The National Institute of Standards and Technology has published guidelines for responding to security breaches in government computer systems. Prevention is better than response, the authors say. But “not all incidents can be prevented. An incident response capability is therefore necessary.” It not only is necessary, it is required under the Federal Information Security Act. NIST is responsible under FISMA for developing standards and guidelines for agency information security. The recommendations in NIST Special Publication 800-61, Computer Security Incident Handling Guide, emphasize planning and communication. They propose a cyclical approach, in which lessons learned are incorporated into planning for future incidents. The guidelines cover response to denial-of-service attacks; malicious code, including viruses, worms and Trojan horses; unauthorized access; inappropriate use by authorized users, and incidents incorporating various types of security breaches. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.