Defense Against a Cyber Attack with Malicious Code Prevention Plan

3399 WordsFeb 1, 201814 Pages
The name Malicious Code (Malware) Prevention Plan uses a strategy of defense in depth using operational, human, and technical controls for effectiveness. Used properly, the technical controls available to the TVA organization (TVAO) is effective in stopping a majority of malicious code threats. However, the trusted insider normally has the access needed to turn a threat into an operational risk. As to external threats, the TVAO can expect a continued pattern of organized criminal involvement and international espionage to continue to target the weakest link in the security chain: the human. The defense in depth concept is constructed to rapidly characterize, attribute, and respond to attacks and is given the name Defense of The Grid System or DTGS. The DTGS provides the capability to monitor, detect, analyze, and respond to unauthorized activity, as well as unintentional, non-malicious user errors within the iSOC, Tops, and Gen, components of the DTGS. For the DTGS system and its monitored component systems, must detect attacks and respond quickly (e.g. limiting access, excising users, or even disconnecting from the network.) The DTGS Interface Control Document (ICD) addresses five operational capabilities: DTGS defense from cyber-attack, maintaining service while under attack, recovering from cyber-attack and reduce vulnerabilities, monitoring Information Assistance (IA) of the DTGS. Defend the Grid from Cyber-Attack This capability provides an enterprise sensor grid
Open Document