NSA/ISSO ThreadWednesday, 1:30 - 5:00 , Conference Theatre
Opening Address by Mike Jacobs, DDI, NSA, focusing on the ISSO mission
Chair
PRESENTATION (Whole panel)
Panelists:
- George Wooley, NSA
Information Assurance Technical Framework
- Lou Giles, NSA
- Mike Jacobs, NSA
- Steve Rome, NSA
The DoD adopted the term "Information Assurance" (IA) to address the full suite of security services that are being applied to today's information driven environments. Our Defense in Depth strategy outlines how layers of defense are used to achieve the security objectives of the DoD's overall concept. This presentation will explain how we are using the IATF to give guidance to Government users in deploying "Defense in Depth" in the technology domain, give insight to US industry as to our security requirements, and identify gaps in available products to meet those requirements. We will explain how this document has evolved and how we plan on ensuring it remains relevant in creating IA solutions for our customers.
National Information Assurance Partnership (NIAP)
In this age of rapid technological turnover, it is difficult to keep pace with the security needs of the customer through the availability of government developed information technology products. We must rely on commercial products to provide the latest information technology, but often these products do not contain the security features required by the customer. The National Information Assurance Partnership (NIAP) is a joint partnership between the National Security Agency and the National Institute of Standards and Technology which concentrates on meeting the security testing needs of both information technology producers and users through the development of objective measures and test methods for evaluating the quality of information technology security products. NIAP will influence the commercial off-the-shelf market with customer supported requirements and approved nationwide product evaluation/testing laboratories for products necessary to support and bolster the security of our U. S. Critical Information Infrastructure.