Cyber Defense Analysis and Support
Cyber Defense Service Provider; CDSP (also called Computer Network Defense Service Provider; CNDSP in several references, Cyber Security Service Provider (CSSP), even cloud defense service provider) represents an organization responsible for delivering different functions: protection, detection, evaluation, response, and sustainment services to service subscribers. CNDSP team consists of a Computer Emergency Response Team; CERT or Incident Response and Recovery Team (IRRT). The team is also related to Network Operations and Security Center. The team should ensure that service subscribers have extensive anti-malware programs, vulnerability management plan, etc. Figure 4.1 shows overall CSSP tasks according to DISA (https://www.disa.mil).
- Lee M, Svajcer V (2017) Snort signatures. http://blog.talosintelligence.com/2018/01/2017-in-snort-signatures.html
- National Cybersecurity and Communication Integration Center (2014) Combating the insider threat. https://www.us-cert.gov
- Procedures for Operational Test and Evaluation of Cybersecurity in Acquisition Programs (2014) Attachment C: core cyber defense performance data and metrics. http://www.dote.osd.mil/pub/policies/2014/8-1-14_Procs_for_OTE_of_Cybersec_in_Acq_Progs(7994).pdf
- Vormetric Data Solutions (2015) Vormetric insider threat report 2015. http://enterprise-encryption.vormetric.com/rs/vormetric/images/CW_GlobalReport_2015_Insider_threat_Vormetric_Single_Pages_010915.pdf
- Whitman ME, Mattord HJ (2008) Principles of information security. Course Technology, StamfordGoogle Scholar