A central point for collection of information that relates to computer security. Including, but not limited to, security advisories from the major vendors, major data breaches, “phishing” alerts, commentary regarding staffing levels. etc. etc.
December 12, 2012 at 11:05 am #174493
Title: NATIONAL CYBER SECURITY FRAMEWORK MANUAL
Information and communications technologies have become indispensable to the modern lifestyle. We depend on information and communications infrastructure in governing our societies, conducting business, and exercising our rights and freedoms as citizens. In the same way, nations have become dependent on their information and communications infrastructure and threats against its availability, integrity and confidentiality can affect the very functioning of our societies.
The security of a nation’s online environment is dependent on a number of stakeholders with differing needs and roles. From the user of public communications services to the Internet Service Provider supplying the infrastructure and handling everyday functioning of services, to the entities ensuring a nation’s internal and external security interests – every user of an information system affects the level of resistance of the national information infrastructure to cyber threats. Successful national cyber security strategies must take into consideration all the concerned stakeholders, the need for their awareness of their responsibilities and the need to provide them with the necessary means to carry out their tasks. Also, national cyber security cannot be viewed as merely a sectoral responsibility: it requires a coordinated effort of all stakeholders. Therefore, collaboration is a common thread that runs through most of the currently available national strategies and policies.
Moreover, the different national cyber security strategies represent another common understanding: while national policies are bound by the borders of national sovereignty, they address an environment based on both infrastructure and functioning logic that has no regard for national boundaries. Cyber security is an international challenge, which requires international cooperation in order to successfully attain an acceptable level of security on a global level.
National interests tend to have priority over common interests and this is an approach which may be difficult to change, if it needs changing at all. As long as we can find the common ground and discuss the problematic issues out in the open, national interests should not impede international cooperation.
The task of drafting a national cyber security strategy is a complex one. In addition to the versatile threat landscape and the various players involved, the measures to address cyber threats come from a number of different areas. They can be political, technological, legal, economic, managerial or military in nature, or can involve other disciplines appropriate for the particular risks. All of these competences need to come together to offer responses capable of strengthening security and resisting threats in unison, rather than in competition for a more prominent role or for resources. Also, any security measures foreseen must consistently be balanced against basic rights and freedoms and their effects on the economic environment must be considered. In the end, it is important to understand that cyber security is not an isolated objective, but rather a system of safeguards and responsibilities to ensure the functioning of open and modern societies.
We believe that this Manual will provide not only an appreciation for all the facets that need to be considered in drafting a national cyber security strategy, but also genuine tools and highly competent advice for this process. It is our hope that the Manual will serve to further a higher level of cyber security both on the national and international levels.
December 12, 2012 at 11:09 am #174498
Announcement from NATO Cooperative Cyber Defence OCCDCOE
What, exactly, is “National Cyber Security”? The rise of cyberspace as a field of human endeavour is probably nothing less than one of the most significant developments in world history. Cyberspace already directly impacts every facet of human existence including economic, social, cultural and political developments, and the rate of change is not likely to stop anytime soon. However, the socio-political answers to the questions posed by the rise of cyberspace often significantly lag behind the rate of technological change. One of the fields most challenged by this development is that of “national security”.
The National Cyber Security Framework Manual providesdetailed background information and in-depth theoretical frameworks to help the reader understand the various facets of National Cyber Security, according to different levels of public policy formulation. The four levels of government – political, strategic, operational and tactical/technical – each have their own perspectives on National Cyber Security, and each is addressed in individual sections within the Manual. Additionally, the Manual gives examples of relevant institutions in National Cyber Security, from top-level policy coordination bodies down to cyber crisis management structures and similar institutions.
Editor: Alexander Klimburg
Hardcover: 253 pages
Publisher: NATO CCD COE Publications, December 2012
ISBN 13 (print): 978-9949-9211-1-9
ISBN 13 (PDF): 978-9949-9211-2-6
ISBN 13 (ePub): 978-9949-9211-3-3
December 12, 2012 at 11:14 am #174496
Short Comment from Bruce Schneier blog:
The National Cyber Security Framework Manual provides detailed background information and in-depth theoretical frameworks to help the reader understand the various facets of National Cyber Security, according to different levels of public policy formulation. The four levels of government — political, strategic, operational and tactical/technical — each have their own perspectives on National Cyber Security, and each is addressed in individual sections within the Manual. Additionally, the Manual gives examples of relevant institutions in National Cyber Security, from top-level policy coordination bodies down to cyber crisis management structures and similar institutions.
Another Short Comment from Justin Somaini’s Blog:
It was bound to happen. A NATO framework for Cyber Security in manual form. Interesting read for those that want to start going down the Cyber Security Diplomacy path.
You must be logged in to reply to this topic.