Northrop Grumman / Integrated Cyber Threat Response
|
|
- Patrick Sanders
- 7 years ago
- Views:
Transcription
1 I. Program Overview Organization Name/Program Name: Northrop Grumman / Integrated Cyber Threat Response Program Leader Name/ Position/Contact information , Phone Program Category Program Background: What is this program all about? (No more than one page). The overarching need for this program History of the program The product that is created by this program Scope of work original & updated Expected deliverables Current status of the program Tim Powell / Director, Information Security Identity, Access and Engineering t.powell@ngc.com, (Choose One) o Sub-System R&D/SDD program or project o Sub-System Production o Sub-System Sustainment o System level R&D/SDD program or project o System level Production o System level Sustainment o Special Project The need for improving network cyber defenses against cyber spies is acute. Cyber spies continue to upgrade their capabilities through new tactics and technology. Successful companies and government agencies must embrace this new arms race and deploy additional defensive countermeasures. Cyber spies have traditionally employed spear phishing as the method of choice to extract company intellectual property. Today, there is a tactical shift by these cyber spies, who now also attack externally-facing web servers. The Northrop Grumman Integrated Cyber Threat Response program (the Program) brought together more than 2,000 information technology and information security professionals from across the country and at all levels of the organization. Together they addressed serious threats to the company computing infrastructure through an innovative, highly collaborative and integrated approach while delivering tremendous value at reduced cycle time. Their efforts led to increased systems administrator engagement and ownership of the implemented processes and solutions, resulting in the heightened protection of company and customer data stored on the company network. The scope of the Program included the main Northrop Grumman network over 100,000 computers and other networking devices as well as hundreds of other smaller 2015 AVIATION WEEK PROGRAM EXCELLENCE INITIATIVE 1
2 networks that the company administers for internal and external customers. The diverse Program team of security and non-security IT experts analyzed the networks and delivered a series of network device configuration changes and a few new network tools to enhance security. The Program was successfully completed in mid-2014 and is now in steady state/sustainment, with key cyber security continuous improvement processes incorporated into dayto-day Information Security operations. II. VALUE CREATION = 20 POINTS Note that we have provided a weighting system on this section that indicates importance to the overall A&D enterprise in improving performance. Value: 50% of category score What is the long-term value, competitive positioning, advantage, and return created by this program to your: Customers National interests, war fighter Company Strength, bottom line, and shareholders Scientific/technical value (particularly for R&D programs) 50% of category score Excellence and Uniqueness: What makes this program unique? Why should this program be awarded the Program Excellence Award? The long term value to our customers military and civilian government agencies is increased security of data stored on Northrop Grumman networks. This information includes critical operational data used by warfighting systems and key national government programs, as well as data relative to research and development programs. As we have recently seen on the news, even partial data loss can seriously damage the mission and/or reputation of the agency impacted, whether the data is stored on their network or another network. With this in mind, customers maintain a positive view of Northrop Grumman as an industry leader and as a trusted partner, knowing the company has invested in and secured internal and external data. Likewise, Northrop Grumman s position as an industry leader, and the value it provides its shareholders is protected against the reputational harm a data loss incident could cause. The Program was unique because it was an internallyfocused company program, but the results affect external customers and partners, and the results are shared with external customers and partners. Northrop Grumman participates in several government sponsored and industry cyber security working groups (e.g., Defense Industrial Base Destructive Resiliency) and freely shares successful defensive techniques and threat information. A Program Excellence award would be appropriate recognition. The Program was remarkable not just for the tremendous results achieved (18 security deployments in 10 months,) but for the innovative management approach 2015 AVIATION WEEK PROGRAM EXCELLENCE INITIATIVE 2
3 used. The Program brought together more than 2,000 Northrop Grumman information technology and information security professionals from across the country and at all levels of the organization. Together they addressed serious threats to the company computing infrastructure through an innovative, highly collaborative and integrated approach while delivering tremendous value at reduced cycle time. Their efforts led to increased systems administrator engagement and ownership in the processes and solutions implemented, resulting in the heightened protection of company and customer data stored on the company network. The Program delivered value very quickly by launching five Integrated Product Teams (IPTs) within the Program structure. Each IPT managed two threads in parallel: a near-term focus for implementing quick win deployments (e.g., turning on additional security features of an existing tool) and a more structured activity to identify and implement higher value, longer-term security deployments (e.g., upgrading all servers to a higher security standard). The practice of simultaneously pursuing immediate-term and longer-term implementations is now being reused by other programs to deliver both rapid initial value and higher-value, underdeveloped or larger-effort solutions. III. ORGANIZATIONAL PROCESSES/BEST PRACTICES: (HOW DO YOU DO THINGS) = 30 POINTS Note that we have provided a weighting system on this section that indicates importance in the evaluation process. For each question, respond with the best practices and unique processes used by your program. Strategic Operations 30% of the score On an on-going basis how do you track and improve the value of this program to your customers, corporation, organization, and employees? Specifically, what processes, tools and practices have allowed the value of your program to increase? Every day, cyber attackers scan and probe Northrop Grumman networks. Hundreds of employees are targeted every month for their computer data and account privileges. These events are resolved quickly, with unique events researched further for mitigation through processes established by the Program. In addition, the Program has provided ongoing, steady-state value each day that Northrop Grumman protects its network and company and customer data from cyber threats. The Program s lasting value continues to increase as the team s ongoing, best practice framework enables development of more and more security ideas into specific 2015 AVIATION WEEK PROGRAM EXCELLENCE INITIATIVE 3
4 deployments that create a stronger company security posture. For example, after each set of deployments, an expert team evaluates and votes to promote the next set of ideas for development and implementation. This structured approach provides for rapid delivery of top security ideas while providing the Information Security organization time to research and evaluate more complex security ideas. Using this framework, the Program successfully elicited, evaluated and managed more than 200 security improvement ideas. Team Leadership 30% of category score Teaming What unique processes and practices have you put in place to maximize team collaboration and efficiency? Supply Chain With the broader distribution of design, development and production responsibility across the supply chain what unique tools, processes and practices have you put into place to ensure integration of the total supply chain (up/down/across)? People Development Among the most important roles of a leader is the identification and development of talent. What unique processes, tools and practices have you put into place to ensure people are developed and given the opportunity to risk, fail, recover and fully contribute. What metrics have you put into place to ensure this effort is effective? The Program had outstanding collaboration processes to leverage the talents of the extended team. To help the more than 2000 systems administrators dispersed across the company understand the Program s need and urgency, a series of conference calls were conducted, each jointly hosted by Northrop Grumman s chief information security officer, corporate security officer, and chief information officer. Leveraging collaboration technology, the company officers were able to directly engage system administrators, establish a direction, and answer questions. The framework for this capability exists today, and can be implemented as significant topics and issues arise. Relative to the supply chain, the Northrop Grumman network provides specific points for access and collaboration with our customers and suppliers and these points are focus areas for security upgrades delivered by the Program. In addition, Northrop Grumman openly shares security best practices and advancements with our customers and suppliers through collaboration forums sponsored by government-industry groups such as the Defense Industrial Base and CERT. For people development, the Program provided recurring individual leadership opportunities for subject matter experts. Each IPT was jointly led by a subject matter expert and the Program s project manager. This enabled subject matter experts to push rapid security idea evaluation and development while allowing the project manager to focus on deployment execution. The Program turned over this dual management approach to regular Information Security operations and it provides an excellent vehicle for developing leaders. Overall, the metrics for managing the IPT structured 2015 AVIATION WEEK PROGRAM EXCELLENCE INITIATIVE 4
5 evaluation process included counts of network security ideas generated and those selected for deployment and successfully deployed. These metrics conveyed the high return-on-investment and the need to continue the security deployments including the opportunities for talented individuals to lead. Operations 40% of category score Cycle Time Please describe what your program has done to reduce and continue to improve the cycle time required for the phase of life cycle in which you currently are executing (design/develop, produce, sustain). Include in your description the tools, processes and practices used as well as the metrics. Efficiencies Affordability and breaking the cost curve are among the most important challenges facing all program managers. Describe the areas you have targeted to improve your costs and how you resolved these challenges for each target. Describe how your program has developed or implemented new and unique tools, processes and practices to reduce cycle time for your program s specific stage of the lifecycle (design/develop, produce, sustain). Planning, Monitoring, and Controlling What are the most significant change elements your program dealt with in the past 36 months, and what unique best practices and processes did you implement to make these changes. (Examples of change: intellectual property, shortages of critical supplies/raw materials.) Using the enhanced management techniques described above, the Program was able to dramatically reduce cycle time, completing 18 significant security deployments in 10 months. One of the largest deployments required engineers to standardize more than 1200 configurations; they completed the work more than one month ahead of the eight month plan (18%+ schedule reduction). The practice of simultaneously pursuing immediate-term and longer-term implementations is being reused by other programs to deliver both rapid initial value and highervalue, underdeveloped or larger-effort solutions. When reused on other programs and projects, these processes help increase labor efficiencies and reduce potential hardware, software, and systems cost challenges. The Program overcame a challenge common on information security efforts: managing sensitive security vulnerability information. Several individuals on the Program were aware of specific security vulnerabilities from industry connections and government partners. Rather than establish the Integrated Cyber Threat Response program as an internal special access program and include sensitive information in the requirements, program management removed sensitive information from program work products, which opened potential participation and communication to all Northrop Grumman employees. Individuals already knowledgeable about the sensitive information could confirm whether proposed security improvements were mitigating vulnerabilities. The rest of the extended team could focus on improving security against a broader set of known threats. This information management approach yielded many large dividends, including reduced development cycle time from unrestricted communications, quicker learning times for individuals joining the program and lower risk of exposing confidential data AVIATION WEEK PROGRAM EXCELLENCE INITIATIVE 5
6 IV. ADAPTING TO INNOVATION AND COMPLEXITY: (HOW DO YOU DEAL WITH YOUR PROGRAM S UNIQUE COMPLEXITIES) = 20 POINTS Identify the Program s Market Uncertainty level How new is your product to your market and users, based on the definitions below. Then describe how you deal and address this specific uncertainty: - Derivative an improvement of an existing product/system. - Platform a new generation in an existing product line. - New to the Market a product or system adopted from another market - New to the World - breakthrough product, never seen before Identify the Program s Technological Uncertainty using the definitions below. Then describe how you deal and address this uncertainty: - Low-tech: application of mature, well-established technology - Medium Technology: existing technology modified to meet new design requirements - High-Technology: recently developed new technology - Super High Technology: nonexisting technology that needs to be developed during the program. Identify the level of your System Complexity using Level of Market Uncertainty Level (choose one) X Derivative Platform New to Market New to the World Describe how your program deals with this uncertainty to maximize value for all stakeholders. In this case, the existing system was the company computer network. The Program dealt with uncertainty about attacker methods and tactics by prioritizing security deployments to defend against multiple threat vectors (types of attacks), both known and expected. Simply stated, security architectures are inherently easier to defend and typically less costly. For example, the Program implemented a simpler standard for defining the thousands of firewall rules in firewalls across the company. The Program team looked for versatile solutions that ideally replaced existing single threat protections and that integrated well with existing network components. Technological Uncertainty Level (choose one) Low Technology Medium Technology X High Technology Super High Technology Describe the processes and practices put into place to manage this level of uncertainty and assure efficient, successful execution. The technologies involved in cyber defense are very often immature as the attackers target the newest products for identifying and exploiting technical vulnerabilities. The Program addressed this uncertainty by deploying compensating controls to secure new devices and by using a layered defense strategy. For example, the Program team implemented naming restrictions and improved password management practices for default server accounts. The Program prioritized security deployments to ensure there are strong defenses to stop an attack at the network perimeter layer, at the endpoint device, at the data layer and during attempted command-and-control external communications. System Complexity (choose one) Assembly Sub-System 2015 AVIATION WEEK PROGRAM EXCELLENCE INITIATIVE 6
7 the definitions below. Then explain how you are dealing with this level of complexity: - An Assembly performing a single function. - A Sub-system fitting within a larger system. - A System a collection of subsystems performing multiple functions. - An Array a System of Systems ; a widely dispersed collection of systems serving a common mission. Identify the Pace and Urgency of your team s effort using the definitions below. Then describe how you deal with the program s pace requirements: - Regular timing no specific time pressures. Fast/Competitive time to market is important for competitiveness. - Time Critical there is an absolute and criticalto-success deadline. - Blitz there is a crisis element driving the need for immediate response System X Array of Systems Describe how your program deals with this level of complexity to ensure efficient, timely execution of the program. Focus on the how. In this case, the common mission was protection of the network and system complexity was created by the many different security deployments. The Program dealt with system complexity by ensuring compatibility with a common security architecture and by using company standard deployment processes. For each deployment, the Program included an Information Security Engineer who ensured the deployed elements integrated with the company security architecture. Pace and Urgency (choose one) Regular Timing Fast/Competitive Time Critical X Blitz The Program environment included the crisis element of potential attack. This atmosphere helped motivate the team to develop and deploy security upgrades as quickly as possible. As explained above, the Program focused on rapid deployment by managing two threads in parallel: a near-term focus for implementing quick win deployments (e.g., turning on additional security features of an existing tool) and a more structured activity to identify and implement higher value, longer-term security deployments (e.g., upgrading all servers to a higher security standard). V. METRICS (HOW DO YOU MEASURE PROGRAM S PERFORMANCE) = 30 POINTS Note 1: We are not looking for $ results, but the relative percentage achieved. In particular indicate what specific metrics and data you are using that drive the program beyond standard measures of schedule, budget, and performance, and which have contributed to your program s focus and its success.) Note 2: We have provided a weighting system on this section that indicates importance to the overall A&D enterprise in improving performance. Those with lower weighting are not unimportant; however, they have become given practices that all teams should be using. 40% of category score Customer/Performance - How do you measure the impact of your program on your customer and your customer s satisfaction? The Program s customers are the users of the Northrop Grumman network and their satisfaction hinges on the network being always available and secure. The Information Security organization continuously measures cyber-attack activity and the company s performance in stopping attacks and protecting data. Example metrics include suspicious 2015 AVIATION WEEK PROGRAM EXCELLENCE INITIATIVE 7
8 Include a description of unique/new metrics, as well as numerical evidence (normally a percentage or rate). Focus on the unique metrics developed to provide an efficient way to effectively communicate this information to your customers and within your organization beyond your program team. 20% of category score Team - How do you measure and assess the impact of your program on your team development and employee satisfaction? webpage queries blocked, spear phishing attempts blocked, security patch deployment performance and number of vulnerabilities remediated. These metrics are shared with senior management monthly. To maintain security vigilance, the Program needed to convey a sense of urgency to all contributing to network security. To help reach the more than 2000 systems administrators dispersed across the company, the Program established regular conference calls, each jointly hosted by Northrop Grumman s chief information security officer, corporate security officer, and chief information officer. A discussion forum for this group was also established and maintained. The Program overcame a common employee satisfaction challenge on security initiatives: restricted access to sensitive information. Several individuals on the Program were aware of specific security vulnerabilities from industry connections and government partners. Rather than establish the Program as an internal special access program tied to restricted information, program management did not include sensitive information in program requirements and this opened participation and communication about the Program to all Northrop Grumman employees. Individuals already knowledgeable about the sensitive information could confirm whether proposed security improvements were mitigating vulnerabilities. The rest of the extended team could focus on generally improving security against the broader set of known threats. Beyond improved employee satisfaction from working in an inclusive work environment, this information management approach yields reduced development cycle time from unrestricted communications, quicker learning times for individuals supporting information security activity and reduced risk of exposing confidential data. In addition, Northrop Grumman issues an annual employee engagement survey and survey results are reviewed by leadership and employees to understand and discuss areas where employee development opportunities and satisfaction can be improved. 40% of category score Unique Metrics - Describe unique metrics you are The Program team understood that to be successful they needed a measurement program to monitor institutional change and quick remediation of security vulnerabilities. For 2015 AVIATION WEEK PROGRAM EXCELLENCE INITIATIVE 8
9 using to measure your program s progress and how you focus it for outstanding and future success. example, if unsecured passwords were simply corrected, users may use weak passwords again, on the next password change. To drive long-term security improvement and reduce the number of vulnerabilities being created, the Program s legacy complements security compliance checks with measuring indicators of improved security attentiveness: For example, the program team worked with the enterprise training group to track and drive training success rates for the more than 2000 system administrator population to 95% trained by the target completion date. Likewise, the Program influenced the inclusion of security goals in system administrators annual performance reviews. This formal measurement process ensures clear communication between system administrators and their supervisors about the administrator s central role in protecting company and customer data. All key processes and metrics developed by the Program are now part of Northrop Grumman day-to-day Information Security operations AVIATION WEEK PROGRAM EXCELLENCE INITIATIVE 9
Global Combat Support System-Army (GCSS-Army) David Rigby, Program Manager GCSS-Army David.Rigby@ngc.com, 804-279- 8073
I. Program Overview Organization Name/Program Name: Program Leader Name/ Position/Contact information E-mail, Phone Program Category Program Background: What is this program all about? (No more than one
More informationSecurity in the smart grid
Security in the smart grid Security in the smart grid It s hard to avoid news reports about the smart grid, and one of the media s favorite topics is security, cyber security in particular. It s understandable
More informationInformation Security Services
Information Security Services Information Security In 2013, Symantec reported a 62% increase in data breaches over 2012. These data breaches had tremendous impacts on many companies, resulting in intellectual
More informationEnterprise Security Tactical Plan
Enterprise Security Tactical Plan Fiscal Years 2011 2012 (July 1, 2010 to June 30, 2012) Prepared By: State Chief Information Security Officer The Information Security Council State of Minnesota Enterprise
More informationI. Program Overview. Organization Name/Program Name: Program Leader Name/ Position/Contact information E-mail, Phone.
I. Program Overview Organization Name/Program Name: Program Leader Name/ Position/Contact information E-mail, Phone Program Category Program Background: What is this program all about? (No more than one
More informationCisco Security Optimization Service
Cisco Security Optimization Service Proactively strengthen your network to better respond to evolving security threats and planned and unplanned events. Service Overview Optimize Your Network for Borderless
More informationI. Program Overview. Organization Name/Program Name: Program Leader Name/ Position/Contact information E-mail, Phone
I. Program Overview Organization Name/Program Name: Program Leader Name/ Position/Contact information E-mail, Phone Program Category Program Background: What is this program all about? (No more than one
More informationQlik UKI Consulting Services Catalogue
Qlik UKI Consulting Services Catalogue The key to a successful Qlik project lies in the right people, the right skills, and the right activities in the right order www.qlik.co.uk Table of Contents Introduction
More informationFFIEC Cybersecurity Assessment Tool
Overview In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed the Cybersecurity Tool (), on behalf of its members,
More informationHedden Page 1 6/17/2010. 2010 Program Excellence Award
Hedden Page 1 6/17/2010 2010 Program Excellence Award The AVIATION WEEK Program Excellence Award initiative has been developed in recognition of the need to develop future program leaders who will face
More informationProcess Solutions. Staying Ahead of Today s Cyber Threats. White Paper
Process Solutions White Paper Staying Ahead of Today s Cyber Threats Executive Summary In an age where ubiquitous flash drives can become precision-guided munitions and a serious security breach is a single,
More informationProject Charter and Scope Statement
Prepared by: Mike Schmidt Version: 1.0 Last Revision Date: April 14, 2010 Create Date: May 6, 2010 EXECUTIVE SUMMARY... 3 1 INTRODUCTION... 4 2 PROJECT OBJECTIVES... 4 2.1 MISSION... 4 2.2 OBJECTIVES...
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationI. Program Overview. Organization Name/Program Name: Program Leader Name/ Position/Contact information E-mail, Phone.
I. Program Overview Organization Name/Program Name: Program Leader Name/ Position/Contact information E-mail, Phone Program Category Program Background: What is this program all about? (No more than one
More informationWindows Server 2003 migration: Your three-phase action plan to reach the finish line
WHITE PAPER Windows Server 2003 migration: Your three-phase action plan to reach the finish line Table of contents Executive summary...2 Windows Server 2003 and the big migration question...3 If only migration
More informationIoT & SCADA Cyber Security Services
IoT & SCADA Cyber Security Services RIOT SOLUTIONS PTY LTD P.O. Box 10087, Adelaide St Brisbane QLD 4000 BRISBANE HEAD OFFICE Level 4, 60 Edward St, Brisbane, QLD 4000 T: 1300 744 028 Email: sales@riotsolutions.com.au
More informationCompliance. Review. Our Compliance Review is based on an in-depth analysis and evaluation of your organization's:
Security.01 Penetration Testing.02 Compliance Review.03 Application Security Audit.04 Social Engineering.05 Security Outsourcing.06 Security Consulting.07 Security Policy and Program.08 Training Services
More informationISO/IEC 27002:2013 WHITEPAPER. When Recognition Matters
When Recognition Matters WHITEPAPER ISO/IEC 27002:2013 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS www.pecb.com CONTENT 3 4 5 6 6 7 7 7 7 8 8 8 9 9 9
More informationSTATEMENT OF MR. THOMAS ATKIN ACTING ASSISTANT SECRETARY OF DEFENSE FOR HOMELAND DEFENSE AND GLOBAL SECURITY OFFICE OF THE SECRETARY OF DEFENSE;
STATEMENT OF MR. THOMAS ATKIN ACTING ASSISTANT SECRETARY OF DEFENSE FOR HOMELAND DEFENSE AND GLOBAL SECURITY OFFICE OF THE SECRETARY OF DEFENSE; LIEUTENANT GENERAL JAMES K. MCLAUGHLIN DEPUTY COMMANDER,
More informationNERC CIP VERSION 5 COMPLIANCE
BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements that are the basis for maintaining
More informationAssessing Your Information Technology Organization
Assessing Your Information Technology Organization Are you running it like a business? By: James Murray, Partner Trey Robinson, Director Copyright 2009 by ScottMadden, Inc. All rights reserved. Assessing
More informationStatement for the Record. Martin Casado, Senior Vice President. Networking and Security Business Unit. VMware, Inc. Before the
Testimony Statement for the Record Martin Casado, Senior Vice President Networking and Security Business Unit VMware, Inc. Before the U.S. House of Representatives Committee on Science, Space, and Technology
More informationManaging Vulnerabilities for PCI Compliance White Paper. Christopher S. Harper Managing Director, Agio Security Services
Managing Vulnerabilities for PCI Compliance White Paper Christopher S. Harper Managing Director, Agio Security Services PCI STRATEGY Settling on a PCI vulnerability management strategy is sometimes a difficult
More informationAddressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense
A Trend Micro Whitepaper I February 2016 Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense How Trend Micro Deep Security Can Help: A Mapping to the SANS Top 20 Critical
More information7 Homeland. ty Grant Program HOMELAND SECURITY GRANT PROGRAM. Fiscal Year 2008
U.S. D EPARTMENT OF H OMELAND S ECURITY 7 Homeland Fiscal Year 2008 HOMELAND SECURITY GRANT PROGRAM ty Grant Program SUPPLEMENTAL RESOURCE: CYBER SECURITY GUIDANCE uidelines and Application Kit (October
More informationCybersecurity: Mission integration to protect your assets
Cybersecurity: Mission integration to protect your assets C Y B E R S O L U T I O N S P O L I C Y O P E R AT I O N S P E O P L E T E C H N O L O G Y M A N A G E M E N T Ready for what s next Cyber solutions
More informationCOUNTERINTELLIGENCE. Protecting Key Assets: A Corporate Counterintelligence Guide
COUNTERINTELLIGENCE O F F I C E O F T H E N A T I O N A L C O U N T E R I N T E L L I G E N C E Protecting Key Assets: A Corporate Counterintelligence Guide E X E C U T I V E Counterintelligence for the
More informationSecurity solutions White paper. Acquire a global view of your organization s security state: the importance of security assessments.
Security solutions White paper Acquire a global view of your organization s security state: the importance of security assessments. April 2007 2 Contents 2 Overview 3 Why conduct security assessments?
More informationFred Swisher, Program Manager Email: frederic.r.swisher@lmco.com Phone: (407) 356-9346
I. Program Overview Organization Name/Program Name: Program Leader Name/ Position/Contact information E-mail, Phone Program Category Program Background: What is this program all about? (No more than one
More informationHow Technology Executives are Managing the Shift to BYOD
A UBM TECHWEB WHITE PAPER SEPTEMBER 2012 How Technology Executives are Managing the Shift to BYOD An analysis of the benefits and hurdles of enabling employees to use their own consumer devices in the
More informationCybersecurity Awareness for Executives
SESSION ID: SOP-R04 Cybersecurity Awareness for Executives Rob Sloan Head of Cyber Content and Data Dow Jones @_rob_sloan Session Overview Aim: Provide a high level overview of an effective cybersecurity
More informationTable of Contents. Application Vulnerability Trends Report 2013. Introduction. 99% of Tested Applications Have Vulnerabilities
Application Vulnerability Trends Report : 2013 Table of Contents 3 4 5 6 7 8 8 9 10 10 Introduction 99% of Tested Applications Have Vulnerabilities Cross Site Scripting Tops a Long List of Vulnerabilities
More informationdeveloping your potential Cyber Security Training
developing your potential Cyber Security Training The benefits of cyber security awareness The cost of a single cyber security incident can easily reach six-figure sums and any damage or loss to a company
More informationSTATEMENT BY DAVID DEVRIES PRINCIPAL DEPUTY DEPARTMENT OF DEFENSE CHIEF INFORMATION OFFICER BEFORE THE
STATEMENT BY DAVID DEVRIES PRINCIPAL DEPUTY DEPARTMENT OF DEFENSE CHIEF INFORMATION OFFICER BEFORE THE HOUSE OVERSIGHT AND GOVERNMENT REFORM COMMITTEE S INFORMATION TECHNOLOGY SUBCOMMITTEE AND THE VETERANS
More informationCustomer FIRST Program Guide
Customer FIRST Program Guide Best-in-class Software Maintenance, Support and Services Getting Maximum Value from Your Wonderware Skelta Business Process Management (BPM) Software 1 About Schneider Electric
More informationWHITE PAPER SPLUNK SOFTWARE AS A SIEM
SPLUNK SOFTWARE AS A SIEM Improve your security posture by using Splunk as your SIEM HIGHLIGHTS Splunk software can be used to operate security operations centers (SOC) of any size (large, med, small)
More informationDDG 1000 Program Mission System Integration. 2011 Aviation Week Program Excellence Award Submission
DDG 1000 Program Mission System Integration 2011 Aviation Week Program Excellence Award Submission I. Program Overview Organization Name/Program Name: Program Leader Name/ Position/Contact information
More informationConvergence of Desktop Security and Management: System Center 2012 Endpoint Protection and System Center 2012 Configuration Manager
Convergence of Desktop Security and Management: System Center 2012 Endpoint Protection and System Center 2012 Configuration Manager Contents INTRODUCTION: UNDERSTANDING HOW ALIGNING DESKTOP SECURITY AND
More informationPenetration Testing //Vulnerability Assessment //Remedy
A Division Penetration Testing //Vulnerability Assessment //Remedy In Penetration Testing, part of a security assessment practice attempts to simulate the techniques adopted by an attacker in compromising
More informationApplication Software Assurance Center of Excellence Relies on Professionalized Teams to Train Air Force Programmers in Securing the SDLC
Application Software Assurance Center of Excellence Relies on Professionalized Teams to Train Air Force Programmers in Securing the SDLC Application Software Assurance Center of Excellence Relies on Professionalized
More informationImplementing Security Update Management
Implementing Security Update Management Wayne Harris MCSE Senior Consultant Certified Security Solutions Business Case for Update Management When determining the potential financial impact of poor update
More informationSpeeding Time to Market, Increasing Time in Market & Maintaining Market Velocity
Speeding Time to Market, Increasing Time in Market & Maintaining Market Velocity Best Practices in Driving Top-Line Growth Through Innovation & Collaboration Table of Contents 1 Introduction: The Need
More informationVulnerability management lifecycle: defining vulnerability management
Framework for building a vulnerability management lifecycle program http://searchsecurity.techtarget.com/magazinecontent/framework-for-building-avulnerability-management-lifecycle-program August 2011 By
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationApplying machine learning techniques to achieve resilient, accurate, high-speed malware detection
White Paper: Applying machine learning techniques to achieve resilient, accurate, high-speed malware detection Prepared by: Northrop Grumman Corporation Information Systems Sector Cyber Solutions Division
More informationWhite Paper An Enterprise Security Program and Architecture to Support Business Drivers
White Paper An Enterprise Security Program and Architecture to Support Business Drivers seccuris.com (866) 644-8442 Contents Introduction... 3 Information Assurance... 4 Sherwood Applied Business Security
More informationProtecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More informationTest du CISM. Attention, les questions, comme l'examen, ne sont disponibles qu'en anglais.
Test du CISM Attention, les questions, comme l'examen, ne sont disponibles qu'en anglais. 1. Which of the following would BEST ensure the success of information security governance within an organization?
More informationWHITE PAPER. Mitigate BPO Security Issues
WHITE PAPER Mitigate BPO Security Issues INTRODUCTION Business Process Outsourcing (BPO) is a common practice these days: from front office to back office, HR to accounting, offshore to near shore. However,
More informationRO-Why: The business value of a modern intranet
RO-Why: The business value of a modern intranet 1 Introduction In the simplest terms, companies don t build products, do deals, or make service calls people do. But most companies struggle with isolated
More informationState of Oregon. State of Oregon 1
State of Oregon State of Oregon 1 Table of Contents 1. Introduction...1 2. Information Asset Management...2 3. Communication Operations...7 3.3 Workstation Management... 7 3.9 Log management... 11 4. Information
More informationWhiteHat Security White Paper. Top 11 PCI DSS 3.0 Changes That Will Affect Your Application Security Program
WhiteHat Security White Paper Top 11 PCI DSS 3.0 Changes That Will Affect Your Application Security Program October 2015 The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information
More informationAudit Report. Effectiveness of IT Controls at the Global Fund Follow-up report. GF-OIG-15-20b 26 November 2015 Geneva, Switzerland
Audit Report Effectiveness of IT Controls at the Global Fund Follow-up report GF-OIG-15-20b Geneva, Switzerland Table of Contents I. Background and scope... 3 II. Executive Summary... 4 III. Status of
More informationBoeing is working with industry to establish a unified cyber strategy and deliver cyber security solutions to airlines worldwide.
Boeing is working with industry to establish a unified cyber strategy and deliver cyber security solutions to airlines worldwide. 24 Securing Airline Information on the Ground and in the Air The ability
More information2012 North American Vulnerability Research Product Leadership Award
2012 2012 North American Vulnerability Research Product Leadership Award 2012 Frost & Sullivan 1 We Accelerate Growth Product Leadership Award Vulnerability Management North America, 2012 Frost & Sullivan
More informationManagement (CSM) Capability
CDM Configuration Settings Management (CSM) Capability Department of Homeland Security National Cyber Security Division Federal Network Security Network & Infrastructure Security Table of Contents 1 PURPOSE
More informationThe Protection Mission a constant endeavor
a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring
More informationAddressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave
More informationThe Four-Step Guide to Understanding Cyber Risk
Lifecycle Solutions & Services The Four-Step Guide to Understanding Cyber Risk Identifying Cyber Risks and Addressing the Cyber Security Gap TABLE OF CONTENTS Introduction: A Real Danger It is estimated
More informationAdvanced Risk Analysis for High-Performing Organizations
Pittsburgh, PA 15213-3890 Advanced Risk Analysis for High-Performing Organizations Christopher Alberts Audrey Dorofee Sponsored by the U.S. Department of Defense 2006 by Carnegie Mellon University page
More informationAdvanced Threat Protection with Dell SecureWorks Security Services
Advanced Threat Protection with Dell SecureWorks Security Services Table of Contents Summary... 2 What are Advanced Threats?... 3 How do advanced threat actors operate?... 3 Addressing the Threat... 5
More informationProtecting Applications on Microsoft Azure against an Evolving Threat Landscape
Protecting Applications on Microsoft Azure against an Evolving Threat Landscape So, your organization has chosen to move to Office 365. Good choice. But how do you implement it? Find out in this white
More informationTHE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS
THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS Download the entire guide and follow the conversation at SecurityRoundtable.org Collaboration and communication between technical
More informationModerator: Benjamin McGee, CISSP Cyber Security Lead SAIC
From Security Assessment to Vulnerability Remediation: The Realities of Deploying a Cloud-Based Application Risk Management Solution Moderator: Benjamin McGee, CISSP Cyber Security Lead SAIC Setting the
More informationCybersecurity: A View from the Boardroom
An Executive Brief from Cisco Cybersecurity: A View from the Boardroom In the modern economy, every company runs on IT. That makes security the business of every person in the organization, from the chief
More informationCompliance Guide ISO 27002. Compliance Guide. September 2015. Contents. Introduction 1. Detailed Controls Mapping 2.
ISO 27002 Compliance Guide September 2015 Contents Compliance Guide 01 02 03 Introduction 1 Detailed Controls Mapping 2 About Rapid7 7 01 INTRODUCTION If you re looking for a comprehensive, global framework
More informationSecurity Architecture: From Start to Sustainment. Tim Owen, Chief Engineer SMS DGI Cyber Security Conference June 2013
Security Architecture: From Start to Sustainment Tim Owen, Chief Engineer SMS DGI Cyber Security Conference June 2013 Security Architecture Topics Introduction Reverse Engineering the Threat Operational
More informationIBM Business Consulting Services. Setting the standard for SAP services
IBM Business Consulting Services Setting the standard for SAP services Delta Air Lines IBM Business Consulting Services already has a proven track record in earlier SAP implementations within the Delta
More informationDeveloping National Frameworks & Engaging the Private Sector
www.pwc.com Developing National Frameworks & Engaging the Private Sector Focus on Information/Cyber Security Risk Management American Red Cross Disaster Preparedness Summit Chicago, IL September 19, 2012
More informationA Strategic Approach to Web Application Security
WhiteHat Security White Paper A Strategic Approach to Web Application Security Extending security across the entire software development lifecycle Jerry Hoff WhiteHat Security The problem: websites are
More informationTechnical Testing. Network Testing DATA SHEET
DATA SHEET Technical Testing Network Testing The Dell SecureWorks Technical Testing services deliver the independent expertise, experience and perspective you need to enhance your security posture, reduce
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationWhite Paper. Five Steps to Firewall Planning and Design
Five Steps to Firewall Planning and Design 1 Table of Contents Executive Summary... 3 Introduction... 3 Firewall Planning and Design Processes... 3 Step 1. Identify Security Requirements for Your Organization...
More informationCIP- 005 R2: Understanding the Security Requirements for Secure Remote Access to the Bulk Energy System
CIP- 005 R2: Understanding the Security Requirements for Secure Remote Access to the Bulk Energy System Purpose CIP-005-5 R2 is focused on ensuring that the security of the Bulk Energy System is not compromised
More informationManaging Vulnerabilities For PCI Compliance
Managing Vulnerabilities For PCI Compliance Christopher S. Harper Vice President of Technical Services, Secure Enterprise Computing, Inc. June 2012 NOTE CONCERNING INTELLECTUAL PROPERTY AND SOLUTIONS OF
More informationeguide: Designing a Continuous Response Architecture Executive s Guide to Windows Server 2003 End of Life
Executive s Guide to Windows Server 2003 End of Life Facts About Windows Server 2003 Introduction On July 14, 2015 Microsoft will end support for Windows Sever 2003 and Windows Server 2003 R2. Like Windows
More informationCyber Essentials Scheme
Cyber Essentials Scheme Requirements for basic technical protection from cyber attacks June 2014 December 2013 Contents Contents... 2 Introduction... 3 Who should use this document?... 3 What can these
More informationInformation Technology Risk Management
Find What Matters Information Technology Risk Management Control What Counts The Cyber-Security Discussion Series for Federal Government security experts... by Carson Associates your bridge to better IT
More informationVIGILANCE INTERCEPTION PROTECTION
MINIMIZE CYBERTHREATS VIGILANCE INTERCEPTION PROTECTION CYBERSECURITY CDW FINANCIAL SERVICES 80 million identities were exposed by breaches in financial services in 2014. 1 1 symantec.com, Internet Security
More informationVulnerability Management. Information Technology Audit. For the Period July 2010 to July 2011
O L A OFFICE OF THE LEGISLATIVE AUDITOR STATE OF MINNESOTA FINANCIAL AUDIT DIVISION REPORT Vulnerability Management Information Technology Audit For the Period July 2010 to July 2011 May 22, 2012 Report
More informationBy John Pirc. THREAT DETECTION HAS moved beyond signature-based firewalls EDITOR S DESK SECURITY 7 AWARD WINNERS ENHANCED THREAT DETECTION
THE NEXT (FRONT) TIER IN SECURITY When conventional security falls short, breach detection systems and other tier 2 technologies can bolster your network s defenses. By John Pirc THREAT HAS moved beyond
More informationwww.pwc.co.uk Cyber security Building confidence in your digital future
www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in
More informationAvoiding the Top 5 Vulnerability Management Mistakes
WHITE PAPER Avoiding the Top 5 Vulnerability Management Mistakes The New Rules of Vulnerability Management Table of Contents Introduction 3 We ve entered an unprecedented era 3 Mistake 1: Disjointed Vulnerability
More informationI. Program Overview. Organization Name/Program Name: Program Leader Name/ Position/Contact information E-mail, Phone
I. Program Overview Organization Name/Program Name: Program Leader Name/ Position/Contact information E-mail, Phone Program Category Program Background: What is this program all about? (No more than one
More informationNetwork Security Landscape
Cole p01.tex V3-07/28/2009 3:46pm Page 1 Network Security Landscape COPYRIGHTED MATERIAL IN THIS PART Chapter 1 State of Network Security Chapter 2 New Approaches to Cyber Security Chapter 3 Interfacing
More informationExperience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC.
Experience the commitment WHITE PAPER Information Security Continuous Monitoring Charting the Right Course May 2014 cgi.com 2014 CGI GROUP INC. During the last few months of 2013, six federal agencies
More informationCisco Security IntelliShield Alert Manager Service
Data Sheet Cisco Security IntelliShield Alert Manager Service The Cisco Security IntelliShield Alert Manager Service provides a comprehensive, cost-effective solution for delivering the security intelligence
More informationC a p a b i l i t i e s
S o u t h p o r t s B u s i n e s s I n t e l l i g e n c e C a p a b i l i t i e s At Southport, we help our clients easily transform data into intuitive dashboards and reports for greater analytical
More informationSophistication of attacks will keep improving, especially APT and zero-day exploits
FAQ Isla Q&A General What is Isla? Isla is an innovative, enterprise-class web malware isolation system that prevents all browser-borne malware from penetrating corporate networks and infecting endpoint
More informationINFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION
INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION Information security is a critical issue for institutions of higher education (IHE). IHE face issues of risk, liability, business continuity,
More informationWhat sets breakthrough innovators apart PwC s Global Innovation Survey 2013: US Summary
What sets breakthrough innovators apart PwC s Global Innovation Survey 2013: US Summary www.pwc.com/innovationsurvey 60% $250b The top innovators in our study plan to grow by more than 60 percent over
More informationCYBER SECURITY INFORMATION SHARING & COLLABORATION
Corporate Information Security CYBER SECURITY INFORMATION SHARING & COLLABORATION David N. Saul Senior Vice President & Chief Scientist 28 June 2013 Discussion Flow The Evolving Threat Environment Drivers
More informationHow to start a software security initiative within your organization: a maturity based and metrics driven approach OWASP
How to start a software security initiative within your organization: a maturity based and metrics driven approach Marco Morana OWASP Lead/ TISO Citigroup OWASP Application Security For E-Government Copyright
More informationICBA Summary of FFIEC Cybersecurity Assessment Tool
ICBA Summary of FFIEC Cybersecurity Assessment Tool July 2015 Contact: Jeremy Dalpiaz Assistant Vice President Cyber Security and Data Security Policy Jeremy.Dalpiaz@icba.org www.icba.org ICBA Summary
More informationCYBER SECURITY Audit, Test & Compliance
www.thalescyberassurance.com CYBER SECURITY Audit, Test & Compliance 02 The Threat 03 About Thales 03 Our Approach 04 Cyber Consulting 05 Vulnerability Assessment 06 Penetration Testing 07 Holistic Audit
More informationCORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT
CORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT How advancements in automated security testing software empower organizations to continuously measure information
More informationBreaking down silos of protection: An integrated approach to managing application security
IBM Software Thought Leadership White Paper October 2013 Breaking down silos of protection: An integrated approach to managing application security Protect your enterprise from the growing volume and velocity
More informationNEC Managed Security Services
NEC Managed Security Services www.necam.com/managedsecurity How do you know your company is protected? Are you keeping up with emerging threats? Are security incident investigations holding you back? Is
More informationWHITE PAPER. Managed Security. Five Reasons to Adopt a Managed Security Service
WHITE PAPER Managed Security Five Reasons to Adopt a Managed Security Service Introduction Cyber security presents many organizations with a painful dilemma. On the one hand, they re increasingly vulnerable
More information