SUMMARY OF THE 1987 ISSD/STATE DEPARTMENT COMPUTER SECURITY CONFERENCE

Declassified in Part -Sanitized Copy Approved for Release 2011/12/06 :CIA-RDP89G00643R001300030020-8 ROUTING AND TRANSMITTAL SUP 4 r7ay 8 7 TO: (Name, office symbol, room number, building, Agency/Post) 1. r'~A/DDA Initia Date ' ~qY 1 Z, ADDA ~ . ~~, ~! ~ DDA ~~ ~~ r` ~ ;~- 6? DDA/Registry on File ~ Note and Return roust For Clearance Per Comrersation R nested For Correction Proparo Repl irculate For Your Information See Me mmeM Investigate Signaturo Coordinatbn Justi DO NOT use this form as a RECORD of approvals, concurronces, disposals, clearances, and similar actions FROM: (Name, org. symbol, Agency/Post) soil-lot OPTIONAL FORM 41 (Rev. 7 76) n U.S.G.P.0.:7983421-5 2 9/320 ~~~ by ~~ frMR (41 by 101-11.206 Declassified in Part -Sanitized Copy Approved for Release 2011/12/06 :CIA-RDP89G00643R001300030020-8  Declassified in Part -Sanitized Copy Approved for Release 2011/12/06 :CIA-RDP89G00643R001300030020-8 ~5 ., ROUTING AND TRANSMITTAL SUP ([Name. oAlea symbol, room number, bulldind. /I~ency/Posy r'~A/DDA PAS/DA'~ ~ ~iY-c.~ 'D`IY 'ra't ~00 NOT use this form as a RECORD of approvals. co~urrences, disposers. clearances. and similar actions FROM: (Name, orQ. symbol, Agenry/Post) 4 May 87 Initial OppONI-LbyFORM 41 (Rev. 7 76) f MR Nt CFIt)10 -11.206 Declassified in Part -Sanitized Copy Approved for Release 2011/12/06 :CIA-RDP89G00643R001300030020-8  Declassified in Part -Sanitized Copy Approved for Release 2011/12/06 :CIA-RDP89G00643R001300030020-8 . _ .. ROUTING AND RECORD SHEET SUBJECT: (Optionoll Summary of the 1987 ISSD/State Computer Security Conference FROM: EXTENSION NO. I Chie I ormation ystems OS 8 7- 0 38 6 Security Division DATE 17 April 1987 TO: (OR'icer designation, room numbor, and buildings DATE OffICER'S COMMENTS (Number each comment to show from whom rtECFIVEO FoawAROEo INITIALS b whom. Draw o line across column offer each comment.) 1. C/TSG ~'~ ( O Notes from our conference with Department of State on 3 April 2 at ITC for your review. 3. DD/PTS 1sP~ 1987 Z ~ ~ J -j S~ 7 t 4. i~~~ _ a;+w 3~ ~ . .Z.~~.csf h ~-~.~,l~a~7. S. T OS / APR .1li87 ~ 28 1 ez 1~~ + I /L ;~, C O O 1 K K.(4 C 7/ ~,'t ~.+t f a. tS~a ~ . N ? 8 . ~:~?F~~ce~ ayr FFfrS . e. 7D-24 Headquarters CX~, ~,~,, ~ I ~~ 9. 10. 11. 12. 13. 14. j i 15. ~ I I I FORM 61 0 USE vREVlous ~ u.s oo~ttrnmene Vrlntln! oma: 1ltS-4ls-lae/altsE ~_~o EDITIONS Declassified in Part -Sanitized Copy Approved for Release 2011/12/06 :CIA-RDP89G00643R001300030020-8  Declassified in Part - Sanitized Copy Approved for Release 2011/12/06 :CIA-RDP89G00643R001300030020-8 S E C R E T 6 April 1987 SUBJECT: Summary of the 1987 ISSD/State Department Computer Security Conference 1. The ISSD/State Department Computer Security Conference was held at the Interagency Training Center (ITC), Fort Washington, Maryland, on 3 April 1987. The attendees were: ISSD STATE Lynn McNulty Jules Romagnoli Bill Donovan Betsy Markey Steve Newberg Pete Stella Peter Winters John Munson Ed Roback Eric Levine Roger Joyner Dick Condon Scott Smith Thomas Chace Cecilia Sodhi C/Information Systems Security Division (ISSD) CIA, After opening remarks by Paul Yorkdale (ITC), described the mission of ISSD's five branches and the purpose of the conference - to exchange information. 3. Lynn McNulty, C/Office of Information Systems Security (ISS)/State, discussed the critical nature of computer security. He expressed concern that we may not be giving computer security the proper attention now because of such ALL PORTIONS SECRET S E C R E T Declassified in Part - Sanitized Copy Approved for Release 2011/12/06 :CIA-RDP89G00643R001300030020-8  Declassified in Part - Sanitized Copy Approved for Release 2011/12/06 :CIA-RDP89G00643R001300030020-8 S E C R E T distractions) ~ He expressed the opinion that security disasters of the 1990's will involve computer networks that will overshadow the Embassy-type disasters of today. 4. Lynn also described his organization as one of three offices under Security Technology (ST) which is, in turn, under the Deputy Assistant Secretary, Director of Diplomatic Security Services. ISS is divided into three branches: Policy and Training Branch, Evaluations Program Branch, and Systems Branch. Betsy Markey, Bill Donovan, and Jules Romagnoli are their respective chiefs. 5. C/ISSD/Agency & Community Systems Branch (A&CSB), iscusse Simpact's work with respect to the volume overwrite and file overwrite for the Wang Alliance systems. He indicated that Simpact had recently delivered the volume overwrite program, and that they were currently working on the file-~over program (i.e., messages, files, visual memory cabinets). He also discussed work to obtain audit data. 6. Jules Romagnoli, C/ISS/Systems Branch, discussed the Foreign Affairs Information System (FAIS). He said that the FAIS was being developed to satisfy the information needs of ambassadors and diplomats with a fourfold goal: integrate office automation, meld data processing and telecommunications technology into a unified system, develop an evolving systems approach beginning with existing programs, and use information technology to manage foreign affairs information resources and provide security. Jules also discussed FAIS design objectives, assumptions, constraints, and system architecture. 7. Of particular interest to ISSD was Jules' conviction regarding the importance of "putting security into the system initially, not as a retrofit." He said, in the case of FAIS, they had this opportunity - security was a driving force in its design: FAIS would be State's system for years to come. Jules concluded with remarks about his first-hand investigation related to the information system damage assessment evolving from the Marine Guard security lapse at U.S. embassies. 8. C/ISSD/Technology Support Branch (TSB), described~lan~rojects of TSB and their work in providing technical security analysis S E C R E T Declassified in Part - Sanitized Copy Approved for Release 2011/12/06 :CIA-RDP89G00643R001300030020-8  25X1 Declassified in Part -Sanitized Copy Approved for Release 2011/12/06 :CIA-RDP89G00643R001300030020-8 Next 1 Page(s) In Document Denied Q Declassified in Part -Sanitized Copy Approved for Release 2011/12/06 :CIA-RDP89G00643R001300030020-8  Declassified in Part - Sanitized Copy Approved for Release 2011/12/06 :CIA-RDP89G00643R001300030020-8 S E C R E T McNulty indicated that such conferences as is are good for exchanging information and pooling resources. 18. In the closing remarks, both In ormation ystems Security Division Office of Security 5 S E C R E T Declassified in Part - Sanitized Copy Approved for Release 2011/12/06 :CIA-RDP89G00643R001300030020-8 and Lynn