Guest ~BD~ Posted August 20, 2009 Posted August 20, 2009 http://www.sans.org/cag/guidelines.php This item starts with ............ Securing our nation against cyber attacks has become one of the nation's highest priorities. To achieve this objective, networks, systems, and the operations teams that support them must vigorously defend against a variety of threats, both internal and external. Furthermore, for those attacks that are successful, defenses must be capable of detecting, thwarting, and responding to follow-on attacks on internal enterprise networks as attackers spread inside a compromised network. A central tenet of the US Comprehensive National Cybersecurity Initiative (CNCI) is that "offense must inform defense." In other words, knowledge of actual attacks that have compromised systems provides the essential foundation on which to construct effective defenses. The US Senate Homeland Security and Government Affairs Committee moved to make this same tenet central to the Federal Information Security Management Act in drafting the U.S. ICE Act of 2009 (the new FISMA). That new proposed legislation calls upon Federal agencies to (and on the White House to ensure that they): "monitor, detect, analyze, protect, report, and respond against known vulnerabilities, attacks, and exploitations" and "continuously test and evaluate information security controls and techniques to ensure that they are effectively implemented." Might be worth a read! -- Dave Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.