| By Bob Gourley | Article Rating: |
|
| June 22, 2011 10:30 AM EDT | Reads: |
515 |
This is the second installation on my series about Computer Network Operations (CNO). The last blog explored the actions known as Computer Network Exploitation (CNE), and as always, please feel free to comment. Today, the topic switches from exploitation to defense.
Computer Network Defense (CND): Includes actions taken via computer networks to protect, monitor, analyze, detect and respond to network attacks, intrusions, disruptions or other unauthorized actions that would compromise or cripple defense information systems and networks. Joint Pub 6.0 further outlines Computer Network Defense as an aspect of NetOps.
CND essentially means keeping the bad guys out and from acquiring or altering our information. This is something that the United States has not been particularly successful with recently. There has been progress made, however, largely due to the recognition that vulnerabilities in cyberspace affect everyone, not just the government or military.
In 2006 the first Government-led, full-scale, cyber security exercise of its kind, Cyber Storm, took place. “Cyber Storm was a coordinated effort between international, Federal and State governments, and private sector organizations to exercise their response, coordination, and recovery mechanisms in reaction to simulated cyber events.”[1] This event highlighted some of the vulnerabilities in our defense systems as well as some of the shortcomings in our attribution and response capabilities. Each Cyber Storm builds on lessons learned from previous real world incidents, ensuring that participants face more sophisticated and challenging exercises every two years. Cyber Storm has been repeated bi-annually since and advances have been made to address the major issues, but more work needs to be done.
[1] Department of Homeland Security, National Cyber Security Division. (2006). Cyber storm: exercise report Retrieved from http://www.dhs.gov/xlibrary/assets/prep_cyberstormreport_sep06.pdf
Read the original blog entry...
Published June 22, 2011 Reads 515
Copyright © 2011 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.
More Stories By Bob Gourley
Bob Gourley, former CTO of the Defense Intelligence Agency (DIA), is Founder and CTO of Crucial Point LLC, a technology research and advisory firm providing fact based technology reviews in support of venture capital, private equity and emerging technology firms. He has extensive industry experience in intelligence and security and was awarded an intelligence community meritorious achievement award by AFCEA in 2008, and has also been recognized as an Infoworld Top 25 CTO and as one of the most fascinating communicators in Government IT by GovFresh.
- Cloud Economics – Amazon, Microsoft, Google Compared
- The Top 100 Bloggers on Cloud Computing
- Cloud Expo New York Preview: CIO of the NRO to Present June 6
- Cloud Expo Day Four: Still Very Cloudy in New York
- Is Cloud Computing for Real?
- Countdown to Cloud Expo: Forrester Reports on the Private Cloud
- Cloud Expo Silicon Valley Call for Papers Deadline July 29, 2011
- Cloud Computing: Holland Strongly Represented at Cloud Expo 2011 New York
- Cloud Data Privacy, Residency, and Security at Cloud Expo 2011 New York
- Cloud Computing: PerspecSys Closes $8M Series A Financing
- NIST Cloud Security Model
- Sony Hacked & Hacked Again & Again & Again
- Cloud Economics – Amazon, Microsoft, Google Compared
- The Top 100 Bloggers on Cloud Computing
- Cloud Expo New York Preview: CIO of the NRO to Present June 6
- Cloud Expo Day Four: Still Very Cloudy in New York
- Is Cloud Computing for Real?
- Countdown to Cloud Expo: Forrester Reports on the Private Cloud
- Cloud Expo Silicon Valley Call for Papers Deadline July 29, 2011
- Cloud Computing: Holland Strongly Represented at Cloud Expo 2011 New York
- Making the Cloud Safe and Secure at Cloud Expo 2011 New York
- Cloud Data Privacy, Residency, and Security at Cloud Expo 2011 New York
- Cloud Computing for Law Enforcement
- PacketMotion Secures VM-to-VM Communications
- Effective Page Authorization In JavaServer Faces
- The Top 250 Players in the Cloud Computing Ecosystem
- IBM Security Report Predicts Mobile/Satellite Attacks in 2005
- SOA Focus - Web Services Security in Java EE
- Java Application Security in the Corporate World
- ColdFusion Security Best Practices
- How to Provide Dynamic Security Permissions
- Cloud Expo New York Call for Papers Now Open
- SPI Dynamics Security Guru to Speak at AJAXWorld Conference 2007 East
- How Important Is Security?
- Enterprise Web Services Security: A Reference Architecture
- The Next Chapter in the Virtualization Story Begins
































