Cybersecurity Security
Cybersecurity Czar
| cybersecurity czar information security Computer Security security audits |
Cybersecurity SecurityCybersecurity Czar |
|
|
computer security computer security system cybersecurity cybersecurity czar contact the czar data security department of homeland security email security homeland security information security internet security network security norton internet security security security audit resources Computer Security security audits security camera security company security encryption security equipment security software security system social security Furniture 21 Furniture 21 Furniture Modern Gibraltar Furniture Furniture Designer Gibraltar Designer Furniture |
Abstract of Technology Assessment: Cybersecurity for Critical Infrastructure
Protection GAO-04-321 May
28, 2004 "Computers are crucial to the operations of government and business. Computers and networks essentially run the critical infrastructures that are vital to our national defense, economic security, and public health and safety. Unfortunately, many computer systems and networks were not designed with security in mind. As a result, the core of our critical infrastructure is riddled with vulnerabilities that could enable an attacker to disrupt operations or cause damage to these infrastructures. Critical infrastructure protection (CIP) involves activities that enhance the security of our nation's cyber and physical infrastructure. Defending against attacks on our information technology infrastructure-- cybersecurity--is a major concern of both the government and the private sector. Consistent with guidance provided by the Senate's Fiscal Year 2003 Legislative Branch Appropriations Report (S. Rpt. 107-209), GAO conducted this technology assessment on the use of cybersecurity technologies for CIP in response to a request from congressional committees. This assessment addresses the following questions: (1) What are the key cybersecurity requirements in each of the CIP sectors? (2) What cybersecurity technologies can be applied to CIP? (3) What are the implementation issues associated with using cybersecurity technologies for CIP, including policy issues such as privacy and information sharing? Many cybersecurity technologies that can be used to protect critical infrastructures from cyber attack are currently available, while other technologies are still being researched and developed. These technologies, including access control technologies, system integrity technologies, cryptography, audit and monitoring tools, and configuration management and assurance technologies, can help to protect information that is being processed, stored, and transmitted in the networked computer systems that are prevalent in critical infrastructures. Although many cybersecurity technologies are available, experts feel that these technologies are not being purchased or implemented to the fullest extent. An overall cybersecurity framework can assist in the selection of technologies for CIP. Such a framework can include (1) determining the business requirements for security; (2) performing risk assessments; (3) establishing a security policy; (4) implementing a cybersecurity solution that includes people, processes, and technologies to mitigate identified security risks; and (5) continuously monitoring and managing security. Even with such a framework, other demands often compete with cybersecurity. For instance, investing in cybersecurity technologies often needs to make business sense. It is also important to understand the limitations of some cybersecurity technologies. Cybersecurity technologies do not work in isolation; they must work within an overall security process and be used by trained personnel. Despite the availability of current cybersecurity technologies, there is a demonstrated need for new technologies. Long-term efforts are needed, such as the development of standards, research into cybersecurity vulnerabilities and technological solutions, and the transition of research results into commercially available products. There are three broad categories of actions that the federal government can undertake to increase the use of cybersecurity technologies. First, it can take steps to help critical infrastructures determine their cybersecurity needs, such as developing a national CIP plan, assisting with risk assessments, and enhancing cybersecurity awareness. Second, the federal government can take actions to protect its own systems, which could lead others to emulate it or could lead to the development and availability of more cybersecurity technology products. Third, it can undertake long-term activities to increase the quality and availability of cybersecurity technologies in the marketplace. Ultimately, the responsibility for protecting critical infrastructures falls on the critical infrastructure owners. However, the federal government has several options at its disposal to manage and encourage the increased use of cybersecurity technologies, research and develop new cybersecurity technologies, and generally improve the cybersecurity posture of critical infrastructure sectors. Subject Terms
Technology Assessment: Cybersecurity for Critical Infrastructure
Protection GAO-04-321 May
28, 2004 |
Security Audits Information Security Audits www.4terrorism.com PM 101 Project Management Training www.projectbailout.com Second Opinions Technology Projects Thousands to save Millions www.projectbailout.com live-blues Blues Music Venues www.blues-fest.com Software Architecture Architecture by the Hour www.projectbailout.com Blues Music Blues Music Venues www.blues-fest.com Eames lounges Eames lounges Eames Style Management Chairs Office Furniture Office Seating Eames Style Management Chairs Office Furniture Office Seating Eames Chaise lounge Eames Chaise lounge Eames tables Eames tables Eames Wire Elliptical Table Eames Wire Elliptical Table Eames Molded plywood cocktail table Eames Molded plywood cocktail table Eames Style Ottoman Eames Style Ottoman Eames La Chaise Eames La Chaise Eames Wire Base Table Eames Wire Base Table Eames Style Lounge Chair with Ottoman Eames Style Lounge Chair with Ottoman Eiffel Chair Eames Style Eiffel Chair Eames Style Executive Chairs Eames Style Executive Chairs Eames Style La Chaise Eames Reproduction La Chaise Eames Reproduction Eames Elliptical Table Eames Elliptical Table Eames Eiffel Chair Eames Eiffel Chair Eames Plywood Dining Chair Metal Leg Eames Plywood Dining Chair Metal Leg Plywood Dining Chair Wood Legs Plywood Dining Chair Wood Legs Eames Management Chairs Eames Management Chairs Management Chair With Leather Pad Low Back Management Chair With Leather Pad Low Back Armless Conference Chair in Eames Style Armless Conference Chair in Eames Style Eames Style Management Chair Low back Eames Style Management Chair Low back Eames Management Chair High Back Eames Management Chair High Back Eames Management Chair Low Back Soft Pad Eames Management Chair Low Back Soft Pad Eames Low Back Soft Pad Management Chairs Eames Low Back Soft Pad Management Chairs Plywood Lounge Chair Plywood Lounge Chair Eames Plywood Lounge Chair Eames Plywood Lounge Chair Eames Table Eames Table Eames Metal Lounge chair Eames Metal Lounge chair Eames Wood Lounge Chair Eames Wood Lounge Chair Eames Plywood chair Eames Plywood chair Eames Management chair Eames Management chair Eames Low Back Management Chairs Eames Low Back Management Chairs Eames High Back Executive Chair Eames High Back Executive Chair Eames Furniture Eames Furniture |
cybersecurity auto security health security car security home security Cybersecurity business cybersecurity czar department of security Cybersecurity security company