SlideShare a Scribd company logo

CST 20363 Session 6 Cybersecurity Policy

Download as PPTX, PDF
O
oudesign

CST 20363 Session 6 Cybersecurity Policy

Education
1 of 33
October 21, 2004 U.S. National Cybersecurity U.S. Cybersecurity Policy
October 21, 2004 U.S. National Cybersecurity I. Cybersecurity Policy Then & Now A. Brief History B. Current Gov’t Actors C. Recent Legislation (SOX, HIPPA) II. National Strategy to Secure Cyberspace A. Intro to the Plan B. Critical Priorities 1. Response System 2. Threat & Vulnerability Reduction 3. Awareness & Training Program 4. Securing Gov’t. Cyberspace 5. National Security and International Cooperation. III. Critiques of the National Plan IV. Discussion Activity
October 21, 2004 Cybersecurity Policy Then & Now
October 21, 2004 Gov’t Cybersecurity: Then 1996: President Clinton established the President’s Commission on Critical Infrastructure Protection (PCCIP). “Critical Foundations” Report. 1998: Clinton administration issued Presidential Decision Directive 63 (PDD63). Creates : - National Infrastructure Protection Center (NIPC) in FBI – Critical Infrastructure Assurance Office (CIAO) in Dept. of Commerce 2001: After 9/11 Bush creates: - Office of Cyberspace Security (Richard Clarke) - President’s Critical Infrastructure Protection Board (PCIPB) U.S. National Cybersecurity
October 21, 2004 Gov’t Cybersecurity: Now • Nov. 2002: • Cybersecurity duties consolidated under DHS -> Information Analysis and Infrastructure Protection Division (IAIP) . Exact role of cybersecurity unclear? • June 2003: • National Cyber Security Division (NCSD) created under IAIP. Headed by Amit Yoran from Symantec, the role of the NCSD is to conducting cyberspace analysis, issue alerts and warning, improve information sharing, respond to major incidents, and aid in national-level recovery efforts . U.S. National Cybersecurity
October 21, 2004 Gov’t Cybersecurity: Now • Sept. 2003: • The United States-Computer Emergency Readiness Team (US-CERT) is the United States government coordination point for bridging public and private sector institutions. • Oct. 2004: • Yoran steps down citing frustration with a perceived lack of attention and funding given to cybersecurity issues. He is replace by deputy Andy Purdy and the debate over the position of cybersecurity within DHS Continues. U.S. National Cybersecurity
October 21, 2004 U.S. National Cybersecurity Other Gov’t Actors House: - Select Committee on Homeland Security -> Subcommittee on Cybersecurity, Science, Research & Development (Adam Putnam, R-FL) - Science Committee (Sherwood Boehlert, R-NY) Senate: - Committee on Government Affairs (Susan Collins, R-ME ) In Congress: Funding is major issue. Support is often bi-partisan
October 21, 2004 U.S. National Cybersecurity Other Gov’t Actors FBI Dept. of Defense NSA Secret Service The usual suspects: and don’t forget: Dept. Commerce / NIST Office of Management And Budget (OMB) Dept. of Treasury SEC and more... DOE FCC
October 21, 2004 U.S. National Cybersecurity The Big Picture What’s the Point? Complex web of interactions. There are many different government actors with their own interests and specialties No complete top-down organization
October 21, 2004 Recent Legislation: HIPAA Health Insurance Portability and Accountability Act (HIPAA) Goal: Secure protected health information (PHI), What it is: - Not specific to computer security at all, but set forth standards governing much of which is on computers. - Insure confidentiality, integrity and availability of all electronic protected health care information - Comprehensive: ALL employees must be trained. - Does not mandate specific technologies, but makes all “covered entities” potentially subject to litigation. U.S. National Cybersecurity
October 21, 2004 Recent Legislation: SOX • Sarbanes-Oxley Act (SOX) • Goal: • Verify the integrity of financial statements and information of publicly traded companies. • What it is: • - Since information systems support most corporate finance systems, this translates to requirements for maintaining sufficient info security. • - Threat of jail time for executives has spurred a significant investment in corporate info security. U.S. National Cybersecurity
October 21, 2004 The National Strategy to Secure Cyberspace U.S. National Cybersecurity
October 21, 2004 U.S. National Cybersecurity What are critical infrastructures? Critical Infrastructures are public and private institutions in the following sectors: Agriculture, food, water, public health, emergency services, government, defense industrial base, information and telecommunications, energy, transportation, banking and finance, chemicals and hazardous materials, and postal and shipping. Essentially: What makes America tick.
October 21, 2004 Why Cyberspace? “Cyberspace is composed of hundreds of thousands of interconnected computers, servers, routers, switches and fiber optic cables that allow our critical infrastructure to work” [ NSSC: p. vii ] U.S. National Cybersecurity
October 21, 2004 What is the Threat? “Our primary concern is the threat of organized cyber attacks capable of causing debilitating disruption to our Nation’s critical infrastructures, economy, or national security” [ NSSC: p. viii ] U.S. National Cybersecurity
October 21, 2004 What is the Threat? Peacetime: - gov’t and corporate espionage - mapping to prepare for an attack Wartime: - intimidate leaders by attacking critical infrastructures or eroding public confidence in our information systems. Is this the right threat model? What about: - impairing our ability to respond - economic war of attrition U.S. National Cybersecurity
October 21, 2004 Government’s Role (part I) “In general, the private sector is best equipped and structured to respond to an evolving cyber-threat” [NSSC p ix] “federal regulation will not become a primary means of securing cyberspace … the market itself is expected to provide the major impetus to improve cybersecurity” [NSSC p 15 ] “with greater awareness of the issues, companies can benefit from increasing their levels of cybersecurity. Greater awareness and voluntary efforts are critical components of the NSSC.” [NSSC p 10] U.S. National Cybersecurity
October 21, 2004 Government’s Role (part I) Public-private partnership is the centerpiece of plan to protect largely privately own infrastructure. In practice: Look at use of “encourage”, “voluntary” and “public-private” in text of document.
October 21, 2004 Government’s Role (part II) However, Government does have a role when: • high costs or legal barriers cause problems for private industry • securing its own cyberspace • interacting with other governments on cybersecurity • incentive problems leading to under provisioning of shared resources • raising awareness U.S. National Cybersecurity
October 21, 2004 Critical Priorities for Cyberspace Security: I. Security Response System II. Threat & Vulnerability Reduction Program III. Awareness & Training Program IV. Securing Government’s Cyberspace V. National Security & International Cooperation U.S. National Cybersecurity
October 21, 2004 Priority I: Security Response System Goals: 1) Create an architecture for responding to national- level cyber incidents a) Vulnerability analysis b) Warning System c) Incident Management d) Response & Recovery 2) Encourage Cybersecurity Information Sharing using ISACS and other mechanisms U.S. National Cybersecurity
October 21, 2004 U.S. National Cybersecurity Priority I Initiative: US-CERT (2003) Goal: Coordinate defense against and response to cyber attacks and promote information sharing. What is does: - CERT = Computer Emergency Readiness Team - Contact point for industry and ISACs into the DHS and other gov’t cybersecurity offices. - National Cyber Alert System - Still new, role not clearly defined
October 21, 2004 U.S. National Cybersecurity Priority I Initiative: Critical Infrastructure Info. Act of 2002 Goal: Reduce vulnerability of current critical infrastructure systems What is does: Allows the DHS to receive and protect voluntarily submitted information about vulnerabilities or security attacks involving privately owned critical infrastructure. The Act protects qualifying information from disclosure under the Freedom of Information Act.
October 21, 2004 Priority II: Threat & Vulnerability Reduction Program Goals: 1) Reduce Threat & Deter Malicious Actors a) enhanced law enforcement b) National Threat Assessment 2) Identify & Remediate Existing Vuln’s a) Secure Mechanisms of the Internet b) Improve SCADA systems c) Reduce software vulnerabilities d) Improve reliability & security of physical infrastructure 3) Develop new, more secure technologies U.S. National Cybersecurity
October 21, 2004 U.S. National Cybersecurity Priority II Initiative : sDNS & sBGP Goal: To develop and deploy new protocols that improve the security of the Internet infrastructure. What is does: DHS is providing funding and working with Internet standards bodies to help design and implement these new protocols, which have been stalled for some time. Adoption strategy remains a largely untackled hurdle.
October 21, 2004 U.S. National Cybersecurity Priority II Initiative : Cyber Security R&D Act (2002) Goal: Promote research and innovation for technologies relating to cybersecurity and increase the number of experts in the field. What is does: Dedicated more than $900 million over five years to security research programs and creates fellowships for the study of cybersecurity related topics. Recent release of BAA from SRI shows technical priorities for developing systems to reduce overall vulnerabilities.
October 21, 2004 Priority III: Security Awareness and Training Program Goals: 1) Awareness* for home/small business, enterprises, universities, industrial sectors and government 2) Developing more training & certification program to combat a perceived workforce deficiency. * this means vastly different things for different audiences U.S. National Cybersecurity
October 21, 2004 Priority IV: Securing Government’s Cyberspace Goals: 1) Protect the many information systems supporting critical services provided by the government at the federal, state and local levels. 2) Lead by example in federal agencies and use procurement power to encourage the development of more secure produces. U.S. National Cybersecurity
October 21, 2004 Priority IV Initiative: FISMA • Federal Information Security Management Act (FISMA): • Goal: • Strengthen federal agencies resistance to cybersecurity attacks and lead by example. • What is it: • Mandates that CIO of each federal agency develop and maintain an agency-wide information security program that includes: • periodic risk assessments • security policies/plans/procedures • security training for personnel • periodic testing and evaluation • incident detection, reporting & response • plan to ensure continuity of operation (during an attack) U.S. National Cybersecurity
October 21, 2004 Priority V: National Security & International Cooperation Goals: 1) Improve National Security by: a) improving counter-intelligence and response efforts in cyberspace within the national security community b) improving attribution and prevention capabilities c) being able to respond in an “appropriate” manner 2) Enhance International Cooperation by: a) reaching cybersecurity agreements with members of existing world organizations b) promote the adoption of cyber-crime laws and mutual assistance provisions across the globe. U.S. National Cybersecurity
October 21, 2004 Critiques of the National Plan U.S. National Cybersecurity
October 21, 2004 Criticisms of the National Plan Frequently stated arguments: 1) By avoiding regulation, the plan has “no teeth” and can freely be ignored by companies. 2) Government claims of an “information deficit” at the enterprise level are misinformed and awareness efforts are a waste. 3) Not enough consideration has been given to the role economic incentives play in creating cybersecurity vulnerabilities. U.S. National Cybersecurity
October 21, 2004 Finally: Time for Discussion U.S. National Cybersecurity

Recommended

ID IGF 2016 - Hukum 3 - Kedaulatan dan Ketahanan Cyber Nasional
ID IGF 2016 - Hukum 3 - Kedaulatan dan Ketahanan Cyber NasionalID IGF 2016 - Hukum 3 - Kedaulatan dan Ketahanan Cyber Nasional
ID IGF 2016 - Hukum 3 - Kedaulatan dan Ketahanan Cyber NasionalIGF Indonesia
 
National Strategy to Secure 5G of the United States of America
National Strategy to Secure 5G of the United States of AmericaNational Strategy to Secure 5G of the United States of America
National Strategy to Secure 5G of the United States of AmericaNeil McDonnell
 
DBryant-Cybersecurity Challenge
DBryant-Cybersecurity ChallengeDBryant-Cybersecurity Challenge
DBryant-Cybersecurity Challengemsdee3362
 
Application of principles of international law to computer networks operation...
Application of principles of international law to computer networks operation...Application of principles of international law to computer networks operation...
Application of principles of international law to computer networks operation...Adriana Dvorsak
 
idigf - hukum - ui - edmon makarim
idigf - hukum - ui - edmon makarimidigf - hukum - ui - edmon makarim
idigf - hukum - ui - edmon makarimIGF Indonesia
 
National Critical Information Infrastructure Protection Centre (NCIIPC): Role...
National Critical Information Infrastructure Protection Centre (NCIIPC): Role...National Critical Information Infrastructure Protection Centre (NCIIPC): Role...
National Critical Information Infrastructure Protection Centre (NCIIPC): Role...Cybersecurity Education and Research Centre
 
2015 Cyber Security Strategy
2015 Cyber Security Strategy 2015 Cyber Security Strategy
2015 Cyber Security Strategy Mohit Kumar
 
Cybercrime and Cybersecurity Differences
Cybercrime and Cybersecurity DifferencesCybercrime and Cybersecurity Differences
Cybercrime and Cybersecurity DifferencesArthit Suriyawongkul
 

Recommended

ID IGF 2016 - Hukum 3 - Kedaulatan dan Ketahanan Cyber Nasional
ID IGF 2016 - Hukum 3 - Kedaulatan dan Ketahanan Cyber NasionalID IGF 2016 - Hukum 3 - Kedaulatan dan Ketahanan Cyber Nasional
ID IGF 2016 - Hukum 3 - Kedaulatan dan Ketahanan Cyber NasionalIGF Indonesia
 
National Strategy to Secure 5G of the United States of America
National Strategy to Secure 5G of the United States of AmericaNational Strategy to Secure 5G of the United States of America
National Strategy to Secure 5G of the United States of AmericaNeil McDonnell
 
DBryant-Cybersecurity Challenge
DBryant-Cybersecurity ChallengeDBryant-Cybersecurity Challenge
DBryant-Cybersecurity Challengemsdee3362
 
Application of principles of international law to computer networks operation...
Application of principles of international law to computer networks operation...Application of principles of international law to computer networks operation...
Application of principles of international law to computer networks operation...Adriana Dvorsak
 
idigf - hukum - ui - edmon makarim
idigf - hukum - ui - edmon makarimidigf - hukum - ui - edmon makarim
idigf - hukum - ui - edmon makarimIGF Indonesia
 
National Critical Information Infrastructure Protection Centre (NCIIPC): Role...
National Critical Information Infrastructure Protection Centre (NCIIPC): Role...National Critical Information Infrastructure Protection Centre (NCIIPC): Role...
National Critical Information Infrastructure Protection Centre (NCIIPC): Role...Cybersecurity Education and Research Centre
 
2015 Cyber Security Strategy
2015 Cyber Security Strategy 2015 Cyber Security Strategy
2015 Cyber Security Strategy Mohit Kumar
 
Cybercrime and Cybersecurity Differences
Cybercrime and Cybersecurity DifferencesCybercrime and Cybersecurity Differences
Cybercrime and Cybersecurity DifferencesArthit Suriyawongkul
 
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETS
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETSSEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETS
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETSS. F. (Sid) Nash
 
Protection of critical information infrastructure
Protection of critical information infrastructureProtection of critical information infrastructure
Protection of critical information infrastructureNeha Agarwal
 
Final national cyber security strategy november 2014
Final national cyber security strategy november 2014Final national cyber security strategy november 2014
Final national cyber security strategy november 2014vikawotar
 
Information warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectorsInformation warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectorsLove Steven
 
Disarm vanguards 2022-02-25 (3)
Disarm vanguards 2022-02-25 (3)Disarm vanguards 2022-02-25 (3)
Disarm vanguards 2022-02-25 (3)SaraJayneTerp
 
CTO Cybersecurity Forum 2013 Mario Maniewicz
CTO Cybersecurity Forum 2013 Mario ManiewiczCTO Cybersecurity Forum 2013 Mario Maniewicz
CTO Cybersecurity Forum 2013 Mario ManiewiczCommonwealth Telecommunications Organisation
 
The National Cyber Security Strategy 2016 to 2021 sets out the government's p...
The National Cyber Security Strategy 2016 to 2021 sets out the government's p...The National Cyber Security Strategy 2016 to 2021 sets out the government's p...
The National Cyber Security Strategy 2016 to 2021 sets out the government's p...at MicroFocus Italy ❖✔
 
Marriage of Cyber Security with Emergency Management
Marriage of Cyber Security with Emergency ManagementMarriage of Cyber Security with Emergency Management
Marriage of Cyber Security with Emergency ManagementDavid Sweigert
 
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...Cyber Security Alliance
 
Session # 9 Nanji Himss10 Presentation Sent To Himss Revised And Final
Session # 9 Nanji Himss10 Presentation Sent To Himss Revised And FinalSession # 9 Nanji Himss10 Presentation Sent To Himss Revised And Final
Session # 9 Nanji Himss10 Presentation Sent To Himss Revised And FinalFeisal Nanji
 
Information warfare and information operations
Information warfare and information operationsInformation warfare and information operations
Information warfare and information operationsClifford Stone
 
Capstone Presentation
Capstone PresentationCapstone Presentation
Capstone Presentationjlevy
 
Finland s cyber security strategy background dossier
Finland s cyber security strategy background dossierFinland s cyber security strategy background dossier
Finland s cyber security strategy background dossierYury Chemerkin
 
Mich_Cyber_Initiative_2015
Mich_Cyber_Initiative_2015Mich_Cyber_Initiative_2015
Mich_Cyber_Initiative_2015Rob Blackwell
 
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...WCIT 2014
 
香港六合彩
香港六合彩香港六合彩
香港六合彩shujia
 
Hsl Capstone Project J
Hsl Capstone Project JHsl Capstone Project J
Hsl Capstone Project Jjlevy
 
DRAFT of NEW White House Cybersecurity Executive Order leaked
DRAFT of NEW White House Cybersecurity Executive Order leakedDRAFT of NEW White House Cybersecurity Executive Order leaked
DRAFT of NEW White House Cybersecurity Executive Order leakedDavid Sweigert
 
Private Data Mining and Citizens� Rights
Private Data Mining and Citizens� RightsPrivate Data Mining and Citizens� Rights
Private Data Mining and Citizens� Rightsdigitallibrary
 
Southern Risk Council - Cybersecurity Update 10-9-13
Southern Risk Council - Cybersecurity Update 10-9-13Southern Risk Council - Cybersecurity Update 10-9-13
Southern Risk Council - Cybersecurity Update 10-9-13Phil Agcaoili
 
Comprehensive U.S. Cyber Framework Final Report
Comprehensive U.S. Cyber Framework Final ReportComprehensive U.S. Cyber Framework Final Report
Comprehensive U.S. Cyber Framework Final ReportLandon Harrell
 
There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?
There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?
There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?Brian K. Dickard
 

More Related Content

What's hot

SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETS
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETSSEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETS
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETSS. F. (Sid) Nash
 
Protection of critical information infrastructure
Protection of critical information infrastructureProtection of critical information infrastructure
Protection of critical information infrastructureNeha Agarwal
 
Final national cyber security strategy november 2014
Final national cyber security strategy november 2014Final national cyber security strategy november 2014
Final national cyber security strategy november 2014vikawotar
 
Information warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectorsInformation warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectorsLove Steven
 
Disarm vanguards 2022-02-25 (3)
Disarm vanguards 2022-02-25 (3)Disarm vanguards 2022-02-25 (3)
Disarm vanguards 2022-02-25 (3)SaraJayneTerp
 
The National Cyber Security Strategy 2016 to 2021 sets out the government's p...
The National Cyber Security Strategy 2016 to 2021 sets out the government's p...The National Cyber Security Strategy 2016 to 2021 sets out the government's p...
The National Cyber Security Strategy 2016 to 2021 sets out the government's p...at MicroFocus Italy ❖✔
 
Marriage of Cyber Security with Emergency Management
Marriage of Cyber Security with Emergency ManagementMarriage of Cyber Security with Emergency Management
Marriage of Cyber Security with Emergency ManagementDavid Sweigert
 
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...Cyber Security Alliance
 
Session # 9 Nanji Himss10 Presentation Sent To Himss Revised And Final
Session # 9 Nanji Himss10 Presentation Sent To Himss Revised And FinalSession # 9 Nanji Himss10 Presentation Sent To Himss Revised And Final
Session # 9 Nanji Himss10 Presentation Sent To Himss Revised And FinalFeisal Nanji
 
Information warfare and information operations
Information warfare and information operationsInformation warfare and information operations
Information warfare and information operationsClifford Stone
 
Capstone Presentation
Capstone PresentationCapstone Presentation
Capstone Presentationjlevy
 
Finland s cyber security strategy background dossier
Finland s cyber security strategy background dossierFinland s cyber security strategy background dossier
Finland s cyber security strategy background dossierYury Chemerkin
 
Mich_Cyber_Initiative_2015
Mich_Cyber_Initiative_2015Mich_Cyber_Initiative_2015
Mich_Cyber_Initiative_2015Rob Blackwell
 
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...WCIT 2014
 
香港六合彩
香港六合彩香港六合彩
香港六合彩shujia
 
Hsl Capstone Project J
Hsl Capstone Project JHsl Capstone Project J
Hsl Capstone Project Jjlevy
 
DRAFT of NEW White House Cybersecurity Executive Order leaked
DRAFT of NEW White House Cybersecurity Executive Order leakedDRAFT of NEW White House Cybersecurity Executive Order leaked
DRAFT of NEW White House Cybersecurity Executive Order leakedDavid Sweigert
 
Private Data Mining and Citizens� Rights
Private Data Mining and Citizens� RightsPrivate Data Mining and Citizens� Rights
Private Data Mining and Citizens� Rightsdigitallibrary
 
Southern Risk Council - Cybersecurity Update 10-9-13
Southern Risk Council - Cybersecurity Update 10-9-13Southern Risk Council - Cybersecurity Update 10-9-13
Southern Risk Council - Cybersecurity Update 10-9-13Phil Agcaoili
 

What's hot (20)

SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETS
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETSSEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETS
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETS
 
Protection of critical information infrastructure
Protection of critical information infrastructureProtection of critical information infrastructure
Protection of critical information infrastructure
 
Final national cyber security strategy november 2014
Final national cyber security strategy november 2014Final national cyber security strategy november 2014
Final national cyber security strategy november 2014
 
Information warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectorsInformation warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectors
 
Disarm vanguards 2022-02-25 (3)
Disarm vanguards 2022-02-25 (3)Disarm vanguards 2022-02-25 (3)
Disarm vanguards 2022-02-25 (3)
 
CTO Cybersecurity Forum 2013 Mario Maniewicz
CTO Cybersecurity Forum 2013 Mario ManiewiczCTO Cybersecurity Forum 2013 Mario Maniewicz
CTO Cybersecurity Forum 2013 Mario Maniewicz
 
The National Cyber Security Strategy 2016 to 2021 sets out the government's p...
The National Cyber Security Strategy 2016 to 2021 sets out the government's p...The National Cyber Security Strategy 2016 to 2021 sets out the government's p...
The National Cyber Security Strategy 2016 to 2021 sets out the government's p...
 
Marriage of Cyber Security with Emergency Management
Marriage of Cyber Security with Emergency ManagementMarriage of Cyber Security with Emergency Management
Marriage of Cyber Security with Emergency Management
 
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
 
Session # 9 Nanji Himss10 Presentation Sent To Himss Revised And Final
Session # 9 Nanji Himss10 Presentation Sent To Himss Revised And FinalSession # 9 Nanji Himss10 Presentation Sent To Himss Revised And Final
Session # 9 Nanji Himss10 Presentation Sent To Himss Revised And Final
 
Information warfare and information operations
Information warfare and information operationsInformation warfare and information operations
Information warfare and information operations
 
Capstone Presentation
Capstone PresentationCapstone Presentation
Capstone Presentation
 
Finland s cyber security strategy background dossier
Finland s cyber security strategy background dossierFinland s cyber security strategy background dossier
Finland s cyber security strategy background dossier
 
Mich_Cyber_Initiative_2015
Mich_Cyber_Initiative_2015Mich_Cyber_Initiative_2015
Mich_Cyber_Initiative_2015
 
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
 
香港六合彩
香港六合彩香港六合彩
香港六合彩
 
Hsl Capstone Project J
Hsl Capstone Project JHsl Capstone Project J
Hsl Capstone Project J
 
DRAFT of NEW White House Cybersecurity Executive Order leaked
DRAFT of NEW White House Cybersecurity Executive Order leakedDRAFT of NEW White House Cybersecurity Executive Order leaked
DRAFT of NEW White House Cybersecurity Executive Order leaked
 
Private Data Mining and Citizens� Rights
Private Data Mining and Citizens� RightsPrivate Data Mining and Citizens� Rights
Private Data Mining and Citizens� Rights
 
Southern Risk Council - Cybersecurity Update 10-9-13
Southern Risk Council - Cybersecurity Update 10-9-13Southern Risk Council - Cybersecurity Update 10-9-13
Southern Risk Council - Cybersecurity Update 10-9-13
 

Similar to CST 20363 Session 6 Cybersecurity Policy

Comprehensive U.S. Cyber Framework Final Report
Comprehensive U.S. Cyber Framework Final ReportComprehensive U.S. Cyber Framework Final Report
Comprehensive U.S. Cyber Framework Final ReportLandon Harrell
 
There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?
There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?
There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?Brian K. Dickard
 
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...The Federal Government's Track Record on Cybersecurity and Critical Infrastru...
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...- Mark - Fullbright
 
Asymmetric threat 5_paper
Asymmetric threat 5_paperAsymmetric threat 5_paper
Asymmetric threat 5_paperMarioEliseo3
 
47Critical Infrastructure Protection, Emergency Respon.docx
47Critical Infrastructure Protection, Emergency Respon.docx 47Critical Infrastructure Protection, Emergency Respon.docx
47Critical Infrastructure Protection, Emergency Respon.docxShiraPrater50
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the newsunnyjoshi88
 
Open Source and Cyber Security: Open Source Software's Role in Government Cyb...
Open Source and Cyber Security: Open Source Software's Role in Government Cyb...Open Source and Cyber Security: Open Source Software's Role in Government Cyb...
Open Source and Cyber Security: Open Source Software's Role in Government Cyb...Great Wide Open
 
WA State Cyber Response
WA State Cyber ResponseWA State Cyber Response
WA State Cyber ResponseEmily2014
 
Major Essay_ US-China Relations_FINAL
Major Essay_ US-China Relations_FINALMajor Essay_ US-China Relations_FINAL
Major Essay_ US-China Relations_FINALLouise Collins
 
Cyber security-in-india-present-status
Cyber security-in-india-present-statusCyber security-in-india-present-status
Cyber security-in-india-present-statusRama Reddy
 
Keep in touch for cyber peace_20150212
Keep in touch for cyber peace_20150212Keep in touch for cyber peace_20150212
Keep in touch for cyber peace_20150212Kunihiro Maeda
 
Cyber Security for Oil and Gas
Cyber Security for Oil and Gas Cyber Security for Oil and Gas
Cyber Security for Oil and Gas mariaidga
 
Cybersecurity Strategies - time for the next generation
Cybersecurity Strategies - time for the next generationCybersecurity Strategies - time for the next generation
Cybersecurity Strategies - time for the next generationHinne Hettema
 
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115James Bryce Clark
 
Gsn 2014 digital yearbook of homeland security awards
Gsn 2014 digital yearbook of homeland security awardsGsn 2014 digital yearbook of homeland security awards
Gsn 2014 digital yearbook of homeland security awardsChuck Brooks
 
Brian Wrote There is a wide range of cybersecurity initiatives .docx
Brian Wrote There is a wide range of cybersecurity initiatives .docxBrian Wrote There is a wide range of cybersecurity initiatives .docx
Brian Wrote There is a wide range of cybersecurity initiatives .docxhartrobert670
 
Akolade data presentation by Paul O'Connor
Akolade data presentation by Paul O'ConnorAkolade data presentation by Paul O'Connor
Akolade data presentation by Paul O'ConnorPaul O'Connor
 

Similar to CST 20363 Session 6 Cybersecurity Policy (20)

Comprehensive U.S. Cyber Framework Final Report
Comprehensive U.S. Cyber Framework Final ReportComprehensive U.S. Cyber Framework Final Report
Comprehensive U.S. Cyber Framework Final Report
 
There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?
There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?
There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?
 
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...The Federal Government's Track Record on Cybersecurity and Critical Infrastru...
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...
 
Asymmetric threat 5_paper
Asymmetric threat 5_paperAsymmetric threat 5_paper
Asymmetric threat 5_paper
 
47Critical Infrastructure Protection, Emergency Respon.docx
47Critical Infrastructure Protection, Emergency Respon.docx 47Critical Infrastructure Protection, Emergency Respon.docx
47Critical Infrastructure Protection, Emergency Respon.docx
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the new
 
Open Source and Cyber Security: Open Source Software's Role in Government Cyb...
Open Source and Cyber Security: Open Source Software's Role in Government Cyb...Open Source and Cyber Security: Open Source Software's Role in Government Cyb...
Open Source and Cyber Security: Open Source Software's Role in Government Cyb...
 
WA State Cyber Response
WA State Cyber ResponseWA State Cyber Response
WA State Cyber Response
 
Major Essay_ US-China Relations_FINAL
Major Essay_ US-China Relations_FINALMajor Essay_ US-China Relations_FINAL
Major Essay_ US-China Relations_FINAL
 
Cyber security-in-india-present-status
Cyber security-in-india-present-statusCyber security-in-india-present-status
Cyber security-in-india-present-status
 
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
 
Keep in touch for cyber peace_20150212
Keep in touch for cyber peace_20150212Keep in touch for cyber peace_20150212
Keep in touch for cyber peace_20150212
 
Cyber Security for Oil and Gas
Cyber Security for Oil and Gas Cyber Security for Oil and Gas
Cyber Security for Oil and Gas
 
Cybersecurity Strategies - time for the next generation
Cybersecurity Strategies - time for the next generationCybersecurity Strategies - time for the next generation
Cybersecurity Strategies - time for the next generation
 
Judgement Day - Slovakia
Judgement Day - SlovakiaJudgement Day - Slovakia
Judgement Day - Slovakia
 
CT3- STEVENS
CT3- STEVENSCT3- STEVENS
CT3- STEVENS
 
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
 
Gsn 2014 digital yearbook of homeland security awards
Gsn 2014 digital yearbook of homeland security awardsGsn 2014 digital yearbook of homeland security awards
Gsn 2014 digital yearbook of homeland security awards
 
Brian Wrote There is a wide range of cybersecurity initiatives .docx
Brian Wrote There is a wide range of cybersecurity initiatives .docxBrian Wrote There is a wide range of cybersecurity initiatives .docx
Brian Wrote There is a wide range of cybersecurity initiatives .docx
 
Akolade data presentation by Paul O'Connor
Akolade data presentation by Paul O'ConnorAkolade data presentation by Paul O'Connor
Akolade data presentation by Paul O'Connor
 

More from oudesign

Week 8 multicultural images OUacademicTech
Week 8 multicultural images OUacademicTechWeek 8 multicultural images OUacademicTech
Week 8 multicultural images OUacademicTechoudesign
 
ITS-35505-Amazing_photoshop_slideshow
ITS-35505-Amazing_photoshop_slideshowITS-35505-Amazing_photoshop_slideshow
ITS-35505-Amazing_photoshop_slideshowoudesign
 
CST 20363 Session 7 - Blockchain
CST 20363 Session 7 - BlockchainCST 20363 Session 7 - Blockchain
CST 20363 Session 7 - Blockchainoudesign
 
CST 20363 Session 6 Cyberspace
CST 20363 Session 6 CyberspaceCST 20363 Session 6 Cyberspace
CST 20363 Session 6 Cyberspaceoudesign
 
CST 20363 Session 5 Robotics
CST 20363 Session 5 RoboticsCST 20363 Session 5 Robotics
CST 20363 Session 5 Roboticsoudesign
 
CST 20363 Session 3
CST 20363 Session 3CST 20363 Session 3
CST 20363 Session 3oudesign
 
CST 20363 Session 4 Computer Logic Design
CST 20363 Session 4 Computer Logic DesignCST 20363 Session 4 Computer Logic Design
CST 20363 Session 4 Computer Logic Designoudesign
 
CST 20363 Session 2
CST 20363 Session 2CST 20363 Session 2
CST 20363 Session 2oudesign
 
CST 20363-Session 1.2-A Brief History of Computing
CST 20363-Session 1.2-A Brief History of ComputingCST 20363-Session 1.2-A Brief History of Computing
CST 20363-Session 1.2-A Brief History of Computingoudesign
 
CST-20363-Session 1.1-Something Called CS
CST-20363-Session 1.1-Something Called CSCST-20363-Session 1.1-Something Called CS
CST-20363-Session 1.1-Something Called CSoudesign
 
CST-20363-Session 1-In the Bitginning
CST-20363-Session 1-In the BitginningCST-20363-Session 1-In the Bitginning
CST-20363-Session 1-In the Bitginningoudesign
 
Synthetic Division
Synthetic DivisionSynthetic Division
Synthetic Divisionoudesign
 
Week 7 Database Development Process
Week 7 Database Development ProcessWeek 7 Database Development Process
Week 7 Database Development Processoudesign
 
Week 6 Normalization
Week 6 NormalizationWeek 6 Normalization
Week 6 Normalizationoudesign
 
Week 4 The Relational Data Model & The Entity Relationship Data Model
Week 4 The Relational Data Model & The Entity Relationship Data ModelWeek 4 The Relational Data Model & The Entity Relationship Data Model
Week 4 The Relational Data Model & The Entity Relationship Data Modeloudesign
 
Week 3 Classification of Database Management Systems & Data Modeling
Week 3 Classification of Database Management Systems & Data ModelingWeek 3 Classification of Database Management Systems & Data Modeling
Week 3 Classification of Database Management Systems & Data Modelingoudesign
 
Week 2 Characteristics & Benefits of a Database & Types of Data Models
Week 2 Characteristics & Benefits of a Database & Types of Data ModelsWeek 2 Characteristics & Benefits of a Database & Types of Data Models
Week 2 Characteristics & Benefits of a Database & Types of Data Modelsoudesign
 
Week 1 Lab Directions
Week 1 Lab DirectionsWeek 1 Lab Directions
Week 1 Lab Directionsoudesign
 
Week 1 Before the Advent of Database Systems & Fundamental Concepts
Week 1 Before the Advent of Database Systems & Fundamental ConceptsWeek 1 Before the Advent of Database Systems & Fundamental Concepts
Week 1 Before the Advent of Database Systems & Fundamental Conceptsoudesign
 
ACG 7000 Week 5 Developmental Psychology
ACG 7000 Week 5 Developmental PsychologyACG 7000 Week 5 Developmental Psychology
ACG 7000 Week 5 Developmental Psychologyoudesign
 

More from oudesign (20)

Week 8 multicultural images OUacademicTech
Week 8 multicultural images OUacademicTechWeek 8 multicultural images OUacademicTech
Week 8 multicultural images OUacademicTech
 
ITS-35505-Amazing_photoshop_slideshow
ITS-35505-Amazing_photoshop_slideshowITS-35505-Amazing_photoshop_slideshow
ITS-35505-Amazing_photoshop_slideshow
 
CST 20363 Session 7 - Blockchain
CST 20363 Session 7 - BlockchainCST 20363 Session 7 - Blockchain
CST 20363 Session 7 - Blockchain
 
CST 20363 Session 6 Cyberspace
CST 20363 Session 6 CyberspaceCST 20363 Session 6 Cyberspace
CST 20363 Session 6 Cyberspace
 
CST 20363 Session 5 Robotics
CST 20363 Session 5 RoboticsCST 20363 Session 5 Robotics
CST 20363 Session 5 Robotics
 
CST 20363 Session 3
CST 20363 Session 3CST 20363 Session 3
CST 20363 Session 3
 
CST 20363 Session 4 Computer Logic Design
CST 20363 Session 4 Computer Logic DesignCST 20363 Session 4 Computer Logic Design
CST 20363 Session 4 Computer Logic Design
 
CST 20363 Session 2
CST 20363 Session 2CST 20363 Session 2
CST 20363 Session 2
 
CST 20363-Session 1.2-A Brief History of Computing
CST 20363-Session 1.2-A Brief History of ComputingCST 20363-Session 1.2-A Brief History of Computing
CST 20363-Session 1.2-A Brief History of Computing
 
CST-20363-Session 1.1-Something Called CS
CST-20363-Session 1.1-Something Called CSCST-20363-Session 1.1-Something Called CS
CST-20363-Session 1.1-Something Called CS
 
CST-20363-Session 1-In the Bitginning
CST-20363-Session 1-In the BitginningCST-20363-Session 1-In the Bitginning
CST-20363-Session 1-In the Bitginning
 
Synthetic Division
Synthetic DivisionSynthetic Division
Synthetic Division
 
Week 7 Database Development Process
Week 7 Database Development ProcessWeek 7 Database Development Process
Week 7 Database Development Process
 
Week 6 Normalization
Week 6 NormalizationWeek 6 Normalization
Week 6 Normalization
 
Week 4 The Relational Data Model & The Entity Relationship Data Model
Week 4 The Relational Data Model & The Entity Relationship Data ModelWeek 4 The Relational Data Model & The Entity Relationship Data Model
Week 4 The Relational Data Model & The Entity Relationship Data Model
 
Week 3 Classification of Database Management Systems & Data Modeling
Week 3 Classification of Database Management Systems & Data ModelingWeek 3 Classification of Database Management Systems & Data Modeling
Week 3 Classification of Database Management Systems & Data Modeling
 
Week 2 Characteristics & Benefits of a Database & Types of Data Models
Week 2 Characteristics & Benefits of a Database & Types of Data ModelsWeek 2 Characteristics & Benefits of a Database & Types of Data Models
Week 2 Characteristics & Benefits of a Database & Types of Data Models
 
Week 1 Lab Directions
Week 1 Lab DirectionsWeek 1 Lab Directions
Week 1 Lab Directions
 
Week 1 Before the Advent of Database Systems & Fundamental Concepts
Week 1 Before the Advent of Database Systems & Fundamental ConceptsWeek 1 Before the Advent of Database Systems & Fundamental Concepts
Week 1 Before the Advent of Database Systems & Fundamental Concepts
 
ACG 7000 Week 5 Developmental Psychology
ACG 7000 Week 5 Developmental PsychologyACG 7000 Week 5 Developmental Psychology
ACG 7000 Week 5 Developmental Psychology
 

Recently uploaded

Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfadityarao40181
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerunnathinaik
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 

Recently uploaded (20)

Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdf
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developer
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 

CST 20363 Session 6 Cybersecurity Policy

  • 1. October 21, 2004 U.S. National Cybersecurity U.S. Cybersecurity Policy
  • 2. October 21, 2004 U.S. National Cybersecurity I. Cybersecurity Policy Then & Now A. Brief History B. Current Gov’t Actors C. Recent Legislation (SOX, HIPPA) II. National Strategy to Secure Cyberspace A. Intro to the Plan B. Critical Priorities 1. Response System 2. Threat & Vulnerability Reduction 3. Awareness & Training Program 4. Securing Gov’t. Cyberspace 5. National Security and International Cooperation. III. Critiques of the National Plan IV. Discussion Activity
  • 3. October 21, 2004 Cybersecurity Policy Then & Now
  • 4. October 21, 2004 Gov’t Cybersecurity: Then 1996: President Clinton established the President’s Commission on Critical Infrastructure Protection (PCCIP). “Critical Foundations” Report. 1998: Clinton administration issued Presidential Decision Directive 63 (PDD63). Creates : - National Infrastructure Protection Center (NIPC) in FBI – Critical Infrastructure Assurance Office (CIAO) in Dept. of Commerce 2001: After 9/11 Bush creates: - Office of Cyberspace Security (Richard Clarke) - President’s Critical Infrastructure Protection Board (PCIPB) U.S. National Cybersecurity
  • 5. October 21, 2004 Gov’t Cybersecurity: Now • Nov. 2002: • Cybersecurity duties consolidated under DHS -> Information Analysis and Infrastructure Protection Division (IAIP) . Exact role of cybersecurity unclear? • June 2003: • National Cyber Security Division (NCSD) created under IAIP. Headed by Amit Yoran from Symantec, the role of the NCSD is to conducting cyberspace analysis, issue alerts and warning, improve information sharing, respond to major incidents, and aid in national-level recovery efforts . U.S. National Cybersecurity
  • 6. October 21, 2004 Gov’t Cybersecurity: Now • Sept. 2003: • The United States-Computer Emergency Readiness Team (US-CERT) is the United States government coordination point for bridging public and private sector institutions. • Oct. 2004: • Yoran steps down citing frustration with a perceived lack of attention and funding given to cybersecurity issues. He is replace by deputy Andy Purdy and the debate over the position of cybersecurity within DHS Continues. U.S. National Cybersecurity
  • 7. October 21, 2004 U.S. National Cybersecurity Other Gov’t Actors House: - Select Committee on Homeland Security -> Subcommittee on Cybersecurity, Science, Research & Development (Adam Putnam, R-FL) - Science Committee (Sherwood Boehlert, R-NY) Senate: - Committee on Government Affairs (Susan Collins, R-ME ) In Congress: Funding is major issue. Support is often bi-partisan
  • 8. October 21, 2004 U.S. National Cybersecurity Other Gov’t Actors FBI Dept. of Defense NSA Secret Service The usual suspects: and don’t forget: Dept. Commerce / NIST Office of Management And Budget (OMB) Dept. of Treasury SEC and more... DOE FCC
  • 9. October 21, 2004 U.S. National Cybersecurity The Big Picture What’s the Point? Complex web of interactions. There are many different government actors with their own interests and specialties No complete top-down organization
  • 10. October 21, 2004 Recent Legislation: HIPAA Health Insurance Portability and Accountability Act (HIPAA) Goal: Secure protected health information (PHI), What it is: - Not specific to computer security at all, but set forth standards governing much of which is on computers. - Insure confidentiality, integrity and availability of all electronic protected health care information - Comprehensive: ALL employees must be trained. - Does not mandate specific technologies, but makes all “covered entities” potentially subject to litigation. U.S. National Cybersecurity
  • 11. October 21, 2004 Recent Legislation: SOX • Sarbanes-Oxley Act (SOX) • Goal: • Verify the integrity of financial statements and information of publicly traded companies. • What it is: • - Since information systems support most corporate finance systems, this translates to requirements for maintaining sufficient info security. • - Threat of jail time for executives has spurred a significant investment in corporate info security. U.S. National Cybersecurity
  • 12. October 21, 2004 The National Strategy to Secure Cyberspace U.S. National Cybersecurity
  • 13. October 21, 2004 U.S. National Cybersecurity What are critical infrastructures? Critical Infrastructures are public and private institutions in the following sectors: Agriculture, food, water, public health, emergency services, government, defense industrial base, information and telecommunications, energy, transportation, banking and finance, chemicals and hazardous materials, and postal and shipping. Essentially: What makes America tick.
  • 14. October 21, 2004 Why Cyberspace? “Cyberspace is composed of hundreds of thousands of interconnected computers, servers, routers, switches and fiber optic cables that allow our critical infrastructure to work” [ NSSC: p. vii ] U.S. National Cybersecurity
  • 15. October 21, 2004 What is the Threat? “Our primary concern is the threat of organized cyber attacks capable of causing debilitating disruption to our Nation’s critical infrastructures, economy, or national security” [ NSSC: p. viii ] U.S. National Cybersecurity
  • 16. October 21, 2004 What is the Threat? Peacetime: - gov’t and corporate espionage - mapping to prepare for an attack Wartime: - intimidate leaders by attacking critical infrastructures or eroding public confidence in our information systems. Is this the right threat model? What about: - impairing our ability to respond - economic war of attrition U.S. National Cybersecurity
  • 17. October 21, 2004 Government’s Role (part I) “In general, the private sector is best equipped and structured to respond to an evolving cyber-threat” [NSSC p ix] “federal regulation will not become a primary means of securing cyberspace … the market itself is expected to provide the major impetus to improve cybersecurity” [NSSC p 15 ] “with greater awareness of the issues, companies can benefit from increasing their levels of cybersecurity. Greater awareness and voluntary efforts are critical components of the NSSC.” [NSSC p 10] U.S. National Cybersecurity
  • 18. October 21, 2004 Government’s Role (part I) Public-private partnership is the centerpiece of plan to protect largely privately own infrastructure. In practice: Look at use of “encourage”, “voluntary” and “public-private” in text of document.
  • 19. October 21, 2004 Government’s Role (part II) However, Government does have a role when: • high costs or legal barriers cause problems for private industry • securing its own cyberspace • interacting with other governments on cybersecurity • incentive problems leading to under provisioning of shared resources • raising awareness U.S. National Cybersecurity
  • 20. October 21, 2004 Critical Priorities for Cyberspace Security: I. Security Response System II. Threat & Vulnerability Reduction Program III. Awareness & Training Program IV. Securing Government’s Cyberspace V. National Security & International Cooperation U.S. National Cybersecurity
  • 21. October 21, 2004 Priority I: Security Response System Goals: 1) Create an architecture for responding to national- level cyber incidents a) Vulnerability analysis b) Warning System c) Incident Management d) Response & Recovery 2) Encourage Cybersecurity Information Sharing using ISACS and other mechanisms U.S. National Cybersecurity
  • 22. October 21, 2004 U.S. National Cybersecurity Priority I Initiative: US-CERT (2003) Goal: Coordinate defense against and response to cyber attacks and promote information sharing. What is does: - CERT = Computer Emergency Readiness Team - Contact point for industry and ISACs into the DHS and other gov’t cybersecurity offices. - National Cyber Alert System - Still new, role not clearly defined
  • 23. October 21, 2004 U.S. National Cybersecurity Priority I Initiative: Critical Infrastructure Info. Act of 2002 Goal: Reduce vulnerability of current critical infrastructure systems What is does: Allows the DHS to receive and protect voluntarily submitted information about vulnerabilities or security attacks involving privately owned critical infrastructure. The Act protects qualifying information from disclosure under the Freedom of Information Act.
  • 24. October 21, 2004 Priority II: Threat & Vulnerability Reduction Program Goals: 1) Reduce Threat & Deter Malicious Actors a) enhanced law enforcement b) National Threat Assessment 2) Identify & Remediate Existing Vuln’s a) Secure Mechanisms of the Internet b) Improve SCADA systems c) Reduce software vulnerabilities d) Improve reliability & security of physical infrastructure 3) Develop new, more secure technologies U.S. National Cybersecurity
  • 25. October 21, 2004 U.S. National Cybersecurity Priority II Initiative : sDNS & sBGP Goal: To develop and deploy new protocols that improve the security of the Internet infrastructure. What is does: DHS is providing funding and working with Internet standards bodies to help design and implement these new protocols, which have been stalled for some time. Adoption strategy remains a largely untackled hurdle.
  • 26. October 21, 2004 U.S. National Cybersecurity Priority II Initiative : Cyber Security R&D Act (2002) Goal: Promote research and innovation for technologies relating to cybersecurity and increase the number of experts in the field. What is does: Dedicated more than $900 million over five years to security research programs and creates fellowships for the study of cybersecurity related topics. Recent release of BAA from SRI shows technical priorities for developing systems to reduce overall vulnerabilities.
  • 27. October 21, 2004 Priority III: Security Awareness and Training Program Goals: 1) Awareness* for home/small business, enterprises, universities, industrial sectors and government 2) Developing more training & certification program to combat a perceived workforce deficiency. * this means vastly different things for different audiences U.S. National Cybersecurity
  • 28. October 21, 2004 Priority IV: Securing Government’s Cyberspace Goals: 1) Protect the many information systems supporting critical services provided by the government at the federal, state and local levels. 2) Lead by example in federal agencies and use procurement power to encourage the development of more secure produces. U.S. National Cybersecurity
  • 29. October 21, 2004 Priority IV Initiative: FISMA • Federal Information Security Management Act (FISMA): • Goal: • Strengthen federal agencies resistance to cybersecurity attacks and lead by example. • What is it: • Mandates that CIO of each federal agency develop and maintain an agency-wide information security program that includes: • periodic risk assessments • security policies/plans/procedures • security training for personnel • periodic testing and evaluation • incident detection, reporting & response • plan to ensure continuity of operation (during an attack) U.S. National Cybersecurity
  • 30. October 21, 2004 Priority V: National Security & International Cooperation Goals: 1) Improve National Security by: a) improving counter-intelligence and response efforts in cyberspace within the national security community b) improving attribution and prevention capabilities c) being able to respond in an “appropriate” manner 2) Enhance International Cooperation by: a) reaching cybersecurity agreements with members of existing world organizations b) promote the adoption of cyber-crime laws and mutual assistance provisions across the globe. U.S. National Cybersecurity
  • 31. October 21, 2004 Critiques of the National Plan U.S. National Cybersecurity
  • 32. October 21, 2004 Criticisms of the National Plan Frequently stated arguments: 1) By avoiding regulation, the plan has “no teeth” and can freely be ignored by companies. 2) Government claims of an “information deficit” at the enterprise level are misinformed and awareness efforts are a waste. 3) Not enough consideration has been given to the role economic incentives play in creating cybersecurity vulnerabilities. U.S. National Cybersecurity
  • 33. October 21, 2004 Finally: Time for Discussion U.S. National Cybersecurity

Editor's Notes

  1. 1
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6
  7. 7
  8. 8
  9. 9
  10. 10
  11. 11
  12. 12
  13. 13
  14. 16
  15. 17
  16. 18
  17. 19
  18. 20
  19. 21
  20. 22
  21. 23
  22. 24
  23. 25
  24. 26
  25. 27
  26. 28
  27. 29
  28. 30
  29. 31
  30. 33