StudentShare
Our website is a unique platform where students can share their papers in a matter of giving an example of the work to be done. If you find papers matching your topic, you may use them only as an example of work. This is 100% legal. You may not submit downloaded papers as your own, that is cheating. Also you should remember, that this work was alredy submitted once by a student who originally wrote it.
Contact Us
Sign In / Sign Up for FREE
Sign Up for FREESign In
Search
Go to advanced search...
FREE Essays
Essay writing help
Hire a writerGet paper rewrittenEditing serviceHide a paper option
FREE Services
Essay topic generatorFree essaysFree Q&AFree GPAFree GuidesFree essay topicsDonate paper
Essay topic generator
Make my Thesis
What is StudentShare
Student's ReviewsAbout UsFAQTerms and conditionsPRIVACY POLICYCOOKIES POLICY
Advanced Search
Free

CyberSecurity Profile on the CIA - Essay Example

Comments (0)
Add to wishlist
Cite this document
Summary
The CIA develops and documents security awareness and training policy and procedures, evident from its intensive focus on security issues tied to emerging IT and communication platforms, including the Internet (Clift, 2007). There is not enough data to assess whether such…
Download full paperFile format: .doc, available for editing
GRAB THE BEST PAPER98.8% of users find it useful
CyberSecurity Profile on the CIA
Read TextPreview

Extract of sample "CyberSecurity Profile on the CIA"

CIA Cybersecurity Profile Table of Contents AC SECURITY AWARENESS AND TRAINING POLICY AND PROCEDURES 3 RA-2. SECURITY CATEGORIZATION 3 PM-2. SENIOR INFORMATION SECURITY OFFICER 3
PL-2 (2). SYSTEM SECURITY PLAN 4
PS-3. PERSONNEL SCREENING 4
References 4
AC-1. SECURITY AWARENESS AND TRAINING POLICY AND PROCEDURES
The CIA develops and documents security awareness and training policy and procedures, evident from its intensive focus on security issues tied to emerging IT and communication platforms, including the Internet (Clift, 2007). There is not enough data to assess whether such procedures address roles and responsibilities, scope and purpose, but the assumption from the wealth of evidence suggests rigor, and so it may be assumed that such is being addressed. The same goes for the dissemination of documented procedures for those with roles related to them, and the formal development of those procedures (National Institute of Standards and Technology, 2010, pp. G-1 – G-2, F-51; National Archives and Records Administration, 2000; Central Intelligence Agency, 2012).
RA-2. SECURITY CATEGORIZATION
The available data suggests that the CIA strictly categorizes data and information systems in accordance with the laws, directives and guidelines attendant to the critical nature of the work of the CIA and the confidential nature of such data and systems. The data suggests formal documentation, as evident from the rigor of the categorization, though formal documentation is not available from the sources. The assumption is that categorization approval is embedded in the CIA policies and procedures, and emanates from the very top of the organization (National Institute of Standards and Technology, 2010, pp. G-1 – G-2. F-226; Clift, 2007; Clift, 2007; Thibodeau, 2009).
PM-2. SENIOR INFORMATION SECURITY OFFICER
The CIA does appoint a senior information security officer to take charge of information security program coordination, development, implementation and maintenance across the whole organization, in the person of the Chief Information Officer or CIO. The CIO is empowered with the appropriate mandate, coming from the US President and the organization, as well as with the appropriate resources for the purpose (National Institute of Standards and Technology, 2010, pp. G-1 – G-2 ,F-207, Office of the Director of National Intelligence, 2012).
PL-2 (2). SYSTEM SECURITY PLAN
From the available literature, and from the example of its evolving cloud architecture, the functional architecture exists with the corresponding external interfaces, the appropriate security clearances and levels, information storage and transmission compliant with the laws, and level of priority for restoration of the information and related services (National Institute of Standards and Technology, 2010, pp. G-1 – G-2, F-201; Clift, 2007; Central Intelligence Agency, 2012; Thibodeau, 2009).
PS-3. PERSONNEL SCREENING
There are appropriate screening procedures prior to access to information systems, as is evident in the current literature on the CIA initiatives on the Internet, including the cloud. The existing literature though, does not have data on re-screening, and it is not easy to extrapolate such details from the available data (National Institute of Standards and Technology, 2010, pp. G-1 – G-2, F-219; Clift, 2007; Central Intelligence Agency, 2012; Thibodeau, 2009).
References
Central Intelligence Agency (2012). Counterintelligence. CIA.gov. Retrieved 27 September 2012 from https://www.cia.gov/library/reports/archived-reports-1/ann_rpt_1999/dci_annual_report_99_16.html
Clift, A. (2007). Intelligence in the Internet Era: From Semaphore to Predator. CIA.gov. Retrieved 27 September 2012 from https://www.cia.gov/library/center-for-the-study-of-intelligence/csi-publications/csi-studies/studies/vol47no3/article06.html
National Archives and Records Administration (2000). Records Management in the Central Intelligence Agency. FAS.org. Retrieved 27 September 2012 from http://www.fas.org/sgp/othergov/naracia.html
National Institute of Standards and Technology (2010). NIST Special Publication 800-53A Revision 1: Guide for Assessing the Security Controls in Federal Information Systems and Organizations- Building Effective Security Assessment Plans. US Department of Commerce. Retrieved 27 September 2012 from http://csrc.nist.gov/publications/nistpubs/800-53A-rev1/sp800-53A-rev1-final.pdf
Office of the Director of National Intelligence (2012). Chief Information Officer. DNI.gov. Retrieved from http://www.dni.gov/index.php/about/leadership/chief-information-officer
Thibodeau, P. (2009). CIA building secure cloud-based system. Computerworld. Retrieved 27 September 2012 from http://www.computerworld.com/s/article/344455/CIA_Building_Secure_Cloud_based_System Read More
Tags
Cite this document
  • APA
  • MLA
  • CHICAGO
(“CyberSecurity Profile on the CIA Essay Example | Topics and Well Written Essays - 500 words”, n.d.)
CyberSecurity Profile on the CIA Essay Example | Topics and Well Written Essays - 500 words. Retrieved from https://studentshare.org/miscellaneous/1604116-cybersecurity-profile-on-the-cia
(CyberSecurity Profile on the CIA Essay Example | Topics and Well Written Essays - 500 Words)
CyberSecurity Profile on the CIA Essay Example | Topics and Well Written Essays - 500 Words. https://studentshare.org/miscellaneous/1604116-cybersecurity-profile-on-the-cia.
“CyberSecurity Profile on the CIA Essay Example | Topics and Well Written Essays - 500 Words”, n.d. https://studentshare.org/miscellaneous/1604116-cybersecurity-profile-on-the-cia.
  • Cited: 0 times
Comments (0)
Click to create a comment or rate a document

CHECK THESE SAMPLES OF CyberSecurity Profile on the CIA

Cybersecurity

...?CYBER-SECURITY Cyber-Security Affiliation Table of Contents Question No 3 Question No. 3 7 References 12 Question No Choose2 Symmetric Encryption Algorithms to compare and contrast. Discuss what they are, how they work, their advantages/disadvantages, and how/why it was created (did it have a problem or purpose it solved). For comparing two symmetric algorithms I have chosen Stream Ciphers and Block Ciphers Encryption Algorithms. Stream Ciphers is a symmetric encryption algorithm that encrypts the bits of data and information. Additionally, this type of encryption is performed on one bit at a time (or occasionally 1 byte at a time) of data at some particular time. In addition, the method of stream cipher is much quicker... Cyber-Security...
5 Pages(1250 words)Essay

Cybersecurity

...?Cybersecurity There are a number of considerations when comparing and contrasting the impact of cybercrime on businesses against traditional crime. The most obvious differentiating factor is the nature of the criminal activity, as in the case of cybercrime the criminals are able to generally evade a physical presence in the environment. Another prominent difference between traditional crime and cybercrime are the business industry’s knowledge and perspective on these issues. Bharra (2012) interviewed four major organizations and discovered that they were not even aware which branch of the Federal Bureau of Investigation (FBI) that should inform in case of a cyber-attack. There is the further consideration that while many...
3 Pages(750 words)Coursework

Cybersecurity

...from the Internet, internal networks, and/or other public systems as well as private systems (Schaeffer, Chan, Chan, & Ogulnick, 2009). Mobile computing can be defined as a notion which relates to displaying, collecting along with transferring data from a mobile based device to any information system by utilizing a particular or a combination of varied data transfer methods. Portability is regarded as a key facet of mobile computing (International Association of Medical Science Educators, n.d.). This paper intends to provide a discussion about mobile computing. The discussion comprises recognizing the significant cybersecurity vulnerabilities and related threats associated with mobile computing for the users. The other...
8 Pages(2000 words)Coursework

Cybersecurity

...? Cyber security Table of Contents Table of Contents 2 Introduction 3 Brief of the Organizations and their Mission 3 Comparison and Contrast of Privacy Policies of Apple Inc., IBM and Microsoft 5 Possible Changes To The Policies For Customer Protection 8 Possible Changes to the Policies to Give More Flexibility to Use Personal Information of Customers 9 References 12 Introduction Privacy policy is fundamentally viewed to be a legal statement or a document that manages and handles precious information of a client or a customer. The privacy policies are often used in various sectors with the intention of safeguarding different valuable information or data of the clients. This particular aspect i.e. privacy policy is much crucial... Cyber...
7 Pages(1750 words)Coursework

Cybersecurity

... Question 3 Vulnerability is a fault in a system that an attacker/hacker uses to reduce the security of the information inthe system. Microsoft XP is known to be vulnerable to several threats; some of them include the following: Microsoft windows XP do not allot adequate memory for SMTP control replies hence allowing hackers to be able to read parts of e-mail messages through the use STARTTL commands. This is known as SMTP memory allowance vulnerability. (Vetterling, 2002) Windows XP is vulnerable in HTTP services where an attacker who notices this flaw can win an absolute control of computer system and be able to manipulate the already installed programs and do any other thing to the system with full user rights. Argument... Question 3...
1 Pages(250 words)Coursework

Cybersecurity

...the virus to be emailed to 50 recipients in the user’s address book which created an exponential increase in the virus-infected messages. Erdbrink (2012) reports how countries such as Iran have spent massive resources in controlling and preventing viruses. Anti-virus programs combat these viruses and keep the system and network safe from virus attacks. References Aksoy, P. & DeNardis, L. (2008). Information Technology in Theory. Canada, UK: Thomas Learning Inc. Erdbrink, T. (2012, May 29). Iran confirms attack by virus that collects information. The New York Times. Retrieved 2 October 2012 from www.nytimes.com Ivanova, P. (2006). Cybercrime and cybersecurity. International Journal of Information and Security, 18, 5 –...
1 Pages(250 words)Coursework

Cybersecurity

...Cybersecurity Your Topic 3 - Some mental health and criminal justice professionals contend that hacking is an"addiction," and causes obsessive, risk taking behavior in a manner similar to illegal narcotics - hackers hack to "get high" from the thrill of breaking into a system and getting away with it. Should policymakers look towards treatment, rather than incarceration, as the disposition of hacker cases? Why or why not? The study conducted by Solmaz, Bell and Saygili (2011) is interesting. At first, after reading the article, there seems to be a dilemma between hacking as a form of addiction, which requires treatment to just simply being a criminal case. But going through further to their findings, it became clearer...
2 Pages(500 words)Coursework

Cybersecurity

...Cyber Security   Cyber Security Question There are three encryption techniques: asymmetric, symmetric, and hashing techniques. Asymmetric cryptography utilizes two keys, a public key and a private key to achieve encryption and decryption. In a symmetric cryptograph, the key employed to decrypt and encrypt information should be secured as anyone who can access it can interpret the coded message. Hashing produces a rare, fixed-length signature for a data set or message (Sinkov, 1966). Hashing encryption may be the most suitable for securing encrypted session in an online credit card shopping (Kahn, 1996). This is because it is distinctive to a message, small changes to a message causes a different has, therefore, warning... Security   Cyber...
2 Pages(500 words)Coursework

CIA operations

...CIA OPERATIONS (An Essay) of (affiliation) ATTACKING CIA OPERATIONS The politicians in Washington are rightly concerned with the ease with which the CIA is killing off opponents of America, in particular the terrorists who have sought sanctuary in other countries. Those who criticize the Central Intelligence Agency want more transparency in CIA operations but the very nature of its operations require utmost secrecy, and so the politicians in Washington can be reminded that the CIA is already under the oversight of the president. In fact, it is President Obama who personally approves its ultra-secret list of targets for the drone attacks. Politicians are...
1 Pages(250 words)Essay

Cybersecurity Profile

...Cybersecurity Profile (System Security Plan (SSP) Number Lecturer Cybersecurity Profile (System Security Plan (SSP) Introduction As stipulated in the NIST Special Publication 800-53 Rev 4 Guide for Assessing the Security Controls in Federal Information Systems and Organizations, Building Effective Security Assessment Plans, each public organization is required to create a system security plan (SSP) or a cyber-security profile for all their minor and major information systems (NIST, 2012). Additionally, all federal regulations and the department of Treasury information technology security program requires that all the senior officials in-charge of...
5 Pages(1250 words)Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.

Let us find you another Essay on topic CyberSecurity Profile on the CIA for FREE!

Contact Us