The Department of Defense (DoD) is currently undergoing an organizational process involving Information Assurance (IA) standardization.
DoD 8570 seeks to accomplish the following objectives:
1. Create standards whereby IA Workfoce personnel, at all levels and fuctions, obtain a uniform level of competency with regard to DoD information and networks.
2. Establish a minimum skill level for all IA Workforce personnel throughout the DoD.
3. Provide qualified IA Workforce members to the soldiers that need them.
4. Creation of a set of formal training requirements and establishment of certification programs.
5. Add to the knowledge base of every IA Workforce team member through education or experience.
DoD 8750 document can be found here while DoD 8750 training and assessment can be reached at GIAC/DoD8750.
This article is ripped and modified from http://dod8570.net/
Computer forensics is a branch of forensic science pertaining to legal evidence found in computers and digital storage mediums. Computer forensics is also known as digital forensics.
The goal of computer forensics is to explain the current state of a digital artifact. The term digital artifact can include a computer system, a storage medium (such as a hard disk or CD-ROM), an electronic document (e.g. an email message or JPEG image) or even a sequence of packets moving over a computer network. The explanation can be as straightforward as “what information is here?” and as detailed as “what is the sequence of events responsible for the present situation?”
The field of Computer Forensics also has sub branches within it such as Firewall Forensics, Database Forensics and Mobile Device Forensics.
There are many reasons to employ the techniques of computer forensics:
- In legal cases, computer forensic techniques are frequently used to analyze computer systems belonging to defendants (in criminal cases) or litigants (in civil cases).
- To recover data in the event of a hardware or software failure.
- To analyze a computer system after a break-in, for example, to determine how the attacker gained access and what the attacker did.
- To gather evidence against an employee that an organization wishes to terminate.
- To gain information about how computer systems work for the purpose of debugging, performance optimization, or reverse-engineering.
Read more »
By IPSECS Admin. Posted in Management | Comments Off
Introduction
How secure is your company’s information? In this age of distributed computing and of client-server and Internet-enabled information access, computer security consistently rises to the top of most “important issues†lists.
To answer this question with certainty is difficult. There are no absolutes with security. An important first step for most corporations is a security policy that establishes acceptable behavior. The next, and more critical step, is to enforce that security policy and measure its effectiveness. A security policy is in tension with user convenience, creating forces that move security practices away from security policy. Additionally when new machines or applications are configured the security related issues are often overlooked. Therefore the gap between central policy and decentralized practice can be immense. These are significant tasks, as are identifying problems and taking corrective action on a constantly changing network. Many enterprises typically fall back on blind faith rather than wrestle with the fear of the unknown.
Sources of Risk
In order to assess your true security profile, you must first understand the sources of risk. The most infamous risk is embodied by the external hacker accessing a corporate information systems via the Internet. Traditionally these hackers view breaking into a system as
mountain climbers view scaling a cliff, for them its the next great challenge. However, as ever increasing numbers of corporations interconnect their information systems successful break-ins become commercially rewarding. Practitioners of industrial espionage now view the computers on the Internet as valuable potential sources of information. Often these “professionals†masquerade as the traditional hacker to disguise their true purposes.
Although the threats from external attacks are real, they are not the principle source of risk. FBI statistics show that more than 60% of computer crimes originate inside the enterprise. These risks can take multiple forms. Unscrupulous employees may be searching for organizational advantages. A disgruntled employee may be co-opted by an industrial espionage agent. Increasingly corporations are turning to contractors for specialized skills or to absorb temporary increases in work-load. These contractors are often given access to the corporate information system and thus they can also present a risk to corporate information.
Lines of Defense for the Corporate Information System
Many enterprises erect a firewall as the first and often only line of defense for their information systems. A firewall is a device that controls the flow of communication between internal networks and external networks, such as the Internet. Many corporations assume that, once they have installed a firewall, they have reduced all their network security risks.
Read more »