Friday, February 6, 2009

Database Design and Development or Cyber threats Information Warfare and Critical Infrastructure Protection

Database Design and Development: A Visual Approach

Author: Raymond Frost

For students in the introductory course in database who want to learn how to design rather than just manipulate relational databases.The book that balances database theory, business problem solving, and hands-on-practice.  This book prepares student for the workplace without sacrificing rigorous academic theory. 



Book review: Kostenmanagement: Eine Strategische Betonung

Cyber-threats, Information Warfare, and Critical Infrastructure Protection: Defending the U.S. Homeland

Author: Anthony H H Cordesman

Information warfare is upon us. In the last two decades, the U.S. economy's infrastructure has undergone a fundamental set of changes, relying increasingly on its service sector and high technology economy. The U.S. depends on computers, electronic data storage and transfers, and highly integrated communications networks. Its rapidly developing new form of critical infrastructure is exceedingly vulnerable to an emerging host of threats. This detailed volume examines the dangers of, and the evolving U.S. policy response to, cyberterrorism.



Table of Contents:
Acknowledgmentsix
Chapter 1The Changing Nature of Critical Infrastructure Protection1
The Problem of Evolving Technology2
The Uncertain Balance of Risks and Non-risks in Cyber-attacks2
The Disconnect between Cyber-defense and Cyber-offense3
The Lack of Credible Risk and Vulnerability Assessments4
Governmental and Private Sector Efforts to Respond5
Chapter 2Threat Assessment11
The President's Commission on Critical Infrastructure Protection Characterization of the Threat13
The National Infrastructure Protection Center's (NIPC) View of the Threat14
Intelligence Community Assessments of the Threat23
CIA Testimony on the Threat23
National Intelligence Council's Estimate of the Threat30
Incidents of "Cyber-warfare": The Kosovo Crisis34
Serbia's Role in Information Warfare36
NATO's Role in Information Warfare37
Is Information Warfare and Retaliation Legal and Worth Its Costs?38
Lower-Level Incidents of "Cyber-warfare"39
Moonlight Maze39
Solar Sunrise40
Rome Labs Incident41
The Computer Security Institute's Survey of the Threat43
Computer Emergency Response Team's (CERT) Assessment of Threat47
Challenges in Improving the Assessment of the Threat49
Chapter 3Evolving U.S. Policy and Response53
The Beginnings: The Computer Security Act and Clinger-Cohen Act54
The Federal Government Redefines Critical Infrastructure and Agency Responsibilities55
Executive Order 1301056
The President's Commission on Critical Infrastructure Protection57
Presidential Decision Directive-63 (PDD-63)59
Lead Agencies for Sector Liaison61
Lead Agencies for Special Functions62
A New Structure for Interagency Coordination63
National Infrastructure Protection Center (NIPC)64
Information Sharing and Analysis Center (ISAC)65
National Infrastructure Assurance Council66
National Infrastructure Assurance Plan67
Studies and Research68
Cooperation with the Private and Civil Sectors69
Annual Report on Implementation70
National Plan for Information Systems Protection71
National Plan for Information Systems Protection, Version One71
GAO Comments on the National Plan for Information Systems Protection73
Oplan 360082
The Success of the Federal Government Effort to Date82
Chapter 4Analyzing Federal Critical Infrastructure Programs by Department and Agency85
The National Plan for Information Systems Estimate85
The OMB Analysis88
Annual Report to Congress on Combating Terrorism89
Government-wide Spending on CIP91
Efforts by Federal Agencies92
Department of Agriculture94
Department of Commerce96
Critical Infrastructure Assurance Office106
Department of Energy106
Environmental Protection Agency and GAO Audits107
Health and Human Services107
Department of Interior108
Department of Justice108
NASA108
GAO Assessments of NASA Information Security108
National Science Foundation110
National Security Community111
The Role of the Department of Defense112
Patterns of Attack and Response114
Major DoD Cyber-defense Programs116
GAO Critiques of DoD Efforts: The 1996 Study120
The GAO's 1999 Recommendations122
DoD Progress in Addressing Security Weakness127
Cyber and Information Warfare and the Role of the Intelligence Community128
Total Spending on National Security Activity131
Department of State131
Department of Transportation131
Department of Treasury132
Department of Veterans Affairs132
Chapter 5Assessments of Effectiveness133
Independent U.S. Government Efforts to Assess Risk, Cost, and Benefits: GAO Testimony of October 6, 1999133
Management Recommendations Within Brock's Testimony136
Independent U.S. Government Efforts to Assess Risk, Cost, and Benefits: GAO Testimony of March 29, 2000141
Weaknesses in Controls141
Raise Awareness143
Implement Software Patches144
Routinely Use Automated Tools to Monitor Security144
Identify and Propagate Pockets of Excellence145
Focus on the Most Common Vulnerabilities First145
Enforce a Strong Management Approach145
Preliminary Analysis of GAO Findings146
Other Efforts to Assess Risk, Cost, and Benefits147
Technical Risks, Test, and Evaluations of IW Programs149
Chapter 6Role of State and Local Governments151
Chapter 7Role of Private Industry153
Chapter 8Lessons from Other Nations: International Vulnerability157
Chapter 9Conclusions and Recommendations167
Notes181

No comments:

Post a Comment