REN-ISAC Research and Education Networking Information Sharing and Analysis Center
|
|
- Damian Craig
- 8 years ago
- Views:
Transcription
1 REN-ISAC Research and Education Networking Sharing and Analysis Center EDUCAUSE and Internet2 Security Professionals Conference April 2007
2 Introductions Mark Bruhn AVP for Telecommunications, IU AD, Center for Applied Cybersecurity Research Executive Director REN-ISAC Chris Misra Network Analyst, UMass Chair, REN-ISAC Technical Advisory Group Doug Pearson Technical Director REN-ISAC Jack Suess VPIT and CIO, UMBC Chair, REN-ISAC Executive Advisory Group Dave Monnier Principal Security Engineer, REN-ISAC
3 In this presentation, we ll: Presentation Outline describe ISACs in general, give a general description of the REN-ISAC, give details regarding what REN-ISAC does, make an important announcement(!), outline the REN-ISAC organization, talk about REN-ISAC membership.
4 ISACs in general Formation encouraged by U.S. Government Presidential Decision Directive 63: Protecting America's Critical Infrastructures (1998) and subsequently affirmed in The National Strategy to Secure Cyberspace (2003) Collect, derive, analyze, and disseminate security threat information, including: the physical security of infrastructure, operations, and facilities, and computing and networking infrastructures Provide resources to support member understanding of threats, protection, and mitigation, so that member organizations can better defend and secure their infrastructures and operations. Most are private-sector entities.
5 ISACs Communications Chemical Industry Electricity Sector Energy Emergency Mgmt and Response Financial Services Highway Technology Multi-State Public Transit Research and Education Networking Surface Transportation Supply Chain Water
6 The REN-ISAC: REN-ISAC is an integral part of U.S. higher education s strategy to improve network security through information collection, analysis, dissemination, early warning, and response; is specifically designed to support the unique environment and needs of higher education and research organizations; and, supports efforts to protect national cyber infrastructure by participating in the formal U.S. ISAC structure. Foremost, REN-ISAC is a member-driven trusted community for sharing sensitive information regarding cybersecurity threat, incidents, response, and protection.
7 Members 24x7 Watch Desk Sharing Served Networks Collect, analyze, and disseminate intelligence Products Education Intel Relationships Registry Tools Exercises
8 Members 24x7 Watch Desk Sharing Served Networks Collect, analyze, and disseminate intelligence Products Education Intel Relationships Registry Tools Exercises
9 network instrumentation and sensors backbone netflow REN-ISAC darknet Shared Darknet Project Global NOC operational monitoring members direct reconnaissance Collect, analyze, and disseminate intelligence REN-ISAC staff members 24x7 Watch Desk information sharing relationships
10 Members 24x7 Watch Desk Sharing Served Networks Collect, analyze, and disseminate intelligence Products Education Intel Relationships Registry Tools Exercises
11 private threat collection and mitigation efforts e.g. among ISPs,.edu regional groups, etc. other sector ISACs daily inter-isac status conference DHS/US-CERT and other national CERTS and CSIRTS Intel Relationships Global Research NOC at IU servicing Internet2 Abilene, NLR, and international connecting networks vendors Microsoft / REN-ISAC SCPe
12 Microsoft / REN-ISAC SCPe New Partnership announced today! Security Cooperation Program for Education The program provides a focal point for Microsoft to share vital security information with the research and higher education communities. Under the agreement, Microsoft and the REN- ISAC will share information regarding vulnerabilities, exploits, and fixes, as well as other information at a level of depth and detail that will help both parties become more proactive and responsive to issues affecting the global community. Provides access to materials to support member security awareness programs.
13 Microsoft / REN-ISAC SCPe This unique trust relationship with Microsoft will provide an information source from which we can impart important security and product information to our membership, and through which we can give feedback to Microsoft regarding our security experiences with their products. The relationship will be supported and facilitated through a REN-ISAC Microsoft Analysis Team Ryan Eads, University of Illinois, Urbana-Champaign Brad Judy, University of Colorado, Boulder Sean Krulewitch, Indiana University Brian Smith-Sweeney, New York University Dave Monnier, REN-ISAC / Indiana University Doug Pearson, REN-ISAC / Indiana University
14 Additional information Microsoft / REN-ISAC SCPe
15 Members 24x7 Watch Desk Sharing Served Networks Collect, analyze, and disseminate intelligence Products Education Intel Relationships Registry Tools Exercises
16 private Trust Community facilitates the sharing of sensitive information Sharing actionable information for protection and response Products and peer sharing within Trusted Communities members intel relationships Trust Community channels private mailing list secure IRC community web portal incident data downloads outside the Trust Community non-member.edu we send notifications of compromised machines
17 Members 24x7 Watch Desk Sharing Served Networks Collect, analyze, and disseminate intelligence Products Education Intel Relationships Registry Tools Exercises
18 Daily Weather Report provides situational awareness Alerts provide timely information concerning new or increasing threat. Notifications are sent to contacts at sources and targets of active threat or incident involving member networks. Threat Resources provide information regarding known active sources of threat. Monitoring views provide aggregate information for situational awareness. Products
19 Members 24x7 Watch Desk Sharing Served Networks Collect, analyze, and disseminate intelligence Products Education Intel Relationships Registry Tools Exercises
20 TechBurst webcasts inform on technical topics relevant to security protection and response; are presented monthly by members. Examples include: BotNet Detection Using DNS Methods Netflow Advanced Topics DNS: Protocols, Operation and Security Education Advisories inform regarding specific practices or approaches that can improve security posture. Peer interaction (IRC and mailing list)
21 Members 24x7 Watch Desk Sharing Served Networks Collect, analyze, and disseminate intelligence Products Education Intel Relationships Registry Tools Exercises
22 Internet2 Abilene Operational security exercises First held November 2005: Day-long table top exercise (talking only, no flows) Abilene backbone infrastructure attacks, 2 scenarios Report identifies ~40 observations Second (date TBD) will include domestic and international participants Exercises
23 Members 24x7 Watch Desk Sharing Served Networks Collect, analyze, and disseminate intelligence Products Education Intel Relationships Registry Tools Exercises
24 services malware analysis system (dev) passive DNS replication service (dev).edu notification system Cyber Security Registry (dev) wiki IRC listserv community portal RENOIR (WPI / CSI2 dev) monitors and sensors REN-ISAC darknet Shared Darknet Project (R-I / CSI2) netflow collection and analysis Traffic Grapher Arbor Peakflow flow-tools DNS infrastructure monitoring Tools
25 Members 24x7 Watch Desk Sharing Served Networks Collect, analyze, and disseminate intelligence Products Education Intel Relationships Registry Tools Exercises
26 Registry Rich information about.edu security contacts people and institutions (under development)
27 Members 24x7 Watch Desk Sharing Served Networks Collect, analyze, and disseminate intelligence Products Education Intel Relationships Registry Tools Exercises
28 24x7 Watch Desk
29 REN-ISAC : organization Trust community Member participation Supporting organizations Contributors Advisory groups Analysis teams Organizational Relationships
30 REN-ISAC : organization Trust community Member participation Supporting Organizations Contributors Advisory groups Analysis teams Organizational Relationships A trusted community for sharing sensitive information regarding cybersecurity threat, incidents, response, and protection, specifically designed to support the unique environment and needs of higher education and research organizations. Rigorous guidelines for membership and member vetting are used to engender and maintain a community of trust requisite for sharing sensitive information.
31 REN-ISAC : organization Trust community Member participation Supporting Organizations Contributors Advisory groups Analysis teams Organizational Relationships cornerstone of REN-ISAC types of contributions sharing w/ peers Dedicated commitment of resources Informal commitment of resources Daily reports authoring Systems administration TechBurst webcasts Sensor and monitor data sharing Tool development Advisory groups Analysis Teams
32 REN-ISAC : organization Trust community Member participation Supporting Organizations Contributors Indiana University (host) Internet2 EDUCAUSE Louisiana State University Advisory groups Analysis teams Organizational Relationships
33 REN-ISAC : organization Trust community Member participation Supporting Organizations Contributors.edu members others Advisory groups Analysis teams Organizational Relationships Berkeley (TAG) Brandeis (wiki) Colorado (MAT) Cornell (TAG) IU (host, EAG, TAG) LSU (daily reports, EAG) Oakland (EAG) Oregon (TAG) MOREnet (TAG, TechBursts) NYU (MAT) Reed College (EAG) UMass (TAG) UMBC (EAG) UMN (TAG) UMT (EAG) WPI (TAG, systems)
34 REN-ISAC : organization Trust community Member participation Supporting Organizations Contributors edu members others Advisory groups Analysis teams Organizational Relationships Team Cymru Neustar Sunbelt (TAG) (TAG, tools) (systems)
35 REN-ISAC : organization Trust community Member participation Supporting Organizations Contributors Advisory groups Analysis teams Organizational Relationships Executive Advisory Group (EAG) advises regarding policies, legal issues, plans and strategies, and other non-technical aspects of REN-ISAC operations. Technical Advisory Group (TAG) advises regarding useful REN-ISAC products and services, guided by evaluation of member needs.
36 Executive Advisory Group Advises regarding policies, legal issues, plans and strategies, and other non-technical aspects of REN-ISAC operations. Jack Seuss, chair University of Maryland-Baltimore County Ray Ford University of Montana Ken Klingenstein Internet2 & University of Colorado Rodney Petersen EDUCAUSE Marty Ringle Reed College Theresa Rowe Oakland University Brian Voss Louisiana State University Ex-officio Members: Mark Bruhn REN-ISAC/Indiana University Chris Misra, TAG Chair University of Massachusetts Amherst Doug Pearson REN-ISAC/Indiana University
37 Technical Advisory Group Advises regarding useful products, services, and methods guided by the REN-ISAC mission and survey of member needs. Chris Misra, chair University of Massachusetts Amherst Daniel Aldinolfi Cornell University Phil Deneault Worcester Polytechnic Institute Brian Eckman University of Minnesota Stephen Gill Team Cymru Andrew Korty Indiana University John Kristoff UltraDNS Randy Raw Missouri Research and Education Network Michael Sinatra University of California Berkeley Joe St Sauver University of Oregon Ex-officio Members Dave Monnier REN-ISAC/Indiana University Doug Pearson REN-ISAC/Indiana University
38 REN-ISAC : organization Trust community Member participation Supporting Organizations Contributors Advisory groups Analysis teams Organizational Relationships Microsoft Analysis Team serves as the technical interface between REN-ISAC and Microsoft for the SCPe. Guides the objectives for the relationship, and receives, analyzes, and disseminates information shared under the Partnership. Ryan Eads, UIUC Brad Judy, U Colorado, Boulder Sean Krulewitch, IU Brian Smith-Sweeney, NYU Dave Monnier, REN-ISAC / IU Doug Pearson, REN-ISAC / IU
39 REN-ISAC : organization Trust community Member participation Supporting Organizations Contributors Advisory groups Analysis teams Org. Relationships Internet2 EDUCAUSE Internet2/EDUCAUSE Computer & Network Security Task Force National ISAC Council Internet2 SALSA Internet2 CSI2 Working Group
40 REN-ISAC : membership Membership is open and free to: institutions of higher education, teaching hospitals, research and education network providers, and government-funded research organizations. Membership guidelines are roughly: must be permanent staff, with organization-wide responsibilities for cybersecurity protection and response, and be vouched-for by 2 existing members
41 Summary REN-ISAC is a member-driven trusted community for sharing sensitive information regarding cybersecurity threat, incidents, response, and protection. The information facilitates and enhances your local protection and response efforts. REN-ISAC serves the higher education and research communities. REN-ISAC is a product of its members. Membership is free, but according to a particular job profile and vouched-for trust.
42 References and Contacts 24x7 Watch Desk: +1(317) Mark Bruhn, Executive Director, Doug Pearson, Technical Director Dave Monnier, Principal Security Engineer
Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC)
Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC) Doug Pearson Director, REN-ISAC ren-isac@iu.edu Copyright Trustees of Indiana University 2003. Permission is granted
More informationSecurity Topics Update. Christopher Misra Doug Pearson April 2008
Security Topics Update Christopher Misra Doug Pearson April 2008 Session outline Salsa Internet2/EDUCAUSE Security Task Force Current Salsa activities Working group updates CSI2, DR, FWNA, DNSsec REN-ISAC
More informationInformation Security in Higher Education
Information Security in Higher Education Joanna Grama, JD October 20, 2015 OARnet CIO Meeting Agenda Information Security in Context REN-ISAC EDUCAUSE Cybersecurity Initiative EDUCAUSE Annual Conference
More informationSES / CIF. Internet2 Combined Industry and Research Constituency Meeting April 24, 2012
SES / CIF Internet2 Combined Industry and Research Constituency Meeting April 24, 2012 Doug Pearson Technical Director, REN-ISAC dodpears@ren-isac.net Background on REN-ISAC The REN-ISAC mission is to
More informationSecurity Activities Update
Security Activities Update Internet2/ESnet Joint Techs College Station TX, February 4th, 2009 Joe St Sauver, Ph.D. Manager, Internet2 Security Programs (joe@uoregon.edu or joe@internet2.edu) http://www.uoregon.edu/~joe/sec-update-2009/
More informationComputer and Network Security in Higher Education
The Authors Computer and Network Security in Higher Education Mark Luker and Rodney Petersen, Editors A Publication of EDUCAUSE Copyright 2003 Jossey-Bass Inc. Published by Jossey-Bass, A Wiley Company.
More informationSecurity Incident Management Essentials Compiled as a service to the community by Internet2, EDUCAUSE, and REN-ISAC
Compiled as a service to the community by Internet2, EDUCAUSE, and REN-ISAC Background and Overview The Computer Security Incidents Internet2 (CSI2) working group organizes activities to better identify
More informationStatement of John (Jack) Suess, CIO, UMBC, and Cochair of the EDUCAUSE/Internet2 Computer and Network Security Task Force
Statement of John (Jack) Suess, CIO, UMBC, and Cochair of the EDUCAUSE/Internet2 Computer and Network Security Task Force National Cyber Security Awareness Month Kick-Off Event September 30, 2004 National
More informationFS-ISAC CHARLES BRETZ
FS-ISAC CHARLES BRETZ Information Sharing To be forewarned is to be fore-armed MISSION: Sharing Timely, Relevant, Actionable Cyber and Physical Security Information & Analysis A nonprofit private sector
More informationRomanian National Computer Security Incident Response Team CERT-RO. dan.tofan@cert-ro.eu http://www.cert-ro.eu
Romanian National Computer Security Incident Response Team CERT-RO dan.tofan@cert-ro.eu http://www.cert-ro.eu About A Digital Agenda for Europe, Pillar : Trust and Security, Action 38 Member States to
More informationDANCERT RFC2350 Description Date: 10-10-2014 Dissemination Level:
10-10-2014 Date: 10-10-2014 Dissemination Level: Owner: Authors: Public DANCERT DANTE Document Revision History Version Date Description of change Person 1.0 10-10-14 First version issued Jan Kohlrausch
More informationCyber security in an organization-transcending way
Cyber security in an organization-transcending way EASEE-gas meeting March 19, 2015 Paul Bloemen ICT Security Manager Gasunie Chair Dutch Energy ISAC March 19, 2015 2 What to talk about Why is cyber security
More informationUS-CERT Year in Review. United States Computer Emergency Readiness Team
US-CERT Year in Review United States Computer Emergency Readiness Team CY 2012 US-CERT Year in Review United States Computer Emergency Readiness Team CY 2012 What s Inside Welcome 1 Vison, Mission, Goals
More informationA Crisis Response, Information Sharing View of FFIEC Appendix J?
A Crisis Response, Information Sharing View of FFIEC Appendix J? Susan Rogers (MBCP, MBCI) Financial Services Information Sharing and Analysis Center FS-ISAC, Business Resiliency Director srogers@fsisac.us;
More informationIntegrating Cybersecurity with Emergency Operations Plans (EOPs) for Institutions of Higher Education (IHEs)
Integrating Cybersecurity with Emergency Operations Plans (EOPs) for Institutions of Higher Education (IHEs) Amy Banks, U.S. Department of Education, Center for School Preparedness, Office of Safe and
More informationINFRAGARD.ORG. Portland FBI. Unclassified 1
INFRAGARD.ORG Portland FBI 1 INFRAGARD Thousands of Members One Mission Securing Infrastructure The subject matter experts include: 2 INFRAGARD Provides a trusted environment for the exchange of Intelligence
More informationDeveloping Cyber Threat Intelligence or not failing in battle.
Developing Cyber Threat Intelligence or not failing in battle. AtlSecCon 2012, 02 March 2012 Adrien de Beaupré SANS ISC Handler Intru-Shun.ca Inc. Natasha Hellberg Bell Canada About me 32+, 22+, 12+ years
More informationUse of Honeypots for Network Monitoring and Situational Awareness
Use of Honeypots for Network Monitoring and Situational Awareness Cristine Hoepers cristine@cert.br Computer Emergency Response Team Brazil - CERT.br Network Information Center Brazil - NIC.br Brazilian
More informationTrends in Security Incidents and Hitachi s Activities
Hitachi Review Vol. 63 (2014), No. 5 270 Featured Articles Trends in Security Incidents and Hitachi s Activities About HIRT Activities Masato Terada, Dr. Eng. Masashi Fujiwara Akiko Numata Toru Senoo Kazumi
More informationReport on CAP Cybersecurity November 5, 2015
Agenda Number 7. Report on CAP Cybersecurity November 5, 2015 Phil Cook CISSP, CISM Manager, Information Technologies Risk #1 External Attacks PR 81 Protect and secure CAP's Information Technology assets
More informationDepartment of Homeland Security
Department of Homeland Security Cybersecurity Awareness for Colleges and Universities EDUCAUSE Live! July 24, 2014 Overview Dramatic increase in cyber intrusions, data breaches, and attacks at institutions
More informationCountry Case Study on Incident Management Capabilities CERT-TCC, Tunisia
Country Case Study on Incident Management Capabilities CERT-TCC, Tunisia Helmi Rais CERT-TCC Team Manager National Agency for Computer Security, Tunisia helmi.rais@ansi.tn helmi.rais@gmail.com Framework
More informationThreat Intelligence for Dummies. Karen Scarfone Scarfone Cybersecurity
Threat Intelligence for Dummies Karen Scarfone Scarfone Cybersecurity 1 Source Material Threat Intelligence for Dummies ebook Co-authored with Steve Piper of CyberEdge Group Published by Wiley Sponsored
More informationIntegrating Cybersecurity with Emergency Operations Plans (EOPs) for K-12 Education
Integrating Cybersecurity with Emergency Operations Plans (EOPs) for K-12 Education Amy Banks, U.S. Department of Education, Center for School Preparedness, Office of Safe and Healthy Students Hamed Negron-Perez,
More informationA BRAINSTORMING ON SECURITY FIRE DRILLS
A BRAINSTORMING ON SECURITY FIRE DRILLS Classification, Feasibility, Usefulness and Implications Maurizio Molina, DANTE Nino Jogun, CARNET on behalf of GÉANT3 project, SA2/T4 TF-CSIRT, Tallin, 25 th Sep.
More informationCyber Incident Annex. Cooperating Agencies: Coordinating Agencies:
Cyber Incident Annex Coordinating Agencies: Department of Defense Department of Homeland Security/Information Analysis and Infrastructure Protection/National Cyber Security Division Department of Justice
More informationCyber Security Threats Shehzad Mirza Director of the MS ISAC SOC
Cyber Security Threats Shehzad Mirza Director of the MS ISAC SOC Will Pelgrin CIS President and CEO MS ISAC Chair 2.6 Billion Internet Users 13% 1% 6% 3% Asia 44% 10% Europe 22.7% 44% North America 13.0%
More informationData Driven Assessment of Cyber Risk:
Data Driven Assessment of Cyber Risk: Challenges in Assessing and Mitigating Cyber Risk Mustaque Ahamad, Saby Mitra and Paul Royal Georgia Tech InformationSecurity Center Georgia Tech Research Institute
More informationCYBERSECURITY BEST PRACTICES FOR SMALL AND MEDIUM PENNSYLVANIA UTILITIES
CYBERSECURITY BEST PRACTICES FOR SMALL AND MEDIUM PENNSYLVANIA UTILITIES The information provided in this document is presented as a courtesy to be used for informational purposes only. This information
More informationNUIT Tech Talk. Peeking Behind the Curtain of Security. Jeff Holland Security Vulnerability Analyst Information & Systems Security/Compliance
NUIT Tech Talk Peeking Behind the Curtain of Security Jeff Holland Security Vulnerability Analyst Information & Systems Security/Compliance Definitions Malware: The Virus/Trojan software we ve all come
More informationMicrosoft s cybersecurity commitment
Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade
More informationThreat Intelligence & Analytics Cyber Threat Intelligence and how to best understand the adversary s operations
Threat Intelligence & Analytics Cyber Threat Intelligence and how to best understand the adversary s operations September 2015 Copyright 2015 Deloitte Development LLC. All rights reserved. This presentation
More informationGet the most out of Public Sector Cyber Security Associations & Collaboration
Get the most out of Public Sector Cyber Security Associations & Collaboration Gary Coverdale Chief Information Security Officer County of Napa, CA Stacey A. Wright Intel Manager MS-ISAC Get the most out
More informationFROM INBOX TO ACTION EMAIL AND THREAT INTELLIGENCE:
WHITE PAPER EMAIL AND THREAT INTELLIGENCE: FROM INBOX TO ACTION There is danger in your email box. You know it, and so does everyone else. The term phishing is now part of our daily lexicon, and even if
More informationContinuous Penetration Testing
Continuous Penetration Testing SyCom Technologies 1.0 Continuous Penetration Testing Imagine a service that continuously monitors and reports on any new threats that emerge real time and provides a tactical
More informationCisco Remote Management Services for Security
Cisco Remote Management Services for Security Innovation: Many Take Advantage of It, Some Strive for It, Cisco Delivers It. Cisco Remote Management Services (RMS) for Security provide around the clock
More informationCan We Become Resilient to Cyber Attacks?
Can We Become Resilient to Cyber Attacks? Nick Coleman, Global Head Cyber Security Intelligence Services December 2014 Can we become resilient National Security, Economic Espionage Nation-state actors,
More information5 IT Security Planning and Practice
5 IT Security Planning and Practice Planning is bringing the future into the present so that you can do something about it now. Alan Lakein Key Findings The higher its FTE enrollment, the more likely an
More informationThe Importance of a Multistakeholder Approach to Cybersecurity Effectiveness
The Importance of a Multistakeholder Approach to Cybersecurity Effectiveness Abstract Area: ROADMAP FOR THE FURTHER EVOLUTION OF THE INTERNET GOVERNANCE ECOSYSTEM Entitled by: Cristine Hoepers, Klaus Steding-Jessen,
More information2. OVERVIEW OF THE PRIVATE INFRASTRUCTURE
A Functional Model for Critical Infrastructure Information Sharing and Analysis Maturing and Expanding Efforts ISAC Council White Paper January 31, 2004 1. PURPOSE/OBJECTIVES This paper is an effort to
More informationWater Security in New Jersey: Partnership and Services
GOV. CHRIS CHRISTIE LT. GOV. KIM GUADAGNO DIR. CHRIS RODRIGUEZ NJOHSP OFFICE OF HOMELAND SECURITY AND PREPAREDNESS Preparedness Act Water Security in New Jersey: Partnership and Services Created by the
More informationRashmi Knowles Chief Security Architect EMEA
Rashmi Knowles Chief Security Architect EMEA AGENDA Transformation of IT New cyber-security challenges Intelligence Driven Security Security Analytics Q&A 2 ENTERPRISE DATA CENTER ADVANCED SECURITY A UNIQUE
More informationGuide to Cyber Threat Information Sharing (Draft)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 NIST Special Publication 800-150 (Draft) Guide to Cyber Threat Information Sharing (Draft) Chris Johnson Lee Badger David Waltermire 21 22 23 24 25 26
More informationDepartment of Homeland Security Federal Government Offerings, Products, and Services
Department of Homeland Security Federal Government Offerings, Products, and Services The Department of Homeland Security (DHS) partners with the public and private sectors to improve the cybersecurity
More informationaecert Roadmap Eng. Mohammed Gheyath Director, Technical Affairs TRA
aecert Roadmap Eng. Mohammed Gheyath Director, Technical Affairs TRA Agenda Introduction aecert Vision & Mission The need to establish a UAE National CERT Constituent Framework & Service Catalog National
More informationCyber Security & Role of CERT-In. Dr. Gulshan Rai Director General, CERT-IN Govt. of India grai@mit.gov.in
Cyber Security & Role of CERT-In Dr. Gulshan Rai Director General, CERT-IN Govt. of India grai@mit.gov.in Web Evolution Web Sites (WWW) 1993 Web Invented and implemented 130 Nos. web sites 1994 2738 Nos.
More informationCyber Information-Sharing Models: An Overview
PARTNERSHIP Cyber Information-Sharing Models: An Overview October 2012. The MITRE Corporation. All rights reserved. Approved for Public Release. Case Number 11-4486. Distribution Unlimited. Table of Contents
More informationRethinking Information Security for Advanced Threats. CEB Information Risk Leadership Council
Rethinking Information Security for Advanced Threats CEB Information Risk Leadership Council Advanced threats differ from conventional security threats along many dimensions, making them much more difficult
More informationAbout Botnet, and the influence that Botnet gives to broadband ISP
About net, and the influence that net gives to broadband ISP Masaru AKAI BB Technology / SBB-SIRT Agenda Who are we? What is net? About Telecom-ISAC-Japan Analyzing code How does net work? BB Technology
More informationUS-CERT Overview & Cyber Threats
US-CERT Overview & Cyber Threats National Cyber Security Division United States Computer Emergency Readiness Team June 2006 Agenda Introduction to US-CERT Overview of why we depend on a secure cyberspace
More informationMachine-to-Machine Exchange of Cyber Threat Information: a Key to Mature Cyber Defense
Machine-to-Machine Exchange of Cyber Threat Information: a Key to Mature Cyber Defense By: Daniel Harkness, Chris Strasburg, and Scott Pinkerton The Challenge The Internet is an integral part of daily
More informationCyber Security Metrics Dashboards & Analytics
Cyber Security Metrics Dashboards & Analytics Feb, 2014 Robert J. Michalsky Principal, Cyber Security NJVC, LLC Proprietary Data UNCLASSIFIED Agenda Healthcare Sector Threats Recent History Security Metrics
More informationNetwork Security Deployment (NSD)
Network Security Deployment (NSD) National Cybersecurity Protection System (NCPS) 11 July 2012 What is the NCPS? National Cybersecurity Protection System (NCPS) is the program of record within the Department
More informationCyber Watch. Written by Peter Buxbaum
Cyber Watch Written by Peter Buxbaum Security is a challenge for every agency, said Stanley Tyliszczak, vice president for technology integration at General Dynamics Information Technology. There needs
More informationIntroduction. Special thanks to the following individuals who were instrumental in the development of the toolkits:
Introduction In this digital age, we rely on our computers and devices for so many aspects of our lives that the need to be proactive and vigilant to protect against cyber threats has never been greater.
More informationHow To Improve Federal Network Security
Department of Federal Network Trusted Internet Connections (TIC) Update for the Information and Privacy Advisory Board July 29, 2009 Federal Network (FNS) Federal Network Branch Branch Vision: To be the
More informationCisco & Big Data Security
Cisco & Big Data Security 巨 量 資 料 的 傳 輸 保 護 Joey Kuo Borderless Networks Manager hskuo@cisco.com The any-to-any world and the Internet of Everything is an evolution in connectivity and collaboration that
More informationThomas J. Schlagel Chief Information Officer, BNL
Thomas J. Schlagel Chief Information Officer, BNL PhD in Nuclear Physics from the University of Illinois at Urbana-Champaign in 1990 Joined BNL in 1990 as a Postdoctoral Associate in the Nuclear Theory
More informationI D C T E C H N O L O G Y S P O T L I G H T
I D C T E C H N O L O G Y S P O T L I G H T T h e B u s i n e ss Value of Hyb r i d C l o u d - B a s e d C o m p r o m i s e I n t e l l i g e nce Monitoring and T h r e a t M i tigation February 2013
More informationNorth American Electric Reliability Corporation (NERC) Cyber Security Standard
North American Electric Reliability Corporation (NERC) Cyber Security Standard Symantec Managed Security Services Support for CIP Compliance Overviewview The North American Electric Reliability Corporation
More informationApplication for Membership
Application for Membership This Application for Industry Membership is subject to approval by EnergySec. By executing the Membership Application and Membership Agreement and submitting payment for membership
More informationNASCIO 2015 State IT Recognition Awards
NASCIO 2015 State IT Recognition Awards Title: State of Georgia Private Security Cloud Implementation Category: Cybersecurity Contact: Mr. Calvin Rhodes CIO, State of Georgia Executive Director, GTA calvin.rhodes@gta.ga.gov
More informationCyber Incident Annex. Federal Coordinating Agencies. Coordinating Agencies. ITS-Information Technology Systems
Cyber Incident Annex Coordinating Agencies ITS-Information Technology Systems Support Agencies Mississippi Department of Homeland Security Mississippi Emergency Management Agency Mississippi Department
More informationCoordinating Attack Response at Internet Scale (CARIS)
Coordinating Attack Response at Internet Scale (CARIS) Overview and Summary Report July 2015 Kathleen Moriarty Security Area Director, IETF Kathleen.Moriarty.ietf@gmail.com Agenda Coordinating Attack Response
More informationMassMutual Cyber Security. University of Massachusetts Internship Opportunities Within Enterprise Information Risk Management
MassMutual Cyber Security University of Massachusetts Internship Opportunities Within Enterprise Information Risk Management Position Title: Threat Intelligence Intern Job Location: Boston, MA Timeframe:
More informationApplying machine learning techniques to achieve resilient, accurate, high-speed malware detection
White Paper: Applying machine learning techniques to achieve resilient, accurate, high-speed malware detection Prepared by: Northrop Grumman Corporation Information Systems Sector Cyber Solutions Division
More informationSeparating Signal from Noise: Taking Threat Intelligence to the Next Level
SESSION ID: SPO2-T09 Separating Signal from Noise: Taking Threat Intelligence to the Next Level Doron Shiloach X-Force Product Manager IBM @doronshiloach Agenda Threat Intelligence Overview Current Challenges
More informationSharing Intelligence is our Best Defense: Cyber Security Today Is a bit Like the Keystone Cops
Sharing Intelligence is our Best Defense: Incentives That Work versus Disincentives That Can Be Solved William Yurcik* Adam Slagell Jun Wang NCSA Security Research (NCSA) University of Illinois at Urbana-Champaign
More informationNational Initiative for Cybersecurity Education
THE NICE VISION National Initiative for Cybersecurity Education a national campaign to promote cybersecurity awareness and digital literacy from our boardrooms to our classrooms, and to build a digital
More informationCybersecurity Kill Chain. William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015
Cybersecurity Kill Chain William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015 Who Am I? Over 20 years experience with 17 years in the financial industry
More informationASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES
ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES Leonard Levy PricewaterhouseCoopers LLP Session ID: SEC-W03 Session Classification: Intermediate Agenda The opportunity Assuming
More informationState Engagement with the Energy Sector to Improve Cyber Security
Contact: Allison Cullin Homeland Security and Technology Division 202/624-5311 April 20, 2010 State Engagement with the Energy Sector to Improve Cyber Security Executive Summary The state-owned computer
More informationCyber Intelligence Workforce
Cyber Intelligence Workforce Troy Townsend Melissa Kasan Ludwick September 17, 2013 Agenda Project Background Research Methodology Findings Training and Education Project Findings Workshop Results Objectives
More informationIncident Management ITU Pillars & Qatar Case Study Michael Lewis, Deputy Director
Incident Management ITU Pillars & Qatar Case Study Michael Lewis, Deputy Director 2 Thanks To the ITU for sponsoring the initiative ictqatar has worked closely with the ITU-D since the project s inception,
More informationDefense Security Service
Defense Security Service Defense Security Service Cybersecurity Operations Division Counterintelligence UNCLASSIFIED Defense Security Service DSS Mission DSS Supports national security and the warfighter,
More informationPrivacy Impact Assessment EINSTEIN Program
Privacy Impact Assessment EINSTEIN Program Collecting, Analyzing, and Sharing Computer Security Information Across the Federal Civilian Government Department of Homeland Security National Cyber Security
More informationPractical Steps To Securing Process Control Networks
Practical Steps To Securing Process Control Networks Villanova University Seminar Rich Mahler Director, Commercial Cyber Solutions Lockheed Martin Lockheed Martin Corporation 2014. All Rights Reserved.
More informationTunisia s experience in building an ISAC. Haythem EL MIR Technical Manager NACS Head of the Incident Response Team cert-tcc
Tunisia s experience in building an ISAC Haythem EL MIR Technical Manager NACS Head of the Incident Response Team cert-tcc 1 Agenda Introduction ISAC objectives and benefits Tunisian approach SAHER system
More informationWorking with the FBI
Working with the FBI WMACCA Data Privacy & Security Conference September 17, 2014 Individuals Organized Crime Syndicates Hacktivist Groups Nation States Nation-States Individuals Industry Law Enforcement
More informationCYBERSECURITY BEST PRACTICES FOR SMALL AND MEDIUM PENNSYLVANIA UTILITIES. second edition
CYBERSECURITY BEST PRACTICES FOR SMALL AND MEDIUM PENNSYLVANIA UTILITIES second edition The information provided in this document is presented as a courtesy to be used for informational purposes only.
More informationStatement of. Mike Sena. President, National Fusion Center Association. Director, Northern California Regional Intelligence Center (NCRIC)
Statement of Mike Sena President, National Fusion Center Association Director, Northern California Regional Intelligence Center (NCRIC) Joint Hearing of the Subcommittee on Emergency Preparedness, Response,
More informationEmerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA
Emerging Network Security Threats and what they mean for internal auditors December 11, 2013 John Gagne, CISSP, CISA 0 Objectives Emerging Risks Distributed Denial of Service (DDoS) Attacks Social Engineering
More informationHow To Understand And Manage Cybersecurity Risk
White Paper A Framework to Gauge Cyber Defenses NIST s Cybersecurity Framework Helps Critical Infrastructure Owners to Cost-Effectively Defend National & Economic Security of the U.S. Executive Summary
More informationSteering Committee. Working Group 2A. Cyber Security Best Practices. March 14, 2011. Presented By: Phil Agcaoili, Co Chair Gary Toretti
Steering Committee Working Group 2A Cyber Security Best Practices March 14, 2011 Presented By: Phil Agcaoili, Co Chair Gary Toretti Executive Summary A refresh of the 2004 Network Reliability and Interoperability
More informationTy Miller. Director, Threat Intelligence Pty Ltd
Ty Miller Director, Threat Intelligence Pty Ltd Security Specialist Creator of Threat Analytics CREST Tech Lead, Assessor, Board of Directors Trained likes of FBI, US DoD, US Mil, International Govt agencies,
More informationProtecting against cyber threats and security breaches
Protecting against cyber threats and security breaches IBM APT Survival Kit Alberto Benavente Martínez abenaventem@es.ibm.com IBM Security Services Jun 11, 2015 (Madrid, Spain) 12015 IBM Corporation So
More informationHomeland Security: Information Assurance Challenges and Opportunities. Building the National Cyber Security Division
Homeland Security: Information Assurance Challenges and Opportunities Building the National Cyber Security Division The Homeland Security Act and national strategies direct DHS to take the lead on cyber
More informationCyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.
Cyber Security Automation of energy systems provides attack surfaces that previously did not exist Cyber attacks have matured from teenage hackers to organized crime to nation states Centralized control
More informationUnified Security Management and Open Threat Exchange
13/09/2014 Unified Security Management and Open Threat Exchange RICHARD KIRK SENIOR VICE PRESIDENT 11 SEPTEMBER 2014 Agenda! A quick intro to AlienVault Unified Security Management (USM)! Overview of the
More informationMicrosoft Security Systemats
Investigate and Resolve Vulnerability Reports Staff public reporting alias Monitor security lists Single point of coordination and communications Microsoft Security Response Process Own and coordinate
More informationhoneytarg Chapter Activities
honeytarg Chapter Activities Marcelo Chaves mhp@cert.br! Computer Emergency Response Team Brazil - CERT.br Network Information Center Brazil - NIC.br Brazilian Internet Steering Committee - CGI.br Agenda
More informationCHAPTER 3 : INCIDENT RESPONSE THREAT INTELLIGENCE GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC
: INCIDENT RESPONSE THREAT INTELLIGENCE 1 THREAT INTELLIGENCE How it applies to our clients, and discuss some of the key components and benefits of a comprehensive threat intelligence strategy. Threat
More informationTHE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS
THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS Download the entire guide and follow the conversation at SecurityRoundtable.org Collaboration and communication between technical
More informationTHE 411 ON CYBERSECURITY, INFORMATION SHARING AND PRIVACY
THE 411 ON CYBERSECURITY, INFORMATION SHARING AND PRIVACY DISCLAIMER Views expressed in this presentation are not necessarily those of our respective Departments Any answers to questions are our own opinions
More informationSituational Awareness A Discussion
Situational Awareness A Discussion Dean Weber March, 2012 The Current Situation take one spending incidents financial losses overall risk grows resources applied grows but no real progress The situation
More informationCyber Security Defense Services Portfolio Development Status. February 2016
Cyber Security Defense Services Portfolio Development Status February 2016 1 Agenda Merit s Six Strategic Thrusts Merit s current security offerings Member feedback Mission and vision statement for this
More informationNetwork Security Deployment Obligation and Expenditure Report
Network Security Deployment Obligation and Expenditure Report First and Second Quarters, Fiscal Year 2015 June 16, 2015 Fiscal Year 2015 Report to Congress National Protection and Programs Directorate
More information