11.07.2015 Views

syssec_red_book

syssec_red_book

syssec_red_book

SHOW MORE
SHOW LESS

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

17. Federal Plan for Cyber Security• “Address cyber security and information assurance R&D needs that areunique to critical infrastructures.”• “Develop and accelerate the deployment of new communication protocolsthat better assure the security of information transmitted over networks.”• “Support the establishment of experimental environments such as testbedsthat allow government, academic, and industry researchers toconduct a broad range of cyber security and information assurancedevelopment and assessment activities.”• “Provide a foundation for the long-term goal of economically informed,risk-based cyber security and information assurance decision making.”• “Provide novel and next-generation secure IT concepts and architecturesthrough long-term research.”• “Facilitate technology transition and diffusion of Federally funded R&Dresults into commercial products and services and private-sector use.”17.2 RecommendationsThe Plan recommends that cyber security and information assurance be accordedhigh priority at all levels of the Government and be integral to thedesign, implementation, and use of all components of the IT infrastructure. Acritical observation is that the work that began with the Plan of identifying andprioritizing Federal cyber security and information assurance R&D efforts mustbe an ongoing process. Continuation of ongoing interagency coordinationis needed to focus Federal R&D activities on the most significant threats tocritical infrastructures and Federal agency missions and to maximize the gainsfrom these investments.The specifics of the strategy proposed in this Plan are articulated in a set offindings and recommendations, summarized as follows:“Target Federal R&D investments to strategic cyber security and informationassurance needs. Federal cyber security and information assuranceR&D managers should reassess the Nation’s strategic and longer-termcyber security and information assurance needs to ensure that FederalR&D addresses those needs and complements areas in which the privatesector is productively engaged.”“Focus on threats with the greatest potential impact. Federal agenciesshould focus cyber security and information assurance R&D investmentson high- impact threats as well as on investigation of innovativeapproaches to increasing the overall security and information assuranceof IT systems.”114

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!