| Description |
1 online resource (xi, 62 pages) : black and white illustrations, black and white and color charts |
| Series |
Research reports ; RR-1007-AF |
|
Research report (Rand Corporation) ; RR-1007-AF.
|
| Contents |
Preface -- Figures -- Summary -- Acknowledgments -- 1. Cybersecurity Management: Introduction -- What Should Cybersecurity in Acquisition Achieve? -- Managing Cybersecurity Risk -- Challenges for Managing Cybersecurity -- Principles for Managing Cybersecurity -- Principles for Managing Cybersecurity -- Summary -- 2. Cybersecurity Laws and Policies -- Introduction -- Legislation and Federal Cybersecurity Policy -- Department of Defense Cybersecurity Policy -- Cybersecurity and Air Force Life-Cycle Management -- Conclusion -- 3. Findings and Recommendations: Findings -- Discussion -- Recommendations -- Closing Remarks -- Abbreviations -- References |
| Summary |
"There is increasing concern that Air Force systems containing information technology are vulnerable to intelligence exploitation and offensive attack through cyberspace. In this report, the authors analyze how the Air Force acquisition/life-cycle management community can improve cybersecurity throughout the life cycle of its military systems. The focus is primarily on the subset of procured systems for which the Air Force has some control over design, architectures, protocols, and interfaces (e.g., weapon systems, platform information technology), as opposed to commercial, off-the-shelf information technology and business systems. The main themes in the authors' findings are that cybersecurity laws and policies were created to manage commercial, off-the-shelf information technology and business systems and do not adequately address the challenges of securing military systems. Nor do they adequately capture the impact to operational missions. Cybersecurity is mainly added on to systems, not designed in. The authors recommend 12 steps that the Air Force can take to improve the cybersecurity of its military systems throughout their life cycles"--Publisher's description |
| Notes |
"October 27, 2015"--Table of contents page |
| Bibliography |
Includes bibliographical references (pages 57-62) |
| Notes |
English |
|
Online resource; title from PDF title page (Rand Corporation, viewed October 28, 2015) |
| Subject |
United States. Air Force -- Rules and practice
|
| SUBJECT |
United States. Air Force fast |
| Subject |
Computer networks -- Security measures -- United States
|
|
Cyberspace -- Security measures -- United States
|
|
Cyberinfrastructure -- Security measures -- United States -- Evaluation
|
|
Risk assessment.
|
|
Cyberterrorism -- United States -- Prevention -- 21st century
|
|
National security -- United States -- 21st century
|
|
risk assessment.
|
|
HISTORY -- Military -- Aviation.
|
|
Cyberspace -- Security measures
|
|
Computer networks -- Security measures
|
|
Cyberterrorism -- Prevention
|
|
National security
|
|
Risk assessment
|
|
United States
|
| Genre/Form |
Rules
|
| Form |
Electronic book
|
| Author |
Rand Corporation, issuing body.
|
| ISBN |
9780833093387 |
|
083309338X |
|
