Complexity theory in Cyber Security

Size: px
Start display at page:

Download "Complexity theory in Cyber Security"

Transcription

1 Complexity theory in Cyber Security It is the mark of an educated mind to be able to entertain a thought without accepting it. Aristotle, Metaphysics 1. Introduction With computer systems becoming ubiquitous and the IT lexicon becoming omnipresent in most organisations, IT security is one of the top priorities for most organisations. The annual economic impact of Cyber crime is estimated to be higher than that of the Drug trade [1] and by some estimates it s twice as much as the economic impact of the 9/11 attack [2]. The global spend on IT Security is expected to hit $120 Billion by 2017 [3], and that is one area where the IT budget for most companies either stayed flat or slightly increased even in the recent financial crises [4]. Our traditional approaches have brought limited success so far. This article argues that principles from Complexity science inspired by system thinking and natural science, something that has been extensively used social science, finance & economics, and epidemiology could be exploited in Cyber security There is a need to fundamentally rethink our approach to securing our IT systems. Our approach to security is siloed and focuses on point solutions so far for specific threats like anti viruses, spam filters, intrusion detections and firewalls [5]. But we are at a stage where Cyber systems are much more than just tin-and-wire and software. They involve systemic social, economic and political components. The interconnectedness of The US Government has been preparing for a Cyber Pearl Harbour [17] style all-out attack that might paralyze essential services, and even cause physical destruction of property and lives. It is expected to be orchestrated from the criminal underbelly of countries like China, Russia or North Korea. The economic impact of Cyber crime is $100B annual in the United states alone [3]. systems, intertwined with a people element makes IT systems un-isolable from the human element. Cyber systems are complex adaptive systems that we have tried to understand and tackle using more traditional theories. 2. Cyber systems are Complex and Adaptive In very simple terms, a Complex system is any system in which the parts of the system and their interactions together represent a specific behaviour, which cannot be explained by the analysis of all its constituent parts - the whole is greater than the sum of its parts. The cause and effect can not necessarily be related and the relationships are non-linear - a small change could have a disproportionate impact. A traffic system is a popular example; analysis of individual cars and car drivers cannot help explain the patterns and emergence of traffic jams. While a Complex Adaptive system (CAS) also has characteristics of self-learning, emergence and evolution among the participants of the complex system. The key characteristics for a system to be characterised as Complex Adaptive are: The behaviour or output cannot be predicted simply by analysing the parts and inputs of the system

2 The behaviour of the system is emergent and changes with time. The same input and environmental conditions do not always guarantee the same output. The participants or agents of a system (human agents in this case) are self-learning and change their behaviour based on the outcome of the previous experience Complex processes are often confused with complicated processes. A complex process is something that has an unpredictable output, however simple the steps might seem. A complicated process is something with lots of intricate steps and difficult to achieve pre-conditions but with a predictable outcome. Making tea is Complex, building a car is Complicated. Complexity as a field of study isn t new, its roots could be traced back to the work on Metaphysics by Aristotle [6]. Complexity theory is largely inspired by biological systems and has been used in social science, epidemiology and natural science study for some time now. It has been used in the study of economic systems and financial risk analysis (Refer my paper on Complexity in Financial risk analysis here). Cyber systems need the Holism approach Most organisations have multiple layers of defence for their critical systems (layers of firewalls, IDS, hardened O/S, strong authentication etc), but attacks still happen. More often than not, computer break-ins are a collision of circumstances rather than a standalone vulnerability being exploited for a cyber-attack to succeed. In other words, it s the whole of the circumstances and actions of the attackers that cause the damage. Reductionism and Holism are two contradictory philosophical approaches for the analysis and design of any object or system. The Reductionists argue that any system can be reduced to its parts and analysed by reducing it to the constituent elements; while the Holists argue that the whole is greater than the sum so a system cannot be analysed merely by understanding its parts [7]. Most of the modern sciences and analysis methods are based on the reductionist approach, and it works well to understand the behaviour of a wrist watch, a car or the celestial space. Reductionism has a strong focus on causality there is a cause to an affect. When it comes to emergent systems like the human behaviour, Socio-economic systems, Biological systems or Socio-cyber systems, the reductionist approach has its limitations. The human body, the response of a mob to a political stimulus, reaction of the financial market to a merger, or a traffic jam cannot be predicted by studying its constituent members. We have traditionally looked at Cyber security with a Reductionist lens with specific point solutions for individual problems and tried to anticipate the attacks a cyber-criminal might do against known vulnerabilities. It s time we start looking at Cyber security with an alternate Holism approach as well. Cyber attacks are like pathogen infections Computer break-ins are like microbial infections, they can propagate the infections; impact large portions of the population if they are connected to each other and on detection the systems are generally isolated ; as are people put in quarantine to reduce further spread [8]. Even the lexicon of Cyber systems uses biological metaphors Virus, Worms, infections etc. It has many parallels in epidemiology, but the design principles often employed in Cyber systems are not aligned to the natural selection principles. Cyber systems rely a lot on uniformity of processes and technology components as against diversity of genes in organisms of a species that make the species more resilient to epidemic attacks [9].

3 3. Traditional approach to Mitigating security threats 3.1 Formal validation and testing The most common approach, it relies on the testing teams to discover any faults in the system that could expose a vulnerability and can be exploited by attackers. The scope of this testing is generally the system itself, not the frontline defences that are deployed around it. For most other interconnected systems, formal validation alone is not sufficient as it s never possible to test it all. Test automation is a popular approach to reduce the human dependency of the validation processes, but as Turing s Halting problem of Undecideability 1 proves it s impossible to build a machine that tests another one in all cases. Testing is only anecdotal evidence that the system works in the scenarios it has been tested for, and automation helps get that anecdotal evidence quicker. 3.2 Encapsulation and boundaries of defence For systems that cannot be fully validated through formal testing processes, we deploy additional layers of defences in the form of Firewalls or network segregation or encapsulate them into virtual machines. Other additional defence mechanism are Intrusion Prevention systems, Anti-virus etc. 4. Complexity based approach to Mitigating security threats Approaches using Complexity sciences could prove quite useful complementary to the more traditional ways. The versatility of computer systems make them unpredictable, or capable of emergent behaviour that cannot be predicted without running it [9]. Also running it in isolation in a test environment is not the same as the real thing, it s the collision of multiple events that causes the apparent emergent behaviour (recalling holism!). 4.1 Diversity over Uniformity Robustness to disturbances is a key emergent behaviour in biological systems. Imagine a species with all organisms in it having the exact same genetic structure, same body configuration, similar antibodies and immune system the outbreak of a viral infection would have wiped out complete community. But that does not happen because we are all formed differently and all of us have different resistance to infections. Similarly some mission critical Cyber systems especially in the Aerospace and Medical industry implement diverse implementations of the same functionality and centralised voting function decides the response to the requester if the results from the diverse implementations do not match. It s fairly common to have redundant copies of mission critical systems in organisations, but they are homogenous implementations rather than diverse making them equally susceptible to all the faults and vulnerabilities as the primary ones. If the implementation of the redundant systems is made different from the primary a different O/S, different application container 1 Alan Turing a mathematician who came to fame for his role in breaking the Enigma machines used to encrypt communication messages during the second world war proved that a general algorithm whether or not a program would even terminate (or keep running forever) for all program-input pairs cannot exist.

4 or database versions the two variants would have different level of resilience to certain attacks. Even a change in the sequence of memory stack access could vary the response to a buffer overflow attack on the variants [10]. Multi variant Execution Environments (MVEE) have been developed, where applications with slight difference in implementation are executed in lockstep and their response to a request are monitored [10]. These have proven useful in intrusion detection trying to change the behaviour of the code, or even identifying existing flaws where the variants respond differently to a request. On similar lines, using the N-version programming concept [11]; an N-version antivirus was developed at the University of Michigan that had heterogeneous implementations looking at any new files for corresponding virus signatures. The result was a more resilient anti-virus system, less prone to attacks on itself and 35% better detection coverage across the estate [12]. 4.2 Agent Based Modelling (ABM) ABM is a simulation technique used to analyse and predict the behaviour of Complex adaptive systems. The individuals or groups interacting with each other in the Complex system are represented by artificial agents and act by predefined set of rules. The Agents could evolve their behaviour and adapt as per the circumstances. Contrary to Deductive reasoning 2 that has been most popularly used to explain the behaviour of social and economic systems, Simulation does not try to generalise the system and agents behaviour. ABMs have been popular to study crowd management, spread of epidemics, explain market behaviour and recently financial risk analysis. It is a bottom-up modelling technique wherein the behaviour of each agent is programmed separately, and can be different from all other agents. The evolutionary and self-learning behaviour of agents could be implemented using various techniques, Genetic Algorithm implementation being one of the popular ones [13]. Cyber systems are interconnections between software modules, wiring of logical circuits, microchips, the Internet and a number of users and administrators. These interactions and actors can be simulated in a model in order to do what-if analysis, predict the impact of changing parameters and interactions between the actors of the model. Simulation models have been used for analysing the performance characteristics based on application characteristics and user behaviour for a long time now some of the popular Capacity & performance management tools use the technique. Similar techniques can be applied to analyse the response of Cyber systems to threats, designing a fault-tolerant architecture and analysing the extent of emergent robustness due to diversity of implementation. One of the key areas of focus in Agent Based modelling is the self-learning process of agents. In the real world, the behaviour of an attacker would evolve with experience. This aspect of an agent s behaviour is implemented using Genetic Algorithms. They have been used for designing automobile and aeronautics engineering, optimising the performance of Formula one cars [14] and simulating the investor learning behaviour in simulated stock markets (implemented using Agent Based models). 2 Deductive reasoning is a top-down reasoning approach starting with a hypothesis and data points used to substantiate the claim. Inductive reasoning on the other hand is a bottom-up approach that starts with specific observations which are then generalised to form a general theory

5 An interesting visualisation of Genetic Algorithm or a self-learning process in action is the demo of a simple 2D car design process that starts from scratch with a set of simple rules and end up with a workable car from a blob of different parts: The self-learning process of agents is based on Mutations and Crossovers - two basic operators in Genetic Algorithm implementation. They emulate the DNA crossover and mutations in biological evolution of life forms. Through crossovers and mutations, agents learn from their own experiences and mistakes. These could be used to simulate the learning behaviour of potential attackers, without the need to manually imagine all the use cases and user journeys that an attacker might try to break a Cyber system with. 5. Conclusion Complexity in Cyber systems, especially the use of Agent Based modelling to assess the emergent behaviour of systems is a relatively new field of study with very little research done on it yet. There is still some way to go before using Agent Based Modelling becomes a commercial proposition for organisations. But given the focus on Cyber security and inadequacies in our current stance, Complexity science is certainly an avenue that practitioners and academia are increasing their focus on. Commercially available products or services using Complexity based techniques will however take a while till they enter the mainstream commercial organisations. References [1] J. A. Lewis and S. Baker, The Economic Impact of Cybercrime and Cyber Espionage, 22 July [Online]. Available: [Accessed 17 June 2014]. [2] L. Kugel, Terrorism and the Global Economy, E-Internatonal Relations Students, 31 Aug [Online]. Available: [Accessed 17 June 2014]. [3] Interesting Facts on Cybersecurity, Florida Tech University Online, [Online]. Available: [Accessed 12 June 2014]. [4] Global security spending to hit $86B in 2016, 14 Sep [Online]. Available: [5] S. Forrest, S. Hofmeyr and B. Edwards, The Complex Science of Cyber Defense, 24 June [Online]. Available: [6] Metaphysics (Aristotle), [Online]. Available: [7] S. A. McLeod, Reductionism and Holism, [8] R. Armstrong, Motivation for the Study and Simulation of Cybersecurity as a Complex System, [9] R. C. Armstrong, J. R. Mayo and F. Siebenlist, Complexity Science Challenges in Cybersecurity, March [10] B. Salamat, T. Jackson, A. Gal and M. Franz, Orchestra: Intrusion Detection Using Parallel Execution and Monitoring of Program Variants in User-Space, Proceedings of the 4th ACM European conference on Computer systems, pp , April 2009.

6 [11] C. Liming and A. Avizienis, N-VERSION PROGRAMMINC: A FAULT-TOLERANCE APPROACH TO RELlABlLlTY OF SOFTWARE OPERATlON, Fault-Tolerant Computing, p. 113, Jun1995. [12] J. Oberheide, E. Cooke and F. Jahanian, CloudAV: N-Version Antivirus in the Network Cloud, University of Michigan, Ann Arbor, MI 48109, [13] J. H. Holland, Adaptation in natural and artificial systems: An introductory analysis with applications to biology, control, and artificial intelligence, Michigan: University of Michigan Press, [14] K. &. B. P. J. Wloch, Optimising the performance of a formula one car using a genetic algorithm, Parallel Problem Solving from Nature-PPSN VIII, pp , January [15] R. C. Armstrong and J. R. Mayo, Leveraging Complexity in Software for Cybersecurity (Abstract), Association of Computing Machinery, pp , [16] Cynefin Framework (David Snowden), [Online]. Available: [17] P. E. (. o. D. Leon, Press Transcript, US Department of Defense, 11 Oct [Online]. Available: [Accessed 12 June 2014]. [18] Cybersecurity - Facts and Figures, International Telecommunications Union, [Online]. Available: [Accessed 11 June 2014].

TUSKEGEE CYBER SECURITY PATH FORWARD

TUSKEGEE CYBER SECURITY PATH FORWARD TUSKEGEE CYBER SECURITY PATH FORWARD Preface Tuskegee University is very aware of the ever-escalating cybersecurity threat, which consumes continually more of our societies resources to counter these threats,

More information

Overview TECHIS60341. Carry out security architecture and operations activities

Overview TECHIS60341. Carry out security architecture and operations activities Overview The protection of information, services and systems relies on a range of technical and procedural activities, often grouped in a framework. The framework will contain technical and logical, physical

More information

IQware's Approach to Software and IT security Issues

IQware's Approach to Software and IT security Issues IQware's Approach to Software and IT security Issues The Need for Security Security is essential in business intelligence (BI) systems since they have access to critical and proprietary enterprise information.

More information

Impact of Cybersecurity Innovations in Key Sectors (Technical Insights)

Impact of Cybersecurity Innovations in Key Sectors (Technical Insights) Impact of Cybersecurity Innovations in Key Sectors (Technical Insights) Customized cybersecurity measures help overcome Industry specific challenges September 2014 Table of Contents Section Slide Number

More information

Faculdade de Direito, Lisboa, 02-Jul-2014. The Competitive Advantage of Cybersecurity

Faculdade de Direito, Lisboa, 02-Jul-2014. The Competitive Advantage of Cybersecurity Faculdade de Direito, Lisboa, 02-Jul-2014 The Competitive Advantage of Cybersecurity Thales Key highlights (I) A global company with 65,000 employees and 14,2 billion in revenues, R&D 2,5 billion * We

More information

Modern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth

Modern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth Modern Cyber Threats how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure Axel Wirth Healthcare Solutions Architect Distinguished Systems Engineer AAMI 2013 Conference

More information

End-user Security Analytics Strengthens Protection with ArcSight

End-user Security Analytics Strengthens Protection with ArcSight Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security

More information

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available

More information

Defending Against Cyber Attacks with SessionLevel Network Security

Defending Against Cyber Attacks with SessionLevel Network Security Defending Against Cyber Attacks with SessionLevel Network Security May 2010 PAGE 1 PAGE 1 Executive Summary Threat actors are determinedly focused on the theft / exfiltration of protected or sensitive

More information

Cyber Security in Taiwan's Government Institutions: From APT To. Investigation Policies

Cyber Security in Taiwan's Government Institutions: From APT To. Investigation Policies Cyber Security in Taiwan's Government Institutions: From APT To Investigation Policies Ching-Yu, Hung Investigation Bureau, Ministry of Justice, Taiwan, R.O.C. Abstract In this article, we introduce some

More information

The Evolution of Computer Security Attacks and Defenses. Angelos D. Keromytis Columbia University angelos@cs.columbia.edu

The Evolution of Computer Security Attacks and Defenses. Angelos D. Keromytis Columbia University angelos@cs.columbia.edu The Evolution of Computer Security Attacks and Defenses Angelos D. Keromytis Columbia University angelos@cs.columbia.edu This talk A look at the evolution of: nature of attackers and their goals cyber

More information

Lifecycle Solutions & Services. Managed Industrial Cyber Security Services

Lifecycle Solutions & Services. Managed Industrial Cyber Security Services Lifecycle Solutions & Services Managed Industrial Cyber Security Services Around the world, industrial firms and critical infrastructure operators partner with Honeywell to address the unique requirements

More information

Update On Smart Grid Cyber Security

Update On Smart Grid Cyber Security Update On Smart Grid Cyber Security Kshamit Dixit Manager IT Security, Toronto Hydro, Ontario, Canada 1 Agenda Cyber Security Overview Security Framework Securing Smart Grid 2 Smart Grid Attack Threats

More information

Center of Academic Excellence Cyber Operations Program 2013 Application

Center of Academic Excellence Cyber Operations Program 2013 Application Center of Academic Excellence Cyber Operations Program 2013 Application Name of Institution: Mailing Address of Institution: Date: Institution s President s Name and Official Email Address: Department

More information

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems Course: Information Security Management in e-governance Day 1 Session 5: Securing Data and Operating systems Agenda Introduction to information, data and database systems Information security risks surrounding

More information

CYBERSPACE SECURITY CONTINUUM

CYBERSPACE SECURITY CONTINUUM CYBERSPACE SECURITY CONTINUUM A People, Processes, and Technology Approach to Meeting Cyber Security Challenges in the 21 st Century 1 InterAgency Board 1550 Crystal Drive Suite 601, Arlington VA 22202

More information

CAPABILITY STATEMENT

CAPABILITY STATEMENT WHO WE ARE UberGlobal Enterprise is the dedicated government and enterprise business division of Australian web service provider, UberGlobal. UberGlobal was founded through the merger of a number of medium

More information

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013 CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control

More information

DOBUS And SBL Cloud Services Brochure

DOBUS And SBL Cloud Services Brochure 01347 812100 www.softbox.co.uk DOBUS And SBL Cloud Services Brochure enquiries@softbox.co.uk DOBUS Overview The traditional DOBUS service is a non-internet reliant, resilient, high availability trusted

More information

MEng, BSc Applied Computer Science

MEng, BSc Applied Computer Science School of Computing FACULTY OF ENGINEERING MEng, BSc Applied Computer Science Year 1 COMP1212 Computer Processor Effective programming depends on understanding not only how to give a machine instructions

More information

Microsoft s cybersecurity commitment

Microsoft s cybersecurity commitment Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade

More information

Cyber Attacks. Protecting National Infrastructure Student Edition. Edward G. Amoroso

Cyber Attacks. Protecting National Infrastructure Student Edition. Edward G. Amoroso Cyber Attacks Protecting National Infrastructure Student Edition Edward G. Amoroso ELSEVIER. AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Butterworth-Heinemann

More information

Cyber and Operational Solutions for a Connected Industrial Era

Cyber and Operational Solutions for a Connected Industrial Era Cyber and Operational Solutions for a Connected Industrial Era OPERATIONAL & SECURITY CHALLENGES IN A HYPER-CONNECTED INDUSTRIAL WORLD In face of increasing operational challenges and cyber threats, and

More information

Automotive Ethernet Security Testing. Alon Regev and Abhijit Lahiri

Automotive Ethernet Security Testing. Alon Regev and Abhijit Lahiri Automotive Ethernet Security Testing Alon Regev and Abhijit Lahiri 1 Automotive Network Security Cars are evolving Number of ECUs, sensors, and interconnects is growing Moving to Ethernet networks utilizing

More information

Capabilities for Cybersecurity Resilience

Capabilities for Cybersecurity Resilience Capabilities for Cybersecurity Resilience In the Homeland Security Enterprise May 2012 DHS Cybersecurity Strategy A cyberspace that: Is Secure and Resilient Enables Innovation Protects Public Advances

More information

The Cyber Threat Profiler

The Cyber Threat Profiler Whitepaper The Cyber Threat Profiler Good Intelligence is essential to efficient system protection INTRODUCTION As the world becomes more dependent on cyber connectivity, the volume of cyber attacks are

More information

3. Are employees set as Administrator level on their workstations? a. Yes, if it is necessary for their work. b. Yes. c. No.

3. Are employees set as Administrator level on their workstations? a. Yes, if it is necessary for their work. b. Yes. c. No. As your trusted financial partner, Maps Credit Union is committed to helping you assess and manage risks associated with your business online banking. We recommend that you do a periodic risk assessment

More information

Self-Defending Approach of a Network

Self-Defending Approach of a Network Self-Defending Approach of a Network Anshuman Kumar 1, Abhilash Kamtam 2, Prof. U. C. Patkar 3 (Guide) 1Bharati Vidyapeeth's College of Engineering Lavale, Pune-412115, India 2Bharati Vidyapeeth's College

More information

Cisco Advanced Services for Network Security

Cisco Advanced Services for Network Security Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs

More information

93% of large organisations and 76% of small businesses

93% of large organisations and 76% of small businesses innersecurity INFORMATION SECURITY Information Security Services 93% of large organisations and 76% of small businesses suffered security breaches in the last year. * Cyber attackers were the main cause.

More information

Security for NG9-1-1 SYSTEMS

Security for NG9-1-1 SYSTEMS The Next Generation of Security for NG9-1-1 SYSTEMS The Challenge of Securing Public Safety Agencies A white paper from L.R. Kimball JANUARY 2010 866.375.6812 www.lrkimball.com/cybersecurity L.R. Kimball

More information

FIVE PRACTICAL STEPS

FIVE PRACTICAL STEPS WHITEPAPER FIVE PRACTICAL STEPS To Protecting Your Organization Against Breach How Security Intelligence & Reducing Information Risk Play Strategic Roles in Driving Your Business CEOs, CIOs, CTOs, AND

More information

Big Data Analytics in Network Security: Computational Automation of Security Professionals

Big Data Analytics in Network Security: Computational Automation of Security Professionals February 13, 2015 Big Data Analytics in Network Security: Computational Automation of Security Professionals Stratecast Analysis by Frank Dickson Stratecast Perspectives & Insight for Executives (SPIE)

More information

Workshop on Infrastructure Security and Operational Challenges of Service Provider Networks

Workshop on Infrastructure Security and Operational Challenges of Service Provider Networks Workshop on Infrastructure Security and Operational Challenges of Service Provider Networks Farnam Jahanian University of Michigan and Arbor Networks IFIP Working Group 10.4 June 29-30, 2006 What s the

More information

Complete Web Application Security. Phase1-Building Web Application Security into Your Development Process

Complete Web Application Security. Phase1-Building Web Application Security into Your Development Process Complete Web Application Security Phase1-Building Web Application Security into Your Development Process Table of Contents Introduction 3 Thinking of security as a process 4 The Development Life Cycle

More information

Introduction to Cyber Security / Information Security

Introduction to Cyber Security / Information Security Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be

More information

Fighting Advanced Threats

Fighting Advanced Threats Fighting Advanced Threats With FortiOS 5 Introduction In recent years, cybercriminals have repeatedly demonstrated the ability to circumvent network security and cause significant damages to enterprises.

More information

A Biologically Inspired Approach to Network Vulnerability Identification

A Biologically Inspired Approach to Network Vulnerability Identification A Biologically Inspired Approach to Network Vulnerability Identification Evolving CNO Strategies for CND Todd Hughes, Aron Rubin, Andrew Cortese,, Harris Zebrowitz Senior Member, Engineering Staff Advanced

More information

CHAPTER 3 : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC

CHAPTER 3 : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS 1 FIVE KEY RECOMMENDATIONS During 2014, NTT Group supported response efforts for a variety of incidents. Review of these engagements revealed some observations

More information

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales The Cost of Cybercrime Sony $171m PlayStation 3 data breach (April 2011) $3 trillion

More information

Injazat s Managed Services Portfolio

Injazat s Managed Services Portfolio Injazat s Managed Services Portfolio Overview Premium Managed Services to Transform Your IT Environment Injazat s Premier Tier IV Data Center is built to offer the highest level of security and reliability.

More information

September 20, 2013 Senior IT Examiner Gene Lilienthal

September 20, 2013 Senior IT Examiner Gene Lilienthal Cyber Crime September 20, 2013 Senior IT Examiner Gene Lilienthal The following presentation are views and opinions of the speaker and does not necessarily reflect the views of the Federal Reserve Bank

More information

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist Cyber- Attacks: The New Frontier for Fraudsters Daniel Wanjohi, Technology Security Specialist What is it All about The Cyber Security Agenda ; Protecting computers, networks, programs and data from unintended

More information

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Stéphane Hurtaud Partner Governance Risk & Compliance Deloitte Laurent De La Vaissière Director Governance Risk & Compliance

More information

Masters in Computing and Information Technology

Masters in Computing and Information Technology Masters in Computing and Information Technology Programme Requirements Taught Element, and PG Diploma in Computing and Information Technology: 120 credits: IS5101 CS5001 or CS5002 CS5003 up to 30 credits

More information

A NEW APPROACH TO CYBER SECURITY

A NEW APPROACH TO CYBER SECURITY A NEW APPROACH TO CYBER SECURITY We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward. Positively

More information

Towards End-to-End Security

Towards End-to-End Security Towards End-to-End Security Thomas M. Chen Dept. of Electrical Engineering Southern Methodist University PO Box 750338 Dallas, TX 75275-0338 USA Tel: 214-768-8541 Fax: 214-768-3573 Email: tchen@engr.smu.edu

More information

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings Computer Security Principles and Practice Second Edition William Stailings Lawrie Brown University ofnew South Wales, Australian Defence Force Academy With Contributions by Mick Bauer Security Editor,

More information

Types of cyber-attacks. And how to prevent them

Types of cyber-attacks. And how to prevent them Types of cyber-attacks And how to prevent them Introduction Today s cybercriminals employ several complex techniques to avoid detection as they sneak quietly into corporate networks to steal intellectual

More information

Cyber-Security. FAS Annual Conference September 12, 2014

Cyber-Security. FAS Annual Conference September 12, 2014 Cyber-Security FAS Annual Conference September 12, 2014 Maysar Al-Samadi Vice President, Professional Standards IIROC Cyber-Security IIROC Rule 17.16 BCP The regulatory landscape Canadian Government policy

More information

EEI Business Continuity. Threat Scenario Project (TSP) April 4, 2012. EEI Threat Scenario Project

EEI Business Continuity. Threat Scenario Project (TSP) April 4, 2012. EEI Threat Scenario Project EEI Business Continuity Conference Threat Scenario (TSP) April 4, 2012 EEI Threat Scenario 1 Background EEI, working with a group of CIOs and Subject Matter Experts, conducted a survey with member companies

More information

External Supplier Control Requirements

External Supplier Control Requirements External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must

More information

ESTABLISHING A NATIONAL CYBERSECURITY SYSTEM IN THE CONTEXT OF NATIONAL SECURITY AND DEFENCE SECTOR REFORM

ESTABLISHING A NATIONAL CYBERSECURITY SYSTEM IN THE CONTEXT OF NATIONAL SECURITY AND DEFENCE SECTOR REFORM Information & Security: An International Journal Valentyn Petrov, vol.31, 2014, 73-77 http://dx.doi.org/10.11610/isij.3104 ESTABLISHING A NATIONAL CYBERSECURITY SYSTEM IN THE CONTEXT OF NATIONAL SECURITY

More information

Cyber Exploits: Improving Defenses Against Penetration Attempts

Cyber Exploits: Improving Defenses Against Penetration Attempts Cyber Exploits: Improving Defenses Against Penetration Attempts Mark Burnette, CPA, CISA, CISSP, CISM, CGEIT, CRISC, QSA LBMC Security & Risk Services Today s Agenda Planning a Cyber Defense Strategy How

More information

Masters in Human Computer Interaction

Masters in Human Computer Interaction Masters in Human Computer Interaction Programme Requirements Taught Element, and PG Diploma in Human Computer Interaction: 120 credits: IS5101 CS5001 CS5040 CS5041 CS5042 or CS5044 up to 30 credits from

More information

Masters in Advanced Computer Science

Masters in Advanced Computer Science Masters in Advanced Computer Science Programme Requirements Taught Element, and PG Diploma in Advanced Computer Science: 120 credits: IS5101 CS5001 up to 30 credits from CS4100 - CS4450, subject to appropriate

More information

Managed Security Services

Managed Security Services Proactive Real-Time Monitoring and Risk Management Managed Security Services NCS Group Offices Australia Bahrain Brunei China Dubai Hong Kong SAR Korea Malaysia Philippines Singapore Sri Lanka Understanding

More information

Real-time Network Monitoring and Security Platform for Securing Next-Generation Network. Assoc. Prof. Dr. Sureswaran Ramadass

Real-time Network Monitoring and Security Platform for Securing Next-Generation Network. Assoc. Prof. Dr. Sureswaran Ramadass Real-time Network Monitoring and Security Platform for Securing Next-Generation Network Assoc. Prof. Dr. Sureswaran Ramadass The platform Definition A description of a software framework that makes services

More information

Masters in Artificial Intelligence

Masters in Artificial Intelligence Masters in Artificial Intelligence Programme Requirements Taught Element, and PG Diploma in Artificial Intelligence: 120 credits: IS5101 CS5001 CS5010 CS5011 CS4402 or CS5012 in total, up to 30 credits

More information

Redefining Incident Response

Redefining Incident Response Redefining Incident Response How to Close the Gap Between Cyber-Attack Identification and Remediation WHITE PAPER - How to Close the Gap Between Cyber-Attack Identification and Remediation 1 Table of Contents

More information

Deploying Firewalls Throughout Your Organization

Deploying Firewalls Throughout Your Organization Deploying Firewalls Throughout Your Organization Avoiding break-ins requires firewall filtering at multiple external and internal network perimeters. Firewalls have long provided the first line of defense

More information

Defending Against Data Beaches: Internal Controls for Cybersecurity

Defending Against Data Beaches: Internal Controls for Cybersecurity Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity

More information

Masters in Networks and Distributed Systems

Masters in Networks and Distributed Systems Masters in Networks and Distributed Systems Programme Requirements Taught Element, and PG Diploma in Networks and Distributed Systems: 120 credits: IS5101 CS5001 CS5021 CS4103 or CS5023 in total, up to

More information

Intrusion Detection via Machine Learning for SCADA System Protection

Intrusion Detection via Machine Learning for SCADA System Protection Intrusion Detection via Machine Learning for SCADA System Protection S.L.P. Yasakethu Department of Computing, University of Surrey, Guildford, GU2 7XH, UK. s.l.yasakethu@surrey.ac.uk J. Jiang Department

More information

EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY

EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY Dean Frye Sourcefire Session ID: SEC-W05 Session Classification: Intermediate Industrialisation of Threat Factories Goal: Glory,

More information

Building A Secure Microsoft Exchange Continuity Appliance

Building A Secure Microsoft Exchange Continuity Appliance Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building

More information

Detecting Computer Worms in the Cloud

Detecting Computer Worms in the Cloud Detecting Computer Worms in the Cloud Sebastian Biedermann and Stefan Katzenbeisser Security Engineering Group Department of Computer Science Technische Universität Darmstadt {biedermann,katzenbeisser}@seceng.informatik.tu-darmstadt.de

More information

The Education Fellowship Finance Centralisation IT Security Strategy

The Education Fellowship Finance Centralisation IT Security Strategy The Education Fellowship Finance Centralisation IT Security Strategy Introduction This strategy outlines the security systems in place to optimise, manage and protect The Education Fellowship data and

More information

How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1

How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1 How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1 2 How does IBM deliver cloud security? Contents 2 Introduction 3 Cloud governance 3 Security governance, risk management

More information

Intelligent Protection for Applications in the Cloud Industrial Case Studies Rob Rowlingson (robert.rowlingson@bt.com)

Intelligent Protection for Applications in the Cloud Industrial Case Studies Rob Rowlingson (robert.rowlingson@bt.com) Intelligent Protection for Applications in the Cloud Industrial Case Studies Rob Rowlingson (robert.rowlingson@bt.com) Theo Dimitrakos Chief Security Researcher, BT Research & Technology theo.dimitrakos@bt.com

More information

Cyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014

Cyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014 Cyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014 Introduction: Cyber attack is an unauthorized access to a computer

More information

Attackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors. Microsoft Confidential for internal use only

Attackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors. Microsoft Confidential for internal use only Attackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors Microsoft Confidential for internal use only Wall Street Journal, JP Morgan, Lockheed, Bushehr nuclear

More information

MEng, BSc Computer Science with Artificial Intelligence

MEng, BSc Computer Science with Artificial Intelligence School of Computing FACULTY OF ENGINEERING MEng, BSc Computer Science with Artificial Intelligence Year 1 COMP1212 Computer Processor Effective programming depends on understanding not only how to give

More information

Protecting Your Organisation from Targeted Cyber Intrusion

Protecting Your Organisation from Targeted Cyber Intrusion Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology

More information

An Artificial Immune Model for Network Intrusion Detection

An Artificial Immune Model for Network Intrusion Detection An Artificial Immune Model for Network Intrusion Detection Jungwon Kim and Peter Bentley Department of Computer Science, University Collge London Gower Street, London, WC1E 6BT, U. K. Phone: +44-171-380-7329,

More information

Cyber Security VTT and the Finnish Approach

Cyber Security VTT and the Finnish Approach Cyber Security VTT and the Finnish Approach September 22, 2015 Reijo Savola, Principal Scientist CHALLENGES Explosive increase in number and impact of cyber security attacks Use of Internet technologies

More information

The Value of Automated Penetration Testing White Paper

The Value of Automated Penetration Testing White Paper The Value of Automated Penetration Testing White Paper Overview As an information security and the security manager of the company, I am well aware of the difficulties of enterprises and organizations

More information

Network Security Options

Network Security Options White Paper Network Security Options Trends in protection against network intrusion, attack, and resource hijacking SecureWorks Third Quarter, 2000 INTRODUCTION Economics had at one time reserved high-speed,

More information

Cloud security architecture

Cloud security architecture ericsson White paper Uen 284 23-3244 January 2015 Cloud security architecture from process to deployment The Trust Engine concept and logical cloud security architecture presented in this paper provide

More information

Security Information Management (SIM)

Security Information Management (SIM) 1. A few general security slides 2. What is a SIM and why is it needed 3. What are the features and functions of a SIM 4. SIM evaluation criteria 5. First Q&A 6. SIM Case Studies 7. Final Q&A Brian T.

More information

Network Virtualization Network Admission Control Deployment Guide

Network Virtualization Network Admission Control Deployment Guide Network Virtualization Network Admission Control Deployment Guide This document provides guidance for enterprises that want to deploy the Cisco Network Admission Control (NAC) Appliance for their campus

More information

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord Building The Human Firewall Andy Sawyer, CISM, C CISO Director of Security Locke Lord Confidentiality, Integrity, Availability Benchmarks of Cybersecurity: Confidentiality Information is protected against

More information

Countering Cyber Attacks with Big Data and Analytics

Countering Cyber Attacks with Big Data and Analytics June 2015 Countering Cyber Attacks with Big Data and Analytics Frost & Sullivan Analysis by Sandy Borthick Big Data & Analytics (BDA) Volume 3, Number 6 Countering Cyber Attacks with Big Data and Analytics

More information

Incident Response and the Role of External Services

Incident Response and the Role of External Services Incident Response and the Role of External Services Andrea Rigoni Business Development Manager - Government Sector Symantec Corp. Andrea_Rigoni@symantec.com Abstract: Managing security is a complex task

More information

Perspectives on Cybersecurity in Healthcare June 2015

Perspectives on Cybersecurity in Healthcare June 2015 SPONSORED BY Perspectives on Cybersecurity in Healthcare June 2015 Workgroup for Electronic Data Interchange 1984 Isaac Newton Square, Suite 304, Reston, VA. 20190 T: 202-618-8792/F: 202-684-7794 Copyright

More information

Critical Security Controls

Critical Security Controls Critical Security Controls Session 2: The Critical Controls v1.0 Chris Beal Chief Security Architect MCNC chris.beal@mcnc.org @mcncsecurity on Twitter The Critical Security Controls The Critical Security

More information

Preempting Business Risk with RSA SIEM and CORE Security Predictive Security Intelligence Solutions

Preempting Business Risk with RSA SIEM and CORE Security Predictive Security Intelligence Solutions Preempting Business Risk with RSA SIEM and CORE Security Predictive Security Intelligence Solutions CORE Security +1 617.399-6980 info@coresecurity.com www.coresecurity.com blog.coresecurity.com Preempting

More information

WHITE PAPER ENSURING APPLICATION AVAILABILITY AND SECURITY IN THE CLOUD

WHITE PAPER ENSURING APPLICATION AVAILABILITY AND SECURITY IN THE CLOUD WHITE PAPER ENSURING APPLICATION AVAILABILITY AND SECURITY IN THE CLOUD CONTENTS EXECUTIVE SUMMARY 3 THE LIFEBLOOD OF MANY BUSINESSES IS UNDER ATTACK 3 IT LEADERS FACE A DIFFICULT BALANCING ACT 3 Companies

More information

The Wild, Wild East-West:

The Wild, Wild East-West: The Wild, Wild East-West: A Credit Union Cardinal Sin By Xerex Bueno Chief Technology Officer, CUProdigy PLEASE, DON T BE A MERE NORTH-SOUTH CREDIT UNION. Why? It s not enough. It s fractional security,

More information

Technology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications

Technology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications Technology Blueprint Protect Your Email Servers Guard the data and availability that enable business-critical communications LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security

More information

MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY

MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY HTTP://SCIENCE.HAMPTONU.EDU/COMPSCI/ The Master of Science in Information Assurance focuses on providing

More information

CYBER ATTACKS EXPLAINED: PACKET CRAFTING

CYBER ATTACKS EXPLAINED: PACKET CRAFTING CYBER ATTACKS EXPLAINED: PACKET CRAFTING Protect your FOSS-based IT infrastructure from packet crafting by learning more about it. In the previous articles in this series, we explored common infrastructure

More information

Complexity Science Challenges in Cybersecurity

Complexity Science Challenges in Cybersecurity SANDIA REPORT SAND2009-2007 Unlimited Release Printed March 2009 Complexity Science Challenges in Cybersecurity Robert C. Armstrong, Jackson R. Mayo, Frank Siebenlist Prepared by Sandia National Laboratories

More information

Managing Security Risks in Modern IT Networks

Managing Security Risks in Modern IT Networks Managing Security Risks in Modern IT Networks White Paper Table of Contents Executive summary... 3 Introduction: networks under siege... 3 How great is the problem?... 3 Spyware: a growing issue... 3 Feeling

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

Managing Vulnerabilities for PCI Compliance White Paper. Christopher S. Harper Managing Director, Agio Security Services

Managing Vulnerabilities for PCI Compliance White Paper. Christopher S. Harper Managing Director, Agio Security Services Managing Vulnerabilities for PCI Compliance White Paper Christopher S. Harper Managing Director, Agio Security Services PCI STRATEGY Settling on a PCI vulnerability management strategy is sometimes a difficult

More information

Secure by design: taking a strategic approach to cybersecurity

Secure by design: taking a strategic approach to cybersecurity Secure by design: taking a strategic approach to cybersecurity The cybersecurity market is overly focused on auditing policy compliance and performing vulnerability testing when the level of business risk

More information

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

2. From a control perspective, the PRIMARY objective of classifying information assets is to: MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected

More information

What Do You Mean My Cloud Data Isn t Secure?

What Do You Mean My Cloud Data Isn t Secure? Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there

More information

WRITTEN TESTIMONY OF

WRITTEN TESTIMONY OF WRITTEN TESTIMONY OF KEVIN MANDIA CHIEF EXECUTIVE OFFICER MANDIANT CORPORATION BEFORE THE SUBCOMMITTEE ON CRIME AND TERRORISM JUDICIARY COMMITTEE UNITED STATES SENATE May 8, 2013 Introduction Thank you

More information