- There are several steps that
organizations can take to stay in sync with The National Strategy to
Secure Cyberspace. The following action steps and modifications to
disaster recovery plans and procedures are appropriate for each of the
five priorities for securing cyberspace.
- Chapters six through eleven provide managers with an
analysis of the steps required to meet the goals of
The National Strategy to Secure
Cyberspace.
To meet the goals of priority I, and participate in a
national cyberspace security response system an organization should take
or be prepared to take the following steps:
- Prepare to participate in a
public-private architecture for responding to national-level cyber
incidents. This may mean that under certain alert conditions
organizations will need to reports various types of activities and
intrusion attempts.
- Prepare to contribute to the development
of tactical and strategic analysis of cyber attacks and vulnerability
assessments. This will require more detailed reporting of activities and
intrusion attempts on an ongoing basis.
- Join in a shared synoptic view of the
health of cyberspace with government agencies and other organizations.
- Be a recipient of information from an
expanded Cyber Warning and Information Network when
DHS is coordinating
crisis management activities for cyberspace security and participate in
national incident management efforts.
- Participate in the development of
national public-private continuity and contingency planning efforts as
well as mobilization exercises to test plans.
To meet the goals of priority II, and
participate in a national cyberspace security threat and vulnerability
reduction program an organization should take or be prepared to take the
following steps:
- Assist in enhancing law enforcement’s
capabilities for preventing and prosecuting cyberspace attacks. This
will mean reporting more incidents and file necessary complaints to
support the prosecution of perpetrators.
- Be forthwith in providing
information on that will contribute to national vulnerability
assessments so that all organizations will better understand the
potential consequences of threats and vulnerabilities.
- Deploy new and more secure protocols and
routing technology in order to reduce vulnerabilities. This will require
upgrading or replacing less secure technology.
- Deploy and use digital control systems
and supervisory control and data acquisition systems that the government
has labeled as trusted or in some other way meets government standards.
- Deploy and upgrade software that
can reduce and remediate vulnerabilities. This will mean installing
patches more frequently or eliminating less secure software from the
product mix used by the organization.
- Help to analyze infrastructure
interdependencies and improve the physical security of cyber systems and
telecommunications systems to make them meet potential government
standards.
- Contribute to a process that helps
to prioritize federal cyber security research and development agendas
and assess and secure emerging systems.
To meet the goals of priority III, and participate in a
national cyberspace security awareness and training effort an organization
should take or be prepared to take the following steps:
- Participate in a comprehensive national awareness
program to help enable businesses, the general workforce, and the
general population to secure their own parts of cyberspace.
- Improve in-house training and education programs to
support the national cyber security needs.
- Accept and have staff participate in private-sector
supported and widely recognized professional cyber security
certifications.
To meet the goals of priority IV, and participate in
securing governments’ cyberspace an organization should take or be
prepared to take the following steps:
- Provide information to the government that helps to
continuously assess threats and vulnerabilities to Federal cyber
systems.
- Assure that all users in an organization that may
have the necessity to use federal cyber systems trustworthy individuals
and are trained on security issues.
- Provide information to the
government that may help to secure federal wireless local area networks
and keep those networks secure.
- Assist in improving security in
government outsourcing and procurement by providing information as
requested about contractors, equipment, software, and services.
- Assist state and local governments
in establishing information technology security programs and encourage
such entities to participate in information sharing and analysis centers
with similar governments.
To meet the goals of priority V, and participate in
developing greater national security and international cyberspace security
cooperation an organization should take or be prepared to take the
following steps:
- Help strengthen cyber-related counterintelligence
efforts by providing the government with information about known
activities that may be relevant to these efforts.
- Provide information to the
government that can improve capabilities for attack attribution and
response before, during, and after an incident.
- Assist the government in improving the
coordination of responses to cyber attacks within the U.S. national
security community by providing information or technical assistance.
- Assist the government to
facilitate dialogue and partnerships among international public and
private sectors focused on protecting information infrastructures.
- Participate in the governments national
and international watch-and-warning networks to detect and prevent cyber
attacks as they emerge.
- Use influence to get other nations
to accept the Council of Europe Convention on Cyber Crime.
|
