Network security is
|“||the protection of networks and their services from unauthorized modification, destruction, or disclosure. It provides assurance the network performs its critical functions correctly and there are no harmful side effects.||”|
There are four basic components of network security:
- Prevention. Measures taken to preclude or deter an intrusion.
- Detection. Measures taken to identify that an intrusion has been attempted, is occurring, or has occurred.
- Response. An action or series of actions constituting a reply or reaction against an attempted or successful intrusion. Responses include actions taken to restore a network to its full operating capability following an attack.
- Mitigation. Actions taken to make the effects of an intrusion less severe. Mitigation actions include provision of alternative systems, system redundancy, and system fault tolerance.
National security risks have
|“||four basic — vulnerabilities, mitigated by protection measures, and threats, mitigated by deterrents — and each aspect influences the overall risk. Vulnerabilities develop from continuing changes in products, processes, and business practices generally driven by technology development and market forces. Threats are composed of the motivation and capabilities of adversaries. Deterrents are driven primarily by law enforcement capabilities and priorities. Although those responsible for network security have very little, if any, control over these factors, they do have an opportunity to influence one aspect of risk—protection measures.||”|
- "Overview" section: Protecting Systems Task Force Report on Enhancing the Nation's Network Security Efforts, at ES-2.