The Cyber Security and Information Systems Information Analysis Center (CSIAC)

Report

A Proven Resource for Maximizing DoD Dollars

The DoD Information Analysis Centers (IACs) serve as an essential resource to affordably deliver technical data and analyses in support of current operations. The Pentagon has recognized the DoD IACs' ability to maximize ...

Best Practice/Reference Document

DISA reorganization highlights Cybersecurity

Latest re-org and reassignment of responsibilities.

Journal

CSIAC Journal Call for Papers

CSIAC is looking for Cybersecurity-related technical research papers. We are especially interested in papers which address the following topics:

Cybersecurity of Critical Infrastructure and Installation ...

Reports

Tools

Popular Today
Newest Content
Recent Discussion
Most Commented

Software Intensive Systems Engineering - 4 views(s) today
Posted: 07/11/2012 - 7:43am by CSIAC Admin

Software Intensive Systems Engineering includes the entire field of software and systems engineering and related technologies; specifically as related to information, documentation, databases,...
Insider Threat Workshop - The Critical Infrastructure Security Perspective - 3 views(s) today
Posted: 08/22/2013 - 8:22am by ariesbeck

Presentation by Mark Troutman and Paul Losiewicz. Attached to this post you will find the slides that were presented at the Insider Threat Workshop held in August of 2013. Video of the...
Insider Threat Workshop - Next Generation Insider Threat - 3 views(s) today
Posted: 08/22/2013 - 8:23am by ariesbeck

Presentation by Richard Cook. Attached to this post you will find the slides that were presented at the Insider Threat Workshop held in August of 2013. Video of the presentation will be available...
Insider Threat Workshop - Personnel Behavior Physical and Virtual - 3 views(s) today
Posted: 08/22/2013 - 8:25am by ariesbeck

Presentation by Matthew Sweeney. Attached to this post you will find the slides that were presented at the Insider Threat Workshop held in August of 2013. Video of the presentation will be...
4G LTE Security for Mobile Network Operators - 3 views(s) today
Posted: 10/25/2013 - 9:19am by showard

1. Abstract: Mobile network operators (MNOs) must grapple with complex security management in fourth generation Long Term Evolution (4G LTE) deployments. The security architecture of 4G LTE may...
DoDI 8500.01 and DoDI 8510.01 - 3 views(s) today
Posted: 04/11/2014 - 1:47pm by CSIAC Admin

DoDI 8500.01, "Cybersecurity," replacing previous information assurance (IA) guidance.DoDI 8510.01, "Risk Management Framework (RMF) for DoD Information Technology (IT)," replacing the previous...

NIST IR 7966 DRAFT Security of Automated Access Management Using Secure Shell (SSH) (reference_documents)

Posted: 03/04/2015 - 3:16pm CSIAC Admin

NIST announces the second public comment release of Draft NIST Interagency Report (IR) 7966, Security of Interactive and Automated Access Management Using Secure Shell (SSH). The purpose of this...
SB15-061: Vulnerability Summary for the Week of February 23, 2015 (discussion)

Posted: 03/02/2015 - 1:56pm CSIAC Admin

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability...
SEI Webinar Series: What DevOps Is Not! (event)

Posted: 03/02/2015 - 1:51pm CSIAC Admin

The definition of DevOps is a highly contested topic. Despite what some will lead you to believe, DevOps is not just a set of tools, nor is it merely a focus on achieving continuous integration,...
Workshop on Cybersecurity in a Post-Quantum World (event)

Posted: 03/02/2015 - 9:31am CSIAC Admin

The advent of practical quantum computing will break all commonly used public key cryptographic algorithms. In response, NIST is researching cryptographic algorithms for public key-based key...
SB15-054: Vulnerability Summary for the Week of February 16, 2015 (discussion)

Posted: 02/23/2015 - 10:16am CSIAC Admin

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability...
SB15-047: Vulnerability Summary for the Week of February 9, 2015 (discussion)

Posted: 02/17/2015 - 2:10pm CSIAC Admin

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability...

SB15-061: Vulnerability Summary for the Week of February 23, 2015 (discussion)

Posted: 03/02/2015 - 1:56pm CSIAC Admin

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability...
SB15-054: Vulnerability Summary for the Week of February 16, 2015 (discussion)

Posted: 02/23/2015 - 10:16am CSIAC Admin

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability...
SB15-047: Vulnerability Summary for the Week of February 9, 2015 (discussion)

Posted: 02/17/2015 - 2:10pm CSIAC Admin

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability...
New Government Agency: "Cyber Threat Intelligence Integration Center" (discussion)

Posted: 02/10/2015 - 11:57am CSIAC Admin

In the wake of the Sony Pictures hack the Obama administration will establish a new government agency to "combat the deepening threat from cyberattacks," according to the Washington Post.To view...
US-CERT Vulnerability Summary for the Week of February 2, 2015 (discussion)

Posted: 02/09/2015 - 10:51am CSIAC Admin

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology(NIST) National Vulnerability...
SB15-026: Vulnerability Summary for the Week of January 19, 2015 (discussion)

Posted: 01/26/2015 - 2:34pm CSIAC Admin

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability...

Opinion piece in WSJ: "The military's system for acquiring software is... - 17 comments(s)
Posted: 02/18/2013 - 11:27am by Taz Daughtrey

“The Pentagon acquires IT and software-based systems the way it buys aircraft carriers—as if they were physical items to be forged or welded or mass-produced. The standard procurement cycle is...
Security Test Environments - 16 comments(s)
Posted: 11/12/2012 - 10:04am by tmcgibbon

I am looking for test environments and tools that would allow me to test and analyze cyber assets and effects. Suggestions?
Do We Need A Cybersecurity-Capability Maturity Model (CS-CMM)? - 11 comments(s)
Posted: 03/05/2013 - 10:43am by SARCDir

I've just finished reading the CSIS report titled "Updating U.S. Federal Cybersecurity Policy and Guidance" (http://csis.org/publication/updating-us-federal-cybersecurity-policy-and-guidance) and...
Looking for more examples of software security concept maps, such as the one... - 7 comments(s)
Posted: 03/27/2013 - 12:57pm by Taz Daughtrey
Topics to add, delete, emphasize, de-emphasize? - 7 comments(s)
Posted: 04/03/2013 - 8:06am by Taz Daughtrey

Which subject matter in the previous report [attached] do you think needs more attention now? What new topics should be added? What content from the previous report needs less coverage or even...
Acquisition Community for CSIAC - 4 comments(s)
Posted: 08/08/2012 - 8:36am by tmcgibbon

I don't mean to pick on Michael, because I agree with much of what he says in his blog. However I think we need to discuss specifically what it means to support the acquisition community. ...