
  • DNS
  • Protection from DoS attacks on the 13 root
    servers
  • BGP (Border Gateway Protocol)
  • Interconnects thousands of networks that make up
    the Internet
  • Protect against false routing information

13
Government Role
  • Private sector is best equipped to respond
  • Justified only when the benefits of intervention
    outweigh associated costs
  • Warranted for
  • Forensics and attack attribution
  • Protection of networks/systems critical to
    national security
  • Indications and warnings
  • R D

14
Toothless Security
  • Nice idea, but you dont expect us to do all
    this stuff voluntarily, do you?
  • Microsoft CSO, Scott Charney
  • Sept 2002

15
Questions?
Write a Comment
User Comments (0)
About PowerShow.com