Federal Plan for Cyber Security and Information Assurance Research and Development: Difference between revisions
| Line 52: | Line 52: | ||
security threats and infrastructure vulnerabilities, | security threats and infrastructure vulnerabilities, | ||
and agency mission requirements: | and agency mission requirements: | ||
# Support research, development, testing, and evaluation of cyber security and information assurance technologies aimed at preventing, protecting against, detecting, responding to, and | # Support research, development, testing, and evaluation of cyber security and information assurance technologies aimed at preventing, protecting against, detecting, responding to, and recovering from cyber attacks that may have large scale consequences. | ||
recovering from cyber attacks that may have large scale consequences. | |||
# Address cyber security and information assurance R&D needs that are unique to critical infrastructures. | # Address cyber security and information assurance R&D needs that are unique to critical infrastructures. | ||
# Develop and accelerate the deployment of new communication protocols that better assure the security of information transmitted over networks. | # Develop and accelerate the deployment of new communication protocols that better assure the security of information transmitted over networks. | ||
Revision as of 11:15, 9 September 2010
Full Title of Reference
Federal Plan for Cyber Security and Information Assurance Research and Development
Full Citation
Nat'l Sci. and Tech. Council, Federal Plan for Cyber Security and Information Assurance Research and Development (2006). Online Paper. Web AltWeb
Categorization
- Resource by Type: US Government Reports and Documents
Key Words
Synopsis
Given the growing importance of cyberspace to nearly all aspects of national life, a secure cyberspace is vitally important to the nation, but cyberspace is far from secure today. The United States faces the real risk that adversaries will exploit vulnerabilities in the nation's critical information systems, thereby causing considerable suffering and damage. Online e-commerce business, government agency files, and identity records are all potential security targets. "Toward a Safer and More Secure Cyberspace" examines these Internet security vulnerabilities and offers a strategy for future research aimed at countering cyber attacks. It also explores the nature of online threats and some of the reasons why past research for improving cybersecurity has had less impact than anticipated, and considers the human resource base needed to advance the cybersecurity research agenda. This book will be an invaluable resource for Internet security professionals, information technologists, policy makers, data stewards, e-commerce providers, consumer protection advocates, and others interested in digital security and safety.
Executive Summary
The IT infrastructure supports critical U.S. infrastructures such as power grids, emergency communications systems, financial systems, and airtraffic- control networks. While the vast majority of these critical infrastructures (including their IT components) are owned and operated by the private sector, ensuring their operational stability and security is vital to U.S. national, homeland, and economic security interests.
Cyber threats are asymmetric, surreptitious, and constantly evolving – a single individual or a small group anywhere in the world can inexpensively and secretly attempt to penetrate systems containing vital information or mount damaging attacks on critical infrastructures. Attack tools and resources are readily available on the Internet and new vulnerabilities are continually discovered and exploited. Moreover, the pervasive interconnectivity of the IT infrastructure makes cyber attack an increasingly attractive prospect for adversaries that include terrorists as well as malicious hackers and criminals.
Strategic Federal R&D Objectives The following strategic Federal objectives for cyber security and information assurance R&D are derived from a review of current legislative and regulatory policy requirements, analyses of cyber security threats and infrastructure vulnerabilities, and agency mission requirements:
- Support research, development, testing, and evaluation of cyber security and information assurance technologies aimed at preventing, protecting against, detecting, responding to, and recovering from cyber attacks that may have large scale consequences.
- Address cyber security and information assurance R&D needs that are unique to critical infrastructures.
- Develop and accelerate the deployment of new communication protocols that better assure the security of information transmitted over networks.
- Support the establishment of experimental environments such as testbeds that allow government, academic, and industry researchers to conduct a broad range of cyber security and information assurance development and assessment activities.
- Provide a foundation for the long-term goal of economically informed, risk-based cyber security and information assurance decision making.
- Provide novel and next-generation secure IT concepts and architectures through long-term research.
- Facilitate technology transition and diffusion of Federally funded R&D results into commercial products and services and private-sector use.
Additional Notes and Highlights
Expertise Required: None