The Bush Administration is expected to give federal agencies specific instructions on how to report computer security incidents to the Federal Computer Incident Response Center (FedCirc) within the next six weeks. FedCirc is the incident response center where federal civilian agencies report computer security incidents. The purpose of FedCirc is to ensure the government has critical services available in order to withstand or quickly recover from attacks against its information resources. On March 1, the agency officially became part of the Department of Homeland Security’s (DHS) Information Analysis and Infrastructure Protection (IAIP) Directorate. DHS’s National Cyber Security Division hosts FedCirc. According to DHS officials, the Administration’s incident report guidance will give FedCirc the data it needs to track and analyze incident reports. Currently, a security incident is defined as an act of violating an explicit or implied security policy, but this relies on the existence of a security policy that, while generally understood, varies between organizations. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.