2.4 FACTORS THAT CREATE ADDITIONAL SECURITY REQUIREMENTS
Several factors either directly or indirectly create additional security requirements. This section identifies selected factors that influence security and discusses the security requirements derived
from those factors. The selected factors and the derived security requirements from those factors are shown in Figure 2-3. The presentation of the factors is designed to promote a thought or
investigative process that should be applied to specific missions. Operations today must exist in an environment in which major trends tend to be at odds with one another. Technology advancement has provided an opportunity to create an operational vision barely imaginable a few years ago. However, the high cost of transitions and diminishing budgets act against employing the new technologies. Intelligent strategies which may not reduce up-front costs but show valuable long-term benefits and reductions in costs will win favor.
may be the most important of the strategies in its long-term payoff.
Replaced/Superseded by document(s)
The Defense Information Systems Security Program (DISSP) was initiated at the request of the Assistant Secretary of Defense (Command, Control, Communications and Intelligence). The Defense Information Systems Agency (DISA) and the National Security Agency (NSA) agreed to cooperate in achieving eight security objectives. These objectives were in the areas of:
· Security policy
· Standards and protocols
· Accreditation procedures
· Transition planning
· Organizational improvement
· Products and services availability.
Accordingly, a DISSP Office was established and among its responsibilities was the development of the Department of Defense (DoD) Goal Security Architecture (DGSA). The DISSP has since become a part of the CISS in DISA. The Center for Information System Security (CISS) assists DoD organizations in the transition of existing systems and in the development of new systems in accordance with the DGSA.