|
Computer security is one of the fastest growing areas
in the field of security today. Security and Information
Technology Managers are faced with developing programs
to insure that if an event occurs, all computer systems
will remain operational, and that the information stored
on the computer systems will not be compromised. The
NSSC Computer Security Team will conduct performance
tests, interviews, and document and procedural reviews
to identify critical information and back-up systems.
Once completed, a vulnerability analysis and risk assessment
will be completed.
NSSC's services include:
- Identification of all critical systems (including software,
hardware, personnel, and property).
- Threat analysis: Collecting information about the
threat and determining how to protect the system from
attack.
- Identifying vulnerabilities: Finding weaknesses in security
procedures that can be exploited or compromised.
- Risk Mitigation: Finding short-term and long-term solutions
to identified vulnerabilities.
Monitoring implemented controls for effectiveness and periodic
reanalysis of risk.
- Configuration Management (CM): Assuring that the software
is up to date.
- Auditing and testing: Used to verify the effectiveness
of controls in the event of changes in the system, hardware,
or application.
- Monitoring: Used to review system-generated logs that
can detect security problems, including attempts to exceed
access authority or gain system access during unusual hours.
- Network Architecture: Inspectors will review the site's
cyber security requirements for the network.
|
