FIGURE 26. IT SYSTEM SECURITY AUDIT CYCLE

GUÍA DE
CIBERDEFENSA
ORIENTACIONES PARA EL DISEÑO, PLANEAMIENTO, IMPLANTACIÓN Y DESARROLLO DE UNA CIBERDEFENSA MILITAR
60 Typically, in the case of classified systems, they need to be previously accredited by the operational authority before they are allowed to start operating or be reaccredited so that they can continue to operate. In this case, the audit report would contain not only the results of the audit, but a positive proposal (i.e., the system is free of serious deficiencies that prevent it from operating) or a negative proposal (i.e., the system has serious deficiencies that prevent it from operating).
387.
Accreditation is usually granted for three-year periods, but, as technology and system classification allow, ideally, dynamic online audits that are capable of evaluating systems in real time should be performed.
Cyber range
388.
Traditional military range is a restricted area of a land, sea or air domain that is used to train military units and carryout live-fire exercises in a safe and isolated environment that ensures doing no harm to the area involved. In order to be more effective, the military range should be designed to resemble the most probable terrain where the operation to be trained or tested would take place. An opposing force should be included.
390.
Cyber range is exactly the same as a military range that is, it is a restricted area of cyberspace that is used to train cyber defense units and practice live-fire cyber exercises in a safe and isolated environment that ensures doing no harm to the cyberspace area involved.
391.
The cyber range is actually more effective than traditional ones, since it can simulate, quite accurately, the environment where cyber operation would take place, including topology and network activity, user behaviors, and a live-fire enemy.
392.
The cyber force needs the cyber range to conduct, among other activities, individual and collective training model and simulate environments, scenarios, networks, effects and behaviors analyze malware develop cyber weapons and test, evaluate and validate concepts, products, technologies and TTPs.
393.
The cyber range of the cyber force must be secure (it must allow selective access exclusively to authorized users, isolated (it must prevent the effects of the activities carried out on it from spreading outside of it, reliable (it must reproduce the activities as required by users, accessible (onsite and online, scalable (it must easily allow for increased capability and power, dynamic (it must evolve as new technologies emerge, comprehensive (it must be able to simulate any IT environment required, including industrial control systems, resilient it must be robust to failures, including a backup cyber range) and most importantly, it must be operated by a multidisciplinary team, expert in virtualization technologies and modeling and simulation tools, and very knowledgeable of the cyber defense technical and operational environment.
394.
The ideal case for national cyber defense is the development and implementation of a
national cyber range in which the Internet can be modeled to carryout response practices to large-scale cyber incidents, with the participation of the cyber force and other actors, public or private, involved in national cyber defense.

Download 2.54 Mb.

Share with your friends: