Computer Emergency Readiness Team CERT - PowerPoint PPT Presentation

1 / 16
About This Presentation
Title:

Computer Emergency Readiness Team CERT

Description:

Established as part of the Department of Homeland Security to protect the ... The U.S. Department of Homeland Security has entered the murky waters of cyber ... – PowerPoint PPT presentation

Number of Views:163
Avg rating:3.0/5.0
Slides: 17
Provided by: franks71
Category:

less

Transcript and Presenter's Notes

Title: Computer Emergency Readiness Team CERT


1
Computer Emergency Readiness Team(CERT)
  • Frank Swanson
  • CS662
  • Security Certification and
  • Accreditation
  • Professor Scott Puryear
  • 14 JUN 05

2
Computer Emergency Readiness Team(CERT)
  • Introduction
  • Services Provided
  • CERT.mil
  • How to use CERT to certify systems
  • CERT to maintain system security
  • CERT the right tool to use
  • Conclusion

3
Introduction
  • United States (US) Computer Emergency Readiness
    Team (CERT) provides a mechanism that allows
    citizens, businesses, and other institutions to
    communicate directly with the US Government
    regarding cyber attacks/threats. Established as
    part of the Department of Homeland Security to
    protect the nation's Internet infrastructure,
    US-CERT coordinates defense against and responses
    to cyber attacks/threats across the nation.

4
Introduction cont
  • The U.S. Department of Homeland Security has
    entered the murky waters of cyber security alerts
    with the inauguration of US-CERT, the federal
    Computer Emergency Readiness Team. US-CERT's
    mission is to provide timely security alerts so
    that businesses and individuals can protect
    themselves once an outbreak has been detected.
    Homeland Security promises it to be a stabilizing
    force in the chaotic arena of computer-security
    research, disclosures, patches and alerts.
  • Moskowitz, Robert G., 19FEB04,Networkcomputing.
    com

5
Introduction cont
  • Many other western countries have established
    their own CERT to help their country with the
    same issues relating to cyber attacks/threats.
  • Within the US Department of Defense (DoD) each
    service has developed their own CERT to help
    prevent and counter attacks/threats relating to
    the DoDs systems.

6
Services Provided
  • US CERT
  • A centralized location for Information Technology
    (IT) personnel both technical and non-technical
    to get or report incidents
  • A centralized location for to get or report
    vulnerabilities to systems regardless of the
    platform
  • Other resources such as tools and techniques,
    research and guideline, policy and government,
    and education
  • Publications and events are hosted by CERT to
    help with protecting the nations networks

7
(No Transcript)
8
CERT.mil
  • Joint Task Force (JTF) Global Network Operation
    (GNO) is chartered to provided the DoD the
    operation and defense of the Global Information
    Grid (GIG) across strategic, operational, and
    tactical boundaries in support of DoDs full
    spectrum of war fighting, intelligence, and
    business operations

9
CERT.mil
10
How to use CERT to Certify Systems
  • CERT does not provide a process to certify and
    accredit IT systems
  • CERT does provide measures to help protect and
    report systems issues
  • CERT does provide as an instrument once systems
    are certified a centralized location for
    vulnerabilities, viruses, threats, and attacks
    information

11
How to use CERT to Certify Systems
  • CERT and CERT.mil does help in directing
    organizations to the different CA web sites
  • US-CERT search for CA will direct users to
    Federal Information Security Management Act
    (FISMA) for their program for CA
  • CERT.mil search for CA will direct users to DoD
    Information Technology Security Certification
    Accreditation Process (DITSCAP) soon to be DIACAP

12
CERT to Assist in Maintaining System Security
  • CERTs primary mission is to assist with the
    maintaining the systems security
  • CERT provides all current and past Information
    Assurance Vulnerability Alert (IAVA) and
    Information Assurance Vulnerability Bulletins
    (IAVB) in a database for use
  • CERT maintains technical security alerts,
    security alerts, security bulletins, and security
    tips

13
CERT the Right Tool
  • CERT is not the right tool for CA
  • CERT is the right tool to use for Operation and
    Maintenance (OM)
  • CERT is the right tool for an organizations
    Security Team to get information/resources for
    attacks, threats, vulnerabilities, or virus
    information

14
Conclusion
  • US CERT is established as part of the Department
    of Homeland Security to protect the nation's
    Internet infrastructure
  • CERT.mil is established to protect the DoDs
    Internet infrastructure
  • CERT is not a certifying and accrediting agency
  • CERT does provide the resources to help an
    organizations Security Team to keep their IT
    systems secure and provide a centralized location
    to obtain information about attacks and threats
    to networks

15
Questions?
16
References
  • CERT.mil www.cert.mil
  • DITSCAP - http//iase.disa.mil/ditscap/
  • FISMA - http//csrc.nist.gov/sec-cert/
  • Moskowitz, Robert G., US-CERT Federal Computer
    Emergency Readiness Team, 19FEB05,
    http//www.networkcomputing.com/showitem.jhtml?doc
    id1503buzz3
  • US CERT www.uscert.gov
Write a Comment
User Comments (0)
About PowerShow.com