NCJ Number
228123
Date Published
July 2009
Length
2 pages
Annotation
This paper describes two tabletop exercises in how to address computer-related security incidents ("cybersecurity").
Abstract
The two tabletop training exercises were entitled Intrusion Forensic Experiment 1 (IFX 1) and Intrusion Forensic Experiment 2 (IFX 2). In IFX 1, developers created a fictitious credit union, including employees, a Web site, a network diagram, and information technology policies and procedures such as an incident response plan, acceptable network usage policy, and an operations manual. IFX 1 was a heavily scripted exercise that had strategically placed decisions for each participant. In IFX 2, the scenario took on a more free-flowing form. The primary objectives of IFX 2 included raising the awareness level of the participants regarding insider threats, developing and strengthening relationships with and among law enforcement agencies, emphasizing the importance of indications and warnings in identifying cybersecurity issues and stressing the importance of defense in depth, as well as total enterprise/agency security. IFX 2 also had secondary objectives of increasing awareness related to malware capabilities, technology exploitation, insider threats, security countermeasures, and the need for strong audits and awareness programs. Participants and observers represented the Air Force Research Laboratory/Information Directorate, the FBI, the U.S. Secret Service, and the Utica (New York) Police Department, in addition to private sector and academia representatives.