Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Agencies get cyberattack guidance

From: William Knowles <wk () C4I ORG>
Date: Wed, 1 Nov 2000 12:51:53 -0600
http://www.fcw.com/fcw/articles/2000/1030/web-cio-11-01-00.asp

BY Diane Frank
11/01/2000

The CIO Council and the Office of Management and Budget issued
guidelines this week directing agencies to coordinate cyberattack
reports and warnings with the Federal Computer Incident Response
Center.

The memorandum details the processes that agencies should follow to
improve coordination and interaction with FedCIRC at the General
Services Administration.

The memo requires agencies to:

* Report externally generated security incidents to FedCIRC.

* Make sure alerts and warnings from FedCIRC are received by the
  appropriate people at each agency.

* Acknowledge, when necessary, that they received the FedCIRC messages
  and explain the corrective actions taken.

The memo was signed by Sally Katzen, chairwoman of the CIO Council and
deputy director for management at OMB, and Jim Flyzik, vice chairman
of the council and CIO of the Treasury Department.

The CIO Councils Security, Privacy and Critical Infrastructure
committee developed the memo with OMB, GSA and agencies throughout
government. It comes in the wake of the problems with the reporting
and response processes that were highlighted by e-mail viruses earlier
this year.

When the "love bug" hit in May, agencies and FedCIRC found themselves
struggling to get out warnings and put protections in place, and the
General Accounting Office testified before Congress that better
information sharing procedures are needed.

By coordinating with FedCIRC, agencies will be able to improve
security not only for themselves, but also for other agencies. "When
faced with security incidents, an agency should respond in a manner
that both protects its own information assets and helps other
organizations that might also be affected," the memo states.

The memo includes a table indicating three levels of agency contact
information for FedCIRC, including the agency CIO and the security
manager or system administrator for the agencys headquarters and
offices. OMB asked agencies to send contact information to FedCIRC by
the end of October.

It also lists the type of information that should be shared between
agencies and FedCIRC and when the sharing should occur.


*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".
Previous By Date Next
Previous By Thread Next

Current thread: