Navy Information Dominance Industry Day
|
|
- Stephany Blake
- 7 years ago
- Views:
Transcription
1 Navy Information Dominance Industry Day June 11, 2015
2 1996 Joint Chiefs of Staffs released Joint Vision 2010 (Net Centric Warfare) 2006 Operation CYBER CONDITION ZEBRA: Perimeter security for legacy Navy Networks 2008 Russia conducts cyber attacks against Georgia 2008 Operation BUCKSHOT YANKEE: USB Intrusion on DoD Computers (Host Based) 2009 Establishment of OPNAV N2/N6 (IDC) 2010 Cyber War published 2010 Establishment of USCYBERCOM and FCC/C10F 2010 Establishment of NCF 2013 Mandiant releases espionage report alleging PLA ex-filtrating U.S. proprietary data 2013 Operation ROLLING TIDE: Adversary Intrusion on Navy Networks 2014 Blackbeard project demonstration 2014 Establishment of NAVIDFOR 2014 Establishment of Task Force Cyber Awakening (TFCA) 2015 Establishment of Enduring Cyber Security Organization, including CYBERSAFE Navy Task Organizes to Meet Challenge 2
3 Disconnected Response through stove-piped assessments & initiatives across the enterprise: Operation ROLLING TIDE N81 Cyber Defense Studies Cyber Platform Risk Assessment Unsupported Systems Eradication Unified Response through Task Force Cyber Awakening: NOT N2/N6-centric. The cyber platform spans the entire Navy Use existing mechanisms where possible, but rigor will prevail Cyber security must be a resourcing and organizing principle Accountability and rigor are key Cyber Resiliency Plan & POM-17 Cyber Resiliency BAM inclusive of full DOTMLPF Cyber is as important as the next missile or platform It s now COMMANDER S BUSINESS 3
4 TRANSPORT COMMERCIAL INTERNET DISN SCI Coalition Networks ADNS TELEPORT NMCI & ONE-NET JRSS MOC GNOC NCDOC USMC ISNS / CANES / SUBLAN / TSCE TACTICAL SWITCH (TSw) A P P L I C A T I O N S Installations Air Combat HM&E Navigation C O N T R O L S Y S T E M S C 4 I S Y S T E M S DISN Core INTERNET ADNS NCTAMS/NOC DISN CORE NCDOC MOC Public Works Physical Security PSNET Public Safety Air Ops Port Ops C O N T R O L S Y S T E M S Other Connections (Commercial, Coalition, RF) Cyber remediation efforts need to extend across the Enterprise 4
5 Navy Cyber Defense Operations Command (NCDOC) 2014 Annual Incident / Event Summary Report Defense in Depth strategies, Information Assurance awareness, signature refinement, and the placement and/or re-alignment of both IDS and IPS sensor locations have afforded the Navy the capability to promptly avert and/or mitigate incidents-events and malware infections directed against its networks this reporting period. * Confirmed Incidents-Events Incident Category Description FY11 FY12 FY13 FY14 FY14 CAT 1 Root Level Intrusion Cat 2 User level Intrusion Cat 4 Denial of Service CAT 5 Non-Compliance Activity CAT 6 Scan / Probe CAT 7 Malicious Logic Unauthorized Root/Admin level access to DoD system Consequence - ability to launch wide scale attacks Example - bring down complete systems/networks/ships Unauthorized User level access to DoD system Consequence - limited ability to launch attacks Example - unauthorized data exfiltration Activity that impairs, impedes, or halts normal functionality Consequence - limits availability of a system and or service Example - block access to a Web site or complete network Activity that discovers non-compliant DoD systems Consequence - ability to exploit vulnerabilities Example - web exploits (SQL injections, X site scripting) Probes to identify systems or open services for later exploits Consequence - adversary maps out network Example - port and protocol scanning Installation of Malicious software Consequence - loss of integrity of data/system/network Example - Trojans, backdoor, virus, or worms ,029 1,051 1,094 1,435 Trend Investments and actions to date are improving our Enterprise Cyber Resiliency * IDS: Intrusion Detection System; IPS: Intrusion Prevention System 5
6 Source:
7 Organization TFCA MISSION Deliver fundamental change to Navy s organization, resourcing, acquisition, and readiness Align and strengthen authority, accountability, and rigor in Navy Cyber Security Chief of Staff OPNAV N2N6F1 CAPT David Serber DCNO OPNAV N2N6 VADM Branch Task Force Lead Mr. Matt Swartz (SES) Deputies Mr. Claude Barron (SES), NAVSEA Mr. Stu Young (SES), NAVAIR Mr. Brian Marsh (SES), SPAWAR Col David McMorries, USMC Technical Director Mr. Bob Stephenson (SES), CPF/SPAWAR EXCOM (Co-Chair) VCNO & ASN RDA Secretary: Dr. John Zangardi, DASN C4I FCC Commander OPNAV N-Codes USMC C4/CIO ASN (RDA) PMD / DASNs SYSCOM CDRs / NR DCOM USFF / PACFLT DCOMs & TYCOMs Advisory Board Trusted Advisors of EXCOM E N T E R P R I S E S T A K E H O L D E R S TG 1 Capabilities RADM Herman Shelanski November 2014 Delivered Cyber Resiliency Plan to inform FY15, POM-16 TG 2 CYBERSAFE CAPT Mark Elliott, USN March 2015 Establish CYBERSAFE Program w/limited AOR CYBERSAFE Office IOC 21 Apr 15 TG 3 Navy Cyber Security Mr. Troy Johnson (DISL) August 2015 Define and Develop implementation of an updated approach for overall Navy Cyber Security Task Group Technical Mr. Greg Shaffer (SES) (IT/IA TAB) August 2015: Establish Technical Authority development group TFCA well represented from across the Navy Enterprise 7
8 Device Integrity Damage Containment Defense of Accounts Secure & Available Transport NSA s Top 10 IA Mitigation Strategies Industry Recommendations (Controls against Cyber Espionage) Cyber Resiliency Approach Mitigation Strategies Application Whitelisting Control Administrative Privileges Limit Workstation-to- Workstation Communication Use Anti-Virus File Reputation Services Enable Anti-Exploitation Features Implement Host Intrusion Prevention System (HIPS) rules Set a Secure Baseline Configuration Use Web Domain Name System (DNS) Reputation Take Advantage of Software Improvements Segregate Networks and Functions Mitigation Goal Areas Patch ALL THE THINGS! Use and update antivirus (AV) Train users Segment your network Keep good logs Break the deliveryexploitationinstallation chain Spot C2 and data exfiltration Stop lateral movement inside the network Control Points: Control Points will allow us to effectively isolate portions of our networks and prevent adversaries who gain a foothold from moving laterally. Also improve boundary defenses for individual portions of the network and serve as insertion points in the network for emerging technology solutions. Cyber Situational Awareness (SA): Allow us to visualize the activity in the cyber-field, promote timely assessment of normal vs. abnormal activity, and mitigate possible threats. Cyber SA provides us with the tools to detect and respond to higher level threat actors. Designing (vice retroactively Patching-in) Resiliency within Systems & Networks: Generating common sets of standards and protocols to improve our cyber posture by driving down variance, and also designing-in resiliency in future system designs. Cyber Hygiene: Use of focused Tactics, Techniques & Procedures (TTPs) and workforce training Cyber Ready Workforce: Improving manning levels, personnel training and Fleet readiness via readiness reviews, Fleet cyber security efforts, Cybersecurity Workforce continuing education, unit patch/scan compliance and adherence to computer tasking orders (CTO). Leveraged Stakeholder, Community and Industry recommendations to develop Enterprise Approach 8
9 Maturity Low High UNCLASSIFIED Task Group Capabilities Issue Prioritization Metrics = Guiding Principles 1. Protect the Tactical Platforms 2. Address full spectrum of DOTMLPF 3. Improve Defensive Cyber Posture & Maturity Level of Response Near Term Focus Future Investments Prepare Protect Detect React/Restore Defensive Cyber Operations Bins Cyber Resiliency Strategy Recommendation to Resource Sponsors = Investment Strategy 1. Stay on course set during POM-16 Maintain momentum on initiatives underway (ORT, Control Point Solutions, Etc.) & implement solutions designed using R&D investments made 2. Focus on compartmentalization System by system approach is unaffordable and inflexible Prioritize reduction of consequence versus locking all vulnerabilities 3. Balance approach between maintenance vs. modernization Accelerating POR / System modernization timeline is unaffordable Invest in short term ( stop-gap ) solutions pre-modernization 4. New vs. Existing Funding Invest new money in new capabilities such as Enterprise-wide Cyber Situational Awareness Re-prioritize existing POR / System funding to mitigate for POR / System related cyber security enhancements 5. Develop and sustain a Cyber Ready Workforce Deliver a realistic and executable requirement to the Resource Sponsors that improves our Enterprise wide Cyber Resiliency both effectively and efficiently 9
10 Defense in Depth Protection Levels Control Points Critical Functions Enclave Boundary Protection Incident Isolation Recovery Operations Agile Technology Insertion Potential to leverage common engineering across multiple ship classes CG DDG LCS Amphibs SSDS DDG 1000 Control Points will allow us to effectively segment portions of our shipboard network, add greater ability to maneuver through intrusions, and ensure mission assurance 10
11 CYBERSAFE Definition Delivering Mission Assurance CYBERSAFE Office IOC 21 Apr 15 Specific set of requirements for design, procurement, material controls, maintenance and ops procedures, along with the change in organizational culture and crew proficiency required to institute these requirements, applied to a selected subset of platform system elements or components for which a failure caused by a cyber attack would result in loss of critical mission capability, mission critical equipment, and/or personal injury. - Approved at Dec 2014 TFCA EXCOM Modeled After SUBSAFE Tenets Independent Technical Authority sets common standards Program Managers ensure acquisition aligns with standards Independent Security Authority assesses against standards CYBERSAFE Certification Authority makes final decisions & assumes risk and accountability for platform Mission Assurance CYBERSAFE CYBERSAFE is focused on Mission Assurance of critical warfighting capabilities 11
12 CYBERSAFE Approach CYBERSAFE Instruction Establishes policy and assigns responsibilities for the management and implementation of Navy Cybersecurity Safety (CYBERSAFE) Program requirements Assigns responsibility for management and implementation of CYBERSAFE Program Describes 3 Facets of CYBERSAFE Cyber System Levels Design CYBERSAFE Grades Procure & Build Cyber Conditions of Readiness Operate Identifies management controls for CYBERSAFE items Describes CYBERSAFE Technical, Certification, and Threat/Risk Assessment Authorities Depicts Defense-in-Depth architecture as defined by DFIA * DFIA details control point strategy, but will also define DiD Implementation Standards across cyber environment DFIA Reference Architecture * DFIA: Defense-in-Depth Functional Implementation Architecture 12
13 Mission Assurance Target CONCEPTS Requirements Steering Committee CAPABILITY CAPABILITY GAPS REQ VALIDATION IA Tech Authority IT / IA TAB ARCHITECTURE PERSONNEL EQUIPMENT SUPPLIES TYCOM(s) TRAINING INDUSTRY FACILITIES RESOURCE/POLICY OPNAV Resource Sponsors ASSESS/PROCURE PRE-INTRO MAINTENANCE System Commands BASIC INTEGRATED EMPLOY / DEPLOY Fleet(s) SUSTAIN Mission Execution STUDIES IG/INSURV THREAT ASSESS POST DEPLOY FISMA COMPLIANCE Mission Assurance Assessment 13 UNCLASSIFIED Existing Organizations Recently Formed To-Be Organizations Navy Cyber Security Organization (including CYBERSAFE) Oversight: Navy Cyber Security Council (VCNO & ASN RDA co-chaired) Deliver Mission Assurance & Assess the Navy s Cyber Resiliency Posture Synchronization on All Aspects of the Cyber Readiness Kill Chain Advisor to the Risk Management Framework Implementation REQUIREMENTS MEANS WAYS ENDS ASSESS Baseline Assessment Memo (BAM) Specs & Standards Man, Train & Equip Readiness Certification Validate & Resource Requirements Design, Develop, & Maintain Platform Certification Operational Certification Operations External Assessment Fleet(s)
14 Leveraging Cross-SYSCOM IT / IA Technical Authority Board (TAB) to: Issue common and rigorous technical standards Design methodology and framework for both areas within which acquisition and operational elements must work when developing and sustaining technical standards Include evaluation of current technical authority approach for Navy Cybersecurity and determine necessary modifications to account for both Navy Networks & Tactical Control Systems 27 Jan 15 TAB approved standards for: Defense-in-Depth Functional Implementation (DFIA) Afloat Network Firewall Intrusion Detection & Prevention 12 May 15 TAB approved standards for: Host Level Protection Continuous Monitoring IT / IA TAB will determine method for leveraging Facets and Platform Architecture to consistently identify CYBERSAFE critical items 14
15 1. Optimizing Investments How do you prioritize requirements in this environment? What metrics & measures do we use? Are we looking at the right things? How did you measure cyber security risk and establish a threshold of acceptance vs. mitigation? Have you invested in and used defensive cyber maneuvers (e.g. randomization) to frustrate would-be attackers? 2. Delivering Mission Assurance How did you decide what data or systems to protect first and what were you willing to spend? Did you work to minimize your threat surface or focus on protecting what you currently have? IA Standards Roadmap 3. Developing Resilient Architectures and Standards Does this threat require a holistic architectural response? (Sum of the parts greater than the whole?) What are the differences between securing Industrial Control Systems vs. IT Systems? Where does this put us on the innovation curve? 4. Improving Culture, Accountability, and Oversight How do you design & execute organizational & cultural change? What is the most effective way to improve leadership and user compliance & behavior? How do you approach the development and retention of a Cyber Smart workforce? (other than compensation) To what extent have employee privacy concerns impeded your efforts? Achieving Cyber Resiliency requires a balance between Government & Industry 15
How SPAWAR s Information Technology & Information Assurance Technical Authority Support Navy Cybersecurity Objectives
How SPAWAR s Information Technology & Information Assurance Technical Authority Support Navy Cybersecurity Objectives DON IT Conference // AFCEA West 2015 Presented by: RDML John Ailes Chief Engineer SPAWAR
More informationSoftware Sustainment Issues and Challenges
Software Sustainment Issues and Challenges 9 December 2015 Presented to: 2015 DoD Maintenance Symposium Distribution Statement A. Approved for Public Release. Distribution is unlimited (3 December 2015).
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationEncl: (1) Surface Warfare Tactical Requirement Group Membership
DEPARTMENT OF THE NAVY OFFICE OF THE CHIEF OF NAVAL OPERATIONS 2000 NAVY PENTAGON WASHINGTON, DC 20350-2000 OPNAVINST 5420.113 N9 OPNAV INSTRUCTION 5420.113 From: Chief of Naval Operations Subj: SURFACE
More informationDoD Strategy for Defending Networks, Systems, and Data
DoD Strategy for Defending Networks, Systems, and Data November 13, 2013 Department DoDD of Defense Chief Information Officer DoD Strategy for Defending Networks, Systems, and Data Introduction In July
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationEnterprise Security Tactical Plan
Enterprise Security Tactical Plan Fiscal Years 2011 2012 (July 1, 2010 to June 30, 2012) Prepared By: State Chief Information Security Officer The Information Security Council State of Minnesota Enterprise
More informationConsolidated Afloat Networks and Enterprise Services (CANES)
Program Executive Office Command, Control, Communications, Computers and Intelligence (PEO C4I) Consolidated Afloat Networks and Enterprise Services (CANES) Statement A: Approved for public release; distribution
More informationCybersecurity and internal audit. August 15, 2014
Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices
More informationProcess Solutions. Staying Ahead of Today s Cyber Threats. White Paper
Process Solutions White Paper Staying Ahead of Today s Cyber Threats Executive Summary In an age where ubiquitous flash drives can become precision-guided munitions and a serious security breach is a single,
More informationTriangle InfoSeCon. Alternative Approaches for Secure Operations in Cyberspace
Triangle InfoSeCon Alternative Approaches for Secure Operations in Cyberspace Lt General Bob Elder, USAF (Retired) Research Professor, George Mason University Strategic Advisor, Georgia Tech Research Institute
More informationHOUSE ARMED SERVICES COMMITTEE SUBCOMMITTEE ON EMERGING THREATS AND CAPABILITIES STATEMENT
NOT FOR PUBLICATION UNTIL RELEASED BY HOUSE ARMED SERVICES COMMITTEE SUBCOMMITTEE ON EMERGING THREATS AND CAPABILITIES STATEMENT OF DR. JOHN ZANGARDI ACTING DEPARTMENT OF THE NAVY CHIEF INFORMATION OFFICER
More informationNavy Information Dominance Industry Day
Navy Information Dominance Industry Day Vice Admiral Kendall Card Deputy Chief of Naval Operations for Information Dominance and Director of Naval Intelligence OPNAV N2/N6 Evolution of Warfare 1990 Non-Kinetic
More informationSTATEMENT BY DAVID DEVRIES PRINCIPAL DEPUTY DEPARTMENT OF DEFENSE CHIEF INFORMATION OFFICER BEFORE THE
STATEMENT BY DAVID DEVRIES PRINCIPAL DEPUTY DEPARTMENT OF DEFENSE CHIEF INFORMATION OFFICER BEFORE THE HOUSE OVERSIGHT AND GOVERNMENT REFORM COMMITTEE S INFORMATION TECHNOLOGY SUBCOMMITTEE AND THE VETERANS
More informationIntroduction. Jason Lawrence, MSISA, CISSP, CISA Manager, EY Advanced Security Center Atlanta, Georgia jason.lawrence@ey.com Twitter: @ethical_infosec
Introduction Jason Lawrence, MSISA, CISSP, CISA Manager, EY Advanced Security Center Atlanta, Georgia jason.lawrence@ey.com Twitter: @ethical_infosec More than 20 years of experience in cybersecurity specializing
More informationAddressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense
A Trend Micro Whitepaper I February 2016 Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense How Trend Micro Deep Security Can Help: A Mapping to the SANS Top 20 Critical
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationLooking at the SANS 20 Critical Security Controls
Looking at the SANS 20 Critical Security Controls Mapping the SANS 20 to NIST 800-53 to ISO 27002 by Brad C. Johnson The SANS 20 Overview SANS has created the 20 Critical Security Controls as a way of
More informationDEFENSE INFORMATION SYSTEMS AGENCY STRATEGIC PLAN UNITED IN SERVICE TO OUR NATION
DEFENSE INFORMATION SYSTEMS AGENCY STRATEGIC PLAN 2015 2020 UNITED IN SERVICE TO OUR NATION DIRECTOR S STATEMENT We are at an operational crossroads. We continue to operate in a contested battlespace,
More informationCompliance. Review. Our Compliance Review is based on an in-depth analysis and evaluation of your organization's:
Security.01 Penetration Testing.02 Compliance Review.03 Application Security Audit.04 Social Engineering.05 Security Outsourcing.06 Security Consulting.07 Security Policy and Program.08 Training Services
More informationOFFICE OF THE SECRETARY OF DEFENSE 1700 DEFENSE PENTAGON WASHINGTON, DC 20301-1700
OFFICE OF THE SECRETARY OF DEFENSE 1700 DEFENSE PENTAGON WASHINGTON, DC 20301-1700 OPERATIONAL TEST AND EVALUATION AUG 0 1 2014 MEMORANDUM FOR COMMANDER, ARMY TEST AND EVALUATION COMMAND COMMANDER, AIR
More informationNAVAL SEA SYSTEMS COMMAND STRATEGIC BUSINESS PLAN
NAVAL SEA SYSTEMS COMMAND STRATEGIC BUSINESS PLAN 2013-2018 2 NAVAL SEA SYSTEMS COMMAND Foreword Everything the United States Navy brings to the fight, and ultimately does for the nation, is delivered
More informationSecurity Architecture: From Start to Sustainment. Tim Owen, Chief Engineer SMS DGI Cyber Security Conference June 2013
Security Architecture: From Start to Sustainment Tim Owen, Chief Engineer SMS DGI Cyber Security Conference June 2013 Security Architecture Topics Introduction Reverse Engineering the Threat Operational
More informationThe Comprehensive National Cybersecurity Initiative
The Comprehensive National Cybersecurity Initiative President Obama has identified cybersecurity as one of the most serious economic and national security challenges we face as a nation, but one that we
More informationHow To Improve The Defense Communications System
Briefing to the AFCEA International Cyber Symposium 26 June 2013 Lt Gen Ronnie D. Hawkins, Jr. Director, Defense Information Systems Agency 1 1 UNCLASSIFIED Organizational Changes Command Staff Financial
More informationAppendix. Key Areas of Concern. i. Inadequate coverage of cybersecurity risk assessment exercises
Appendix Key Areas of Concern i. Inadequate coverage of cybersecurity risk assessment exercises The scope coverage of cybersecurity risk assessment exercises, such as cybersecurity control gap analysis
More informationCybersecurity Enhancement Account. FY 2017 President s Budget
Cybersecurity Enhancement Account FY 2017 President s Budget February 9, 2016 Table of Contents Section 1 Purpose... 3 1A Mission Statement... 3 1.1 Appropriations Detail Table... 3 1B Vision, Priorities
More informationU.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems
U.S. Office of Personnel Management Actions to Strengthen Cybersecurity and Protect Critical IT Systems June 2015 1 I. Introduction The recent intrusions into U.S. Office of Personnel Management (OPM)
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationOperationally Focused CYBER Training Framework
Operationally Focused CYBER Training Framework Deputy Director, Field Security Operations 9 May 2012 Agenda DISA Cyber Workforce Training Vision Basic Tenets Role-based Educational/Assessment implementation
More informationCisco Security Optimization Service
Cisco Security Optimization Service Proactively strengthen your network to better respond to evolving security threats and planned and unplanned events. Service Overview Optimize Your Network for Borderless
More informationCritical Controls for Cyber Security. www.infogistic.com
Critical Controls for Cyber Security www.infogistic.com Understanding Risk Asset Threat Vulnerability Managing Risks Systematic Approach for Managing Risks Identify, characterize threats Assess the vulnerability
More informationCybersecurity: Mission integration to protect your assets
Cybersecurity: Mission integration to protect your assets C Y B E R S O L U T I O N S P O L I C Y O P E R AT I O N S P E O P L E T E C H N O L O G Y M A N A G E M E N T Ready for what s next Cyber solutions
More informationETHICAL HACKING 010101010101APPLICATIO 00100101010WIRELESS110 00NETWORK1100011000 101001010101011APPLICATION0 1100011010MOBILE0001010 10101MOBILE0001
001011 1100010110 0010110001 010110001 0110001011000 011000101100 010101010101APPLICATIO 0 010WIRELESS110001 10100MOBILE00010100111010 0010NETW110001100001 10101APPLICATION00010 00100101010WIRELESS110
More informationNAVFAC EXWC Platform Information Technology (PIT) Cyber Security Initiatives
NAVFAC EXWC Platform Information Technology (PIT) Cyber Security Initiatives Center of excellence for secure integration, deployment and sustainment of Industrial Control Systems and Operational Technology
More informationU.S. Department of Energy Office of Inspector General Office of Audits & Inspections. Evaluation Report
U.S. Department of Energy Office of Inspector General Office of Audits & Inspections Evaluation Report The Department's Unclassified Cyber Security Program - 2012 DOE/IG-0877 November 2012 MEMORANDUM FOR
More informationNorth Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing
North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing Introduction ManTech Project Manager Mark Shaw, Senior Executive Director Cyber Security Solutions Division
More informationCyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.
Cyber Security Automation of energy systems provides attack surfaces that previously did not exist Cyber attacks have matured from teenage hackers to organized crime to nation states Centralized control
More informationCloud Computing Technologies Achieving Greater Trustworthiness and Resilience
Cloud Computing Technologies Achieving Greater Trustworthiness and Resilience Cloud Standards Customer Council Public Sector Cloud Summit March 24, 2014 Dr. Ron Ross Computer Security Division Information
More informationJoint Information Environment Single Security Architecture (JIE SSA)
Joint Information Environment Single Security Architecture (JIE SSA) Danielle Metz DISA JIE Special Assistant to the Mission Assurance Executive /JIE SSA Integrated Design Team Lead 12 May 2014 Problem
More informationSession 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness
Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness Wayne A. Wheeler The Aerospace Corporation GSAW 2015, Los Angeles, CA, March 2015 Agenda Emerging cyber
More informationApplication White Listing and Privilege Management: Picking Up Where Antivirus Leaves Off
Application White Listing and Privilege Management: Picking Up Where Antivirus Leaves Off Times have Changed & A/V Executives Agree An A/V product as your sole endpoint protection solution isn t enough.
More informationThe Cyber OODA Loop: How Your Attacker Should Help You Design Your Defense. Tony Sager The Center for Internet Security
The Cyber OODA Loop: How Your Attacker Should Help You Design Your Defense Tony Sager The Center for Internet Security Classic Risk Equation Risk = { Vulnerability, Threat, Consequence } countermeasures
More informationNICE and Framework Overview
NICE and Framework Overview Bill Newhouse NIST NICE Leadership Team Computer Security Division Information Technology Lab National Institute of Standards and Technology TABLE OF CONTENTS Introduction to
More informationState of Minnesota. Enterprise Security Strategic Plan. Fiscal Years 2009 2013
State of Minnesota Enterprise Security Strategic Plan Fiscal Years 2009 2013 Jointly Prepared By: Office of Enterprise Technology - Enterprise Security Office Members of the Information Security Council
More informationWho Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015
Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence AIBA Quarterly Meeting September 10, 2015 The Answer 2 Everyone The relationship between the board, C-suite, IT, and compliance leaders
More informationFREQUENTLY ASKED QUESTIONS
FREQUENTLY ASKED QUESTIONS Continuous Monitoring 1. What is continuous monitoring? Continuous monitoring is one of six steps in the Risk Management Framework (RMF) described in NIST Special Publication
More information2015 Michigan NASCIO Award Nomination. Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy
2015 Michigan NASCIO Award Nomination Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy Sponsor: David Behen, DTMB Director and Chief Information Officer Program Manager: Rod Davenport,
More informationObtaining Enterprise Cybersituational
SESSION ID: SPO-R06A Obtaining Enterprise Cybersituational Awareness Eric J. Eifert Sr. Vice President Managed Security Services DarkMatter Agenda My Background Key components of the Cyber Situational
More informationHigh Level Cyber Security Assessment 2/1/2012. Assessor: J. Doe
2/1/2012 Assessor: J. Doe Disclaimer This report is provided as is for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information
More informationASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES
ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES Leonard Levy PricewaterhouseCoopers LLP Session ID: SEC-W03 Session Classification: Intermediate Agenda The opportunity Assuming
More informationTargeted Intrusion Remediation: Lessons From The Front Lines. Jim Aldridge
Targeted Intrusion Remediation: Lessons From The Front Lines Jim Aldridge All information is derived from MANDIANT observations in non-classified environments. Information has beensanitized where necessary
More informationIndustrial Security for Process Automation
Industrial Security for Process Automation SPACe 2012 Siemens Process Automation Conference Why is Industrial Security so important? Industrial security is all about protecting automation systems and critical
More informationAudit Report. Management of Naval Reactors' Cyber Security Program
U.S. Department of Energy Office of Inspector General Office of Audits and Inspections Audit Report Management of Naval Reactors' Cyber Security Program DOE/IG-0884 April 2013 Department of Energy Washington,
More informationExecutive Overview...4. Importance to Citizens, Businesses and Government...5. Emergency Management and Preparedness...6
Securing the State Of Michigan Information Technology Resources Table of Contents Executive Overview...4 Importance to Citizens, Businesses and Government...5 Emergency Management and Preparedness...6
More informationC ETS C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CSCSS / ENTERPRISE TECHNOLOGY + SECURITY
CSCSS / ENTERPRISE TECHNOLOGY + SECURITY C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CENTRE FOR STRATEGIC CSCSS CYBERSPACE + SECURITY SCIENCE CSCSS / ENTERPRISE TECHNOLOGY + SECURITY GROUP Information
More informationCyber Security Metrics Dashboards & Analytics
Cyber Security Metrics Dashboards & Analytics Feb, 2014 Robert J. Michalsky Principal, Cyber Security NJVC, LLC Proprietary Data UNCLASSIFIED Agenda Healthcare Sector Threats Recent History Security Metrics
More informationSTATEMENT OF MR. THOMAS ATKIN ACTING ASSISTANT SECRETARY OF DEFENSE FOR HOMELAND DEFENSE AND GLOBAL SECURITY OFFICE OF THE SECRETARY OF DEFENSE;
STATEMENT OF MR. THOMAS ATKIN ACTING ASSISTANT SECRETARY OF DEFENSE FOR HOMELAND DEFENSE AND GLOBAL SECURITY OFFICE OF THE SECRETARY OF DEFENSE; LIEUTENANT GENERAL JAMES K. MCLAUGHLIN DEPUTY COMMANDER,
More informationAdvanced Systems & Development
Advanced Systems & Development Transitioning to an Enterprise Ground System Lt Col Matt Kimsal SMC/ADY Envisioning and Shaping the Future of Space BLUF SMC/AD is generating a plan for the transformation
More informationDeputy Chief Financial Officer Peggy Sherry. And. Chief Information Security Officer Robert West. U.S. Department of Homeland Security.
Deputy Chief Financial Officer Peggy Sherry And Chief Information Security Officer Robert West U.S. Department of Homeland Security Testimony Before the Subcommittee on Government Organization, Efficiency
More informationThe Protection Mission a constant endeavor
a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring
More informationNSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense
NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense Cyber Investigations Data Management Systems Security Data Security Analysis Digital Forensics Health Care Security Industrial
More informationAttachment A. Identification of Risks/Cybersecurity Governance
Attachment A Identification of Risks/Cybersecurity Governance 1. For each of the following practices employed by the Firm for management of information security assets, please provide the month and year
More informationWhite Paper: Leveraging Web Intelligence to Enhance Cyber Security
White Paper: Leveraging Web Intelligence to Enhance Cyber Security October 2013 Inside: New context on Web Intelligence The need for external data in enterprise context Making better use of web intelligence
More informationSecurity in Space: Intelsat Information Assurance
Security in Space: Intelsat Information Assurance 14/03/6997 Intelsat Information Assurance Intelsat maintains the highest standards of Information Assurance by assessing and building the Intelsat infrastructure,
More informationCyber Risk Mitigation via Security Monitoring. Enhanced by Managed Services
Cyber Risk Mitigation via Security Monitoring Enhanced by Managed Services Focus: Up to But Not Including Corporate and 3 rd Party Networks Level 4 Corporate and 3 rd Party/Vendor/Contractor/Maintenance
More informationCyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record
Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record Roberta Stempfley Acting Assistant Secretary for Cybersecurity and Communications
More informationHow To Manage Security On A Networked Computer System
Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy
More informationIBM Security Strategy
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
More informationHow To Improve Federal Network Security
Department of Federal Network Trusted Internet Connections (TIC) Update for the Information and Privacy Advisory Board July 29, 2009 Federal Network (FNS) Federal Network Branch Branch Vision: To be the
More informationCyber Watch. Written by Peter Buxbaum
Cyber Watch Written by Peter Buxbaum Security is a challenge for every agency, said Stanley Tyliszczak, vice president for technology integration at General Dynamics Information Technology. There needs
More informationIntrusion Detection and Threat Vectors Michael Arent EDS-Global Information Security
Insert photo here Intrusion Detection and Threat Vectors Michael Arent EDS-Global Information Security 1 / 07 May 2008 / EDS The direction is changing.... 2 / 07 May 2008 / EDS Intrusion costs are rising
More informationInternal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015
Internal audit of cybersecurity Presentation to the Atlanta IIA Chapter January 2015 Agenda Executive summary Why is this topic important? Cyber attacks: increasing complexity arket insights: What are
More informationIT AUDIT WHO WE ARE. Current Trends and Top Risks of 2015 10/9/2015. Eric Vyverberg. Randy Armknecht. David Kupinski
IT AUDIT Current Trends and Top Risks of 2015 2 02 Eric Vyverberg WHO WE ARE David Kupinski Randy Armknecht Associate Director Internal Audit Protiviti 317.510.4661 eric.vyverberg@protiviti.com Managing
More informationSecure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities
Secure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities Sean Barnum sbarnum@mitre.org September 2011 Overview What is SCAP? Why SCAP?
More informationReliable, Repeatable, Measurable, Affordable
Reliable, Repeatable, Measurable, Affordable Defense-in-Depth Across Your Cyber Security Life-Cycle Faced with today s intensifying threat environment, where do you turn for cyber security answers you
More informationIndependent Security Operations Oversight and Assessment. Captain Timothy Holland PM NGEN
Independent Security Operations Oversight and Assessment Captain Timothy Holland PM NGEN 23 June 2010 Independent Security Operations Oversight and Assessment Will Jordan NGEN Cyber Security 23 June 2010
More informationEnterprise Computing Solutions
Business Intelligence Data Center Cloud Mobility Enterprise Computing Solutions Security Solutions arrow.com Security Solutions Secure the integrity of your systems and data today with the one company
More informationTotal Ownership Cost (TOC) and Cost as an Independent Variable (CAIV)
Total Ownership Cost (TOC) and Cost as an Independent Variable (CAIV) Dr. Jeffrey Beach Naval Surface Warfare Center Carderock Division; Survivability, Structures and Materials Directorate 1 2. Definitions:
More informationState of Oregon. State of Oregon 1
State of Oregon State of Oregon 1 Table of Contents 1. Introduction...1 2. Information Asset Management...2 3. Communication Operations...7 3.3 Workstation Management... 7 3.9 Log management... 11 4. Information
More informationCHAPTER 3 : INCIDENT RESPONSE THREAT INTELLIGENCE GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC
: INCIDENT RESPONSE THREAT INTELLIGENCE 1 THREAT INTELLIGENCE How it applies to our clients, and discuss some of the key components and benefits of a comprehensive threat intelligence strategy. Threat
More informationRSA Security Analytics
RSA Security Analytics This is what SIEM was Meant to Be 1 The Original Intent of SIEM Single compliance & security interface Compliance yes, but security? Analyze & prioritize alerts across various sources
More informationNERC CIP VERSION 5 COMPLIANCE
BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements that are the basis for maintaining
More informationSystems Engineering and Integration Efforts. 11 Dec 2013
Systems Engineering and Integration Efforts 11 Dec 2013 Mr. Leo Smith Director, PoR Engineering Support ASA(ALT) System of Systems Engineering & Integration Directorate (SOSE&I) Approved for Public Release;
More informationDefense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks
Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks A look at multi-vendor access strategies Joel Langill TÜV FSEng ID-1772/09, CEH, CPT, CCNA Security Consultant / Staff
More informationDIVISION OF INFORMATION SECURITY (DIS) Information Security Policy Threat and Vulnerability Management V1.0 April 21, 2014
DIVISION OF INFORMATION SECURITY (DIS) Information Security Policy Threat and Vulnerability Management V1.0 April 21, 2014 Revision History Update this table every time a new edition of the document is
More informationEVALUATION REPORT. The Department of Energy's Unclassified Cybersecurity Program 2014
U.S. Department of Energy Office of Inspector General Office of Audits and Inspections EVALUATION REPORT The Department of Energy's Unclassified Cybersecurity Program 2014 DOE/IG-0925 October 2014 Department
More informationState of South Carolina Policy Guidance and Training
State of South Carolina Policy Guidance and Training Policy Workshop Small Agency Threat and Vulnerability Management Policy May 2014 Agenda Questions & Follow-Up Policy Workshop Overview & Timeline Policy
More informationCybersecurity: An Innovative Approach to Advanced Persistent Threats
Cybersecurity: An Innovative Approach to Advanced Persistent Threats SESSION ID: AST1-R01 Brent Conran Chief Security Officer McAfee This is who I am 2 This is what I do 3 Student B The Hack Pack I used
More informationHoneywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014
Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security
More informationPost-Access Cyber Defense
Post-Access Cyber Defense Dr. Vipin Swarup Chief Scientist, Cyber Security The MITRE Corporation November 2015 Approved for Public Release; Distribution Unlimited. 15-3647. 2 Cyber Security Technical Center
More informationSECURITY CONTROLS AND RISK MANAGEMENT FRAMEWORK
SECURITY CONTROLS AND RISK MANAGEMENT FRAMEWORK BACKGROUND The National Institute of Standards and Technology (NIST) Special Publication 800-53 defines a comprehensive set of controls that is the basis
More informationForecast to Industry 2015
Forecast to Industry 2015 Networking Technologies Ms. Lisa Belt Deputy, Infrastructure Directorate 2 November 2015 87 Infrastructure Directorate IE1 Transport Division IE Infrastructure Directorate Email:
More informationStatement of Gil Vega. Associate Chief Information Officer for Cybersecurity and Chief Information Security Officer. U.S. Department of Energy
Statement of Gil Vega Associate Chief Information Officer for Cybersecurity and Chief Information Security Officer U.S. Department of Energy Before the Subcommittee on Oversight and Investigations Committee
More informationOCIE CYBERSECURITY INITIATIVE
Topic: Cybersecurity Examinations Key Takeaways: OCIE will be conducting examinations of more than 50 registered brokerdealers and registered investment advisers, focusing on areas related to cybersecurity.
More informationInformation Assurance Manual
THE SECRETARY OF THE NAVY SECNAV M-5239.1 Department of the Navy Information Assurance Program Information Assurance Manual Published By The Department of the Navy Chief Information Officer DEPARTMENT
More informationSeven Strategies to Defend ICSs
INTRODUCTION Cyber intrusions into US Critical Infrastructure systems are happening with increased frequency. For many industrial control systems (ICSs), it s not a matter of if an intrusion will take
More informationProtecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More informationCOUNTERINTELLIGENCE. Protecting Key Assets: A Corporate Counterintelligence Guide
COUNTERINTELLIGENCE O F F I C E O F T H E N A T I O N A L C O U N T E R I N T E L L I G E N C E Protecting Key Assets: A Corporate Counterintelligence Guide E X E C U T I V E Counterintelligence for the
More informationOpening Up a Second Front for Cyber Security and Risk Management
Opening Up a Second Front for Cyber Security and Risk Management Annual Computer Security Applications Conference December 4, 2012 Dr. Ron Ross Computer Security Division Information Technology Laboratory
More information