Federal Network Security Survey Report
|
|
- Laurel Burns
- 8 years ago
- Views:
Transcription
1 Federal Network Security Survey Report April 20, Market Connec1ons, Inc.
2 EXECUTIVE SUMMARY 2 About the Study As networks become increasingly complex and more data moves across the network vulnerability to security breaches can increase. Despite the volume of unencrypted inter- and intra- agency data traversing most enterprises, many federal agencies are not implemencng procedures to protect the network because it is expensive and degrades performance. The right tools can help agencies overcome these network security obstacles, and provide end- to- end proteccon of data within the data center and in transit without adding complexity to the network. Government market research firm Market ConnecCons, Inc. conducted this study to learn to what extent agencies feel their data is protected in transit, the challenges they face in addressing data proteccon proaccvely and any gaps between priorices and accons.
3 EXECUTIVE SUMMARY 3 Key Research Findings PrevenCon is the highest priority within an agency s cybersecurity strategy. Only 26% of agencies feel their data on the network is fully protected. o The ability to protect data on the network diminishes the further the data travels. o Budget constraints, limited resources, complexity and impact on the network performance are top challenges for agencies when protecxng the data on the network. EncrypCng the data on the network is important to 95% of respondents. Seventy- six percent of agencies encrypt their data. A majority (62%) focus on SSL. o In most cases, agencies are are focused on SSL encrypxon to secure web- based applicaxons. Yet there are many other applicaxons that need to be encrypted in transit. What encrypxon is used in those cases?
4 EXECUTIVE SUMMARY 4 Key Research Findings (concnued) Those who are not encrypcng their data are not doing so because of budget constraints and the impact on network performance. Eighty- seven percent believe it is important to base their network proteccon strategy on the Suite B encrypcon algorithm.
5 SECURITY, CHALLENGES AND PRIORITIES 5 Cybersecurity PrioriCes Agencies cybersecurity priorixes for 2015 include a widespread focus on prevenxon (72%), although idenxficaxon (47%) and remediaxon (48%) are also high priorixes. High priority in 2015 Moderate priority in 2015 Not a priority in % 25% 50% 72% 47% 48% 75% 100% 48% 46% 24% 4% 5% 6% PrevenXon IdenXficaXon RemediaXon N=200 What are your agency s cybersecurity priori1es for 2015 with regard to preven1on, iden1fica1on, and remedia1on?
6 SECURITY, CHALLENGES AND PRIORITIES 6 Cybersecurity Budget In most instances, agencies cybersecurity budgets are esxmated to remain unchanged from the previous fiscal year. In line with its relaxvely higher priority, 24% of respondents anxcipate budgets for prevenxon to rise in FY % Increase in FY 2015 About the same in FY 2015 as previous fiscal year Decrease in FY % 16% 14% 25% 50% 75% 71% 76% 80% 100% 6% 8% 6% PrevenXon IdenXficaXon RemediaXon N=200 To the best of your knowledge, in each of the following areas did your agency s cyber security budget increase, decrease, or stay about the same as the previous fiscal year?
7 SECURITY, CHALLENGES AND PRIORITIES 7 Cyber and Network Security Only one- quarter of agencies feel their data on the network is fully protected. Similarly, just 23% rate their agency as fully cyber- secure. 1- Not at all protected Fully protected Network- level security 4% 22% 48% 26% Agency- level cyber security 5% 24% 48% 23% N=200 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% In your opinion, how would you best rate your agency s overall cyber security protec1on, and your agency s level of network security?
8 PROTECTION PROTOCOLS 8 Agency StandardizaCon Historically, agencies have used firewalls, encrypxon appliances and routers with encrypxon modules. Some of these tools can impact performance and do not sufficiently protect data on the network. Agency StandardizaCon Firewalls 85% EncrypXon appliance 67% Router with encrypxon module 58% Other 1% N=151 0% 25% 50% 75% 100% Note: MulXple responses allowed For the traffic on your network today, what has your agency standardized on to perform encryp1on/decryp1on? (select all that apply)
9 SECURITY, CHALLENGES AND PRIORITIES 9 Top Challenges ProtecCng Data Budget constraints, limited resources, complexity and impact on network performance are top challenges for agencies when protecxng the data on the network. Budget constraints 75% Lack of internal resources to implement/maintain 56% Complex to implement/maintain 48% Impact on network performance 46% IncompaXble hardware and sojware 36% Lack of bandwidth/capacity Other 8% 32% Lack of internal resources to implement/maintain FedCiv Defense 52% 68% 0% 10% 20% 30% 40% 50% 60% 70% 80% N=200 Note: MulXple responses allowed What are the top challenges you face with regard to protec1ng your data on the network? (select top 3) = staxsxcally significant difference
10 SECURITY, CHALLENGES AND PRIORITIES 10 Network ConnecCon Speed Typical connecxon speeds between data centers or remote offices vary widely. Sixty- seven percent run at 10Gbps or faster. At these speeds, the encrypxon method can become more of a hindrance than a help. 100Gbps 16% 40Gbps 20% 10Gbps 31% 1Gbps 16% 100Mbps 12% Other 4% N=200 0% 5% 10% 15% 20% 25% 30% 35% What is your agency s typical network connec1on speed between data centers or remote offices?
11 SECURITY, CHALLENGES AND PRIORITIES 11 Ability to Protect Data in Transit/ Over the Network The ability to protect data on the network diminishes the further the data travels. 0% 25% 58% 49% 33% 50% 75% 36% 45% 61% 100% N=198 6% 6% 7% Within data center Internally (between or within buildings on the same campus) Agency to agency How would you rate your agency s ability to protect the following aspects of data in transit/ over the network?
12 PROTECTION PROTOCOLS 12 Data EncrypCon Importance EncrypXon of data on the network is considered important by 95% of respondents. Very important Somewhat important 31% 64% 95% IMPORTANT Neither important nor unimportant 4% Somewhat/ very unimportant 0% N=200 0% 10% 20% 30% 40% 50% 60% 70% How important is encryp1on of data on the network, rela1ve to the overall security of your agency s data?
13 PROTECTION PROTOCOLS 13 ProtecCng Data Although agencies may think they are protecxng their data at sufficient levels, a majority are focused on SSL encrypxon to secure web- based applicaxons. This does not address other inflight traffic types that require a minimum of 128 bit soluxons for Secret and 256 bit encrypxon soluxons for Top Secret inflight data sets. Protocols to Protect Data Level of EncrypCon User credenxals (for applicaxon security only) 80% Secure Socket Layer (SSL) 62% EncrypXon 76% 64 bit 9% Access Control List (ACL) (permissions anached to an object) 49% 128 bit 256 bit 20% 32% Unsure 5% Unsure 9% N=198 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% N=151 0% 20% 40% 60% 80% Note: MulXple responses allowed What protocols do you require to protect your network s data when in transit? (select all that apply)
14 PROTECTION PROTOCOLS 14 Reasons for Not EncrypCng Data Those who are not encrypxng their data are not because of budget constraints and the impact on the network performance. Budget constraints 45% Impact on network performance 39% IncompaXble hardware and sojware Lack of internal resources to implement/maintain Complex to implement/maintain 29% 29% 32% Lack of bandwidth/capacity 18% Other 3% N=38 0% 10% 20% 30% 40% 50% Note: MulXple responses allowed For what reason(s) are you not encryp1ng the data on your network? (select all that apply)
15 PROTECTION PROTOCOLS 15 Importance of Suite B Eighty- seven percent of respondents believe it is important to base their network protecxon strategy on the Suite B encrypxon algorithm. Strategy Based on Suite B Importance Very important Somewhat important Neither important nor unimportant Somewhat/ very unimportant N= 151 2% 11% 31% 56% 0% 20% 40% 60% Suite B is a set of cryptographic algorithms promulgated by the NaXonal Security Agency as part of its Cryptographic ModernizaXon Program. It is to serve as an interoperable cryptographic base for both unclassified informaxon and most classified informaxon. Note: MulXple responses allowed How important is it that your network data security strategy is based on Suite B (a government cer1fied solu1on) versus some other standard approach?
16 RECOMMENDATIONS 16 RecommendaCons Despite the priority agencies place on security and prevencon, the study results show there is no place within the enterprise where data is fully protected to prevent cyber- aaacks. It is criccal to ensure your encrypcon strategy expands as your enterprise grows to accommodate addiconal users and networking services. Checklist for seleccng a data proteccon solucon for your network! Simple to implement and maintain! Does not impact your network or increase network costs due to complexity and management overhead! Protects the different types of data on your network and is Suite B compliant if you have Secret and Top Secret data! Can handle your data connecxon speed today as well as into the future
17 BACKGROUND AND APPROACH 17 About the Survey Market ConnecCons designed and conducted a blind online survey among 200 federal government IT decision makers and influencers in February Two hundred completed interviews yields a +/- 6.9% margin of error. Sixty different agencies parxcipated in the survey. Throughout the report, notable significant differences are reported. StaXsXcal analyses were conducted for agency type (federal civilian vs. defense). Due to rounding, graphs may not add up to 100%. Sample Agencies Represented (In AlphabeXcal Order) Air Force Army Congress Department of Agriculture (USDA) Department of Commerce (DOC) Department of Defense (DOD) Department of Energy (DOE) Department of Homeland Security (DHS) Department of Housing and Urban Development (HUD) Department of JusXce (DOJ) Department of State (DOS) Department of the Interior (DOI) Department of TransportaXon (DOT) Department of Treasury (TREAS) Department of Veteran Affairs (VA) Federal AviaXon AdministraXon (FAA) Judicial/Courts NaXonal InsXtutes of Health (NIH) Navy US Postal Service (USPS)
18 RESPONDENT CLASSIFICATIONS 18 Job Role A wide variety of agency roles are represented, the most common of which are Chief InformaXon Officer, Network Manager, Data Center Manager/Director and Security Administrator. Chief InformaXon Officer Network Manager 13% 12% Data Center Manager/Director Security Administrator Network Administrator Network Architect Chief Security Officer Security Architect 9% 8% 6% 4% 3% 2% ExecuCve Director Project Manager Program Manager IT Director Other 42% N=200 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% What is your role at your agency?
19 RESPONDENT CLASSIFICATIONS 19 Decision Making Involvement Nearly half of respondents menxon they evaluate or recommend network data protecxon soluxons (46%), or are part of a team that does so (45%). Thirty- two percent also describe their role as managing or implemenxng network data protecxon soluxons. And 18% make the final decision regarding network data soluxons. Evaluate or recommend network data protecxon soluxons On a team that makes decisions regarding network data protecxon soluxons 46% 45% Manage or implement network data protecxon soluxons 32% Make the final decision regarding network data protecxon soluxons 18% Other involvement in network data protecxon 8% N=200 Note: MulXple responses allowed 0% 10% 20% 30% 40% 50% How are you involved in decisions or recommenda1ons regarding your agency s network data protec1on? (select all that apply)
20 RESEARCH TO INFORM YOUR BUSINESS DECISIONS 20 Contact InformaCon Dave Glantz, Director of Research Services , ext. 104 Monica Mayk, MarkeCng Director , ext. 107 Susan Rose, Thought Leadership Content Lead
SolarWinds Federal Cybersecurity Survey Summary Report
SolarWinds Federal Cybersecurity Survey Summary Report March 26, 2014 2014 Market Connections, Inc. BACKGROUND AND APPROACH 2 Background and Approach SolarWinds and Market Connections worked together to
More informationPointofView. You Need to be Known to be Liked: Applying Lessons from Corporate Reputation Management to the Public Sector
PointofView You Need to be Known to be Liked: Applying Lessons from Corporate Reputation Management to the Public Sector Public Perceptions of the Reputation of the Federal Government and Other Public
More informationBriefing Outline. Overview of the CUI Program. CUI and IT Implementation
Briefing Outline Overview of the CUI Program Establishment of the Program Elements of the CUI Executive Order Categories and Registry Handling CUI Current Efforts Implementation Plan CUI and IT Implementation
More informationFEDERAL CLOUD COMPUTING SUMMIT
FEDERAL CLOUD COMPUTING SUMMIT Federal Cloud Computing Summit January 14-15, 2015 Washington Marriott at Metro Center The Federal Cloud Computing Summit will be held on January 14-15, 2015, at the Washington
More informationHomeland Security Infrastructure Program HSIP Gold 2012 September 2012
Homeland Security Infrastructure Program HSIP Gold 2012 September 2012 George Thomas, Chief, Content & Knowledge Management Division (PDC) IWG-Readiness, Response & Recovery (IWG-R3) George.J.Thomass@nga.mil,
More informationEMERGENCY SUPPORT FUNCTION ANNEXES: INTRODUCTION
EMERGENCY SUPPORT FUNCTION ANNEXES: INTRODUCTION Purpose This section provides an overview of the Emergency Support Function (ESF) structure, common elements of each of the ESFs, and the basic content
More informationReplacing Sneaker Net with the Internet. DREXEL UNIVERSITY ischool INFO614 DISTRIBUTED COMPUTING & NETWORKING FINAL PROJECT
Replacing Sneaker Net with the Internet DREXEL UNIVERSITY ischool INFO614 DISTRIBUTED COMPUTING & NETWORKING FINAL PROJECT Problem Statement Paper Routing of Proposals Slow Opaque Financial Reporting Information
More informationSecretary of the Senate Office of Public Records 232 Hart Building Washington, DC 20510 http://www.senate.gov/lobby
Page 1 of 12 Clerk of the House of Representatives Legislative Resource Center B-106 Cannon Building Washington, DC 20515 http://lobbyingdisclosure.house.gov Secretary of the Senate Office of Public Records
More informationFY 2012 Information Technology Budget
FY 2012 Information Technology Budget Cutting What We Cannot Afford & Deploying Game-Changing Technologies Vivek Kundra U.S. Chief Information Officer www.whitehouse.gov The Technology Agenda Cutting What
More informationSeptember 30, 2015. SUBJECT: Apportionment of the Continuing Resolution(s) for Fiscal Year 2016
EXECUTIVE OFFICE OF THE PRESIDENT OFFICE OF MANAGEMENT AND BUDGET WASHINGTON, D. C. 20503 THE DIRECTOR September 30, 2015 OMB BULLETIN NO. 15-03 TO THE HEADS OF EXECUTIVE DEPARTMENTS AND ESTABLISHMENTS
More informationActions and Recommendations (A/R) Summary
Actions and Recommendations (A/R) Summary Priority I: A National Cyberspace Security Response System A/R 1-1: DHS will create a single point-ofcontact for the federal government s interaction with industry
More informationFEDERAL INFORMATION SECURITY
United States Government Accountability Office Report to Congressional Committees September 2015 FEDERAL INFORMATION SECURITY Agencies Need to Correct Weaknesses and Fully Implement Security Programs GAO-15-714
More informationApplication Security in the Software Development Lifecycle
Application Security in the Software Development Lifecycle Issues, Challenges and Solutions www.quotium.com 1/15 Table of Contents EXECUTIVE SUMMARY... 3 INTRODUCTION... 4 IMPACT OF SECURITY BREACHES TO
More informationMiddle Class Economics: Cybersecurity Updated August 7, 2015
Middle Class Economics: Cybersecurity Updated August 7, 2015 The President's 2016 Budget is designed to bring middle class economics into the 21st Century. This Budget shows what we can do if we invest
More informationTREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION
TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION The IRS2GO Smartphone Application Is Secure, but Development Process Improvements Are Needed August 29, 2011 Reference Number: 2011-20-076 This report
More informationManaging the Ongoing Challenge of Insider Threats
CYBERSECURITY IN THE FEDERAL GOVERNMENT Managing the Ongoing Challenge of Insider Threats A WHITE PAPER PRESENTED BY: May 2015 PREPARED BY MARKET CONNECTIONS, INC. 11350 RANDOM HILLS ROAD, SUITE 800 FAIRFAX,
More informationCisco Application Networking for BEA WebLogic
Cisco Application Networking for BEA WebLogic Faster Downloads and Site Navigation, Less Bandwidth and Server Processing, and Greater Availability for Global Deployments What You Will Learn To address
More informationCisco Application Networking for IBM WebSphere
Cisco Application Networking for IBM WebSphere Faster Downloads and Site Navigation, Less Bandwidth and Server Processing, and Greater Availability for Global Deployments What You Will Learn To address
More informationDEPARTMENT OF DEFENSE EDUCATION ACTIVITY 4800 MARK CENTER DRIVE ALEXANDRIA, VA 22350-1400
DEPARTMENT OF DEFENSE EDUCATION ACTIVITY 4800 MARK CENTER DRIVE ALEXANDRIA, VA 22350-1400 SEP 1 8 2013 MEMORANDUM FOR DODEA AREA DIRECTORS DEPUTY DIRECTORS FOR CURRICULUM, INSTRUCTION, AND ASSESSMENTS
More informationGAO s High-Risk Program
GAO s High-Risk Program Mountains and Plains Intergovernmental Audit Forum September 1, 2015 William Reinsberg U.S. Government Accountability Office Outline Why was the High-Risk Program needed and what
More informationNERC CIP VERSION 5 COMPLIANCE
BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements that are the basis for maintaining
More informationManaging the Unpredictable Human Element of Cybersecurity
CONTINUOUS MONITORING Managing the Unpredictable Human Element of Cybersecurity A WHITE PAPER PRESENTED BY: May 2014 PREPARED BY MARKET CONNECTIONS, INC. 14555 AVION PARKWAY, SUITE 125 CHANTILLY, VA 20151
More informationDoD Cloud Computing Strategy Needs Implementation Plan and Detailed Waiver Process
Inspector General U.S. Department of Defense Report No. DODIG-2015-045 DECEMBER 4, 2014 DoD Cloud Computing Strategy Needs Implementation Plan and Detailed Waiver Process INTEGRITY EFFICIENCY ACCOUNTABILITY
More informationU.S. Government Receivables and Debt Collection Activities of Federal Agencies
FISCAL YEAR 2013 REPORT TO THE CONGRESS U.S. Government Receivables and Debt Collection Activities of Federal Agencies Department of the Treasury July 2014 department of the treasury washington, dc office
More informationLAB FORWARD. WITH PROService RMS TECHNOLOGY, ARCHITECTURE AND SECURITY INFORMATION FOR IT PROFESSIONALS
LAB FORWARD WITH PROService RMS TECHNOLOGY, ARCHITECTURE AND SECURITY INFORMATION FOR IT PROFESSIONALS Medical diagnostics are a vital part of the modern healthcare system, and instrument uptime is critical
More informationDEFINING CYBERSECURITY FEDERAL AGENCY CYBERSECURITY FUNDING
DEFINING CYBERSECURITY FEDERAL AGENCY CYBERSECURITY FUNDING The Federal Government has spent almost $32 billion on cybersecurity-related expenditures in the past 10 years. More importantly, the cyber spending
More informationU.S. Government Receivables and Debt Collection Activities of Federal Agencies
FISCAL YEAR 2014 REPORT TO THE CONGRESS U.S. Government Receivables and Debt Collection Activities of Federal Agencies Department of the Treasury May 2015 department of the treasury washington, dc office
More informationBuilding A Secure Microsoft Exchange Continuity Appliance
Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building
More informationCisco Integrated Services Routers Performance Overview
Integrated Services Routers Performance Overview What You Will Learn The Integrated Services Routers Generation 2 (ISR G2) provide a robust platform for delivering WAN services, unified communications,
More informationImprovements Needed With Host-Based Intrusion Detection Systems
Report No. DODIG-2012-050 February 3, 2012 Improvements Needed With Host-Based Intrusion Detection Systems Warning This report is a product of the Inspector General of the Department of Defense. Its contents
More informationSTATEMENT BY DAVID DEVRIES PRINCIPAL DEPUTY DEPARTMENT OF DEFENSE CHIEF INFORMATION OFFICER BEFORE THE
STATEMENT BY DAVID DEVRIES PRINCIPAL DEPUTY DEPARTMENT OF DEFENSE CHIEF INFORMATION OFFICER BEFORE THE HOUSE OVERSIGHT AND GOVERNMENT REFORM COMMITTEE S INFORMATION TECHNOLOGY SUBCOMMITTEE AND THE VETERANS
More informationADDRESS 001 UNITED STATES SENATE 002 U.S. HOUSE OF REPRESENTATIVES 003 COMMISSION SECURITY & COOPERATION IN EUROPE 006 U.S. CAPITOL POLICE+D32
ADDRESS KEY 001 UNITED STATES SENATE NAME 002 U.S. HOUSE OF REPRESENTATIVES 003 COMMISSION SECURITY & COOPERATION IN EUROPE 006 U.S. CAPITOL POLICE+D32 010 ARCHITECT OF THE CAPITOL 015 U.S. BOTANICAL GARDEN
More informationCybersecurity Report on Small Business: Study Shows Gap between Needs and Actions
SURVEY REPORT: cyber security Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions Confidence in a connected world. Executive summary An online survey revealed that while U.S.
More informationBest practices for protecting network data
Best practices for protecting network data A company s value at risk The biggest risk to network security is underestimating the threat to network security. Recent security breaches have proven that much
More informationUNCLASSIFIED (U) U.S. Department of State Foreign Affairs Manual Volume 5 Information Management 5 FAM 870 NETWORKS
5 FAM 870 NETWORKS (Office of Origin: IRM/BMP/GRP/GP) 5 FAM 871 ENTERPRISE NETWORKS (CT:IM-138; 01-18-2013) The Department currently has two enterprise networks: ClassNet and OpenNet. Only Department-issued
More informationCarney, Inc. helps Federal agencies accelerate workforce performance
Carney, Inc. helps Federal agencies accelerate workforce performance In the face of rapidly developing national priorities, an inundation of information, and constrained resources, the need to enable the
More informationSeptember 24, 2015. Mr. Hogan and Ms. Newton:
Mr. Michael Hogan and Ms. Elaine Newton Office of the Director, Information Technology Laboratory National Institute of Standards and Technology 100 Bureau Drive Mail Stop 8930 Gaithersburg, MD 20899-8930
More informationMarch 2013. 2012 Senior Executive Service Report
March 2013 2012 Senior Executive Service Report Senior Executive Service Fiscal Year 2012 This document provides a brief summary of federal employees in Senior Executive Service. U.S. Office of Personnel
More informationOracle Collaboration Suite
Oracle Collaboration Suite Firewall and Load Balancer Architecture Release 2 (9.0.4) Part No. B15609-01 November 2004 This document discusses the use of firewall and load balancer components with Oracle
More informationPALO ALTO SAFE APPLICATION ENABLEMENT
PALO ALTO SAFE APPLICATION ENABLEMENT 1 Palo Alto Networks Product Overview James Sherlow SE Manager WEUR & Africa jsherlow@paloaltonetworks.com @jsherlow Palo Alto Networks at a Glance Corporate Highlights
More informationIntroduction to Computer Security
Introduction to Computer Security Network Security Pavel Laskov Wilhelm Schickard Institute for Computer Science Circuit switching vs. packet switching OSI and TCP/IP layered models TCP/IP encapsulation
More informationWherever there is a conflict, the Addenda to the RFP document and the RFP document (in that order) override the explanations that are provided here.
Procurement of Services to Design, Develop, Implement and Maintain Centralized e-governance Application for Urban Local Bodies in Tamil Nadu Explanatory Notes 2 / Dated 17-December--2013 Explanatory Notes
More informationHow To Get A Computer Hacking Program
CHFI v8(computer Hacking Forensics Investigator) Course Description & Overview Overview CHFIv8 Course Description EC-Council releases the brand new Version 8 of the Computer Hacking Forensics Investigator
More informationSTRATEGIC SOURCING. Selected Agencies Should Develop Performance Measures on Inclusion of Small Businesses and OMB Should Improve Monitoring
United States Government Accountability Office Report to Congressional Requesters January 2014 STRATEGIC SOURCING Selected Agencies Should Develop Performance Measures on Inclusion of Small Businesses
More information1. First, how familiar are you with Master of Public Administration (MPA) and Master of Public Policy (MPP) degrees?
. First, how familiar are you with Master of Public Administration (MPA) and Master of Public Policy (MPP) degrees? Not familiar at all 6.2% 64 2 3.4% 3 3 26.6% 0 4 9.2% 76 Extremely familiar 23.8% 94
More informationINFRAGARD.ORG. Portland FBI. Unclassified 1
INFRAGARD.ORG Portland FBI 1 INFRAGARD Thousands of Members One Mission Securing Infrastructure The subject matter experts include: 2 INFRAGARD Provides a trusted environment for the exchange of Intelligence
More informationDeepwater Horizon: The Politics of Disaster
Deepwater Horizon: The Professor Juliette Kayyem April 2012 US-South Asia Leader Engagement Program Professor Juliette Kayyem Lesson 1 There was the BP Oil Spill and... There was the BP Oil Spill Event
More informationMemorandum of Understanding Between the Department of Energy Managing Partner Financial Management Line of Business And Nuclear Regulatory Commission
Memorandum of Understanding Between the Department of Energy Managing Partner Financial Management Line of Business And Nuclear Regulatory Commission I. Purpose The purpose of this Memorandum of Understanding
More informationThree Branches of Government. Lesson 2
Three Branches of Government The Executive Branch The President of the United States is the leader of the executive branch. The President s duties are to: Enforce federal laws and recommend new ones Serve
More informationSecure Remote Monitoring of the Critical System Infrastructure. An Application Note from the Experts in Business-Critical Continuity
Secure Remote Monitoring of the Critical System Infrastructure An Application Note from the Experts in Business-Critical Continuity TABLE OF CONTENTS Introduction................................................2
More informationUnited States Government Supplemental Information for the Year Ended September 30, 2002 (Unaudited)
SUPPLEMENTAL INFORMATION (UNAUDITED) 129 United States Government Supplemental Information for the Year Ended September 30, 2002 (Unaudited) Deferred Maintenance Deferred maintenance is the estimated cost
More informationDefense in Cyber Space Beating Cyber Threats that Target Mesh Networks
Beating Cyber Threats that Target Mesh Networks Trent Nelson, Cyber Security Assessment Lead, Idaho National Laboratory Jeff Becker, Global Wireless Business Director, Honeywell Process Solutions Table
More informationCyber Supply Chain Risk Management Portal
Cyber Supply Chain Risk Management Portal Dr. Sandor Boyson, Director, Supply Chain Management Center& Holly Mann, Chief InformaBon Officer R.H. Smith School Of Business The Cyber Supply Chain Challenge
More informationETHERNET ENCRYPTION MODES TECHNICAL-PAPER
1 ETHERNET ENCRYPTION MODES TECHNICAL-PAPER The CN series encryption platform is designed to secure information transmitted over a number of network protocols. The CN series encryptors secure Ethernet
More informationBusiness Continuity and Disaster Recovery Solutions in Government
> Business Continuity and Disaster Recovery Solutions in Government Protecting Critical Data Flow for Uninterrupted Services WHITE PAPER January 2010 J. Asenjo, CISSP www.thalesgroup.com/iss Information
More informationPanel Session: High Impact Workforce Initiatives Redefine the Government Information Security Workforce
Panel Session: High Impact Workforce Initiatives Redefine the Government Information Security Workforce Moderator: Lynn McNulty, CISSP Director of Government Affairs for (ISC)2 Co-Chair (ISC)2 Government
More informationIndustrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3
More informationCongress and President Obama designed the American Reinvestment and Recovery Act (ARRA) to preserve
Ecosystem Workforce Program Briefing Paper #2 Local Benefit in the West from the American Reinvestment and Recovery Act Max Nielsen-Pincus, Cassandra Moseley, Josef Gordon, and Zoe Walmer Fall 29 Congress
More informationWhat is Really Needed to Secure the Internet of Things?
What is Really Needed to Secure the Internet of Things? By Alan Grau, Icon Labs alan.grau@iconlabs.com The Internet of Things (IoT) has become a ubiquitous term to describe the tens of billions of devices
More informationCloud Computing Contract Clauses
Cloud Computing Contract Clauses Management Advisory Report Report Number SM-MA-14-005-DR April 30, 2014 Highlights The 13 cloud computing contracts did not address information accessibility and data security
More informationDoD Needs an Effective Process to Identify Cloud Computing Service Contracts
Inspector General U.S. Department of Defense Report No. DODIG-2016-038 DECEMBER 28, 2015 DoD Needs an Effective Process to Identify Cloud Computing Service Contracts INTEGRITY EFFICIENCY ACCOUNTABILITY
More informationU.S. Office of Personnel Management Human Resources Line of Business. Federal Human Resources Process Model
U.S. Office of Personnel Management Human Resources Line of Business Federal Human Resources Process Model Elizabeth A. Mautner, Zbynek Krobot, Tim Biggert November 10, 2011 OPM Overview Federal Human
More informationDATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0
DATA SECURITY 1/12 Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 Contents 1. INTRODUCTION... 3 2. REMOTE ACCESS ARCHITECTURES... 3 2.1 DIAL-UP MODEM ACCESS... 3 2.2 SECURE INTERNET ACCESS
More informationINSPECTOR GENERAL DEPARTMENT OF DEFENSE 4800 MARK CENTER DRIVE ALEXANDRIA, VIRGINIA 22350-1500
INSPECTOR GENERAL DEPARTMENT OF DEFENSE 4800 MARK CENTER DRIVE ALEXANDRIA, VIRGINIA 22350-1500 MAY 2 8 2014 MEMORANDUM FOR DISTRIBUTION SUBJECT: Government Accountability Office (GAO) Weekly Activity Repati
More informationNorthrop Grumman White Paper
Northrop Grumman White Paper A Distributed Core Network for the FirstNet Nationwide Network State Connectivity to the Core Network April 2014 Provided by: Northrop Grumman Corporation Information Systems
More informationUnisys Internet Remote Support
white paper Unisys Internet Remote Support Systems & Technology, CMP-based Servers Introduction Remote Support is a method of connecting to remotely located systems for remote administration, real-time
More informationAlaska Elevation Data Collection Update National Geospatial Advisory Committee
Alaska Elevation Data Collection Update National Geospatial Advisory Committee 22 June 2010 Steve Wallach NGA GEOINT Information Executive 1 2 3 AK Elevation Data - Contract Status Contributing partners
More informationINFORMATION TECHNOLOGY
United States Government Accountability Office Report to Congressional Requesters May 2016 INFORMATION TECHNOLOGY Federal Agencies Need to Address Aging Legacy Systems GAO-16-468 May 2016 INFORMATION TECHNOLOGY
More informationDATA CENTER CONSOLIDATION. Reporting Can Be Improved to Reflect Substantial Planned Savings
United States Government Accountability Office Report to Congressional Requesters September 2014 DATA CENTER CONSOLIDATION Reporting Can Be Improved to Reflect Substantial Planned Savings GAO-14-713 September
More informationCDW-G School Safety Index 2009
CDW-G School Safety Index 2009 May 18, 2009 2009 CDW Government, Inc. 1 CDW-G School Safety Index 2009 Study Focus and Objectives Now in its third year, the CDW-G School Safety Index provides a nationwide,
More informationAn Experimental Study of Cross-Layer Security Protocols in Public Access Wireless Networks
An Experimental Study of Cross-Layer Security Protocols in Public Access Wireless Networks Avesh K. Agarwal Wenye Wang Department of Electrical and Computer Engineering North Carolina State University,
More informationComparison of Information Sharing, Monitoring and Countermeasures Provisions in the Cybersecurity Bills
April 4, 2012 Comparison of Information Sharing, Monitoring and Countermeasures Provisions in the Cybersecurity Bills The chart below compares on civil liberties grounds four bills that seek to promote
More informationManaging the Network Infrastructure: A Peer-to-Peer Look at Trends and Challenges
Conducted by: Research Concepts LLC Conducted for: Network World Inc. Date: May 2007 Managing the Network Infrastructure: A Peer-to-Peer Look at Trends and Challenges Executive Summary...3 Purpose and
More informationUS Intelligence Community. 2005-6 Thomas Patrick Carroll 1
US Intelligence Community 2005-6 Thomas Patrick Carroll 1 Policy (defn): (a) General course of action, selected from among alternatives, intended to guide present and future decisions. (b) A highlevel
More informationDRAFT Standard Statement Encryption
DRAFT Standard Statement Encryption Title: Encryption Standard Document Number: SS-70-006 Effective Date: x/x/2010 Published by: Department of Information Systems 1. Purpose Sensitive information held
More informationCritical Controls for Cyber Security. www.infogistic.com
Critical Controls for Cyber Security www.infogistic.com Understanding Risk Asset Threat Vulnerability Managing Risks Systematic Approach for Managing Risks Identify, characterize threats Assess the vulnerability
More informationTREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION
TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION Full Compliance With Trusted Internet Connection Requirements Is Progressing; However, Improvements Would Strengthen Security September 17, 2013 Reference
More informationFiscal Year 2009 Report to Congress on the Implementation of The Federal Information Security Management Act of 2002
Fiscal Year 2009 Report to Congress on the Implementation of The Federal Information Security Management Act of 2002 2 Table of Contents Introduction: Current State of Cybersecurity... 4 I. 2009 Progress
More information2011 NATIONAL SMALL BUSINESS STUDY
2011 NATIONAL SMALL BUSINESS STUDY The National Cyber Security Alliance has conducted a new study with Symantec to analyze cyber security practices, behaviors and perceptions of small businesses throughout
More informationRadware s Smart IDS Management. FireProof and Intrusion Detection Systems. Deployment and ROI. North America. International. www.radware.
Radware s Smart IDS Management FireProof and Intrusion Detection Systems Deployment and ROI North America Radware Inc. 575 Corporate Dr. Suite 205 Mahwah, NJ 07430 Tel 888 234 5763 International Radware
More informationCDW-G Federal Cybersecurity Report: Danger on the Front Lines. November 2009. 2009 CDW Government, Inc.
CDW-G Federal Cybersecurity Report: Danger on the Front Lines November 2009 2009 CDW Government, Inc. 1 Table of Contents Introduction 3 Key Findings 4 The Threats 5 Frequent Threats 6 Persistence and
More informationInternational Trade Administration
U.S. DEPARTMENT OF COMMERCE Office of Inspector General International Trade Administration FY 2007 FISMA Assessment of Core Network General Support System (ITA-012) Final Inspection Report No. OSE-18840/September
More informationVideo Conferencing and Security
Video Conferencing and Security Using the Open Internet and Encryption for Secure Video Communications & Guidelines for Selecting the Right Level of Security for Your Organization 1 Table of Contents 1.
More informationSecuring an IP SAN. Application Brief
Securing an IP SAN Application Brief All trademark names are the property of their respective companies. This publication contains opinions of StoneFly, Inc., which are subject to change from time to time.
More informationEnhancing Cybersecurity with Big Data: Challenges & Opportunities
Enhancing Cybersecurity with Big Data: Challenges & Opportunities Independently Conducted by Ponemon Institute LLC Sponsored by Microsoft Corporation November 2014 CONTENTS 2 3 6 9 10 Introduction The
More informationBM482E Introduction to Computer Security
BM482E Introduction to Computer Security Lecture 7 Database and Operating System Security Mehmet Demirci 1 Summary of Lecture 6 User Authentication Passwords Password storage Password selection Token-based
More informationSUBJECT: Audit Report Postal Service s Employee Benefit Programs (Report Number HM AR 07 003)
September 24, 2007 ANTHONY J. VEGLIANTE EXECUTIVE VICE PRESIDENT AND CHIEF HUMAN RESOURCES OFFICER SUBJECT: Audit Report Postal Service s Employee Benefit Programs (Report Number ) This report presents
More informationFAST FILE TRANSFER INFORMATION ASSURANCE ASSESSMENT REPORT
DEFENSE INFORMATION SYSTEMS AGENCY JOINT INTEROPERABILITY TEST COMMAND INDIAN HEAD, MARYLAND FAST FILE TRANSFER INFORMATION ASSURANCE ASSESSMENT REPORT DOC NR: 5G18.013 OCTOBER 2007 FAST FILE TRANSFER
More informationARCHITECTURE DESIGN OF SECURITY SYSTEM
Trakia Journal of Sciences, Vol. 8, No. 3, pp 77-82, 2010 Copyright 2009 Trakia University Available online at: http://www.uni-sz.bg ISSN 1313-7050 (print) ISSN 1313-3551 (online) Review ARCHITECTURE DESIGN
More informationWritten Testimony. Dr. Andy Ozment. Assistant Secretary for Cybersecurity and Communications. U.S. Department of Homeland Security.
Written Testimony of Dr. Andy Ozment Assistant Secretary for Cybersecurity and Communications U.S. Department of Homeland Security Before the U.S. House of Representatives Committee on Oversight and Government
More informationDoing Business with the Federal Government
Federal Energy Management Program Doing Business with the Federal Government Amanda Sahl, CEM Energy Efficient Product Procurement Team Lead, DOE FEMP Program Name or Ancillary Text eere.energy.gov FEMP
More informationPolitics and Cryptography in the United States. Outline. What are Your Rights? Syvale Lee April 11, 2006
Politics and Cryptography in the United States Syvale Lee April 11, 2006 Outline Bill of Rights Security versus Freedom Current Trends in Computer Security Export Control on Cryptography Pretty Good Privacy
More informationWhite paper. Keys to SAP application acceleration: advances in delivery systems.
White paper Keys to SAP application acceleration: advances in delivery systems. Table of contents The challenges of fast SAP application delivery...3 Solving the acceleration challenge: why traditional
More informationLAB FORWARD. WITH PROService REMOTE SERVICE APPLICATION. Frequently Asked Questions
LAB FORWARD WITH PROService REMOTE SERVICE APPLICATION Frequently Asked Questions MORE WAYS TO INCREASE UPTIME AND IMPROVE PRODUCTIVITY. GENERAL INFORMATION Q: What is PROService? A: PROService is Beckman
More informationHelping Government Agencies Become Secure by Default
Cloak Critical Infrastructure Helping Government Agencies Become Secure by Default Faced with aggressive state-sponsored cyber threat actors, the expanding Industrial Internet of Things (IIoT), and increasing
More informationGAO DATA CENTER CONSOLIDATION. Strengthened Oversight Needed to Achieve Cost Savings Goal. Report to Congressional Requesters
GAO United States Government Accountability Office Report to Congressional Requesters April 2013 DATA CENTER CONSOLIDATION Strengthened Oversight Needed to Achieve Cost Savings Goal GAO-13-378 April 2013
More informationANNUAL REPORT TO CONGRESS: FEDERAL INFORMATION SECURITY MANAGEMENT ACT
ANNUAL REPORT TO CONGRESS: FEDERAL INFORMATION SECURITY MANAGEMENT ACT OFFICE OF MANAGEMENT AND BUDGET February 27, 2015 TABLE OF CONTENTS INTRODUCTION: FEDERAL CYBERSECURITY YEAR IN REVIEW... 6 SECTION
More informationIntroduction to Computer Security
Introduction to Computer Security Network Security Pavel Laskov Wilhelm Schickard Institute for Computer Science Circuit switching vs. packet switching OSI and TCP/IP layered models TCP/IP encapsulation
More informationHawaii s Phased Plan for Alignment and Implementa7on of NGA s A Call to Ac-on for Cybersecurity
Hawaii s Phased Plan for Alignment and Implementa7on of NGA s A Call to Ac-on for Cybersecurity Sanjeev Sonny Bhagowalia Governor s Chief Advisor on Technology and Cybersecurity State of Hawaii 11 Defini7on:
More informationCritical Issues in IT Asset Management
Western Region Fall Education Seminar Salt Lake City, Utah 2015 Critical Issues in IT Asset Management Norman Pugh-Newby Deloitte November 4, 2015 Agenda ITAM Why It Matters? Definition & Objectives IT
More information