CYBR650 Week 2
I talk a lot about balance.
Security vs. access, freedom vs. privacy, cost vs. benefit. But some things just have to be done, no
balance required.
Security is about protecting information, and to do it well requires
good information. So what is a federal
employee to do if they want to protect the data that has been entrusted to him
or her? --The data of the millions of American citizens who depend on their
government to protect them? This is a broad question that needs solid answers. And I stress the significance of “federal
employee” because I am one. I have to
work within the framework of regulations, policies and directives (and
sometimes emails with strongly worded suggestions on what I should do). Here is the list of useful information I look
to for direction. Many are Federal government
specific; all but one are accessible to every American with an Internet
connection. So here they are in no
particular order…
The NIST National
Vulnerability Database – This is a repository of vulnerabilities that
anyone can use to look for threats and vulnerabilities from very general to
hardware or software specific. NIST is a
government agency charged with establishing standards for many government entities. As of the date of this blog, there were
75,708 identified vulnerabilities. The
place to start looking is in the Vulnerability Search Engine, listed first
under the NVD Primary Resources. The title
“Primary Resources” is accurate because it lists the most helpful ways to get
information out of the database.
US CERT – The United
States Computer Emergency Readiness Team’s National Cyber Awareness System (NCAS)
provides a quick way to see current threats.
I would recommend subscribing to at least one of the choices they offer –
Alerts, Bulletins and Tips, with the Current Activity link a good place to see
what’s happening right now.
Security Blogs – I’m
a big fan of Blogs. They are a quick way
to get relatively current information that has been compiled by a professional –
if you use one of the reputable sites such as TechRepublic. If you’re not sure, the Internet has some
great suggestions like this blog from Marble Security listing the 10
Security Blogs You Should Be Reading.
Pick two or three to get a feel for what’s out there and then subscribe
to the ones that are most helpful to you.
Directly Related to Your
Work Environment – For me, this is the VA-NSOC –The Veterans
Administration Network and Security Operations Center – While I can’t
directly connect to the NSOC to show you what it’s about, it is a critical
resource for me. You should have a 24/7
resource within your organization you can call for help with urgent and
critical security issues. They are the
first line of defense when you have an incident and they should be contacting
you when they detect threats in your work environment so you can help them
remove infected equipment or other action to deal with real-world threats to
your network.
Data Breach
analysis – One of the best resources you can look at when looking at what
you need to defend against is a data breach analysis. These reports tell you what has been attacked
and also provides general guidelines for what you should be doing to defend
against these attacks.
Education
– You can do all of the above and you will be more effective at protecting your
own network. But one of the smartest
moves you can make is to get a degree focused on cybersecurity. These other resources will provide useful
information and you will need to go to them often, but you also need to support
it with a good general background in cybersecurity. This will fill in the gaps in your knowledge
so that you understand how the whole system works so you can better defend
it.
