Julia H. Allen

Defending Yourself: The Role of Intrusion Detection Systems

Intrusion detection systems are an important component of defensive measures protecting computer systems and networks from abuse. This article considers the role of IDSs in an organizations overall defensive posture and provides guidelines for IDS deployment, operation, and maintenance.

Measurable resilience for actionable policy.

nprecedented losses associated with adverse events suchas natural disasters and cyber-attacks have focusedattention on new approaches to mitigating damages. Whereasthe dominant analytic and governance paradigm of the lastseveral decades has been risk analysis, recently rhetoric hasshifted toward the necessity of understanding and designing forresilience.

Resilience metrics for cyber systems

As federal agencies and businesses rely more on cyber infrastructure, they are increasingly vulnerable to cyber attacks that can cause damages disproportionate to the sophistication and cost to launch the attack. In response, regulatory authorities call for focusing attention on enhancing infrastructure resilience. For example, in the USA, President Obama issued an Executive Order and policy directives focusing on improving the resilience and security of cyber infrastructure to a wide range of cyber threats. Despite the national and international importance, resilience metrics to inform management decisions are still in the early stages of development. We apply the resilience matrix framework developed by Linkov et al. (Environ Sci Technol 47:10108–10110, 2013) to develop and organize effective resilience metrics for cyber systems. These metrics link national policy goals to specific system measures, such that resource allocation decisions can be translated into actionable interventions and investments. In this paper, a number of metrics have been identified and assessed using quantitative and qualitative measures found in the literature. We have proposed a generic approach and could integrate actual data, technical judgment, and literature-based measures to assess system resilience across physical, information, cognitive, and social domains.

Characteristics of Effective Security Governance

This article builds on established definitions of enterprise governance and IT governance. It then extends and interprets these to explain governance of enterprise security programs (ESP) that protect digital2 assets and business operations. A well-accepted definition of enterprise governance as set forth by the International Federation of Accountants (IFAC) and the Information Systems Audit and Control Association (ISACA) is as follows:

Measures for Managing Operational Resilience

Abstract : How resilient is my organization? Have our processes made us more resilient? Members of the CERT(Registered Trademark) Resilient Enterprise Management (REM) team are conducting research to address these and other related questions. The teams first report, Measuring Operational Resilience Using the CERT Resilience Management Model, defined high-level objectives for managing an operational resilience management (ORM) system, demonstrated how to derive meaningful measures from those objectives, and presented a template for defining resilience measures, along with example measures. In this report, REM team members suggest a set of top 10 strategic measures for managing operational resilience. These measures derive from high-level objectives of the ORM system defined in the CERT Resilience Management Model, Version 1.1 (CERT-RMM). The report also provides measures for each of the 26 process areas of CERT-RMM, as well as a set of global measures that apply to all process areas. This report thus serves as an addendum to CERT-RMM Version 1.1. Since CERT-RMM practices map to bodies of knowledge and codes of practice such as ITIL, COBIT, ISO2700x, BS25999, and PCI DSS, the measures may be useful for measuring security, business continuity, and IT operations management processes, either as part of adoption of CERT-RMM or independent of it.

Improving Operational Resilience Processes: The CERT Resilience Management Model

The CERT® Resilience Management Model (CERT®-RMM) defines processes for managing operational resilience in complex, risk-evolving environments. The model encompasses and integrates activities from security, business continuity, and aspects of IT operations management. It provides a path for making operational resilience a repeatable, predictable, manageable, and improvable process over which an organization has a significant level of active and direct control. This paper describes the operational resilience management foundations of the model and the evolution of the model, and it provides an example of how the model might be used to manage and improve the resilience of information assets.

Development of a Master of Software Assurance Reference Curriculum

Modern society is deeply and irreversibly dependent on software systems of remarkable scope and complexity in areas that are essential for preserving this way of life. The security and correct functioning of these systems are vital. Recognizing these realities, the U. S. Department of Homeland Security DHS National Cyber Security Division NCSD enlisted the resources of the Software Engineering Institute at Carnegie Mellon University to develop a curriculum for a Master of Software Assurance degree program and define transition strategies for implementation. In this article, the authors present an overview of the Master of Software Assurance curriculum project, including its history, student prerequisites and outcomes, a core body of knowledge, and curriculum architecture from which to create such a degree program. The authors also provide suggestions for implementing a Master of Software Assurance program.

A proven method for identifying security gaps in international postal and transportation critical infrastructure

The safety, security, and resilience of international postal, shipping, and transportation critical infrastructure are vital to the global supply chain that enables worldwide commerce and communications. But security on an international scale continues to fail in the face of new threats, such as the discovery by Panamanian authorities of suspected components of a surface-to-air missile system aboard a North Korean-flagged ship in July 2013 [1].This reality calls for new and innovative approaches to critical infrastructure security. Owners and operators of critical postal, shipping, and transportation operations need new methods to identify, assess, and mitigate security risks and gaps in the most effective manner possible.