Cyber defense
Information assurance and cryptography
Download 2.54 Mb. View original pdf
|
| Information assurance and cryptography 416. Information assurance is a basic service in the cyber force, given the sensitive nature of most of its operational, technical, hiring and procedural activities. 417. Information assurance is a cross-domain service, for all domain of operations, aimed at preserving the availability, integrity and confidentiality of information. It is one of the many services that the cyberspace force needs, and it must not, under any circumstances, be mistaken or assimilated to cyber defense. 418. Information assurance must consider all the components that interact with information, in one way or another, such as people, documents, facilities, IT systems and companies. 419. The cyber force information assurance branch is responsible for developing information assurance rules and procedures and for monitoring and promoting compliance with them. 420. Cryptography is a matter that is ubiquitous inmost cybersecurity services and measures, being fundamental not only in the obvious confidentiality aspects but also in many other sensitive services such as access control, digital signature, integrity, etc. Many cyber attacks include cryptography in some phases, therefore, it is critical for the cyber force to have an adequate cryptography branch to handle cryptographic matters related to cyber defense. Facilities 421. Facilities of all cyber force units must be adequately equipped to accommodate the matériel and personnel in the proper safety, operational and environmental conditions. 422. Cyber operations, to a large extent, take place in confidential environments therefore, the facilities must be conditioned to protect the confidentiality of information and activities to their required level. 423. In addition to regular facilities, the cyber force must consider the permanent or temporary use of covert facilities necessary to protect the anonymity of sensitive cyber operations and to disassociate them from State entities or national territory. Command 424. Cyber defense is not a joint function, but a combat capability specialized in the cyberspace domain of operations. Hence, it must be subordinated to an independent command from the other domains, even when the size of the cyber force is small. |