Register Now
Log in
Director of Central Intelligence Directive 6/3 (DCID 6/3)
Director of Central Intelligence Directive 6/3 (DCID 6/3) This directive establishes the security policy and procedures for storing, processing, and communicating classified intelligence information in information systems (ISs). For purposes of this Directive, intelligence information refers to Sensitive Compartmented Information and special access programs for intelligence under the purview of the DCI. An information system is any telecommunications and/or computer related equipment or interconnected system or subsystems of equipment that is used in the acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of voice and/or data (digital or analog); it includes software, firmware, and hardware
DCID 6-3, B2
DCID further identifies information security needs as follows:
| DCID 6-3 Requirements | NitroSecurity Advantage |
|---|---|
Information systems security shall be an integral part of all system life-cycle phases for all systems. |
NitroGuard provides tactical system protection and security, while NitroView provides strategic integration of system security, network flows, logs and other relevant data |
Information systems security shall be an integral part of all system life-cycle phases for all systems. | NitroGuard provides tactical system protection and security, while NitroView provides strategic integration of system security, network flows, logs and other relevant data |
The security of systems shall be reviewed whenever changes occur to missions, information systems, security requirements, or threat, and whenever there are significant adverse changes to system vulnerabilities. | NitroView provides the ability to classify assets and adjust the severity of asset-related incidents, facilitating both the generation of records for review, as well as the adjustment of policies as they occur |
Appropriate authorities, as defined in the Manual, shall be immediately notified of any threats or vulnerabilities impacting systems that process their data. | NitroGuard and NitroView provides immediate notification upon identification of a security threat or network anomaly |
All ISs are subject to monitoring consistent with applicable laws and regulations, and as provided for by agency policies, procedures, and practices. At a minimum, monitoring will assess the adequacy of the confidentiality, integrity, and availability controls. | NitroView provides integrated historical and forensic analysis capabilities through the collection and normalization of server, host (WMI), router, firewall, IDS, IPS, and other logs, providing the level of detail required to assess the adequacy of controls. |
1. Detect incidents | NitroGuard detects incidents using both signature-based IDS and ADS as well as analytical anomaly detection |
2. Establish a trained response element | NitroView is useful for both the notification of appropriate response teams, and as a diagnostics tool usable during the response: mitigating and remediating threats directly (automatic blacklists and isolation) or indirectly (providing forensic and diagnostic tools) |
3. Maintain statistics |
NitroView is able to store massive amounts of data from a variety of sources: with terabytes of locally stored data on the NitroView EAM appliance for real-time analysis, in addition to data archiving capabilities. |
4. Initiate an investigation |
While NitroGuard can not initiate an investigation itself, it can reactively notify appropriate personnel when an incident occurs — or proactively notify them of anomalies or network behavior that might indicate a threat |
5. Recover operational capability for the information | NitroView is able to remediate threats at several levels, and facilitates human response through ad-hoc diagnostics, reporting and forensics. |