 |
Â
Product Search
|
 |
|
Â
Article Search
|
|
|
Â
Resources
| |
| Home > Computer Network Defense (CND) And The Intelligence Community A Higher Level Of Security
We Have Found 3 Products for your search of Computer Network Defense (CND) And The Intelligence Community A Higher Level Of Security.
Displaying Items Page 1 and Articles Page 1.
|
| Please vote and
rate this. |
Computer Network Defense (CND) And the Intelligence Community - A Higher Level of Security
by John Stout
There are three sectors of the Federal Government that are vitally concerned with Computer Network Defense and the Intelligence Community adds an additional level of security because of the classified nature of community activities.
As a result, contractors that provide Computer Network Defense (CND) services are held to even higher standards than the usual high requirements of vendors for Cyber Security projects.
The concept of Computer Network Defense includes a broad menu of services that provide an infrastructure against cyber attacks from domestic and international sources. While each agency has specific Cyber Security needs and protection of classified data and information, a general roadmap can be developed and used as a template for individual users.
General Objectives:
In general, contractors that perform Computer Network Defense Services are tasked to meet four objectives.
· Recommending architectures, software and hardware· Implementing the government approved solution· Performing operations and maintenance of the CND program· Insuring that security requirements for classified material are met ( a higher level of security requirement)
The contractor is also required to make regular formal reports and/or briefings detailing status and accomplishments in the various CND functional areas.
Specific CND duties include, but are not limited to:
Deployment:
Deployment requires the contractor to develop all hardware and software required to establish a state of the art Cyber Security Defensive network that will improve defenses, ensure that the systems operate properly and monitor activities on a day to day basis. It is important that the entire deployment effort coordinates with the agency security office to ensure that the protection of classified data is not compromised. Deployment usually includes:
· Deploy, maintaining, and monitor and harden agency's perimeter defenses on all classified and unclassified networks· Deploying, operating, maintain, monitor, and harden agency's intrusion detection capability on all classified and unclassified networks· Operating, maintain, monitor and harden agency's Domain Name Servers(DNS) on all classified and unclassified networks
Manage Assist and Support:
Additional support is often required in the form of identification of new products/technology that enhance the security of the network. Since Cyber Security is in a rapid development phase, new products and technology are constantly emerging. Some of this technology is good and some is not useful. Qualified decisions are required to pick the best applicable technology.
A sample of additional support includes:
· Working closely with engineering and operations for the installation and configuration management of CND devices on agency's networks· Performing software and hardware vulnerability scans on all classified and unclassified networks and systems· Managing, and monitoring the enterprise anti-virus program· Providing assistance and guidance in the development of system and network security plans· Managing and monitoring the system and network audit log reviews for all networks and systems
Testing and Reporting:
Continuous testing of the system is the best way to identify and preclude future cyber attacks on a regular basis. Based upon testing, decisions can be made to improve the performance of the Cyber Security network. Included in this process are the following steps:
· Identifying anomalous activity in an audit log immediately to the government manager· Performing network and system security plan compliance testing· Reporting noncompliance with system and network security plans immediately to the government manager· Executing software, hardware, and configuration vulnerability scans on all agency systems and networks· Working closely with agency's security office in the development, implementation, and management of agency's system security program· Managing, and monitoring the removable media access control program on all agency systems and networks
Compliance and As Needed Support:
The critical nature of Computer Network Defense means that standards and regulation must be met and complied with to insure success of the program. This includes:
· Supporting the Information Assurance Vulnerability Alert (IAVA) and Information Condition programs; developing and maintaining agency's information systems security officer professional development program· Reviewing updated developments on all applicable standards and regulation to ensure that the network is in compliance· Providing as needed incident response support for, hacker attacks, cyber-terrorist attacks, and virus, worm, Trojan horse, and other malicious code incidents· Develop, install, manage, and maintain the PKI infrastructure on all agency networks and systems
Documentation and Technical Representation:
In order to establish a program that future users can comply with and benefit from, complete and accurate documentation is required. In addition compliance with Intelligence Community Standard Operating Requirements, particularly as regards security of classified information is mandatory. This process includes:
· Documentation of practices, policies, requirements, training, Standard Operating Procedures, and configuration management processes· Representation at agency meetings, conferences, and seminars as directed by the Government· Responding to agency, DoD, and Intelligence Community requirements as directed by the Government· Providing additional technical support to the other branches/clients of Mission Assurance as required
Establishing a viable and compliant Computer Network Defense is a major undertaking and requires skill and effort. This is particularly true when dealing with the Intelligence Community agencies and dealing with classified information. This requires experience professional engineers with the required security clearances in addition to CND required certifications.
About the Author
Jon M. Stout is Chief Executive Officer of Aspiration Software LLC. Aspiration Software LLC is an Information Technology/Cyber Security services provider focused on the Intelligence Community (IC). For more information about Cyber Security and Employment Opportunities in the Intelligence Community go to aspirationsoftware.com
Related Articles (0Â vote) Desktop Conferencing - Your Window To The World
by Shakir A.. When NASA started experimenting with video conferencing they did not think that the system they were using to confer with groups of people in differe... products, articles
- (0Â vote) Purchase Your Notebook With A Personal Loan
by Jess Peterson. In order to purchase a new notebook most people need some sort of finance and though the usual method of financing these purchases is credit cards, t... products, articles
- (0Â vote) Desktop Video Conferencing - Keeping The Family In Touch
by Shakir A.. Desktop video conferencing is the cheapest and the fastest way to stay in touch. In today's day and age where everyone is spread across the globe it ... products, articles
- (0Â vote) The Perfect Desktop Icon
by Chris Kennelly. People put as much effort into customizing their computer desktops as they do into decorating the tops of their desks.
I have personally witnessed f... products, articles
Google Internet Summit 2009: Security Session
| Â Â |
|
Google Internet Summit 2009: The State of the Internet
May 5, 2009
Security Session panelists are Whit Diffie, Steve Crocker, Chris DiBona, Eric Grosse, and Howard Schmidt.
On May 5 and 6, 2009, in Mountain View, we brought together Googlers and leaders from academia and the corporate world for a 2-day summit to discuss the state of the global Internet. The goal of the summit was to collect a wide range of knowledge to inform Google's future plans--from product development and market reach to users' expectations and our ability to keep the Internet open yet secure.
More than 30 speakers and moderators led discussions around 8 topics: Networks; Wireless and Sensor Technologies; Security; Standards; Applications; Democracy, Law, Policy and Regulation; Search and Cloud Computing; and The Future. Eric Schmidt, who offered some remarks, expressed optimism that the challenges we face with governments' walling off access to the Internet can be overcome technologically by building networks that are transparent, scalable, and open.
|
|
