NIST Computer Security Division

Marianne Swanson

Computer Specialist
National Institute of Standards and Technology
Computer Security Division
100 Bureau Drive Stop 8930
Gaithersburg, MD 20899-8930
Tel 301.975.3293
Fax 301.948.0279
marianne.swanson@nist.gov

Projects:

FedCIRC-Pilot

The FedCIRC pilot project has successfully transition to GSA, however there remains several key activities to complete under the GITS project "Government Wide Incident Response Capability for Federal Civilian Agencies." Ms. Swanson, formerly the FedCIRC Pilot Program Manager, will continue to focus on incident handling by sharing the lessons learned in developing a government wide incident handling capability and by either revising Special Publication 800-3, "Establishing a Computer Security Incident Response Capability (CSIRC)" or developing a companion NIST Publication.

Agency Assistance

Under OMB Circular A-130, NIST is responsible for providing guidance and assistance to agencies for the security of sensitive information in Federal computer systems. Ms. Swanson actively assists agencies, on a cost reimbursable basis, with their computer security problems. Ms. Swanson routinely presents NIST guidance to the Federal community.

Professional Publications

:NIST Special Publication 800-18, "Guide For Developing Security Plans for Information Technology Systems." December 1998. Co-authored with Federal Computer Security Managers' Forum Working Group.

NIST Special Publication 800-14, "Generally Accepted Principles and Practices for Securing Information Technology Systems." September 1996. Co-authored with Barbara Guttman.

NISTIR 4933, "Computer Security Bulletin Board System User's Guide." September 1992. Co-authored with Mark Skandera

NIST Special Publication 500-169, "Executive Guide to the Protection of Information Resources." October 1989. Co-authored with Cheryl Helsing and Mary Anne Todd

NIST Special Publication 500-170, "Management Guide to the Protection of Information Resources." October 1989. Co-authored with Cheryl Helsing and Mary Anne Todd

NIST Special Publication 500-171, "Computer User's Guide to the Protection of Information Resources." October 1989. Co-authored with Cheryl Helsing and Mary Anne Todd

Papers

"Lessons Learned from the FedCIRC Pilot." Fran Nielsen and Marianne Swanson; Proceedings of the System Administration, Networking and Security (SANS) Conference, October 24-31, 1998.

"U.S. Government wide Incident Response Capability." Proceedings of the 19th National Information Systems Security Conference. October 22-15, 1996



Marianne Swanson Computer Specialist National Institute of Standards and Technology Computer Security Division 100 Bureau Drive Stop 8930 Gaithersburg, MD 20899-8930 Tel 301.975.3293 Fax 301.948.0279 marianne.swanson@nist.gov Projects: FedCIRC-Pilot The FedCIRC pilot project has successfully transition to GSA, however there remains several key activities to complete under the GITS project "Government Wide Incident Response Capability for Federal Civilian Agencies." Ms. Swanson, formerly the FedCIRC Pilot Program Manager, will continue to focus on incident handling by sharing the lessons learned in developing a government wide incident handling capability and by either revising Special Publication 800-3, "Establishing a Computer Security Incident Response Capability (CSIRC)" or developing a companion NIST Publication. Agency Assistance Under OMB Circular A-130, NIST is responsible for providing guidance and assistance to agencies for the security of sensitive information in Federal computer systems. Ms. Swanson actively assists agencies, on a cost reimbursable basis, with their computer security problems. Ms. Swanson routinely presents NIST guidance to the Federal community. Professional Publications :NIST Special Publication 800-18, "Guide For Developing Security Plans for Information Technology Systems." December 1998. Co-authored with Federal Computer Security Managers' Forum Working Group. NIST Special Publication 800-14, "Generally Accepted Principles and Practices for Securing Information Technology Systems." September 1996. Co-authored with Barbara Guttman. NISTIR 4933, "Computer Security Bulletin Board System User's Guide." September 1992. Co-authored with Mark Skandera NIST Special Publication 500-169, "Executive Guide to the Protection of Information Resources." October 1989. Co-authored with Cheryl Helsing and Mary Anne Todd NIST Special Publication 500-170, "Management Guide to the Protection of Information Resources." October 1989. Co-authored with Cheryl Helsing and Mary Anne Todd NIST Special Publication 500-171, "Computer User's Guide to the Protection of Information Resources." October 1989. Co-authored with Cheryl Helsing and Mary Anne Todd Papers "Lessons Learned from the FedCIRC Pilot." Fran Nielsen and Marianne Swanson; Proceedings of the System Administration, Networking and Security (SANS) Conference, October 24-31, 1998. "U.S. Government wide Incident Response Capability." Proceedings of the 19th National Information Systems Security Conference. October 22-15, 1996
	Send feedback/questions to: Patrick O'Reilly