P21-071: Challenges in Building and Implementing an Effective Cybersecurity Strategy
Abstract
Todays missions rely on highly integrated and complex technology that must be protected from a wide range of adversaries. This technology must also operate in a very dynamic and contested environment. A cybersecurity strategy is a critical element in defining how each technology component and its com-position will have sufficient security to address a mission. This strategy requires planning, design, monitoring, and enforcing considerations of cybersecurity at all levels of process, practice, and technology. It is necessary to consider compliance mandates for an authority to operate and achieve good cybersecurity hygiene. However, these steps alone are not sufficient to ensure each component is adequately secure since the capabilities of technology are continually expanding along with attackers abilities. Effective cybersecurity requires applying engineering rigor to the process of defining requirements and preparing the technology to handle the operational environment where it will ultimately reside. In this paper, we describe the challenges that acquisition programs face and the ways they are attempting to address gaps as the need increases for improved cybersecurity.
Document Details
- Document Type
- Technical Report
- Publication Date
- May 01, 2021
- Accession Number
- AD1126968
Entities
People
- Carol C. Woody
- Rita Creel
Organizations
- Carnegie Mellon University