At the Nexus of Cybersecurity and Public Policy
At the Nexus of Cybersecurity and Public Policy

Author: National Research Council

Publisher: National Academies Press

Published: 2014-06-16

Total Pages: 170

ISBN-13: 0309303214

DOWNLOAD EBOOK

We depend on information and information technology (IT) to make many of our day-to-day tasks easier and more convenient. Computers play key roles in transportation, health care, banking, and energy. Businesses use IT for payroll and accounting, inventory and sales, and research and development. Modern military forces use weapons that are increasingly coordinated through computer-based networks. Cybersecurity is vital to protecting all of these functions. Cyberspace is vulnerable to a broad spectrum of hackers, criminals, terrorists, and state actors. Working in cyberspace, these malevolent actors can steal money, intellectual property, or classified information; impersonate law-abiding parties for their own purposes; damage important data; or deny the availability of normally accessible services. Cybersecurity issues arise because of three factors taken together - the presence of malevolent actors in cyberspace, societal reliance on IT for many important functions, and the presence of vulnerabilities in IT systems. What steps can policy makers take to protect our government, businesses, and the public from those would take advantage of system vulnerabilities? At the Nexus of Cybersecurity and Public Policy offers a wealth of information on practical measures, technical and nontechnical challenges, and potential policy responses. According to this report, cybersecurity is a never-ending battle; threats will evolve as adversaries adopt new tools and techniques to compromise security. Cybersecurity is therefore an ongoing process that needs to evolve as new threats are identified. At the Nexus of Cybersecurity and Public Policy is a call for action to make cybersecurity a public safety priority. For a number of years, the cybersecurity issue has received increasing public attention; however, most policy focus has been on the short-term costs of improving systems. In its explanation of the fundamentals of cybersecurity and the discussion of potential policy responses, this book will be a resource for policy makers, cybersecurity and IT professionals, and anyone who wants to understand threats to cyberspace.

Federal Laws Relating to Cybersecurity
Federal Laws Relating to Cybersecurity

Author: Eric A. Fischer

Publisher: Createspace Independent Publishing Platform

Published: 2013-06-19

Total Pages: 68

ISBN-13: 9781490478388

DOWNLOAD EBOOK

This report discusses how the current legislative framework for cybersecurity might need to be revised.

Terrorism: Reducing Vulnerabilities and Improving Responses
Terrorism: Reducing Vulnerabilities and Improving Responses

Author: Russian Academy of Sciences

Publisher: National Academies Press

Published: 2004-06-23

Total Pages: 254

ISBN-13: 0309166233

DOWNLOAD EBOOK

This book is devoted primarily to papers prepared by American and Russian specialists on cyber terrorism and urban terrorism. It also includes papers on biological and radiological terrorism from the American and Russian perspectives. Of particular interest are the discussions of the hostage situation at Dubrovko in Moscow, the damge inflicted in New York during the attacks on 9/11, and Russian priorities in addressing cyber terrorism.

FISMA and the Risk Management Framework
FISMA and the Risk Management Framework

Author: Daniel R. Philpott

Publisher: Newnes

Published: 2012-12-31

Total Pages: 585

ISBN-13: 1597496421

DOWNLOAD EBOOK

FISMA and the Risk Management Framework: The New Practice of Federal Cyber Security deals with the Federal Information Security Management Act (FISMA), a law that provides the framework for securing information systems and managing risk associated with information resources in federal government agencies. Comprised of 17 chapters, the book explains the FISMA legislation and its provisions, strengths and limitations, as well as the expectations and obligations of federal agencies subject to FISMA. It also discusses the processes and activities necessary to implement effective information security management following the passage of FISMA, and it describes the National Institute of Standards and Technology's Risk Management Framework. The book looks at how information assurance, risk management, and information systems security is practiced in federal government agencies; the three primary documents that make up the security authorization package: system security plan, security assessment report, and plan of action and milestones; and federal information security-management requirements and initiatives not explicitly covered by FISMA. This book will be helpful to security officers, risk managers, system owners, IT managers, contractors, consultants, service providers, and others involved in securing, managing, or overseeing federal information systems, as well as the mission functions and business processes supported by those systems. - Learn how to build a robust, near real-time risk management system and comply with FISMA - Discover the changes to FISMA compliance and beyond - Gain your systems the authorization they need

United States Code
United States Code

Author: United States

Publisher:

Published: 2013

Total Pages: 1184

ISBN-13:

DOWNLOAD EBOOK

"The United States Code is the official codification of the general and permanent laws of the United States of America. The Code was first published in 1926, and a new edition of the code has been published every six years since 1934. The 2012 edition of the Code incorporates laws enacted through the One Hundred Twelfth Congress, Second Session, the last of which was signed by the President on January 15, 2013. It does not include laws of the One Hundred Thirteenth Congress, First Session, enacted between January 2, 2013, the date it convened, and January 15, 2013. By statutory authority this edition may be cited "U.S.C. 2012 ed." As adopted in 1926, the Code established prima facie the general and permanent laws of the United States. The underlying statutes reprinted in the Code remained in effect and controlled over the Code in case of any discrepancy. In 1947, Congress began enacting individual titles of the Code into positive law. When a title is enacted into positive law, the underlying statutes are repealed and the title then becomes legal evidence of the law. Currently, 26 of the 51 titles in the Code have been so enacted. These are identified in the table of titles near the beginning of each volume. The Law Revision Counsel of the House of Representatives continues to prepare legislation pursuant to 2 U.S.C. 285b to enact the remainder of the Code, on a title-by-title basis, into positive law. The 2012 edition of the Code was prepared and published under the supervision of Ralph V. Seep, Law Revision Counsel. Grateful acknowledgment is made of the contributions by all who helped in this work, particularly the staffs of the Office of the Law Revision Counsel and the Government Printing Office"--Preface.

Federal Cloud Computing
Federal Cloud Computing

Author: Matthew Metheny

Publisher: Newnes

Published: 2012-12-31

Total Pages: 461

ISBN-13: 1597497398

DOWNLOAD EBOOK

Federal Cloud Computing: The Definitive Guide for Cloud Service Providers offers an in-depth look at topics surrounding federal cloud computing within the federal government, including the Federal Cloud Computing Strategy, Cloud Computing Standards, Security and Privacy, and Security Automation. You will learn the basics of the NIST risk management framework (RMF) with a specific focus on cloud computing environments, all aspects of the Federal Risk and Authorization Management Program (FedRAMP) process, and steps for cost-effectively implementing the Assessment and Authorization (A&A) process, as well as strategies for implementing Continuous Monitoring, enabling the Cloud Service Provider to address the FedRAMP requirement on an ongoing basis. - Provides a common understanding of the federal requirements as they apply to cloud computing - Provides a targeted and cost-effective approach for applying the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) - Provides both technical and non-technical perspectives of the Federal Assessment and Authorization (A&A) process that speaks across the organization