Implementing Homeland Security for Enterprise ITDigital Press, 2004 - Всего страниц: 299 This book shows what IT in organizations need to accomplish to implement The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets and The National Strategy to Secure Cyberspace which were developed by the Department of Homeland Security after the terrorist attacks of September 2001. The September 11, 2001, attacks illustrated the immense vulnerability to terrorist threats. Since then there have been considerable efforts to develop plans and methods to protect critical infrastructures and key assets. The government at all levels, private sector organizations, as well as concerned citizens have begun to establish partnerships and to develop action plans. But there are many questions yet to be answered about what organizations should actual do to protect their assets and their people while participating in national efforts to improve security. This book provides practical steps that IT managers in all organizations and sectors can take to move security from the planning process into practice. *A one-minute manager approach to issuesp provides background and explanations in all areas *Step-by-step instructions on how to accomplish objectives guide readers through processes *Easy to implement advice allows readers to take quick action |
Содержание
Organizing Homeland Security Efforts | 1 |
11 Agreeing that the threat is real | 2 |
12 Establishing a legal basis to pursue security | 3 |
13 Coordinating efforts to improve security | 8 |
14 International cooperation to improve security | 10 |
15 Improvement of security skills and efforts | 11 |
16 Creation of a threat condition system | 14 |
17 Establishing an incident and tipreporting system | 16 |
59 Banking and finance | 102 |
510 Chemical industry and hazardous materials | 103 |
512 Protection of key assets | 104 |
513 Leveraging IT in security initiatives | 106 |
Why a National Strategy to Secure Cyberspace Is Important | 109 |
61 The DHS cybersecurity organization | 110 |
62 The nature of information warfare | 111 |
63 The emergence of the blended threat | 114 |
18 Funding for homeland security | 19 |
181 Information analysis and infrastructure protection | 20 |
185 Ports and waterways | 21 |
186 Immigration services | 22 |
CrossSector Security Priorities and Issues | 25 |
21 Terrorist attacks changed IT management practices | 26 |
22 Staffing IT remains a challenge in most organizations | 28 |
23 DRPs are in place but training lags | 29 |
25 Privacy plans are in place and training keeps pace | 31 |
26 Enduser training remains a weak spot | 32 |
27 Professional concerns about IT and society | 34 |
28 Background of survey respondents | 54 |
29 Blending government change with reality | 55 |
Security and Critical Infrastructures | 57 |
32 Treating security improvement as a process | 59 |
33 Leveraging technology for security at the national level | 61 |
331 Investigation of the World Trade Center collapse | 62 |
332 Anthrax airflow study | 63 |
333 Cybersecurity standards and technologies | 64 |
335 Ensuring proper doses for irradiation of mail | 65 |
336 Weaponsdetection technologies and standards | 66 |
338 Tools for law enforcement | 69 |
33l0 Standards for forensic DNA typing | 70 |
3311 Enhanced surveillance cameras | 71 |
3313 Crimes involving pipe bombs or handguns | 72 |
3314 Standardization of communications for first responders | 73 |
3315 Simulation tools | 74 |
34 Applying the national strategy at the organizational level | 75 |
35 The securityimprovement process in the organization | 76 |
36 Integrating organizational and national strategies | 77 |
Information Sharing for Protecting National Assets | 79 |
42 InformationSharing Mechanisms | 81 |
421 National bylaws of InfraGard | 84 |
422 Code of ethics of InfraGard | 87 |
43 What information to share and how to report incidents | 88 |
44 Deciding how to participate in information sharing | 92 |
Homeland Security Initiatives by Sector | 95 |
52 Water | 96 |
54 Emergency services | 97 |
56 Telecommunications | 98 |
57 Energy | 99 |
58 Transportation | 100 |
64 Redefining cyberattacks in the age of terrorism | 120 |
65 Measuring the impact of cyberattacks | 121 |
66 Evaluating the cybervulnerability of an organization | 127 |
Participating in a National Cyberspace Security Response System | 129 |
71 The architecture for responding to nationallevel cyberincidents | 130 |
72 Tactical and strategic analysis of cyberattacks and vulnerability assessments | 131 |
73 A shared view of the health of cyberspace | 133 |
74 The CWIN | 134 |
75 Continuity and contingency planning efforts | 135 |
76 Mobilizing organization resources for priority I | 136 |
Participating in a National Threat and Vulnerability Reduction Program | 137 |
81 Lawenforcement capabilities | 138 |
82 National vulnerability assessments | 142 |
83 Deploying more secure technology and trusted systems | 143 |
84 Upgrading software to remediate vulnerabilities | 146 |
85 Physically Securing Technology Facilities | 147 |
86 Prioritizing cybersecurity research | 149 |
Launching a National Cyberspace Security Awareness and Training Program | 151 |
92 Launching an internal awareness campaign | 155 |
93 Launching an inhouse training program on cybersecurity | 157 |
94 Professional cybersecurity certifications | 160 |
95 Mobilizing organizational resources for priority III | 163 |
Working to Secure Governments Cyberspace | 165 |
101 Continuously assessing threats and vulnerabilities | 166 |
102 Trusted individuals | 168 |
103 Wireless security | 170 |
104 Security for outsourcing and procurement | 175 |
IOS Working with local government | 180 |
106 Mobilizing organization resources for priority IV | 181 |
Global Cyberspace Security Cooperation | 185 |
111 Strengthen cyberrelated counterintelligence efforts | 186 |
112 Improve attack attribution and response | 191 |
113 Partnerships among international public and private sectors | 193 |
114 Watchandwarning networks | 195 |
116 Mobilizing organization resources for priority V | 223 |
Moving into the Future | 225 |
122 The homeland security road map for IT | 230 |
Homeland Security Acronyms | 239 |
Homeland Security Resources | 259 |
289 | |
Другие издания - Просмотреть все
Часто встречающиеся слова и выражения
access to information Action Checklist Number Action Item activities adopt such legislative agencies al Qaida analysis Article assessments bioterrorism business units Center Chapter Common Criteria communications computer crime computer data computer security computer security policies computer system Convention Convention on Cybercrime coordination Council of Europe counterterrorism crimes Critical Infrastructures cyberattacks cybersecurity cyberspace cyberspace security Defense Department Determine develop digital evidence Director efforts electronic Emergency employees enforcement ensure established Evaluate facilities federal forensic homeland security identify impact implementation improve security incident Information Assurance information warfare InfraGard Intelligence Internet intrusion investigation key assets law-enforcement measures ment national infrastructure National Strategy networks NIPC NIST Office operations organization paragraph Party shall adopt percent reported personnel policies Preparedness procedures Program requested Party requirements sector standards Table Telecommunications terrorism terrorist attacks threats and vulnerabilities tion U.S. government WLAN
Ссылки на эту книгу
Homeland Security Assessment Manual: A Comprehensive Organizational ... Donald C. Fisher Недоступно для просмотра - 2004 |