INSA endorses US cyber security review

Chicago (IL) – The INSA (Intelligence and National Security Alliance) has endorsed the Obama administration’s decision to conduct a comprehensive cyber security study.

“INSA is highly supportive of the presidentially commissioned task to conduct a comprehensive cyber security study. Cyber assurance is a critical issue for the United States. There are many technical and policy issues associated with providing an acceptable level of cyber assurance for our government and commercial infrastructures,” the organization stated in a recently published report.

The INSA proposed the appointment of a “single cyber security official” to clarify the roles, mission, and responsibilities of relevant government agencies. In addition, the INSA urged all parties to “drastically improve information sharing” and streamline standards between the government, industry, and the private sector.

The report also recommended that the US and other countries “mitigate” DNS-related cyber vulnerabilities via DNSSEC extensions or other key-based authentication mechanisms.

“DNSSEC protects the Internet from certain attacks, such as DNS cache poisoning. Compromise of an actual root has always been a primary concern, and decentralization of the management of this infrastructure would certainly increase the risk of compromise,” explained the INSA. “With DNSSEC comes the responsibility of an organization, institution, or government to sign the root zone file and appropriately protect the validity of this key.”

As TG Dailypreviously reported, the White House is poised to announce the creation of a new military cyber command.

The unit is expected to coordinate the defense of various computer networks against malicious activity, including distributed denial-of-service (DDoS) attacks. The Pentagon has already spent more than $100 million over the past six months responding to a spate of serious cyber offensives, including one which compromised the US electric grid.

It should be noted that the Department of Defense (DoD) dedicated a section of its recent 2009 Quadrennial Roles and Missions Review (QRM) Report to the “enormous challenges” presented by cyberspace.

“Our national security is inextricably linked to the cyberspace domain, where conflict is not limited by geography or time. The expanding use of cyberspace places United States’ interests at greater risk from cyber threats and vulnerabilities. Cyber actors can operate globally, within our own borders, and within the borders of our allies and adversaries. The complexity and amount of activity in this evolving domain make it difficult to detect, interdict, and attribute malicious activities,” the DoD warned.