Computer Security Policy Issues
Computer Security Policy Issues

Author: Willis H. Ware

Publisher:

Published: 1987

Total Pages: 32

ISBN-13:

DOWNLOAD EBOOK

"This paper is the revised and enlarged version of a talk presented to the Information Security Services breakfast meeting held during the annual Computer Security Institute Conference at Anaheim, California, November 11, 1987. It reviews the development of policies regarding the use of computer systems for handling and controlling classified materials; the design and development of secure operating systems; and differences between the security threats to government computer systems on the one hand, and commercial systems on the other. The author discusses whether the objectives of the defense and commercial worlds can be brought together, and concludes that uniformity and standardization of security approaches and safeguards will be essential."--Rand abstracts.

Cyber Defense
Cyber Defense

Author: Sidney E. Dean

Publisher: Createspace Independent Publishing Platform

Published: 2013-06-29

Total Pages: 88

ISBN-13: 9781490560403

DOWNLOAD EBOOK

The recent focus on Edward Snowdon and revelations of US and British surveillance programs should not distract from one vital fact. The electronic networks on which western societies now depend are under constant malicious attack, trend growing. Whether military command and control or critical infrastructure grids (think power, water, transportation, financial, even agriculture and health care), state and non-state actors are consistently working to infiltrate, copy data, and/or position themselves for electronic sabotage in case conflict breaks out. A November 2011 study released by the US government's Office of the National Counterintelligence Executive publicly identifies China and Russia as the most aggressive collectors of economic and technological information from hacked US computer systems [Foreign Economic Collection 2011]. This year it became known that hackers presumed to be working for Chinese military intelligence accessed databases containing technical details of dozens of American high tech weapon systems, both operational and developmental. This immediately led to speculation whether the Chinese or other opponents could temporarily hijack control over these weapon systems in a future conflict. The information concerning the weapon systems hack was leaked from a January 2013 Defense Science Board report titled Resilient Military Systems and the Advanced Cyber Threat. This report, compiled by respected civilian scientists and policy experts, concludes that a full spectrum cyber campaign waged by a state actor with sophisticated capabilities "is of such magnitude and sophistication that it cannot be defended against." The report therefore recommends that "a successful (Department of Defense) cyber strategy must include a deterrence component." Some commentators have read this as a call for nuclear response to cyber attacks. While such a Strangelovesque recommendation is not actually contained in the report (at least not explicitly) the DSB's experts do emphasize the need to ensure the survivability of American nuclear systems from the effects of enemy cyber operations. Failure to harden military and critical civilian systems could leave the United States and its NATO allies vulnerable to an electronic 9/11 or even an electronic Pearl Harbor. Efforts must be made (and expenses incurred) to keep the alliance and its members from having to choose between launching preemptive kinetic warfare or risk being functionally disarmed by enemy information warfare. This issue of Hampton Roads International Security Quarterly begins with an introduction to the theme of cybersecurity and some general recommendations regarding policies and responses. We then progress to the foreign threat scenarios, followed by discussion of cybersecurity for the United States national critical infrastructure. In the final section of this issue, US government cybersecurity functions and instruments (civilian and military) are outlined, rounded out by a discussion of cybersecurity at the NATO level. As always, we wish you interesting reading.

Information assurance trends in vulnerabilities, threats, and technologies
Information assurance trends in vulnerabilities, threats, and technologies

Author:

Publisher: DIANE Publishing

Published: 2004

Total Pages: 154

ISBN-13: 1428982620

DOWNLOAD EBOOK

One of the missions of the Center for Technology and National Security Policy at National Defense University is to study the transformation of America's military and to explore the consequences of the information revolution. To further this mission, National Defense University, in collaboration with The Center for Public Policy and Private Enterprise of the University of Maryland's School of Public Affairs, brought together leaders in the fields of military and commercial technology. The purpose of the meeting was to gain insight into the risks and vulnerabilities inherent in the use of information technology on the battlefield and in military systems. This volume presents the results of that workshop. This volume examines threats and vulnerabilities in the following four areas: (1) physical attacks on critical information nodes; (2) electromagnetic attacks against ground, airborne, or space-based information assets; (3) cyber attacks against information systems; and (4) attacks and system failures made possible by the increased level of complexity inherent in the multiplicity of advanced systems. Chapters are as follows: "Trends in Vulnerabilities, Threats, and Technologies," by Jacques S. Gansler and William Lucyshyn; "Physical Vulnerabilities of Critical Information Systems," by Robert H. Anderson; "Physical Vulnerabilities Exposed at the National Training Center," by Colonel John D. Rosenberger; "Dealing with Physical Vulnerabilities," by Bruce W. MacDonald; "Vulnerabilities to Electromagnetic Attack of Defense Information Systems," by John M. Borky; "Vulnerabilities to Electromagnetic Attack of the Civil Infrastructure," by Donald C. Latham; "Trends in Cyber Vulnerabilities, Threats, and Countermeasures," by Michael A. Vatis; "Enhancing Cyber Security for the Warfighter," by Sean R. Finnegan; "Complexity of Network Centric Warfare," by Stanley B. Alterman; and "Difficulties with Network Centric Warfare," by Charles Perrow.

Sharing the Knowledge
Sharing the Knowledge

Author: Steven M. Rinaldi

Publisher:

Published: 2000

Total Pages: 84

ISBN-13:

DOWNLOAD EBOOK

This is the 33rd volume in the Occasional Paper series of the U.S. Air Force Institute for National Security Studies (INSS). This paper, along with Occasional Paper 32, Richard Aldrich's "Cyberterrorism and Computer Crimes: Issues Surrounding the Establishment of an International Legal Regime,"address the context surrounding the question of how the U.S. military responds to the cyber threat facing the American military and society today. The U.S. military has become increasingly dependent upon the nation's information and communications infrastructures. Concurrently, threats to and vulnerabilities in these infrastructures are expanding, in large part due to structural factors not likely to disappear in the future. To prevail against the increasing threat, the military -- and, more broadly, the government -- needs to adopt a risk reduction and management program. A crucial element of this risk management program is information sharing with the private sector. However, substantial barriers threaten to block information exchanges between the government and private sector. These barriers include concerns over release of sensitive material under Freedom of Information Act requests, antitrust actions, protection of business confidential and other private material, possible liability due to shared information, disclosure of classified information, and burdens entailed with cooperating with law enforcement agencies. There is good cause to believe that the government and private sector can overcome these barriers, guided by lessons learned from numerous successful government-private sector information-sharing mechanisms. This analysis concludes with actions the government should undertake to develop an information-sharing mechanism with the private sector. Key among them are actively engaging the private sector from the onset, determining information requirements, and fostering a partnership based on trust.

Conflict and Cooperation in Cyberspace
Conflict and Cooperation in Cyberspace

Author: Panayotis A Yannakogeorgos

Publisher: CRC Press

Published: 2013-07-22

Total Pages: 363

ISBN-13: 146659201X

DOWNLOAD EBOOK

Conflict and Cooperation in Cyberspace: The Challenge to National Security brings together some of the world’s most distinguished military leaders, scholars, cyber operators, and policymakers in a discussion of current and future challenges that cyberspace poses to the United States and the world. Maintaining a focus on policy-relevant solutions, it offers a well-reasoned study of how to prepare for war, while attempting to keep the peace in the cyberspace domain. The discussion begins with thoughtful contributions concerning the attributes and importance of cyberspace to the American way of life and global prosperity. Examining the truths and myths behind recent headline-grabbing malicious cyber activity, the book spells out the challenges involved with establishing a robust system of monitoring, controls, and sanctions to ensure cooperation amongst all stakeholders. The desire is to create a domain that functions as a trusted and resilient environment that fosters cooperation, collaboration, and commerce. Additionally, the book: Delves into the intricacies and considerations cyber strategists must contemplate before engaging in cyber war Offers a framework for determining the best ways to engage other nations in promoting global norms of behavior Illustrates technologies that can enable cyber arms control agreements Dispels myths surrounding Stuxnet and industrial control systems General Michael V. Hayden, former director of the National Security Agency and the Central Intelligence Agency, begins by explaining why the policymakers, particularly those working on cyber issues, must come to understand the policy implications of a dynamic domain. Expert contributors from the Air Force Research Institute, MIT, the Rand Corporation, Naval Postgraduate School, NSA, USAF, USMC, and others examine the challenges involved with ensuring improved cyber security. Outlining the larger ethical, legal, and policy challenges facing government, the private sector, civil society, and individual users, the book offers plausible solutions on how to create an environment where there is confidence in the ability to assure national security, conduct military operations, and ensure a vibrant and stable global economy.