Accession Number : AD1024470

Title :   Cyber Defense Management

Descriptive Note : Technical Report,01 Oct 2014,31 Aug 2016


Personal Author(s) : Fields,Craig ; Nesbit,Robert ; Von Thaer,Lou

Full Text :

Report Date : 01 Sep 2016

Pagination or Media Count : 84

Abstract : In October 2014, the Under Secretary of Defense for Acquisition, Technology and Logistics (USD(AT and L)) requested that the Defense Science Board (DSB) investigate ways to improve the Department of Defenses overall management processes for providing cyber security in its systems and networks. The Board assembled a Task Force composed of national leaders in information technology (IT) and cyber security. The Task Force met from January 2015 through November 2015to deliberate on cyber security for the Department of Defense (DoD). The task force was asked to take on four specific tasks: Determine methods to assess and provide DoD leadership with improved management insight into the level of cyber protection that either currently exists or is planned. Devise the means or methods to assess system resilience to different kinds and levels of cyberattack. Investigate ways to inform future investments for DoD cyber defense. Develop approaches to produce prioritized recommendations for spending the next dollar for maximum effect against cyber threats. The most recent DSB study related to cyber security was in 2013, more than three years ago. Since these recommendations were published, many serious cyber attacks and breaches have resulted in information and financial losses as well as information system down time. However, there have been some encouraging signs as well. The highly publicized government and commercial cyber breaches have driven a dramatic increase in general awareness and concern for cyber threats, system vulnerabilities, and the potential for damage from losing personal information stored within a system. This awareness has resulted in increased demand for more secure products and services. Recently, cyber security insurance rates have experienced an increase averaging more than 30 percent from the previous year. This may reduce papering over the security problem.

Descriptors :   computer security , cyberattacks , cyber defense techniques , threats , VULNERABILITY , information systems , computer networks , computer network security

Distribution Statement : APPROVED FOR PUBLIC RELEASE