Some Thoughts on the Future of Cyber-security

Size: px
Start display at page:

Download "Some Thoughts on the Future of Cyber-security"

Transcription

1 Some Thoughts on the Future of Cyber-security Mike Thomas Information Assurance Directorate National Security Agency NSI IMPACT April

2 Introduction, or Why are we here? National security missions depend on cyber capabilities. These capabilities and their platforms face serious risks from external and internal threats. The cyber environment continues to expand and change. What will the future environment look like? How must cybersecurity evolve for that environment? NSI IMPACT April

3 Introduction - Particular Challenges 1. Threats are growing, but more importantly, they are diversifying. 2. Operational scale has increased, far beyond the feasible scope for manual operations. 3. Threat actor speed has increased; waiting until after compromise has occurred is no longer viable. Harm Time Defensive operations future Defensive operations today (mostly) NSI IMPACT April

4 Introduction Introduction Outline The future cyber environment Technology environment changes Operational environment changes Evolution of cyber-security & defensive cyber operations Core areas for evolution Area details (6, time permitting) Conclusions NSI IMPACT April

5 The Future Cyber Environment The future environment will include a broader technology base, greater diversity of context, and more dynamic structure. NSI IMPACT April

6 Future Environment Overview Evolving Operational Environment Demand for Mobility & Info Anywhere Cloud and Virtual Everything Rise of Cyber-Physical Systems Cyber- Evolving Network Environment General Trends Increased Scope of Threat Actors Changing practices and structural norms security & defense Traditional IA Services & Products NSI IMPACT April

7 Future Environment Technology Trends Ubiquitous and diverse virtualization servers, networks, storage, applications, desktops, etc. Migration to Clouds all levels, all domains, private and public Mobility and wireless Dynamic network infrastructure Software-Defined Networking (SDN), Automatic Switched Optical Networks (ASON), IPv6, etc. Rise of Cyber-Physical Systems (CPS) & the Internet of Things (IoT) sensors, industrial control, vehicles, buildings, etc. NSI IMPACT April

8 Future Environment Operational Context Demand for information anywhere, anytime Assumptions about data bound to geography no longer apply Expansion of threat actor goals Theft/espionage still important, but disruptive and destructive attacks are growing Threat actors leverage increasingly diverse trust relationships Explosion of security needs for Non-Person Entities Diffusion of perimeters and boundaries As boundaries lose definition, we can rely less on boundary-focused defenses; visibility and control must extend inward and outward Increased awareness of insider threats Technical and non-technical measures must include mitigations for risks posed by malicious and mis-guided insiders Modern networks blur definitions of insider and outsider NSI IMPACT April

9 Evolution of cyber-security and defensive operations To be successful at securing and defending future environments, we must embrace dramatic changes. Incremental improvements to current strategies and practices will not be sufficient. NSI IMPACT April

10 Evolution Overview Some core areas for evolution: 1. Strengthen fundamentals ( cyber discipline ) 2. Apply mitigation across system lifecycle and threat actor scope 3. Drive operations with data & analytics 4. Automate, automate, automate 5. Build & leverage skilled workforce 6. Integrate defensive cyber operations and counter-intelligence operations NSI IMPACT April

11 Evolution 1. Strengthen Fundamentals Build systems to be visible: Incorporate instrumentation to drive visibility Apply strong integrity mechanisms that can be validated Use virtualization system to monitor virtualized assets Build systems to be defensible: Use dynamic networking technologies to give defenders control of communication & connectivity Incorporate mechanisms for recovery Maintain strong identity for people, systems, and services Defend data by tagging and enforcing access control Know your critical assets ( crown jewels ) and track them! NSI IMPACT April

12 Evolution 2. Broaden Scope Threat actors can pursue their missions anywhere in the system lifecycle à we must consider and prioritize defense at the same breadth of scope System Lifecycle Development Integration Production Deployment Operation Retirement Reconnaissance Threat Actor Kill Chain Delivery Exploitation Installation & Propagation Command & Control Potential Mitigation Scope Typical Mitigation Focus Accomplish Mission Objectives including Left of Boom NSI IMPACT April

13 Evolution 3. Become Data-Driven Effective and actionable cyber situational awareness depends on: Accurate, timely system, actor, and activity data Data spanning relevant contexts (localà enterpriseà global, host & network, historical & current) Directed analysis analytics that combine diverse data sources into usable blue and red force representations Partnership & sharing are essential no single organization or group has sufficient visibility Defensive actions must be informed by context, current state, and threat actor intelligence NSI IMPACT April

14 Evolution 4. Automate Multiple factors are driving need for automation of cyber-security and defense operations. Challenge factor Size of opera6onal IT/network systems Speed of threat actor opera6ons Complexity of response ac6ons Automation need Automate visibility and control across large #s of assets Execute courses of ac6on at machine speed Orchestrate complex mul6- step responses across many elements Messaging/C&C Awareness Control Defenders NSI IMPACT April

15 Evolution 5. Leverage Skilled People Skilled and empowered cyber personnel are essential for success today, and will be even more in the future environment. Some elements of that workforce: Skills will be needed across a wide range of platforms and technologies (breadth doesn t just happen, it has to be crafted) Operators will need to understand defense and offense Sustained development will be necessary to keep up with technological and threat actor change National security cyber operations won t happen in a vacuum our staff must be prepared to operate joint all the time Experience is critical operators must be given hands-on practice before a crisis, and regularly over their careers NSI IMPACT April

16 Evolution 6. Integrate DCO & CI Mitigating insider threats requires analysis and response in both people (counter-intel) and technical (cyber) domains. Deter Prevent Detect Respond Anomaly detection, characterization, and response selection must be informed by both CI and cyber situational awareness. Cyber attacks can involve co-opting of insider identities there s no simple division between insider and other threats. Core cyber fundamentals make a clearer field for insider mitigation: Network visibility Data tagging and access control Strong identity NSI IMPACT April

17 Conclusions We have the all the necessary elements for success, but integrating and adopting them will require hard work. NSI IMPACT April

18 Conclusions Last bit before Q&A We can see the environment changes coming: All the trends are already well underway. All of them apply to National Security systems and missions we are not exempt! Threat actors are busy as each new model/ technology gains adoption, they exploit it. Our community possesses the building blocks for successful evolution. We have to assemble them together. Success is only possible as a community. NSI IMPACT April

The Comprehensive National Cybersecurity Initiative

The Comprehensive National Cybersecurity Initiative The Comprehensive National Cybersecurity Initiative President Obama has identified cybersecurity as one of the most serious economic and national security challenges we face as a nation, but one that we

More information

DoD Strategy for Defending Networks, Systems, and Data

DoD Strategy for Defending Networks, Systems, and Data DoD Strategy for Defending Networks, Systems, and Data November 13, 2013 Department DoDD of Defense Chief Information Officer DoD Strategy for Defending Networks, Systems, and Data Introduction In July

More information

Defending Against Data Beaches: Internal Controls for Cybersecurity

Defending Against Data Beaches: Internal Controls for Cybersecurity Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity

More information

The Path Ahead for Security Leaders

The Path Ahead for Security Leaders The Path Ahead for Security Leaders Executive Summary What You Will Learn If you asked security leaders five years ago what their primary focus was, you would likely get a resounding: securing our operations.

More information

Cybersecurity Delivering Confidence in the Cyber Domain

Cybersecurity Delivering Confidence in the Cyber Domain Cybersecurity Delivering Confidence in the Cyber Domain With decades of intelligence and cyber expertise, Raytheon offers unmatched, full-spectrum, end-to-end cyber solutions that help you secure your

More information

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved. Cyber Security Automation of energy systems provides attack surfaces that previously did not exist Cyber attacks have matured from teenage hackers to organized crime to nation states Centralized control

More information

Agile Cyber Security Security for the Real World, Architectural Approach

Agile Cyber Security Security for the Real World, Architectural Approach Agile Cyber Security Security for the Real World, Architectural Approach Osama Al-Zoubi Senior Manger, Systems Engineering Fahad Aljutaily Senior Solution Architect, Security Market Trends Welcome to the

More information

Defense Security Service

Defense Security Service Defense Security Service Defense Security Service Cybersecurity Operations Division Counterintelligence UNCLASSIFIED Defense Security Service DSS Mission DSS Supports national security and the warfighter,

More information

(U) Appendix D: Evaluation of the Comprehensive National Cybersecurity Initiative

(U) Appendix D: Evaluation of the Comprehensive National Cybersecurity Initiative (U) Appendix D: Evaluation of the Comprehensive National Cybersecurity Initiative (U) Presidential Directive NSPD 54/HSPD 23, Cybersecurity Policy, established United States policy, strategy, guidelines,

More information

Developing Secure Software in the Age of Advanced Persistent Threats

Developing Secure Software in the Age of Advanced Persistent Threats Developing Secure Software in the Age of Advanced Persistent Threats ERIC BAIZE EMC Corporation DAVE MARTIN EMC Corporation Session ID: ASEC-201 Session Classification: Intermediate Our Job: Keep our Employer

More information

Data Center Network Evolution: Increase the Value of IT in Your Organization

Data Center Network Evolution: Increase the Value of IT in Your Organization White Paper Data Center Network Evolution: Increase the Value of IT in Your Organization What You Will Learn New operating demands and technology trends are changing the role of IT and introducing new

More information

ADVANCED KILL CHAIN DISRUPTION. Enabling deception networks

ADVANCED KILL CHAIN DISRUPTION. Enabling deception networks ADVANCED KILL CHAIN DISRUPTION Enabling deception networks Enabling Deception Networks Agenda Introduction Overview of Active Defense Process Orchestration in Active Defense Introducing Deception Networks

More information

SOLUTION BRIEF. Next Generation APT Defense for Healthcare

SOLUTION BRIEF. Next Generation APT Defense for Healthcare SOLUTION BRIEF Next Generation APT Defense for Healthcare Overview Next Generation APT Defense for Healthcare Healthcare records with patients personally identifiable information (PII) combined with their

More information

2015 Michigan NASCIO Award Nomination. Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy

2015 Michigan NASCIO Award Nomination. Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy 2015 Michigan NASCIO Award Nomination Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy Sponsor: David Behen, DTMB Director and Chief Information Officer Program Manager: Rod Davenport,

More information

Priority III: A National Cyberspace Security Awareness and Training Program

Priority III: A National Cyberspace Security Awareness and Training Program Priority III: A National Cyberspace Security Awareness and Training Program Everyone who relies on part of cyberspace is encouraged to help secure the part of cyberspace that they can influence or control.

More information

Cybersecurity: Mission integration to protect your assets

Cybersecurity: Mission integration to protect your assets Cybersecurity: Mission integration to protect your assets C Y B E R S O L U T I O N S P O L I C Y O P E R AT I O N S P E O P L E T E C H N O L O G Y M A N A G E M E N T Ready for what s next Cyber solutions

More information

Forces of Change: Perspectives and Trends on State Information Technology 2015 Annual NAJIS Conference October 6, 2015

Forces of Change: Perspectives and Trends on State Information Technology 2015 Annual NAJIS Conference October 6, 2015 Forces of Change: Perspectives and Trends on State Information Technology 2015 Annual NAJIS Conference October 6, 2015 Doug Robinson, Executive Director National Association of State Chief Information

More information

ENTERPRISE COMPUTING ENVIRONMENT. Creating connections THROUGH SERVICE & WORKFORCE EXCELLENCE

ENTERPRISE COMPUTING ENVIRONMENT. Creating connections THROUGH SERVICE & WORKFORCE EXCELLENCE ITA Strategic Plan FY 2011 - FY 2016 U.S. Army Information Technology Agency REALIZING The DoD ENTERPRISE COMPUTING ENVIRONMENT Creating connections THROUGH SERVICE & WORKFORCE EXCELLENCE Provide Quality

More information

COUNTERINTELLIGENCE. Protecting Key Assets: A Corporate Counterintelligence Guide

COUNTERINTELLIGENCE. Protecting Key Assets: A Corporate Counterintelligence Guide COUNTERINTELLIGENCE O F F I C E O F T H E N A T I O N A L C O U N T E R I N T E L L I G E N C E Protecting Key Assets: A Corporate Counterintelligence Guide E X E C U T I V E Counterintelligence for the

More information

Cisco Security Optimization Service

Cisco Security Optimization Service Cisco Security Optimization Service Proactively strengthen your network to better respond to evolving security threats and planned and unplanned events. Service Overview Optimize Your Network for Borderless

More information

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to

More information

Cybersecurity Enhancement Account. FY 2017 President s Budget

Cybersecurity Enhancement Account. FY 2017 President s Budget Cybersecurity Enhancement Account FY 2017 President s Budget February 9, 2016 Table of Contents Section 1 Purpose... 3 1A Mission Statement... 3 1.1 Appropriations Detail Table... 3 1B Vision, Priorities

More information

Software defined networking. Your path to an agile hybrid cloud network

Software defined networking. Your path to an agile hybrid cloud network Software defined networking Your path to an agile hybrid cloud network Is your enterprise network ready for the latest business and consumer trends? Cloud How easily can your users connect to cloud resources?

More information

The Road to Convergence

The Road to Convergence A UBM TECHWEB WHITE PAPER SEPTEMBER 2012 The Road to Convergence Six keys to getting there with the most confidence and the least risk. Brought to you by The Road to Convergence Six keys to getting there

More information

ICBA Summary of FFIEC Cybersecurity Assessment Tool

ICBA Summary of FFIEC Cybersecurity Assessment Tool ICBA Summary of FFIEC Cybersecurity Assessment Tool July 2015 Contact: Jeremy Dalpiaz Assistant Vice President Cyber Security and Data Security Policy Jeremy.Dalpiaz@icba.org www.icba.org ICBA Summary

More information

CYBER SECURITY TRAINING SAFE AND SECURE

CYBER SECURITY TRAINING SAFE AND SECURE CYBER SECURITY TRAINING KEEPING YOU SAFE AND SECURE Experts in Cyber Security training. Hardly a day goes by without a cyber attack being reported. With this ever-increasing threat there is a growing need

More information

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored. It takes an average

More information

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 The following consists of the joint explanatory statement to accompany the Cybersecurity Act of 2015. This joint explanatory statement

More information

Middle Class Economics: Cybersecurity Updated August 7, 2015

Middle Class Economics: Cybersecurity Updated August 7, 2015 Middle Class Economics: Cybersecurity Updated August 7, 2015 The President's 2016 Budget is designed to bring middle class economics into the 21st Century. This Budget shows what we can do if we invest

More information

Cyber Watch. Written by Peter Buxbaum

Cyber Watch. Written by Peter Buxbaum Cyber Watch Written by Peter Buxbaum Security is a challenge for every agency, said Stanley Tyliszczak, vice president for technology integration at General Dynamics Information Technology. There needs

More information

Strengthen security with intelligent identity and access management

Strengthen security with intelligent identity and access management Strengthen security with intelligent identity and access management IBM Security solutions help safeguard user access, boost compliance and mitigate insider threats Highlights Enable business managers

More information

Centralizing Network Security Platforms: Common Defense, Common Sense

Centralizing Network Security Platforms: Common Defense, Common Sense Centralizing Network Security Platforms: Common Defense, Common Sense Creating a unified defense. In an era of targeted attacks and expanding cloud and mobile use, new advanced threat defense (ATD) technologies

More information

Secure Virtualization in the Federal Government

Secure Virtualization in the Federal Government White Paper Secure Virtualization in the Federal Government Achieve efficiency while managing risk Table of Contents Ready, Fire, Aim? 3 McAfee Solutions for Virtualization 4 Securing virtual servers in

More information

Network that Know. Rasmus Andersen Lead Security Sales Specialist North & RESE

Network that Know. Rasmus Andersen Lead Security Sales Specialist North & RESE Network that Know Rasmus Andersen Lead Security Sales Specialist North & RESE Email Gateway vendor CERT AV vendor Law enforcement Web Security Vendor Network security appliance vendor IT Department App

More information

Increase insight. Reduce risk. Feel confident.

Increase insight. Reduce risk. Feel confident. Increase insight. Reduce risk. Feel confident. Define critical goals with enhanced visibility then enable security and compliance across your complex IT infrastructure. VIRTUALIZATION + CLOUD NETWORKING

More information

Transform Your Business. Transformation Data Center

Transform Your Business. Transformation Data Center Transform Your Business Transformation Data Center Transformation Data Center Initiate Your Transformation Value creation is an emphasis for today s IT. Your data center must be efficient, flexible, and

More information

Adaptive Intelligent Firewall - der nächste Entwicklungssprung der NGFW. Jürgen Seitz Systems Engineering Manager

Adaptive Intelligent Firewall - der nächste Entwicklungssprung der NGFW. Jürgen Seitz Systems Engineering Manager Adaptive Intelligent Firewall - der nächste Entwicklungssprung der NGFW Jürgen Seitz Systems Engineering Manager Evolution of Network Security Next-Gen Firewall Application Visibility and Control User-based

More information

PASTA Abstract. Process for Attack S imulation & Threat Assessment Abstract. VerSprite, LLC Copyright 2013

PASTA Abstract. Process for Attack S imulation & Threat Assessment Abstract. VerSprite, LLC Copyright 2013 2013 PASTA Abstract Process for Attack S imulation & Threat Assessment Abstract VerSprite, LLC Copyright 2013 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

More information

Under the Digital Dome: State IT Priorities, Trends and Perspectives

Under the Digital Dome: State IT Priorities, Trends and Perspectives Under the Digital Dome: State IT Priorities, Trends and Perspectives Best Practices Exchange 2014 Conference Montgomery, Alabama November 19, 2014 Doug Robinson, Executive Director National Association

More information

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES POINT OF VIEW CYBERSECURITY IN FINANCIAL SERVICES Financial services institutions are globally challenged to keep pace with changing and covert cybersecurity threats while relying on traditional response

More information

Critical Infrastructure in a CyberPhysicalHuman World

Critical Infrastructure in a CyberPhysicalHuman World Critical Infrastructure in a CyberPhysicalHuman World December 2015 Approved for Public Release; Distribution Unlimited. 15-3575 2015 The MITRE Corporation. All rights reserved. Chris Folk, MBA, Director,

More information

TOP SECRET//SI//REL TO USA, AUS, CAN, GBR, NZL TOP SECRET//SI//REL TO USA, AUS, CAN, GBR, NZL. (U) SIGINT Strategy. 2012-2016 23 February 2012

TOP SECRET//SI//REL TO USA, AUS, CAN, GBR, NZL TOP SECRET//SI//REL TO USA, AUS, CAN, GBR, NZL. (U) SIGINT Strategy. 2012-2016 23 February 2012 (U) SIGINT Strategy 2012-2016 23 February 2012 (U) Vision (U) Ensure Signals Intelligence provides THE decisive edge in advancing the full spectrum of U.S. national security interests. (U) Mission (U)

More information

Five Steps For Securing The Data Center: Why Traditional Security May Not Work

Five Steps For Securing The Data Center: Why Traditional Security May Not Work White Paper Five Steps For Securing The Data Center: Why Traditional Security May Not Work What You Will Learn Data center administrators face a significant challenge: They need to secure the data center

More information

Triangle InfoSeCon. Alternative Approaches for Secure Operations in Cyberspace

Triangle InfoSeCon. Alternative Approaches for Secure Operations in Cyberspace Triangle InfoSeCon Alternative Approaches for Secure Operations in Cyberspace Lt General Bob Elder, USAF (Retired) Research Professor, George Mason University Strategic Advisor, Georgia Tech Research Institute

More information

Technology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications

Technology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications Technology Blueprint Protect Your Email Servers Guard the data and availability that enable business-critical communications LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security

More information

Cisco SAFE: A Security Reference Architecture

Cisco SAFE: A Security Reference Architecture Cisco SAFE: A Security Reference Architecture The Changing Network and Security Landscape The past several years have seen tremendous changes in the network, both in the kinds of devices being deployed

More information

NERC CIP VERSION 5 COMPLIANCE

NERC CIP VERSION 5 COMPLIANCE BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements that are the basis for maintaining

More information

Integrating Cybersecurity with Emergency Operations Plans (EOPs) for K-12 Education

Integrating Cybersecurity with Emergency Operations Plans (EOPs) for K-12 Education Integrating Cybersecurity with Emergency Operations Plans (EOPs) for K-12 Education Amy Banks, U.S. Department of Education, Center for School Preparedness, Office of Safe and Healthy Students Hamed Negron-Perez,

More information

Security Issues in Cloud Computing

Security Issues in Cloud Computing Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources

More information

Best of Breed Opinion

Best of Breed Opinion Best of Breed Opinion Basic requirements for a best in class Global Security Operation Center. CONSULTING AND INVESTIGATIONS DIVISION The Consulting and Investigations (C&I) Division is part of one of

More information

FFIEC Cybersecurity Assessment Tool

FFIEC Cybersecurity Assessment Tool Overview In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed the Cybersecurity Tool (), on behalf of its members,

More information

A Strategic Approach to Meeting the Demand for Cloud

A Strategic Approach to Meeting the Demand for Cloud White Paper For Cloud Providers A Strategic Approach to Meeting the Demand for Cloud Introduction: New Customer Challenges Propel Cloud Adoption In a dynamic business environment, enterprise customers

More information

THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS

THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS Download the entire guide and follow the conversation at SecurityRoundtable.org Collaboration and communication between technical

More information

Technical Testing. Network Testing DATA SHEET

Technical Testing. Network Testing DATA SHEET DATA SHEET Technical Testing Network Testing The Dell SecureWorks Technical Testing services deliver the independent expertise, experience and perspective you need to enhance your security posture, reduce

More information

State of Security Survey GLOBAL FINDINGS

State of Security Survey GLOBAL FINDINGS 2011 State of Security Survey GLOBAL FINDINGS CONTENTS Introduction... 4 Methodology... 6 Finding 1: Cybersecurity is important to business... 8 Finding 2: The drivers of security are changing... 10 Finding

More information

Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record

Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record Roberta Stempfley Acting Assistant Secretary for Cybersecurity and Communications

More information

Integrating Cybersecurity with Emergency Operations Plans (EOPs) for Institutions of Higher Education (IHEs)

Integrating Cybersecurity with Emergency Operations Plans (EOPs) for Institutions of Higher Education (IHEs) Integrating Cybersecurity with Emergency Operations Plans (EOPs) for Institutions of Higher Education (IHEs) Amy Banks, U.S. Department of Education, Center for School Preparedness, Office of Safe and

More information

Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program

Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program Cyber: The Catalyst to Transform the Security Program Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA A Common Language? Hyper Connected World Rapid IT Evolution Agile Targeted Threat

More information

SDN Security Challenges. Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015

SDN Security Challenges. Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015 SDN Security Challenges Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015 Cybersecurity Enhancement Act 2014 Public-Private Collaboration on Security (NIST

More information

SANS Top 20 Critical Controls for Effective Cyber Defense

SANS Top 20 Critical Controls for Effective Cyber Defense WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a

More information

Lessons from Defending Cyberspace

Lessons from Defending Cyberspace Lessons from Defending Cyberspace The Challenge of Addressing National Cyber Risk Andy Purdy Workshop on Cyber Security Center for American Studies, Christopher Newport College 10 28-2009 Cyber Threat

More information

Practical Threat Intelligence. with Bromium LAVA

Practical Threat Intelligence. with Bromium LAVA Practical Threat Intelligence with Bromium LAVA Practical Threat Intelligence Executive Summary Threat intelligence today is costly and time consuming and does not always result in a reduction of successful

More information

Cyber Defense Exercise: A Service Provider Model

Cyber Defense Exercise: A Service Provider Model Cyber Defense Exercise: A Service Provider Model Jeffrey A. Mattson Software Engineering Institute, Carnegie Mellon University, 4500 5th Avenue, Pittsburgh, PA 15218 jmattson@cert.org Abstract. Cyber Defense

More information

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense Cyber Investigations Data Management Systems Security Data Security Analysis Digital Forensics Health Care Security Industrial

More information

SPEAR PHISHING UNDERSTANDING THE THREAT

SPEAR PHISHING UNDERSTANDING THE THREAT SPEAR PHISHING UNDERSTANDING THE THREAT SEPTEMBER 2013 Due to an organisation s reliance on email and internet connectivity, there is no guaranteed way to stop a determined intruder from accessing a business

More information

NGA Paper. Act and Adjust: A Call to Action for Governors. for cybersecurity;

NGA Paper. Act and Adjust: A Call to Action for Governors. for cybersecurity; NGA Paper Act and Adjust: A Call to Action for Governors for Cybersecurity challenges facing the nation. Although implementing policies and practices that will make state systems and data more secure will

More information

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE Solution Brief SUMMARY New security threats demand a new approach to security management. Security teams need a security analytics architecture that can handle

More information

PwC Cybersecurity Briefing

PwC Cybersecurity Briefing www.pwc.com/cybersecurity Cybersecurity Briefing June 25, 2014 The views expressed in these slides are solely the views of the presenters and do not necessarily reflect the views of the PCAOB, the members

More information

Addressing the Full Attack Continuum: Before, During, and After an Attack. It s Time for a New Security Model

Addressing the Full Attack Continuum: Before, During, and After an Attack. It s Time for a New Security Model White Paper Addressing the Full Attack Continuum: Before, During, and After an Attack It s Time for a New Security Model Today s threat landscape is nothing like that of just 10 years ago. Simple attacks

More information

Sharing Cybersecurity Threat Info With the Government -- Should You Be Afraid To Do So?

Sharing Cybersecurity Threat Info With the Government -- Should You Be Afraid To Do So? Sharing Cybersecurity Threat Info With the Government -- Should You Be Afraid To Do So? Bruce Heiman K&L Gates September 10, 2015 Bruce.Heiman@klgates.com (202) 661-3935 Why share information? Prevention

More information

ADVANCED PERSISTENT THREATS & ZERO DAY ATTACKS

ADVANCED PERSISTENT THREATS & ZERO DAY ATTACKS ADVANCED PERSISTENT THREATS & ZERO DAY ATTACKS AN INFORMATION SECURITY BATTLEFIELD From Static to Dynamic Defense Cyber Security Strategies, LLC 1 2008-2010 Is The Cyber Tipping Point ESTONIA GEORGIA CABLE

More information

Enterprise Cybersecurity: Building an Effective Defense

Enterprise Cybersecurity: Building an Effective Defense Enterprise Cybersecurity: Building an Effective Defense Chris Williams Oct 29, 2015 14 Leidos 0224 1135 About the Presenter Chris Williams is an Enterprise Cybersecurity Architect at Leidos, Inc. He has

More information

Microsoft s cybersecurity commitment

Microsoft s cybersecurity commitment Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade

More information

Advanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA

Advanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA Advanced Visibility Moving Beyond a Log Centric View Matthew Gardiner, RSA & Richard Nichols, RSA 1 Security is getting measurability worse Percent of breaches where time to compromise (red)/time to Discovery

More information

Top 20 Critical Security Controls

Top 20 Critical Security Controls Top 20 Critical Security Controls July 2015 Contents Compliance Guide 01 02 03 04 Introduction 1 How Rapid7 Can Help 2 Rapid7 Solutions for the Critical Controls 3 About Rapid7 11 01 INTRODUCTION The Need

More information

HP Fortify Software Security Center

HP Fortify Software Security Center HP Fortify Software Security Center Proactively Eliminate Risk in Software Trust Your Software 92% of exploitable vulnerabilities are in software National Institute for Standards and Technology (NIST)

More information

Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions

Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions SURVEY REPORT: cyber security Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions Confidence in a connected world. Executive summary An online survey revealed that while U.S.

More information

Impact of Cybersecurity Innovations in Key Sectors (Technical Insights)

Impact of Cybersecurity Innovations in Key Sectors (Technical Insights) Impact of Cybersecurity Innovations in Key Sectors (Technical Insights) Customized cybersecurity measures help overcome Industry specific challenges September 2014 Table of Contents Section Slide Number

More information

Data- centric Security: A New Information Security Perimeter Date: March 2015 Author: Jon Oltsik, Senior Principal Analyst

Data- centric Security: A New Information Security Perimeter Date: March 2015 Author: Jon Oltsik, Senior Principal Analyst ESG Solution Showcase Data- centric Security: A New Information Security Perimeter Date: March 2015 Author: Jon Oltsik, Senior Principal Analyst Abstract: Information security practices are in the midst

More information

Cloud Computing Security Considerations

Cloud Computing Security Considerations Cloud Computing Security Considerations Roger Halbheer, Chief Security Advisor, Public Sector, EMEA Doug Cavit, Principal Security Strategist Lead, Trustworthy Computing, USA January 2010 1 Introduction

More information

Cyb T er h Threat D f e ense S l o uti tion Moritz Wenz, Lancope 1

Cyb T er h Threat D f e ense S l o uti tion Moritz Wenz, Lancope 1 C b Th Cyber Threatt Defense D f S Solution l ti Moritz Wenz, Lancope 1 The Threat Landscape is evolving Enterprise Response Antivirus (Host-Based) IDS/IPS (Network Perimeter) Reputation (Global) and Sandboxing

More information

Seven Things To Consider When Evaluating Privileged Account Security Solutions

Seven Things To Consider When Evaluating Privileged Account Security Solutions Seven Things To Consider When Evaluating Privileged Account Security Solutions Contents Introduction 1 Seven questions to ask every privileged account security provider 4 1. Is the solution really secure?

More information

SITUATIONAL AWARENESS MITIGATE CYBERTHREATS

SITUATIONAL AWARENESS MITIGATE CYBERTHREATS Gaining the SITUATIONAL AWARENESS needed to MITIGATE CYBERTHREATS Industry Perspective EXECUTIVE SUMMARY To become more resilient against cyberthreats, agencies must improve visibility and understand events

More information

CYBER SECURITY, A GROWING CIO PRIORITY

CYBER SECURITY, A GROWING CIO PRIORITY www.wipro.com CYBER SECURITY, A GROWING CIO PRIORITY Bivin John Verghese, Practitioner - Managed Security Services, Wipro Ltd. Contents 03 ------------------------------------- Abstract 03 -------------------------------------

More information

Innovation In Network Security

Innovation In Network Security SESSION ID: BAS-M03 Innovation In Network Michael Geller Principal Engineer Cisco Systems, Inc. @michaelge11er Innovation In Network Is Visibility & Control The application of people, process and tools

More information

IBM Smarter Cities Cybersecurity Update

IBM Smarter Cities Cybersecurity Update IBM Smarter Cities Cybersecurity Update October 2012 Kent Blossom, Vice President, IBM Security Solutions kblossom@us.ibm.com 1 Discussion Topics IBM Security Systems Evolving Client Priorities & Approaches

More information

PENETRATION TESTING GUIDE. www.tbgsecurity.com 1

PENETRATION TESTING GUIDE. www.tbgsecurity.com 1 PENETRATION TESTING GUIDE www.tbgsecurity.com 1 Table of Contents What is a... 3 What is the difference between Ethical Hacking and other types of hackers and testing I ve heard about?... 3 How does a

More information

Advanced Threat Protection with Dell SecureWorks Security Services

Advanced Threat Protection with Dell SecureWorks Security Services Advanced Threat Protection with Dell SecureWorks Security Services Table of Contents Summary... 2 What are Advanced Threats?... 3 How do advanced threat actors operate?... 3 Addressing the Threat... 5

More information

The Changing IT Risk Landscape Understanding and managing existing and emerging risks

The Changing IT Risk Landscape Understanding and managing existing and emerging risks The Changing IT Risk Landscape Understanding and managing existing and emerging risks IIA @ Noon Kareem Sadek Senior Manager, Deloitte Canada Chris Close Senior Manager, Deloitte Canada December 2, 2015

More information

Next Generation Strategies for Software Security in Critical Systems & Securing the Supply Chain BSides

Next Generation Strategies for Software Security in Critical Systems & Securing the Supply Chain BSides Next Generation Strategies for Software Security in Critical Systems & Securing the Supply Chain BSides Daniel Thanos (daniel.thanos@telus.com) Director Advanced Cybersecurity & Strategic Programs September,

More information

An Overview of Large US Military Cybersecurity Organizations

An Overview of Large US Military Cybersecurity Organizations An Overview of Large US Military Cybersecurity Organizations Colonel Bruce D. Caulkins, Ph.D. Chief, Cyber Strategy, Plans, Policy, and Exercises Division United States Pacific Command 2 Agenda United

More information

Agency for State Technology

Agency for State Technology Agency for State Technology 2015-2018 Statewide Information Technology Security Plan The Way Forward Rick Scott, Governor Jason M. Allison, State CIO Table of Contents From the Desk of the State Chief

More information

Designing & Implementing. Programs. MBA Bank Expo 2012 April 11, 2012

Designing & Implementing. Programs. MBA Bank Expo 2012 April 11, 2012 Designing & Implementing Enterprise Security Programs MBA Bank Expo 2012 April 11, 2012 Session Purpose G R O U P Premise: Security is institutionalized, but the enterprise is evolving. the enterprise

More information

MEDICAL DEVICE Cybersecurity.

MEDICAL DEVICE Cybersecurity. MEDICAL DEVICE Cybersecurity. 2 MEDICAL DEVICE CYBERSECURITY Introduction Wireless technology and the software in medical devices have greatly increased healthcare providers abilities to efficiently and

More information

DEFENSE INFORMATION SYSTEMS AGENCY STRATEGIC PLAN UNITED IN SERVICE TO OUR NATION

DEFENSE INFORMATION SYSTEMS AGENCY STRATEGIC PLAN UNITED IN SERVICE TO OUR NATION DEFENSE INFORMATION SYSTEMS AGENCY STRATEGIC PLAN 2015 2020 UNITED IN SERVICE TO OUR NATION DIRECTOR S STATEMENT We are at an operational crossroads. We continue to operate in a contested battlespace,

More information

Certified Identity and Access Manager (CIAM) Overview & Curriculum

Certified Identity and Access Manager (CIAM) Overview & Curriculum Identity and access management (IAM) is the most important discipline of the information security field. It is the foundation of any information security program and one of the information security management

More information

Managed Security Services. Leverage our experienced security operations team to improve your cyber security posture

Managed Security Services. Leverage our experienced security operations team to improve your cyber security posture Managed Security Services Leverage our experienced security operations team to improve your cyber security posture Our approach to Managed Security Services Enterprises spend millions on technology to

More information

Boosting Business Agility through Software-defined Networking

Boosting Business Agility through Software-defined Networking Executive Summary: Boosting Business Agility through Software-defined Networking Completing the last mile of virtualization Introduction Businesses have gained significant value from virtualizing server

More information