ciao.0209 - july 99 - 1 critical infrastructure assurance office protecting america’s cyberspace:...
Post on 18-Dec-2015
218 Views
Preview:
TRANSCRIPT
CIAO.0209 - July 99 - 1Critical Infrastructure Assurance Office
Protecting America’s Cyberspace:
Version 1.0 of the National Plan
Jeffrey HunkerNational Security Council
July 7, 1999
CIAO.0209 - July 99 - 2
Cyber Threat Spectrum
Info WarriorInfo Warrior
TerroristTerrorist
IndustrialEspionageIndustrialEspionage
Revenge, Retribution, Financial Gain, Institutional ChangeRevenge, Retribution, Financial Gain, Institutional Change
Reduce U.S. Decision Space, Strategic Advantage, Chaos, Target Damage
Reduce U.S. Decision Space, Strategic Advantage, Chaos, Target Damage
Monetary GainThrill, Challenge, PrestigeMonetary GainThrill, Challenge, Prestige
Thrill, ChallengeThrill, Challenge
National IntelligenceNational Intelligence
Institutional HackerInstitutional Hacker
Recreational HackerRecreational Hacker
Information for Political, Military, Economic AdvantageInformation for Political, Military, Economic Advantage
Visibility, Publicity, Chaos, Political ChangeVisibility, Publicity, Chaos, Political Change
Competitive AdvantageIntimidationCompetitive AdvantageIntimidation
Organized CrimeOrganized Crime
NationalSecurityThreats
NationalSecurityThreats
SharedThreatsSharedThreats
LocalThreatsLocal
Threats
• We know of foreign governments creating offensiveattack capabilities against US Cyber Networks
CIAO.0209 - July 99 - 3
PDD-63: National Goal
Protect Critical Infrastructures– Intentional attacks that would significantly diminish
capabilities
Action by Federal, state and local, private sector:– Federal: National security, public health and safety– State and local governments: Maintain order, essential
services– Private sector: Essential telecom, energy, financial,
transportation services
Initial Operating Capability by 2000
Final Operating Capability in 2003
CIAO.0209 - July 99 - 4
A Family of Plans
National Plan for Information Systems Protection ProgramNational Plan for Information Systems Protection Program
Assess and eliminate significant vulnerabilities to information warfare attack on America’s critical information systems in private sector and governmentAssess and eliminate significant vulnerabilities to information warfare attack on America’s critical information systems in private sector and government
Develop systems to assess, warn, isolate, respond and reconstitute essential information dependent components of economy and governmentDevelop systems to assess, warn, isolate, respond and reconstitute essential information dependent components of economy and government
Create a strong foundation for secure cyber systems including public-private partnership of systems operators and customers, sound legal footing, widespread public understanding of the importance of information assurance and security, and international cooperation
Create a strong foundation for secure cyber systems including public-private partnership of systems operators and customers, sound legal footing, widespread public understanding of the importance of information assurance and security, and international cooperation
Strong Foundations
Strong Foundations
Detect and Respond
Detect and Respond
Prepare and Prevent
Prepare and Prevent
• Non-DOD USG
Civilian Agency Protection & Gov’t Wide Initiatives
Civilian Agency Protection & Gov’t Wide Initiatives
• DOD
DoD InfrastructureProtection Plan
DoD InfrastructureProtection Plan
Different Constituencies, Shared GoalsDifferent Constituencies, Shared Goals
Federal Government’s Infrastructure Assurance Plan
Federal Government’s Infrastructure Assurance Plan
• Private Sector/State & Local Government
Framework for Critical Infrastructure
Assurance Plan
Framework for Critical Infrastructure
Assurance Plan
CIAO.0209 - July 99 - 5
New Initiatives
Supported by President’s FY 2000 Budget Request– $1.4 B
– 38% Increase from 1999
Focus On– Federal Sector a Model
– Foundations for Public-Private Partnership
CIAO.0209 - July 99 - 6
Objective: Prepare and Prevent
Program 1: Identify and Address Vulnerabilities
– Key Components for identifying vulnerabilities:• network assessment
• network analyzer software programs
• Red Team attacks
– Best Practices and Standards
– New Programs and Focus within Federal Government• Expert Review Team
CIAO.0209 - July 99 - 7
Objective: Detect and Respond
Program 2: Detect Attacks and Unauthorized Intrusions
– Multi-layered protection -- firewalls, intrusion detection monitors, enterprise-wide management systems, malicious code scanners
Program 3: Robust Law Enforcement and Intelligence Capabilities to Protect Critical Information Systems
– NIPC taking the lead
CIAO.0209 - July 99 - 8
Objective: Detect and Respond (cont’d)
Program 4: Share Attack Warnings and Information
– Computer Security Centers• DOD: JTF-CND
• Non-DOD Federal Government: FIDNET
• Industry: Computer Security Centers/ISACs
– Three Pillar System of Intrusion and Attack Detection
Program 5: System for Response, Reconstitution, and Recovery
CIAO.0209 - July 99 - 9
1
Intrusion attempt detected
Notification
2 3
4
Intrusion attempt detected
Network Center
Computer Intrusion Detection Network
CIAO.0209 - July 99 - 10
ISAC Creation: Questions
1. One or many ISACs? By Sector?
2. Role limited to warning and real-time networks’ security?
3. Government role in sponsoring, starting?
4. New institution or add function to existing entity?
5. Measures of success?
CIAO.0209 - July 99 - 11
Objective: Build Strong Foundations
Program 6: Enhance Research and Development– FY 2000 Budget Request: $508 MM
– Priorities: • large scale networks of intrusion detection monitors
• malicious code detection
• interactive multi-layered defenses for enterprise wide management
• modeling responses and interdependencies to cyberattack
CIAO.0209 - July 99 - 12
Objective: Build Strong Foundations (cont’d)
Program 7: Train and Employ Adequate Numbers of Information Security Specialists– Federal scholarship for service program
(CyberCorps)– Retraining and certifying current Federal
IT security personnel– New pay scale and incentive systems for
Federal IT personnel– INFOSECURITY Centers of Excellence in
universities– Support for additional university faculty
development
CIAO.0209 - July 99 - 13
CyberCorps
Problems: – Lack of computer systems talent nationwide– Inability of US Government to compete for talented
computer experts
Solution:– “ROTC” like programs in colleges– Stimulate colleges’ comp sci programs– Expands numbers of students in field– Trades undergraduate financial aid for commitment
to work for Federal Government upon graduation– Summer schools, internships, Institute
CIAO.0209 - July 99 - 14
Objective: Build Strong Foundations (cont’d)
Program 8: Outreach to Americans on the Need for Cyber-Security– Partnership for Critical Information Systems
Security
Program 9: Adopt Legislation and Appropriations in Support of Programs 1-8
Program 10: Ensure Full Protection of American Citizen’s Civil Liberties
CIAO.0209 - July 99 - 15
Partnership for Critical Information Security (draft)
National Awareness CampaignAimed at Corporate and IT Executives
• Action to protect Critical Information Infrastructure
• Promote Education
• Support Outreach
Participation in Partnership requires:
CIAO.0209 - July 99 - 16
Goals With Economic Sectors
Create Information Sharing and Assessment Centers for intrusion monitoring networks
Establish process to agree upon ‘Best Practices’ for computer security in each sector
Develop processes for certification of hardware, software, firmware, computer security personnel
Jointly develop Awareness and Education campaign, perhaps through a new foundation or institute
CIAO.0209 - July 99 - 17
Summary
Federal Initiatives Under Development– R&D– Cybercorps– Intrusion Detection– Reconstitution
Industry Leadership Necessary in Key Areas– Information Sharing– Best Practices/Accreditation– Education/Awareness
Evolving Threat Environment - PDD-63 In Response
top related