President's National Security Telecommunications Advisory Committee (NSTAC): Protecting Systems Task Force Report on Enhancing the Nation's Network Security Efforts [May 2000] [open pdf - 233KB]
"The objective of this report is to examine current Government and industry network security strategies to determine whether alternative strategies might more effectively diminish risk and, if appropriate, make recommendations regarding those alternatives. The study focuses on those network security efforts intended to diminish the risks from unauthorized access to or activity in an information system and does not address physical security. The PSTF based its study on information from the following sources: presentations from large, multinational telecommunications vendors and service providers with significant experience in network security, results of previous network security surveys, interviews with network security professionals, Government policy documents, white papers, reports, and briefings, presentations from network security conferences and forums, and previous research, including risk assessments. The PSTF based its methodology for this study, in part, on a model of network security developed by the Intrusion Detection Subgroup (IDSG) of NSTAC's Network Group (NG) in 1997. The IDSG identified four basic components of network security: Prevention. Measures taken to preclude or deter an intrusion. Detection. Measures taken to identify that an intrusion has been attempted, is occurring, or has occurred. Response. An action or series of actions constituting a reply or reaction against an attempted or successful intrusion. Responses include actions taken to restore a network to its full operating capability following an attack. Mitigation. Actions taken to make the effects of an intrusion less severe. Mitigation actions include provision of alternative systems, system redundancy, and system fault tolerance. Using this model, the PSTF sought to answer the following question: Could the risk to network security be reduced more effectively by changing the relative focus of network security efforts among these four components? The PSTF's methodology involved five steps: Current Focus. Examine how Government and industry currently focus their efforts and allocate resources among the four network security components, in both operations and long-range initiatives. Optimal Focus. Determine how network security efforts should be optimally focused among the four components. Changes Needed. Determine what changes are needed to achieve the optimal focus of network security efforts among the four components (e.g., Government policies, legal issues, internal policies, management issues, technologies, corporate culture) Barriers. Identify barriers to those changes. Government Actions. Determine whether there are any actions the Government can take to address those barriers."
National Security Telecommunications Advisory Committee (NSTAC): http://www.ncs.gov/nstac/