Chapter Objectives
At the conclusion of this chapter, the reader will understand:
■ The justification and contents of the securely provision domains
■ The focus and purpose of the securely provision specialty areas
■ The focus and purpose of the securely provision knowledge area
■ The relationship between the securely provision specialty areas and the National Institute of Standards and Technology (NIST) cybersecurity framework (CSF)
Chapters 5 through 10 of this book present a detailed examination of the knowledge areas that make up the National Initiative for Cybersecurity Education (NICE) framework. Each chapter explains each required knowledge, skill, and ability (KSA) task within the specialty areas of the knowledge area discussed in that chapter, and leverage those areas to the organization, or individual’s capacity to apply their knowledge to practical situations. The overall aim of the discussion is to increase your understanding about how substantive information and communication technology (ICT) work can be done using the guidelines recommended in the NICE framework.
Twenty years ago, corporate and national information infrastructures were separate and distinct. Today they are one and the same. The federal government depends on the same computer networks and networking equipment to fight against terrorist attacks, whereas the private sector depends upon the same to conduct business. Moreover, there is likely no argument that one of the key factors in keeping public and private sector ICT systems free from exploitations begins with a secure system engineering process and individuals working within the system engineering life cycle process with adequate knowledge of appropriate security policies, procedures, and controls.
Before being able to design secure systems, ICT professionals must thoroughly understand the means, motives, and opportunities of potential attackers. First, the ICT professional derives the list of possible attackers determined by who stands to profit in exploiting the system. Next, they characterize attackers in terms of their available resources, access to the targeted system, and risk tolerance. Then, maps are created to show how information flows throughout the system. Studying the information flow allows the ICT professionals to discover all the critical components and procedures. Components are vulnerable during design, implementation, distribution, maintenance, use, and retirement. Each step of every function within the ICT life cycle must be scrutinized. The ICT professional determines when and how an attacker can gain access at each point in time. For each access point, there must be considerations into what an attacker could accomplish, within the bounds of their resources and objectives.
Securely Provision Category Overview
Consideration of security in the system development life cycle (SDLC) is essential to implementing and integrating a comprehensive ICT strategy. However, determining the appropriate level of security for systems is difficult. The decision depends on many factors, including the trust level of the operating environment, the security levels of the systems it will connect to, who will be using the system, the sensitivity of the data, how critical the functions are to the business, and how costly it will be to apply optimal security measures. The knowledge of the process and economics of system development is essential to understanding why few systems in production used today can be considered sufficiently secure.
The benefit of building secure systems is a trade-off between the security and the functionality that system is intended to provide. Every dollar that goes into protecting a system is a dollar that would not be put toward building a more functional, usable system. However, as hackers, criminals, and terrorists become more sophisticated in their methods, organizations are obligated to look for new ways to reveal system vulnerabilities that result from uncommon conditions. Securely built systems depend on our ability to elevate the visibility and priority of security throughout each phase of the life cycle process. Even as early as project initiation, we can begin formulating the security goal based on organizational goals, risks, and monetary constraints. Throughout the requirements and design phase, functional and architectural flaws that compromise security can systematically be revealed. Inspection and automation methods can be applied during construction and testing to identify flaws in coding that make the system vulnerable to security attacks. Every decision made during the development process should consider the risk the organization is willing to accept as a trade-off for lower development costs, time to market, increased functionality, or usability. In using defined system development process models and by applying rigorous change control methods, we can be sure the system will meet both user needs and organizational security standards.
There are many SDLC methodologies that have been used by organizations to effectively develop an ICT system. The traditional waterfall SDLC, a linear sequential model, assumes that the system will be delivered in its final stages of the development life cycle. Another SDLC method uses the prototyping model, which is often used to develop an understanding of system requirements without actually developing a final operational system. More complex systems may require more iterative development models. More complex models have been developed and successfully used to address the evolving complexity of advanced and sometimes large ICT system designs. Examples of these more complex models are the rapid application development (RAD) model, the joint application development (JAD) model, the prototyping model, the spiral model, and the agile model. The expected size and complexity of the system, development schedule, and length of a systems life will affect the choice of which SDLC model to use. In that regard, many organizations use a variety of process models rather than choosing a single model that provides best practices for secure system development.
Because many systems can be built from a single correct process model, the creation of an enterprise-wide architecture from an ideal model of overall best practice is likely to resolve many problems associated with building secure systems with an unstructured ICT process. In that respect, the International Organization for Standardization (ISO) 12207–2008: Systems and Software Engineering— Software Life Cycle Processes standard provides the generic model that defines the ideal structure of the ICT process as a whole (ISO, 2008). It serves as a stable basis for defining a secure life cycle process that it is applicable to any form of ICT operation. In addition, ISO 12207 provides a commonly recognized, worldwide basis for standardizing terminology and processes to effectively manage...
