This is the second installation on my series about Computer Network Operations (CNO). The last blog explored the actions known as Computer Network Exploitation (CNE), and as always, please feel free to comment. Today, the topic switches from exploitation to defense.
Computer Network Defense (CND): Includes actions taken via computer networks to protect, monitor, analyze, detect and respond to network attacks, intrusions, disruptions or other unauthorized actions that would compromise or cripple defense information systems and networks. Joint Pub 6.0 further outlines Computer Network Defense as an aspect of NetOps.
CND essentially means keeping the bad guys out and from acquiring or altering our information. This is something that the United States has not been particularly successful with recently. There has been progress made, however, largely due to the recognition that vulnerabilities in cyberspace affect everyone, not just the government or military.
In 2006 the first Government-led, full-scale, cyber security exercise of its kind, Cyber Storm, took place. “Cyber Storm was a coordinated effort between international, Federal and State governments, and private sector organizations to exercise their response, coordination, and recovery mechanisms in reaction to simulated cyber events.”[1] This event highlighted some of the vulnerabilities in our defense systems as well as some of the shortcomings in our attribution and response capabilities. Each Cyber Storm builds on lessons learned from previous real world incidents, ensuring that participants face more sophisticated and challenging exercises every two years. Cyber Storm has been repeated bi-annually since and advances have been made to address the major issues, but more work needs to be done.
[1] Department of Homeland Security, National Cyber Security Division. (2006). Cyber storm: exercise report Retrieved from http://www.dhs.gov/xlibrary/assets/prep_cyberstormreport_sep06.pdf
Leave a Reply
You must be logged in to post a comment.