Information Security: Concerted Response Needed to Resolve Persistent Weakness

Information Security: Concerted Response Needed to Resolve Persistent Weakness
Author: Gregory C. Wilshusen
Publisher: DIANE Publishing
Total Pages: 21
Release: 2010-08
Genre: Computers
ISBN: 1437931235

Without proper safeguards, fed. computer systems are vulnerable to intrusions by individuals who have malicious intentions and can obtain sensitive info. The need for a vigilant approach to info. security (IS) has been demonstrated by the pervasive and sustained cyber attacks against the U.S. Concerned by reports of weaknesses in fed. systems, Congress passed the Fed. IS Management Act (FISMA), which authorized and strengthened IS program, evaluation, and annual reporting requirements for fed. agencies. This testimony discusses fed. IS and agency efforts to comply with FISMA. It summarizes: (1) fed. agencies¿ efforts to secure info. systems and (2) opportunities to enhance fed. cybersecurity. Charts and tables.

Legal Issues in Information Security

Legal Issues in Information Security
Author: Joanna Lyn Grama
Publisher: Jones & Bartlett Publishers
Total Pages: 570
Release: 2014-06-19
Genre: Computers
ISBN: 1284054756

This revised and updated second edition addresses the area where law and information security concerns intersect. Information systems security and legal compliance are now required to protect critical governmental and corporate infrastructure, intellectual property created by individuals and organizations alike, and information that individuals believe should be protected from unreasonable intrusion. Organizations must build numerous information security and privacy responses into their daily operations to protect the business itself, fully meet legal requirements, and to meet the expectations of employees and customers. --

National Infrastructure Advisory Council Intelligence Information Sharing Final Report and Recommendations

National Infrastructure Advisory Council Intelligence Information Sharing Final Report and Recommendations
Author:
Publisher: Jeffrey Frank Jones
Total Pages: 228
Release:
Genre:
ISBN:

Executive Summary The National Infrastructure Advisory Council (NIAC) set out to determine whether the right people are receiving the right intelligence information at the right time to support robust protection and resilience of the Nation’s critical infrastructure. More than 200 interviews and extensive open-source research uncovered a wealth of insights on this complex problem. First, there have been marked improvements in the sharing of intelligence information within the Federal Intelligence Community, and between the Federal Government and regions, States, and municipalities. However, this level of improvement has not been matched in the sharing of intelligence information between the Federal Government and private sector owners and operators of critical infrastructure. Despite some notable successes, this bi-directional sharing is still relatively immature, leaving a large gap between current practices and an optimal system of effective public-private intelligence information sharing. We observe that trust is the essential glue to make this public-private system work. Trust results when partner capabilities are understood and valued, processes are tailored to leverage these capabilities, and these processes are tested and proven valuable to all partners. When breakdowns in information sharing occur, it erodes trust and is counterproductive to risk management. Information sharing is perhaps the most important factor in the protection and resilience of critical infrastructure. Information on threats to infrastructure and their likely impact underlies nearly every security decision made by owners and operators, including which assets to protect, how to make operations more resilient, how to plan for potential disasters, when to ramp up to higher levels of security, and how to respond in the immediate aftermath of a disaster. We looked at intelligence information flowing from the Federal Government to critical infrastructure owners and operators as well as risk information flowing from critical infrastructure owners and operators to the government. Our study reveals the complex ways information is gathered, analyzed, packaged, and shared among government and the owners and operators of critical infrastructures. In tackling this complex subject, we examined the different stages of the intelligence cycle, including requirements generation, information collection, analysis, and dissemination. To gather a variety of perspectives, we conducted extensive interviews with security directors, chief executives, subject matter experts, and government executives and managers. Recognizing that distinct sector characteristics shape information sharing needs, we conducted case studies of five sectors: Commercial Facilities, Healthcare and Public Health, Energy (Oil and Natural Gas), Banking and Finance, and Chemical. While we found some information sharing approaches to be effective, others were not. As a result, we adopted a “capability maturity approach,” which acknowledges that different Federal agencies have different abilities to share information effectively, and we sought to build on what is working.

Computer Safety, Reliability, and Security

Computer Safety, Reliability, and Security
Author: Erwin Schoitsch
Publisher: Springer
Total Pages: 498
Release: 2010-08-11
Genre: Computers
ISBN: 3642156517

Computers and microprocessors are indispensable in modern technical systems, their deployment spanning the domains automotive, railway, aerospace, and transportation, security, energy supply, telecommunication, critical infrastructures and process ind- tries. They perform tasks that a few decades ago were very difficult if not impossible. As they perform these tasks with increasing efficiency, more and more tasks are shifted from hardware to software, which means that the dependability of computer systems becomes crucial for the safety, security and reliability of technical systems. With the so-called “embedded systems” (becoming more and more intelligent, networked and co-operating with each other, with humans and the environment) computers have invaded all aspects of daily life. New paradigms have arisen, like ubiquitous computing, systems-of-systems, energy and resource awareness, enormous complexity issues and the like, requiring a more holistic systems view as well. th So, after 31 years of SAFECOMP, the emphasis of the 29 event is on critical - bedded systems, which are almost omnipresent. Their impact on our lives, risks and challenges are often not well understood (underestimated or exaggerated). The p- mary issue is to cope with complexity, new failure modes and resource management, due to shrinking feature size, multi-core systems and management of multiple variants, while maintaining dependability properties and robustness.

Effective Model-Based Systems Engineering

Effective Model-Based Systems Engineering
Author: John M. Borky
Publisher: Springer
Total Pages: 788
Release: 2018-09-08
Genre: Technology & Engineering
ISBN: 3319956698

This textbook presents a proven, mature Model-Based Systems Engineering (MBSE) methodology that has delivered success in a wide range of system and enterprise programs. The authors introduce MBSE as the state of the practice in the vital Systems Engineering discipline that manages complexity and integrates technologies and design approaches to achieve effective, affordable, and balanced system solutions to the needs of a customer organization and its personnel. The book begins with a summary of the background and nature of MBSE. It summarizes the theory behind Object-Oriented Design applied to complex system architectures. It then walks through the phases of the MBSE methodology, using system examples to illustrate key points. Subsequent chapters broaden the application of MBSE in Service-Oriented Architectures (SOA), real-time systems, cybersecurity, networked enterprises, system simulations, and prototyping. The vital subject of system and architecture governance completes the discussion. The book features exercises at the end of each chapter intended to help readers/students focus on key points, as well as extensive appendices that furnish additional detail in particular areas. The self-contained text is ideal for students in a range of courses in systems architecture and MBSE as well as for practitioners seeking a highly practical presentation of MBSE principles and techniques.

Information Security

Information Security
Author: United States Government Accountability Office
Publisher: Createspace Independent Publishing Platform
Total Pages: 36
Release: 2018-05-14
Genre:
ISBN: 9781719096874

Information Security: Concerted Response Needed to Resolve Persistent Weaknesses

Information Security

Information Security
Author: U S Government Accountability Office (G
Publisher: BiblioGov
Total Pages: 24
Release: 2013-06
Genre:
ISBN: 9781289076290

The U.S. Government Accountability Office (GAO) is an independent agency that works for Congress. The GAO watches over Congress, and investigates how the federal government spends taxpayers dollars. The Comptroller General of the United States is the leader of the GAO, and is appointed to a 15-year term by the U.S. President. The GAO wants to support Congress, while at the same time doing right by the citizens of the United States. They audit, investigate, perform analyses, issue legal decisions and report anything that the government is doing. This is one of their reports.