DOCSLIB.ORG

Critical Infrastructure Report

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Critical Infrastructure Report AUTHORED BY: TIFFANY EAST ER ADAM EATON HALEY EWING TREY GREEN CHRIS GRIFFIN CHANDLER LEWIS KRISTINA MILLIGAN KERI WEINMAN ADVISOR: DR. DANNY DAVIS 2018-2019 CAPSTONE PROJECT CLIENT: POINTSTREAM, INC. COMPREHENSIVE U.S. CYBER FRAMEWORK KEY ASPECTS OF CRITICAL INFRASTRUCTURE, PRIVATE SECTOR, AND PERSONALLY IDENTIFIABLE INFORMATION 2018 – 2019 Capstone Team The Bush School of Government and Public Service, Texas A&M University Advisor: Danny W. Davis, Ph.D. About the Project This project is a product of the Class of 2019 Bush School of Government and Public Service, Texas A&M University Capstone Program. The project lasted one academic year and involved eight second-year master students. It intends to synthesize and provide clarity in the realm of issues pertaining to U.S. Internet Protocol Space by demonstrating natural partnerships and recommendations for existing cyber incident response. The project was produced at the request of PointStream Inc., a private cybersecurity contractor. Mission This capstone team analyzed existing frameworks for cyber incident response for PointStream Inc. in order to propose a comprehensive and efficient plan for U.S. cybersecurity, critical infrastructure, and private sector stakeholders. Advisor Dr. Danny Davis - Associate Professor of the Practice and Director, Graduate Certificate in Homeland Security Capstone Team Tiffany Easter - MPSA 2019 Adam Eaton - MPSA 2019 Haley Ewing - MPSA 2019 Trey Green - MPSA 2019 Christopher Griffin - MPSA 2019 Chandler Lewis - MPSA 2019 Kristina Milligan - MPSA 2019 Keri Weinman - MPSA 2019 Acknowledgement The Capstone Team would like to express gratitude to COL Phil Waldron, Founder and CEO of PointStream Inc., for this opportunity and invaluable support throughout the duration of this project. We would also like to thank the Bush School Faculty and Staff and the various contributors to our project, LTG (Ret.) Kevin McLaughlin, Dr. Stephen Cambone, and BG (Ret.) Leesa Papier. Table of Contents Acronym List ii Executive Summary vi Introduction 1 Chapter 1: Cyberattacks and Critical Infrastructure 25 Chapter 2: The Private Sector’s Role in Cybersecurity 63 Chapter 3: Cybersecurity and Individual Privacy 91 Recommendations 130 Annex A: Hypothetical Cyberattack on Abilene, Texas (Taylor County) Annex B: List of Referenced Governance Documents Annex C: Guidance Document Analysis Scorecard Annex D: Bibliography i Acronym List ACs Advisory Councils ACI American Cyber Institute AI Artificial Intelligence APT Advanced Persistent Threat ARPA Advanced Research Projects Agency CD Cybersecurity Division CIA Central Intelligence Agency CISA Cybersecurity and Infrastructure Security Agency CNA Computer Network Attacks CND Computer Network Defense CNE Computer Network Exploitation CNO Computer Network Operations CSIRT Computer Security Incident Response Team DAFB Dyess Air Force Base DARPA Defense Advanced Research Projects Agency DCI Defense Critical Infrastructure DDoS Distributed Denial of Service DHS Department of Homeland Security DHS CS Department of Homeland Security Cyber Strategy DIA Defense Intelligence Agency DIB Defense Industrial Base DNS Domain Name System DOC Department of Commerce DoD Department of Defense DoD CS Department of Defense Cyber Strategy 2018 DoDM Department of Defense Manual DOE Department of Energy ii Acronym List DOI Department of the Interior DOJ Department of Justice DOS Department of State DOT Department of Transportation DSCA Defense Support for Civilian Authorities DSS Defense Security Services ECD Emergency Communication Division EO Executive Order EPA Environmental Protection Agency ERCOT Electric Reliability Council of Texas EU European Union FBI Federal Bureau of Investigation FBI IC3 Federal Bureau of Investigation Internet Crime Complaint Center FCC Federal Communications Commission FEMA Federal Emergency Management Agency FISA Foreign Intelligence Surveillance Act FSRAs Federal and State Regulatory Agencies FTC Federal Trade Commission GAO Government Accountability Office GDPR General Data Protection Regulation GLBA Gramm-Leach-Bliley Act GSA General Services Administration HHS Department of Health and Human Services HIPAA Health Insurance Portability and Accountability Act HPSCI House Permanent Select Committee on Intelligence IC Intelligence Committee InfraGard Federal Bureau of Investigation InfraGard program iii Acronym List IP Internet Protocol IPTF Infrastructure Protection Task Force ISACs Information Sharing and Analysis Centers ISD Infrastructure Security Division IT Information Technology IoT Internet of Things JCS Joint Chiefs of Staff JP Joint Publication LFA Lead Federal Agency LGs Local Governments NCCIC National Cybersecurity and Communications Integration Center NCIRP National Cyber Incident Response Plan NCS White House National Cyber Strategy NEW Network-enabled Electronic Warfare NGOs Non-Governmental Organizations NIPP National Infrastructure Protection Plan NIST National Institute for Standards and Technology NPPD National Protection and Programs Directorate NRC Nuclear Regulatory Commission NRF National Response Framework NRMC National Risk Management Center NSA National Security Agency NSS White House National Security Strategy ODNI Office of the Director of National Intelligence OFAs Other Federal Agencies OMB Office of Management and Budget OPM Office of Personnel Management iv Acronym List RADICS Rapid Attack Detection, Isolation and Characterization Systems PEs Private Entities PII Personally Identifiable Information PPD Presidential Policy Directive SCADA Supervisory Control and Data Acquisition SEC Securities and Exchange Commission SECDEF Secretary of Defense SIGINT Signals Intelligence SLTT State, Local, Tribal, and Territorial Governments SNRA Strategic National Risk Assessment SSCI Senate Select Committee on Intelligence STT+IAGs State, Tribal, Territorial, and Insular Area Governments TCSSP Texas Cybersecurity Strategic Plan TDIR Texas Department of Information Resources USCYBERCOM U.S. Cyber Command U.S.C. United States Code US-CERT U.S. Computer Emergency Readiness Team USDA Department of Agriculture USDT Department of the Treasury USNORTHCOM U.S. Northern Command USPI U.S. Persons Information WMD Weapons of Mass Destruction UK United Kingdom USSR Union of Soviet Socialist Republics v Executive Summary While the societal, governmental, and economic benefits of a technologically-connected global community are potentially substantial, so too are the risks associated with protecting data and securing cyberspace against malicious activity. Providing security in cyberspace has generated the need for a new technology discipline: cybersecurity. The continuing proliferation and sophistication of cyber threats will allow for cyber actors at many levels, from simple hackers to antagonistic nation-states, to utilize them against U.S. interests. The U.S. must therefore be equipped both technologically and administratively to address these threats. This report examines the issues surrounding U.S. capabilities in providing cyber response, focusing on the federal level but including considerations for state and local governments as well as the private sector, in order to provide recommendations for developing a comprehensive, national cyber framework. Any discussion of a national cyber framework begins with identifying the role of the Federal Government and the current laws, strategies, plans, and frameworks that dictate how the Federal Government responds to a cyberattack against critical infrastructure. The various and often overlapping governance and guidance documents increases the complexity of cyber response. Alleviating this complexity requires first understanding the fundamental structure of U.S. critical infrastructure and the current capabilities of the Federal Government to respond to a cyberattack. An evaluation of the governance and guidance documents outlines the roles and responsibilities of each various Federal, state, and local governments, as well as private sector entities and identifies overlaps and potential deficiencies in guiding response capabilities. Understanding the role that the private sector can assume in cybersecurity is important when developing a national cyber framework. Since the majority of U.S. critical infrastructure is owned or operated by private sector entities, the capabilities and deficiencies in current private sector cybersecurity and cyber defense systems will have an impact on concerns for national security. The lack of comprehensive laws and policies to regulate cybersecurity cyber defense standards in the private sector has created vulnerabilities within cyberspace. These vulnerabilities are amplified due to a lack of a streamlined reporting process between the private sector and the government, as well as issues surround response jurisdiction and capabilities. Despite these issues, the private sector can still take on a vital role to complement or supplement government vi cyber capabilities, and the establishment of a public-private partnership for cyber response can be a powerful tool to include in a national cyber framework. Considerations for protecting the constitutionally-guaranteed right to privacy must also be included in any discussion of cybersecurity in the context of national defense and security. This includes determining the existence of any restrictions or over-restrictions on government capabilities, particularly those of the Department of Defense, when operating within U.S. Internet Protocol space for national defense. The right to privacy
Load more

Recommended publications
  • Report to the President: MIT and the Prosecution of Aaron Swartz
    Report to the President MIT and the Prosecution of Aaron Swartz Review Panel Harold Abelson Peter A. Diamond Andrew Grosso Douglas W. Pfeiffer (support) July 26, 2013 © Copyright 2013, Massachusetts Institute of Technology This worK is licensed under a Creative Commons Attribution 3.0 Unported License. PRESIDENT REIF’S CHARGE TO HAL ABELSON | iii L. Rafael Reif, President 77 Massachusetts Avenue, Building 3-208 Cambridge, MA 02139-4307 U.S.A. Phone 1-617-253-0148 !"#$"%&'(()'(*+,' ' -."%'/%01.220%'34.520#6' ' 78#9.'1"55'(*+*)':;<'="2'4..#'8#>05>.?'8#'.>.#@2'"%828#A'1%0B'"9@80#2'@"C.#'4&'3"%0#'7D"%@E'@0' "99.22'!7<FG'@=%0$A='@=.':;<'90BH$@.%'#.@D0%CI';'=">.'"2C.?'&0$)'"#?'&0$'=">.'A%"980$25&' "A%..?)'@0'%.>8.D':;<J2'8#>05>.B.#@I' ' <=.'H$%H02.'01'@=82'%.>8.D'82'@0'?.29%84.':;<J2'"9@80#2'"#?'@0'5."%#'1%0B'@=.BI'K0$%'%.>8.D' 2=0$5?'L+M'?.29%84.':;<J2'"9@80#2'"#?'?.98280#2'?$%8#A'@=.'H.%80?'4.A8##8#A'D=.#':;<'18%2@' 4.9"B.'"D"%.'01'$#$2$"5'!7<FGN%.5"@.?'"9@8>8@&'0#'8@2'#.@D0%C'4&'"'@=.#N$#8?.#@818.?'H.%20#)' $#@85'@=.'?."@='01'3"%0#'7D"%@E'0#'!"#$"%&'++)'(*+,)'L(M'%.>8.D'@=.'90#@.O@'01'@=.2.'?.98280#2'"#?' @=.'0H@80#2'@="@':;<'90#28?.%.?)'"#?'L,M'8?.#@81&'@=.'822$.2'@="@'D"%%"#@'1$%@=.%'"#"5&282'8#'0%?.%' @0'5."%#'1%0B'@=.2.'.>.#@2I' ' ;'@%$2@'@="@'@=.':;<'90BB$#8@&)'8#95$?8#A'@=02.'8#>05>.?'8#'@=.2.'.>.#@2)'"5D"&2'"9@2'D8@='=8A=' H%01.2280#"5'8#@.A%8@&'"#?'"'2@%0#A'2.#2.'01'%.2H0#284858@&'@0':;<I'P0D.>.%)':;<'@%8.2'90#@8#$0$25&' @0'8BH%0>.'"#?'@0'B..@'8@2'=8A=.2@'"2H8%"@80#2I';@'82'8#'@="@'2H8%8@'@="@';'"2C'&0$'@0'=.5H':;<'5."%#' 1%0B'@=.2.'.>.#@2I'
    [Show full text]
  • Intelligence Community Presidentially Appointed Senate Confirmed Officials (PAS) During the Administrations of Presidents George W
    Intelligence Community Presidentially Appointed Senate Confirmed Officials (PAS) During the Administrations of Presidents George W. Bush, Barack H. Obama, and Donald J. Trump: In Brief May 24, 2021 Congressional Research Service https://crsreports.congress.gov R46798 Intelligence Community Presidentially Appointed Senate Confirmed Officials (PAS) Contents Introduction ..................................................................................................................................... 1 Methodology ................................................................................................................................... 2 Tables Table 1. George W. Bush Administration-era Nominees for IC PAS Positions............................... 2 Table 2. Obama Administration-era Nominees for IC PAS Positions ............................................. 5 Table 3. Trump Administration Nominees for IC PAS Positions .................................................... 7 Contacts Author Information ........................................................................................................................ 10 Congressional Research Service Intelligence Community Presidentially Appointed Senate Confirmed Officials (PAS) Introduction This report provides three tables that list the names of those who have served in presidentially appointed, Senate-confirmed (PAS) positions in the Intelligence Community (IC) during the last twenty years. It provides a comparative perspective of both those holding IC PAS positions who have
    [Show full text]
  • Achievement Awards
    The 3RD Annual INSA Achievement Awards December 6, 2012 INTELLIGENCE AND NATIONAL SECURITY ALLIANCE AboutA INSA Program Agenda INSA is the premier intelligence and national security organization that Reception brings together the public, private and academic sectors to collaborate Cocktails and Networking on the most challenging policy issues and solutions. As a non-profit, non-partisan, public-private organization, INSA’s ultimate goal is to promote and recognize the highest standards within the national security Welcome and intelligence communities. INSA has over 150 corporate members Chuck Alsup, INSA Acting President and several hundred individual members who are leaders and senior executives throughout government, the private sector and academia. To learn more about INSA visit www.insaonline.org. Keynote Address Letitia A. Long, Director of the National Geospatial-Intelligence Agency Building a Stronger Intelligence Community Dinner Presentation of 2012 INSA Achievement Awards Thank You We would like to thank the following organizations for their table purchases: Eagle Sponors General Dynamics Raytheon Company Liberty Sponsor ITT Exelis Northrop Grumman Corporation Select Tables Accenture KEYW Corporation MITRE Corporation Oracle Penn State University – Applied Research Lab TASC The SI Organization, Inc. 2 3 INSA Achievement Awards Keynote Speaker Purpose Letitia A. Long, Director of the National Geospatial-Intelligence Agency The Intelligence and National Security Alliance (INSA) established a Ms. Letitia A. Long was appointed series of awards in 2010 intended to recognize the achievements of Director of the National Geospatial- young professionals in intelligence and national security. Six awards are Intelligence Agency on August 9, named after previous William Oliver Baker Award recipients and are 2010.
    [Show full text]
  • Potential Human Cost of Cyber Operations
    ICRC EXPERT MEETING 14–16 NOVEMBER 2018 – GENEVA THE POTENTIAL HUMAN COST OF CYBER OPERATIONS REPORT ICRC EXPERT MEETING 14–16 NOVEMBER 2018 – GENEVA THE POTENTIAL HUMAN COST OF CYBER OPERATIONS Report prepared and edited by Laurent Gisel, senior legal adviser, and Lukasz Olejnik, scientific adviser on cyber, ICRC THE POTENTIAL HUMAN COST OF CYBER OPERATIONS Table of Contents Foreword............................................................................................................................................. 3 Acknowledgements ............................................................................................................................. 4 Executive summary ............................................................................................................................. 5 Introduction....................................................................................................................................... 10 Session 1: Cyber operations in practice .………………………………………………………………………….….11 A. Understanding cyber operations with the cyber kill chain model ...................................................... 11 B. Operational purpose ................................................................................................................. 11 C. Trusted systems and software supply chain attacks ...................................................................... 13 D. Cyber capabilities and exploits ..................................................................................................
    [Show full text]
  • Reporting, and General Mentions Seem to Be in Decline
    CYBER THREAT ANALYSIS Return to Normalcy: False Flags and the Decline of International Hacktivism By Insikt Group® CTA-2019-0821 CYBER THREAT ANALYSIS Groups with the trappings of hacktivism have recently dumped Russian and Iranian state security organization records online, although neither have proclaimed themselves to be hacktivists. In addition, hacktivism has taken a back seat in news reporting, and general mentions seem to be in decline. Insikt Group utilized the Recorded FutureⓇ Platform and reports of historical hacktivism events to analyze the shifting targets and players in the hacktivism space. The target audience of this research includes security practitioners whose enterprises may be targets for hacktivism. Executive Summary Hacktivism often brings to mind a loose collective of individuals globally that band together to achieve a common goal. However, Insikt Group research demonstrates that this is a misleading assumption; the hacktivist landscape has consistently included actors reacting to regional events, and has also involved states operating under the guise of hacktivism to achieve geopolitical goals. In the last 10 years, the number of large-scale, international hacking operations most commonly associated with hacktivism has risen astronomically, only to fall off just as dramatically after 2015 and 2016. This constitutes a return to normalcy, in which hacktivist groups are usually small sets of regional actors targeting specific organizations to protest regional events, or nation-state groups operating under the guise of hacktivism. Attack vectors used by hacktivist groups have remained largely consistent from 2010 to 2019, and tooling has assisted actors to conduct larger-scale attacks. However, company defenses have also become significantly better in the last decade, which has likely contributed to the decline in successful hacktivist operations.
    [Show full text]
  • ICP -- a New Concept for Support to Combatant Commanders
    DYNAMIC PAGE -- HIGHEST POSSIBLE CLASSIFICATION IS TOP SECRET // SI / TK // REL TO USA AUS CAN GBR NZL (U) ICP -- A New Concept for Support to Combatant Commanders FROM: PACOM Account Manager (S112) Run Date: 06/18/2004 FROM: PACOM Account Manager (S112) (S) Since assuming the newly formed post of Under Secretary of Defense for Intelligence (USD(I)) in March 2003, Dr. Stephen Cambone has made improving intelligence support to Combatant Commanders a priority. Based on the study "Taking Stock of Defense Intelligence" undertaken at his direction last fall, and lessons learned from Operation Enduring Freedom (OEF) and Operation Iraqi Freedom (OIF), the USD(I) has introduced a new concept called "Intelligence Campaign Planning." The effective support of Combatant Commanders requires support agencies to create very detailed plans and the USD(I) has initiated an effort to come up with a comprehensive methodology for developing an integrated, fully coordinated, and executable Intelligence Campaign Plan (ICP). (S) To help focus the ICP effort, a decision was made to develop a plan in support of the Combined Forces Command (CFC) Korea -- specifically OPLAN 5027. On 2 March 2004, the Deputy Under Secretary of Defense for Intelligence & Warfighting Support, LTG Boykin, and Joint Chiefs of Staff J2, MG Burgess, co-hosted a conference at the Pentagon to design the way ahead. (S) Representatives from the Services, a number of Commands, and the Intelligence Community attended. BG DeFreitas, United States Forces Korea (USFK) J2, provided an overview of OPLAN 5027, outlining the campaign's operational objectives and identifying the key Priority Intelligence Requirements for each phase of operations.
    [Show full text]
  • Speaker Bios
    Intelligence Reform and Counterterrorism after a Decade: Are We Smarter and Safer? October 16 – 18, 2014 University of Texas at Austin THURSDAY, OCTOBER 16 Blanton Museum, UT Campus 4:00-5:00pm Welcome Remarks and Discussion: Admiral William McRaven (ret.) Admiral McRaven is the ninth commander of United States Special Operations Command (USSOCOM), headquartered at MacDill Air Force Base, Fla. USSOCOM ensures the readiness of joint special operations forces and, as directed, conducts operations worldwide. McRaven served from June 2008 to June 2011 as the 11th commander of Joint Special Operations Command (JSOC) headquartered at Fort Bragg, N.C. JSOC is charged to study special operations requirements and techniques, ensure interoperability and equipment standardization, plan and conduct special operations exercises and training, and develop joint special operations tactics. He served from June 2006 to March 2008 as commander, Special Operations Command Europe (SOCEUR). In addition to his duties as commander, SOCEUR, he was designated as the first director of the NATO Special Operations Forces Coordination Centre where he was charged with enhancing the capabilities and interoperability of all NATO Special Operations Forces. McRaven has commanded at every level within the special operations community, including assignments as deputy commanding general for Operations at JSOC; commodore of Naval Special Warfare Group One; commander of SEAL Team Three; task group commander in the U.S. Central Command area of responsibility; task unit commander during Desert Storm and Desert Shield; squadron commander at Naval Special Warfare Development Group; and SEAL platoon commander at Underwater Demolition Team 21/SEAL Team Four. His diverse staff and interagency experience includes assignments as the director for Strategic Planning in the Office of Combating Terrorism on the National Security Council Staff; assessment director at USSOCOM, on the staff of the Chief of Naval Operations, and the chief of staff at Naval Special Warfare Group One.
    [Show full text]
  • Ethical Hacking
    Ethical Hacking Alana Maurushat University of Ottawa Press ETHICAL HACKING ETHICAL HACKING Alana Maurushat University of Ottawa Press 2019 The University of Ottawa Press (UOP) is proud to be the oldest of the francophone university presses in Canada and the only bilingual university publisher in North America. Since 1936, UOP has been “enriching intellectual and cultural discourse” by producing peer-reviewed and award-winning books in the humanities and social sciences, in French or in English. Library and Archives Canada Cataloguing in Publication Title: Ethical hacking / Alana Maurushat. Names: Maurushat, Alana, author. Description: Includes bibliographical references. Identifiers: Canadiana (print) 20190087447 | Canadiana (ebook) 2019008748X | ISBN 9780776627915 (softcover) | ISBN 9780776627922 (PDF) | ISBN 9780776627939 (EPUB) | ISBN 9780776627946 (Kindle) Subjects: LCSH: Hacking—Moral and ethical aspects—Case studies. | LCGFT: Case studies. Classification: LCC HV6773 .M38 2019 | DDC 364.16/8—dc23 Legal Deposit: First Quarter 2019 Library and Archives Canada © Alana Maurushat, 2019, under Creative Commons License Attribution— NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) https://creativecommons.org/licenses/by-nc-sa/4.0/ Printed and bound in Canada by Gauvin Press Copy editing Robbie McCaw Proofreading Robert Ferguson Typesetting CS Cover design Édiscript enr. and Elizabeth Schwaiger Cover image Fragmented Memory by Phillip David Stearns, n.d., Personal Data, Software, Jacquard Woven Cotton. Image © Phillip David Stearns, reproduced with kind permission from the artist. The University of Ottawa Press gratefully acknowledges the support extended to its publishing list by Canadian Heritage through the Canada Book Fund, by the Canada Council for the Arts, by the Ontario Arts Council, by the Federation for the Humanities and Social Sciences through the Awards to Scholarly Publications Program, and by the University of Ottawa.
    [Show full text]
  • Cybercrime: an Overview of the Federal Computer Fraud and Abuse Statute and Related Federal Criminal Laws
    Order Code 97-1025 CRS Report for Congress Received through the CRS Web Cybercrime: An Overview of the Federal Computer Fraud and Abuse Statute and Related Federal Criminal Laws Updated June 28, 2005 Charles Doyle Senior Specialist American Law Division Alyssa Bartlett Weir Law Clerk American Law Division Congressional Research Service ˜ The Library of Congress Cybercrime: An Overview of the Federal Computer Fraud and Abuse Statute and Related Federal Criminal Laws Summary The federal computer fraud and abuse statute, 18 U.S.C. 1030, protects federal computers, bank computers, and computers used in interstate and foreign commerce. It shields them from trespassing, threats, damage, espionage, and from being corruptly used as instruments of fraud. It is not a comprehensive provision, but instead it fills crack and gaps in the protection afforded by other federal criminal laws. This is a brief sketch of section 1030 and some of its federal statutory companions. In their present form, the seven paragraphs of subsection 1030(a) outlaw: ! computer trespassing (e.g., hacking) in a government computer, 18 U.S.C. 1030(a)(3); ! computer trespassing (e.g., hackers) resulting in exposure to certain governmental, credit, financial, or commercial information, 18 U.S.C. 1030(a)(2); ! damaging a government computer, a bank computer, or a computer used in interstate or foreign commerce (e.g., a worm, computer virus, Trojan horse, time bomb, a denial of service attack, and other forms of cyber attack, cyber crime, or cyber terrorism), 18 U.S.C. 1030(a)(5); ! committing fraud an integral part of which involves unauthorized access to a government computer, a bank computer, or a computer used in interstate or foreign commerce, 18 U.S.C.
    [Show full text]
  • Perspectives and Opportunities in Intelligence for U.S. Leaders
    Perspective EXPERT INSIGHTS ON A TIMELY POLICY ISSUE September 2018 CORTNEY WEINBAUM, JOHN V. PARACHINI, RICHARD S. GIRVEN, MICHAEL H. DECKER, RICHARD C. BAFFA Perspectives and Opportunities in Intelligence for U.S. Leaders C O R P O R A T I O N Contents 1. Introduction ................................................................................................. 1 2. Reconstituting Strategic Warning for the Digital Age .................................5 3. Unifying Tasking, Collection, Processing, Exploitation, and Dissemination (TCPED) Across the U.S. Intelligence Community ...............16 4. Managing Security as an Enterprise .........................................................25 5. Better Utilizing Publicly Available Information ..........................................31 6. Surging Intelligence in an Unpredictable World .......................................44 7. Conclusion .................................................................................................56 Abbreviations ................................................................................................57 References ....................................................................................................58 Acknowledgments ........................................................................................64 About the Authors .........................................................................................64 The RAND Corporation is a research organization that develops solutions to public policy challenges to help make
    [Show full text]
  • MICROCOMP Output File
    S. HRG. 106±144 NATO'S 50TH ANNIVERSARY SUMMIT HEARING BEFORE THE COMMITTEE ON FOREIGN RELATIONS UNITED STATES SENATE ONE HUNDRED SIXTH CONGRESS FIRST SESSION APRIL 21, 1999 Printed for the use of the Committee on Foreign Relations ( Available via the World Wide Web: http://www.access.gpo.gov/congress/senate U.S. GOVERNMENT PRINTING OFFICE 58±335 CC WASHINGTON : 1999 VerDate 11-SEP-98 14:44 Sep 20, 1999 Jkt 549297 PO 00000 Frm 00001 Fmt 5011 Sfmt 5011 58335 SFRELA1 PsN: SFRELA1 COMMITTEE ON FOREIGN RELATIONS JESSE HELMS, North Carolina, Chairman RICHARD G. LUGAR, Indiana JOSEPH R. BIDEN, JR., Delaware PAUL COVERDELL, Georgia PAUL S. SARBANES, Maryland CHUCK HAGEL, Nebraska CHRISTOPHER J. DODD, Connecticut GORDON H. SMITH, Oregon JOHN F. KERRY, Massachusetts ROD GRAMS, Minnesota RUSSELL D. FEINGOLD, Wisconsin SAM BROWNBACK, Kansas PAUL D. WELLSTONE, Minnesota CRAIG THOMAS, Wyoming BARBARA BOXER, California JOHN ASHCROFT, Missouri ROBERT G. TORRICELLI, New Jersey BILL FRIST, Tennessee JAMES W. NANCE, Staff Director EDWIN K. HALL, Minority Staff Director (II) VerDate 11-SEP-98 14:44 Sep 20, 1999 Jkt 549297 PO 00000 Frm 00002 Fmt 5904 Sfmt 5904 58335 SFRELA1 PsN: SFRELA1 CONTENTS Page Cambone, Dr. Stephen A., research director, Institute for National Security Studies, National Defense University, Washington, DC .................................. 32 Prepared statement of ...................................................................................... 45 Grossman, Hon. Marc, Assistant Secretary of State for European Affairs ......... 14 Prepared statement of ...................................................................................... 50 Hadley, Hon. Stephen, partner, Shea and Gardner, Washington, DC ................ 31 Kramer, Hon. Franklin D., Assistant Secretary of Defense for International Security Affairs .................................................................................................... 19 Prepared statement of ...................................................................................... 53 Kyl, Hon. Jon, U.S.
    [Show full text]
  • Bashe Attack Global Infection by Contagious Malware 2
    CyRiM Report 2019 Bashe attack Global infection by contagious malware 2 About CyRiM About Cambridge Centre for Risk Studies Cyber risks are emerging risk with new complexities that The Centre for Risk Studies is a world leading centre for call for insurers and risk managers to jointly develop the study of the management of economic and societal innovative solutions and tools, and enhance awareness risks. The Centre’s focus is the analysis, assessment, and underwriting expertise. and mitigation of global vulnerabilities for the The Cyber Risk Management (CyRiM) project is led by advancement of political, business, and individual NTU-IRFRC in collaboration with industry partners and decision makers. academic experts. CyRiM is a pre-competitive research project that aims to foster an efficient cyber risk The Centre provides frameworks for recognizing, insurance market place through engaging industry and assessing, and managing the impacts of systemic academic experts guided by government and policy level threats. The research programme is concerned with research. The CyRiM project will help Singapore to catastrophes and how their impacts ripple across an become an industry centre of excellence on cyber risk increasingly connected world with consequent effects on and grow the cyber risk insurance market by promoting the international economy, financial markets, firms in the both the demand and the supply of insurance coverage. financial sectors, and global corporations. To test research outputs and guide new research agendas, the For more information about CyRiM please visit Centre engages with the business community, http://irfrc.ntu.edu.sg/Research/cyrim/Pages/Home.aspx government policy makers, regulators, and industry bodies.
    [Show full text]