Summary: | Approved for public release; distribution is unlimited === The United States Government and private industry are facing challenges in attempting to secure their computer network infrastructure. The purpose of this research was to capture current lessons learned from Government and Industry with respect to solving particular problems associated with the secure management of large networks. Nine thesis questions were generated to look at common security problems faced by enterprises in large networks. Research was predominantly gathered through personal interviews with professionals in the computer security area from both the public and private sector. The data was then analyzed to compile a set of lessons learned by both the public and private sector regarding several leading computer security issues. Some of the problems were challenges such as maintaining and improving security during operating systems upgrades, analyzing lessons learned in configurations management, employee education with regards to following policy and several other challenging issues. The results of this thesis were lessons learned in the areas of employee education, Government involvement in the computer security area and other key security areas. An additional result was the development of case studies based upon the lessons learned. === Naval Postgraduate School author (civilian).
|