Analytic Approaches to Detect Insider Threat
Description: This whitepaper identifies how modern architectures can be used to collect data and invoke analytics to detect insider threats. The work expands upon published insider threat agent attack research by providing analytic indicators for early attack detection, and identifies the data needed for the analytics. The work presents a complete discussion of data sources within a representative system architecture and examines the use of “big data” architectures to capture, manage, and make the data accessible to analytic tools which power the insider threat analytics. The material is structured in a manner that facilitates organizational tailoring of the guidance based upon information technology limitations, legal authorities, corporate policies, business concerns, and workplace culture.
Security Tenets for Life Critical Embedded Systems
Description: Addresses antiquated, deficient security models for life critical embedded systems (LCES) and devices. This whitepaper captures and prioritizes core technical principles, or tenets, applicable across any industry or organization with LCES. The tenets may be used by system developers and operators to improve the overall security of such systems.
Cyber Resiliency Technical Guidance Documents
Description: This collection of 28 documents provides guidance on how an organization can best protect itself from cyber-attack. The material is written for C-suite decision makers (level 1) and technical implementers (level 2).
IT Sector Cyber Resilience White Paper
Description: This white paper explores resiliency from the public and private sector perspectives in order to better understand the commonalities and differences that Government and Industry have as it pertains to the cybersecurity and resilience of our critical infrastructure. The paper identifies areas where IT Sector stakeholders can coordinate resilience activities in building a cyber resilient critical infrastructure community.
DNS Risk Asessment
Description: This updated assessment of the Provide Domain Name Resolution Services and Provide Internet Routing, Access, and Connection Services Critical Functions Risk describes how specific existing and emerging threats, technologies, and standards affect the risk profiles of the IT Sector’s DNS and Internet routing critical functions.
Description: Cybersecurity defenders across government and industry face a daunting but serious reality that self- defense alone can no longer be the governing practice. The need for a clearly defined Collective Defense apparatus, built upon the foundation of trust between industry and government, has become an issue of both national security and economic necessity.