After Action Report
Purpose
This After Action Report (AAR) aims to enlighten stakeholders on the cyber threats the nation’s network is exposed to and thus establish appropriate solutions that will increase cyber network resilience. The Science and Technology Directorate (S&T) of the Department of Homeland Security (DHS) supports cybersecurity research to combat the constant cyberattacks of the United States cyberinfrastructure. The AAR seeks to advocate for the protection of critical cyber network infrastructure, including the finance sector, energy, and public utility sectors. Besides, it aims to help the end-users understand the current cyber capabilities and threats as well. In doing so, critical cyber infrastructure will be resilient to malicious attacks. Finally, the AAR aims to foster the understanding of cybersecurity issues among critical partners such as innovators, government agencies, international bodies, and law enforcement. Such an understanding could lead to the development of critical cyber capabilities to counter security threats. Do you need urgent assignment help ? Get in touch with us at eminencepapers.com.
Homeland Cyber Security Projects
Homeland security through S&T has come up with solutions to cyber issues facing cyber networks in the contemporary world. Some of the solutions developed by S&T include creating and deploying standards, frameworks, tools, and technologies that ensure a secure cyber connection between Homeland Security and its stakeholders (“Cybersecurity,” 2019). By applying aggressive research and development, S&T comes up with practical solutions to modern cybersecurity issues. The solutions developed by Homeland Security can be implemented by both the private and public sectors. The technologies developed by Homeland Security aim to defend, mitigate, and secure networks from current and future threats (“Cybersecurity,” 2019). It has also been established that Homeland Security funds various cybersecurity projects. The projects funded by Homeland Security aim to improve the security of the federal network and the internet as a whole.
Software Assurance Marketplace
The Software Assurance Marketplace (SWAMP) ensures that researchers and developers are always provided with software assurance capabilities. Cybersecurity researchers, developers, end-users, and trainers are provided with efficient cyber analysis services (Ahad, 2017). As such, the vulnerabilities present in the newly deployed software systems are reduced drastically. System developers use software analysis tools to improve their technologies and limit weaknesses. On the other hand, users use the tools to identify any vulnerabilities in the systems and take steps to correct the issues early enough (Ahad, 2017). Educators, on their side, use the tools to ensure that their trainees are equipped with hands-on experience in software analysis techniques. Some of the benefits that have been identified as resulting from the use of SWAMP include:
- Enhanced rates of adoption of software assurance tools
- Reduced barriers to the adoption of software assurance tools
- Provision of easy-to-interpret analysis results for software assurance tools users
SWAMP gives a unique opportunity for developers to test their code and products for cyber vulnerabilities before deployment (“SWAMP,” 2019). It is possible to carry out multiple and independent code analyses using open-source and commercial software analysis tools. The user is provided with a well-enabled interface where they can submit their system, select the tool to perform the analysis and run the code (“SWAMP,” 2019). They are also provided timely results indicating any possible code vulnerabilities. SWAMP also makes it possible to connect with customers through overview sessions as well as training sessions.
Critical Infrastructure Design and Adaptive Resilient Systems
The Critical Infrastructure Design and Adaptive Resilient Systems (CIDARS) provides a technical platform for software analysis (“CIDARS”, 2019). It provides support for cross-sector risk assessment as well as the standards that guide methodologies for cyber planning. The standards can also be used in physical systems to minimize vulnerability (Demir, Nayyer & Suri, 2019). The basic functionality supported by CIDARS corresponds to the National Critical Infrastructure Security and Resilience (CISR) proposals.
Recommendations
In the current technological age, software is used in many aspects to simplify tasks that could be complex to human capabilities. At any time, humans interact with devices that assist them in completing their work. The security of such systems is essential and, as such, should be given a high priority. However, among many developers, security is considered a secondary activity after functionality. Once the system performs the required tasks, less consideration is given to security. The most important consideration is ensuring the product is functional and ready for the market. Such a practice is wrong. It is recommended that the security of any system should be considered right from the design phase (Jones & Rastogi, 2004). Throughout the development process, all the involved persons should ensure that security considerations are taken care of at each stage. Doing so could identify all the cyber vulnerabilities early enough and a solution designed. Using software analysis tools makes it possible to identify the flaws and cyber weaknesses in the system. However, a certain tool may miss out on some vulnerabilities. For this reason, multiple analysis tools should be used to make sure that a comprehensive system assessment is carried out. SWAMP brings multiple tools together and, as such, ensures a thorough evaluation.
References
Ahad, A. (2017). Software Inspections and Their Role in Software Quality Assurance. American Journal Of Software Engineering And Applications, 6(4), 105. doi: 10.11648/j.ajsea.20170604.11
CIDARS. (2019). Retrieved 5 December 2019, from https://www.dhs.gov/science-and-technology/cidars
Cybersecurity. (2019). Retrieved 5 December 2019, from https://www.dhs.gov/science-and-technology/cybersecurity
Demir, K., Nayyer, F., & Suri, N. (2019). MPTCP-H: A DDoS attack resilient transport protocol to secure wide-area measurement systems. International Journal Of Critical Infrastructure Protection, 25, 84-101. doi: 10.1016/j.ijcip.2019.02.003
Jones, R., & Rastogi, A. (2004). Secure Coding: Building Security into the Software Development Life Cycle. Information Systems Security, 13(5), 29-39. doi: 10.1201/1086/44797.13.5.20041101/84907.5
SWAMP. (2019). Retrieved 5 December 2019, from https://www.dhs.gov/science-and-technology/swamp
ORDER A PLAGIARISM-FREE PAPER HERE
We’ll write everything from scratch
Question
After Action Report
CST610-DFC610 Project 4 After Action Report _AAR
Read the attached “Threat_Analysis_and_Exploitation_Team_3_step_6_AAR instruction” document and write a 3 page after action report based on the Homeland security representatives thoughts.
Also, attached is a sample AAR produced by the Law enforcement agent. Follow the format on the sample AAR to write this paper.