REPORTS...: February 2009 Archives

2009 National Infrastructure Protection Plan Released

By SF Bay InfraGard on February 27, 2009 9:16 AM
nipp_plan_2009_cover.jpg
The National Infrastructure Protection Plan provides the unifying structure for the integration of a wide range of efforts for the enhanced protection and resiliency of the nation's critical infrastructure and key resources (CIKR) into a single national program.

The 2009 NIPP replaces the 2006 version and reflects changes and updates to program elements and concepts. It captures the evolution and maturation of the processes and programs first outlined in 2006 without changing the underlying policies. The revised NIPP integrates the concepts of resiliency and protection, and broadens the focus of NIPP-related programs and activities to an all-hazards environment.  READ MORE

DHS Press Release

Download Report (.pdf)

NIST revises guidance for remote access and teleworking security

By SF Bay InfraGard on February 26, 2009 8:16 AM
The National Institute of Standards (NIST) have released revised guides providing advice for protecting the wide variety of private and mobile devices from threats.  Together with the preponderance of dangerous malware on the Web, the vulnerability of wireless transmissions from mobile devices has created dramatic new security challenges. READ MORE

"In terms of remote access security, everything has changed in the last few years. Many Web sites plant malware and spyware onto computers, and most networks used for remote access contain threats but aren't secured against them," says Karen Scarfone of NIST's Computer Security Division. "However, even if teleworkers are using unsecured networks, the guide shows the steps organizations can take to protect their data."

Among these steps is the recommendation that an organization's remote access servers--the computers that allow outside hosts to gain access to internal data--be located and configured in ways that protect the organization. Another is to ensure that all mobile and home-based devices used for telework be configured with security measures so that exchanged data will maintain its confidentiality and integrity. Above all, Scarfone says, an organization's policy should be to expect trouble and plan for it.

"You should assume external environments contain hostile threats," she says. "This is a real philosophy shift from several years ago, when the attitude was essentially that you could trust the home networks and public networks used for telework."

The new guide provides recommendations for organizations. DOWNLOAD

A companion publication* offers advice for individual users on securing their own mobile devices. DOWNLOAD

An Overview of the U.S. Intelligence Community...

By SF Bay InfraGard on February 3, 2009 11:54 AM
The Office of Director of National Intelligence has recently released the report An Overview of the United States Intelligence Community for the 111th Congress...

The cost of a data breach continues to rise...

By SF Bay InfraGard on February 2, 2009 2:42 PM
In its annual study the Ponemon Institute found the total cost of coping with the consequences of a data breach rose to $6.6 million per breach, up from $6.3 million in 2007 and $4.7 million in 2006. READ MORE
« REPORTS...: December 2008 | Main Index | Archives | REPORTS...: March 2009 »

Search

About this Archive

This page is an archive of entries in the REPORTS... category from February 2009.

REPORTS...: December 2008 is the previous archive.

REPORTS...: March 2009 is the next archive.

Find recent content on the main index or look in the archives to find all content.

REPORTS...: Monthly Archives

Categories

Monthly Archives

Pages

Powered by Movable Type 5.12