« CSA ハイブリッドクラウドと関連するリスク | Main | カリフォルニア州政府によるカリフォルニア州消費者プライバシー法のFAQ(日本語訳的な...) »

2020.07.15

NISTのブログを読んで、改めて米国連邦サイバーセキュリティ研究開発戦略計画を読んでみる。。。

こんにちは、丸山満彦です。

NISTのブログを読んで、改めて米国連邦サイバーセキュリティ研究開発戦略計画を読んでみることにしました。。。
(朝になってしまい眠い。。。)

● NIST
・2020.07.09 Director's Corner Series with Ram D. Sriram by: Ram Sriram

 

 The Networking and Information Technology Research and Development (NITRD) 

・2019.12 FEDERAL CYBERSECURITY RESEARCH AND DEVELOPMENT STRATEGIC PLAN 2019

HTMLにしてみました。。。[HTML]

ーーーーー

サイバーセキュリティ研究開発の目標

  1. サイバーセキュリティの人間的側面の理解
  2. 効果的かつ効率的なリスク管理の提供
  3. 悪意あるサイバー活動を抑止し、対抗するための効果的かつ効率的な方法の開発
  4. 安全・セキュリティ・プライバシーの統合されたフレームワークと方法論の開発
  5. 持続可能なセキュリティのためのシステム開発・運用の改善

優先分野

  1. 人工知能
  2. 量子情報科学
  3. 信頼できる分散デジタル基盤
  4. 個人情報の取り扱い
  5. セキュアなハードウェアとソフトウェア
  6. 教育と人材開発

 

目次

Executive Summary

Introduction

Strategic Framing

  • Cybersecurity Context
  • Challenges
  • Approach

The Defensive Elements

  • Deter
  • Protect
  • Detect
  • Respond

Priority Areas

  • Artificial Intelligence
  • Quantum Information Science
  • Trustworthy Distributed Digital Infrastructure
  • Privacy
  • Secure Hardware and Software
  • Education and Workforce Development

Critical Dependencies

  • Human Aspects
  • Research Infrastructure
  • Risk Management
  • Scientific Foundations
  • Transition to Practice

Implementing the Plan

Recommendations for Supporting Activities

Abbreviations

Nitrd_logo_sq_400x400

Executive Summary

Information technology (IT) provides exceptional benefits to society. However, the more society relies on IT, the greater the potential disruption and destruction that adversaries can create via malicious cyber activities. Advances in cybersecurity are urgently needed to preserve the Internet’s social and economic benefits—as well as the security of the Nation and its online commercial and public infrastructure—by thwarting adversaries and strengthening public trust in cyber systems.

The Cybersecurity Enhancement Act of 2014 (Public Law 113-274) requires the National Science and Technology Council and the Networking and Information Technology Research and Development Program to develop, maintain, and update every four years a cybersecurity research and development (R&D) strategic plan to guide the overall direction of federally funded R&D in cybersecurity. This strategic plan (this “Plan”) fulfills this mandate and updates the 2016 Federal Cybersecurity Research and Development Strategic Plan. This Plan also addresses priorities established by the 2018 National Cyber Strategy of the United States of America, including both its domestic and foreign policy priorities, and by the Administration’s FY 2021 Research and Development Budget Priorities Memorandum.

The Plan identifies the following goals for cybersecurity R&D:

  1. Understand human aspects of cybersecurity
  2. Provide effective and efficient risk management
  3. Develop effective and efficient methods for deterring and countering malicious cyber activities
  4. Develop integrated safety-security-privacy framework and methodologies
  5. Improve systems development and operation for sustainable security

To realize the goal of a secure cyberspace, the Plan carries forward the essential concepts from the 2016 Federal Cybersecurity Research and Development Strategic Plan, including the framework of four interdependent defensive capabilities:

  • Deter
  • Protect
  • Detect
  • Respond

To advance the priorities and objectives of the 2018 National Cyber Strategy of the United States of America and the Administration’s FY 2021 Research and Development Budget Priorities Memorandum, the Plan outlines research objectives in the following priority areas:

  1. Artificial Intelligence
  2. Quantum Information Science
  3. Trustworthy Distributed Digital Infrastructure
  4. Privacy
  5. Secure Hardware and Software
  6. Education and Workforce Development

Advancements in the defensive capabilities and priority areas critically depend on progress in human aspects, research infrastructure, risk management, scientific foundations, and transition to practice.

The Plan closes with identifying roles in cybersecurity R&D for the Federal Government, industry, and academia and with recommendations for supporting activities. Implementing this Plan and these recommendations will create science and technology for cybersecurity that effectively and efficiently sustain a trustworthy cyberspace to support the Nation’s prosperity and security well into the future.

|

« CSA ハイブリッドクラウドと関連するリスク | Main | カリフォルニア州政府によるカリフォルニア州消費者プライバシー法のFAQ(日本語訳的な...) »

Comments

Post a comment



(Not displayed with comment.)


Comments are moderated, and will not appear on this weblog until the author has approved them.



« CSA ハイブリッドクラウドと関連するリスク | Main | カリフォルニア州政府によるカリフォルニア州消費者プライバシー法のFAQ(日本語訳的な...) »