Security Antivirus Audits Blues Computer Contact Computer Security © Crime Cyber Firewall Homeland Internet www.4terrorism.com SE Terrorism TV UN Z-A

Cyber-Security

Cybersecurity

Computers and networks essentially run the operations of most business in the country. Most computer systems, computer software and networks were not designed with security in mind. Even most “secure systems” are riddled with vulnerabilities due to the underlying technology that could enable an attacker to disrupt operations or cause damage. Many cybersecurity technologies that can be used to protect critical infrastructures from attack are currently available. In a few years there will be many more. Security takes more than technology, cyber security is not only a firewall. We can help your company or organization develop a cost effective, threat effective, cyber security plan

Abstract of Technology Assessment: Cybersecurity for Critical Infrastructure Protection  GAO-04-321  May 28, 2004
 

"Computers are crucial to the operations of government and business. Computers and networks essentially run the critical infrastructures that are vital to our national defense, economic security, and public health and safety. Unfortunately, many computer systems and networks were not designed with security in mind. As a result, the core of our critical infrastructure is riddled with vulnerabilities that could enable an attacker to disrupt operations or cause damage to these infrastructures. Critical infrastructure protection (CIP) involves activities that enhance the security of our nation's cyber and physical infrastructure. Defending against attacks on our information technology infrastructure-- cybersecurity--is a major concern of both the government and the private sector. Consistent with guidance provided by the Senate's Fiscal Year 2003 Legislative Branch Appropriations Report (S. Rpt. 107-209), GAO conducted this technology assessment on the use of cybersecurity technologies for CIP in response to a request from congressional committees. This assessment addresses the following questions: (1) What are the key cybersecurity requirements in each of the CIP sectors? (2) What cybersecurity technologies can be applied to CIP? (3) What are the implementation issues associated with using cybersecurity technologies for CIP, including policy issues such as privacy and information sharing?

Many cybersecurity technologies that can be used to protect critical infrastructures from cyber attack are currently available, while other technologies are still being researched and developed. These technologies, including access control technologies, system integrity technologies, cryptography, audit and monitoring tools, and configuration management and assurance technologies, can help to protect information that is being processed, stored, and transmitted in the networked computer systems that are prevalent in critical infrastructures. Although many cybersecurity technologies are available, experts feel that these technologies are not being purchased or implemented to the fullest extent. An overall cybersecurity framework can assist in the selection of technologies for CIP. Such a framework can include (1) determining the business requirements for security; (2) performing risk assessments; (3) establishing a security policy; (4) implementing a cybersecurity solution that includes people, processes, and technologies to mitigate identified security risks; and (5) continuously monitoring and managing security. Even with such a framework, other demands often compete with cybersecurity. For instance, investing in cybersecurity technologies often needs to make business sense. It is also important to understand the limitations of some cybersecurity technologies. Cybersecurity technologies do not work in isolation; they must work within an overall security process and be used by trained personnel. Despite the availability of current cybersecurity technologies, there is a demonstrated need for new technologies. Long-term efforts are needed, such as the development of standards, research into cybersecurity vulnerabilities and technological solutions, and the transition of research results into commercially available products. There are three broad categories of actions that the federal government can undertake to increase the use of cybersecurity technologies. First, it can take steps to help critical infrastructures determine their cybersecurity needs, such as developing a national CIP plan, assisting with risk assessments, and enhancing cybersecurity awareness. Second, the federal government can take actions to protect its own systems, which could lead others to emulate it or could lead to the development and availability of more cybersecurity technology products. Third, it can undertake long-term activities to increase the quality and availability of cybersecurity technologies in the marketplace. Ultimately, the responsibility for protecting critical infrastructures falls on the critical infrastructure owners. However, the federal government has several options at its disposal to manage and encourage the increased use of cybersecurity technologies, research and develop new cybersecurity technologies, and generally improve the cybersecurity posture of critical infrastructure sectors.

Subject Terms
Computer crimes
Computer networks
Computer security
Computer software
Counterterrorism
Crime prevention
Information technology
Strategic planning
Terrorism

Technology Assessment: Cybersecurity for Critical Infrastructure Protection  GAO-04-321  May 28, 2004
Highlights

CyberSecurity Related Web Sites

4Terrorism www.4terrorism.com
4Terrorism Appears on Alexander Haig’s World Business Review TV Series www.prleap.com
A Need for Greater Cybersecurity www.washingtonpost.com
Bitpipe Cybersecurity Vendor Reports www.bitpipe.com/rlist/term/Cybersecurity
Business Technology: In The Cybersecurity Wars, The Good Guys Are Losing www.informationweek.com/
Carnegie Mellon CyLab www.cylab.cmu.edu
CIDX Cybersecurity FAQs www.cidx.org/FAQ/
Combating Computer-related Crime europa.eu.int/ISPO/eif/InternetPoliciesSite
Computer Forensics www.cybersecurityinstitute.biz/training/
Conference on CyberSecurity, Research, and Disclosure cyberlaw.stanford.edu/security/
Cyber Security - Cybersecurity www.nwesa.com/nwesa/cybersecurity
Cyber Security Oversight--New Role for CEOs www.technet.org/cybersecurity/
Cyber security White paper www.verisign.com/static
Cybercrime/Cybersecurity from Internet Policy www.internetpolicy.net/cybercrime/
Cybersecurity www.prweb.com/releases/2004/10/
Cybersecurity www.4terrorism.com/listtemp
CyberSecurity Intelligence Threat Assessments www.fas.org/irp/threat/cyber/
Cybersecurity 4 Terrorism: 12/21/2004 www.prweb.com/releases/2004/12/
Cybersecurity Check-up www.prleap.com
Cybersecurity Collection books.nap.edu/collections/cybersecurity/
CyberSecurity Conference www.ncc-cybersecurity.net/
Cybersecurity Czar Issues Farewell Warning www.internetnews.com/
Cybersecurity experts wanted www.nwfusion.com/news
Cybersecurity firms form industry association www.washingtontechnology.com
Cybersecurity for the Homeland hsc.house.gov
CyberSecurity Institute www.cybersecurityinstitute.biz/
Cybersecurity of Freight Information Systems trb.org/news/
CyberSecurity Research Group at Dartmouth College www.ists.dartmouth.edu/
Cybersecurity Security Starts with an External Audit www.prleap.com
Cybersecurity Spending www.govexec.com/dailyfed/
Cybersecurity students can earn an 'A' for hacking seattle.bizjournals.com
Cybersecurity Today and Tomorrow Pay Now or Pay Later books.nap.edu/html/cybersecurity/
Cybersecurity Today and Tomorrow: Pay Now or Pay Later www7.nationalacademies.org/cstb/
Cybersecurity website of the IPTS cybersecurity.jrc.es/
CyberSmart! - CyberSecurity & Safety Education www.cybersmart.org
Experts: Cybersecurity needs education, standards, partnerships www.fcw.com/fcw/articles/
GAO CyberSecurity www.gao.gov/new.items/
Improving Cybersecurity Research in the United States www7.nationalacademies.org
Information Security informationsecurity.techtarget.com
Information Standards Limited www.informationstandards.com
JRC and Research in Cyber Security cybersecurity.jrc.it/
Linux Security Cybersecurity experts wanted www.linuxsecurity.com/articles/
MSNBC Government role in cybersecurity gets boost www.msnbc.msn.com/
MSU CyberSecurity Workshop ccs.msu.edu
Need a new national cybersecurity plan reviews-zdnet.com.com
Network World, Who's responsible for cybersecurity? www.nwfusion.com/news/
PLAIN ENGLISH ISO IEC 27001 praxiom.com/27001.htm
Praxiom Research Group Limited www.praxiom.com/
Richard Clarke Talks Cybersecurity www.computer.org/security/
Scary forecasts by a cybersecurity expert www.usnews.com/usnews/tech/
Stay Safe Online www.staysafeonline.info
Stevens Institute of Technology CyberSecurity www.cs.stevens.edu/cybersecurity/
Subcommittee on Cybersecurity, Science, and Research & Development hsc.house.gov
Tech Net www.technet.org/press
Techweb www.techweb.com/
The farce of federal cybersecurity www.theregister.co.uk/
The National Strategy to Secure Cyberspace www.whitehouse.gov
Threats and CyberSecurity www.4terrorism.com
United States Computer Emergency Readiness Team (US-CERT) www.us-cert.gov/press-events/
US-CERT Events www.uscert.gov/events
WANTED: Partners in cybersecurity www.washingtontechnology.com
Business Sponsors
Cybersecurity Computer Security Software Architecture Cyber-Security  online security security review project bailout Antivirus Security Audits Computer Security Contact Cybersecurity Firewalls Homeland Security Security Audits Security Search Terrorism Z-to-A Security Chief Technology Officer Cyber-Security 4 terrorism Anti-virus Audits of Security Computer Security Firewall Internet Security Online Security Security Security Camera Virus PM Project Recovery Project Management Resources PM Training technology Second Opinions CTO Cybersecurity 		Casino Friends
Casinos Canada Canada Casinos USA-casinos Poker Online Casinos Casino IT Casino Computer Security www.casinosca.com California map Casinos Canada  British Columbia Casinos Ontario Casino Quebec Casinos S Las Vegas Strip Casinos Poker poker review California poker video casino review California Casinos California Casinos Map web poker California poker internet casino review Casinos CA California Indian Casinos California Casino Maps internet poker casinos-usa Wheel of Fortune San Diego Casinos Palms Springs Casinos California Poker Poker z-to-a pokerc Maple Casino poker Casinos Home Casinos hub casino 49 Casinos USA Alabama Casinos Alaska Casinos Arizona Casinos Arkansas Casinos California Casinos Colorado Casinos Connecticut Casinos Delaware Casinos Florida Casinos Georgia Casinos Idaho Casinos Illinois Casinos Poker reviews poker propaganda z-to-a poker poker blues poker club casinos USA online casinos 		More Sites
blues-fest vern bullough Blues live-blues acne 911 Acne Review acne links Acne Treatments Review Web Site Review Natural Acne Review Acne911 Acne Treatments 911-Acne Acne Products Acne Reviews Acne Treatments and Reviews Acne acne links Acne Treatments Review Acne Review Natural Acne Treatment Review Acne Acne Treatments Acne Information Sites Natural Acne Treatments  Acne Blues  Acne Z-to-A Acne Reviews Acne Review Acne Links Acne Search USA-Blues International Blues Blues Websites Alberta Blues British Columbia Blues Canada Blues Festivals of Blues in Canada By Name  Quebec Blues Québec Blues Saskatchewan Blues Yukon Blues Acne Products Acne Treatments Acne Information Natural Acne Acne Physicians Acne Blues Z-to-A Acne Acne Heart of Palm Springs Ale House Ale House Blues