Strategies and Plans General Info Guidance US-CERT CIAC CyberCrime.gov NIST NSA GSA

see also: Cyberspace and Info-Ops Center communications page

---

Strategies and Plans

• The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets, Feb 2003 (local copy, single PDF file)

• The National Strategy to Secure Cyberspace, Feb 2003 (local copy, single PDF file)

• The National Intelligence Strategy of the United States release, Oct 2005
  (local copy of release notes) and (local copy of strategy)

• The National Counterintelligence Strategy of the United States, March 2005 (local copy)

General Information

• See Info Ops and Intelligence and Intelligence Community Organizations
  and Cyberwar & the Internet and Computer Virus Response
  and Hoaxes & Urban Legends

• RL31798 - Data Mining and Homeland Security: An Overview (local copy), Congressional Research Service report

Guidance

• Policy Documents at the Computer Security Resource Center (CSRC), NIST - including
  • OMB Memo: E-authentication Guidance for Federal Agencies
  • Cyber Security R&D; Act
  • Critical Infrastructure Protection in the Information Age, Executive Order, October 16, 2001
  • Computer Security Act of 1987, P.L. 100-235
  • OMB Circular No. A-130 - Management of Federal Information Resources
    • Appendix III to OMB Circular No. A-130 - Security of Federal Automated Information Resources "establishes a minimum set of controls to be included in Federal automated information security programs; assigns Federal agency responsibilities for the security of automated information; and links agency automated information security programs and agency management control systems established in accordance with OMB Circular No. A-123"
• Executive Guide, Information Security Management - Learning From Leading Organizations, US General Accounting Office guide

US-CERT

• United States Computer Emergency Readiness Team (US-CERT) "is the central coordination and analysis facility dealing with computer security related issues affecting the civilian agencies and departments of the Federal Government"

• CERT
• CERT Coordination Center, Carnegie Mellon University, "a federally funded research and development center" ... "We study Internet security vulnerabilities, handle computer security incidents, publish security alerts, research long-term changes in networked systems, and develop information and training to help you improve security at your site."
  • Denial of Service Attacks, CERT Coordination Center, Carnegie Mellon University, explains DoS attacks and various modes used, as well as prevention and response actions to be taken

CIAC

• Computer Incident Advisory Capability (CIAC), U.S. Dept of Energy

CyberCrime.gov

• WWW.CYBERCRIME.GOV, Computer Crime and Intellectual Property Section (CCIPS) of the Criminal Division of the US Dept of Justice

NIST

• Computer Security Resource Center (CSRC), National Institute of Standards and Technology (NIST) -- includes resources for crytology, security testing, emerging technologies, security management, education and training
  • Cryptographic Toolkit, Computer Security Division, NIST
  • Policy Documents, Computer Security Resource Center, NIST
  • Program Review for Information Security Management Assistance (PRISMA), formerly Computer Security Expert Assist Team (CSEAT), "was established at the National Institute of Standards and Technology (NIST) to improve federal Critical Infrastructure Protection (CIP) planning and implementation efforts by assisting governmental entities in improving the security of their information and cyber assets" -- includes publications explaining public key encryption, intrusion detection, etc.

NSA

• NSA's Information Assurance Directorate "provides the Solutions, Products and Services, and conducts Defensive Information Operations, to achieve Information Assurance for information infrastructures critical to U.S. National Security interests."

GSA

• GSA
• GSA's Office of Information Security "provides a broad range of technical security services and information technology solutions"

-- RETURN TO TOP --