Cybersecurity informa1on security exchange framework (CYBEX): importance and current developments
|
|
- Beatrice Jackson
- 8 years ago
- Views:
Transcription
1 ISOG- J Seminar Tokyo 13 Oct 2010 V1.1 Cybersecurity informa1on security exchange framework (CYBEX): importance current developments Tony Rutkowski, tony@yaanatech.com Rapporteur for Cybersecurity Group, ITU- T Q4/17 Addi1onal roles include: global ewarrant Rapporteur, ETSI TCLI; U.S. NSTAC Cybersecurity Expert; Dis1nguished Senior Research Fellow, Georgia Ins1tute of Technology
2 Outline Why the CYBEX ini1a1ve is important Major developments shaping the work Specific capabili1es Systems Assurance Incident Response Cybersecurity Informa1on Exchange Framework Iden1ty Management Major implementa1on challenges Extent evolu1on of the stards Discovery trust capabili1es Achieving implementa1ons widespread use
3 CYBEX: origins A common realiza1on that Talking about cybersecurity accomplished nothing The incidents were scaling exponen1ally Trusted exchange of cybersecurity informa1on was essen1al to any/all capabili1es Many different communi1es were developing cybersecurity informa1on exchange schema No global framework consensus existed to bring together communi1es schema Ins1tu1onal triggers ITU- T began a new 4 year cycle with a mate to do something about cybersecurity Par1cipants found there were common global interests in tackling cybersecurity informa1on exchange challenges LAC, NICT, other Japanese experts organiza1ons Government industry en11es in APEC region, U.S., Europe
4 Agreement on a cybersecurity model: informa1on sharing dependencies Intergovernmental agreements coopera3on Tort & indemnifica3on Regulatory/ administra3ve law Contractual service agreements federa3ons Legal Remedies Criminal law Provide basis for legal remedies Inves3ga3on & measure ini3a3on Legal remedies may also ins3tute protec3ve measures Measures for threat detec3on Provide basis for ac3ons Reputa3on sanc3ons Patch development Forensics & heuris3cs analysis Measures for thwar3ng other remedies Real- 3me data availability Provide data for analysis Blacklists & whitelists Vulnerability no3ces Data reten3on audi3ng Deny resources Measures for protec3on Iden3ty Management Provide awareness of vulnerabili3es remedies Encryp3on/ VPNs esp. for signalling Resilient infrastructure Rou3ng & resource constraints Network/ applica3on state & integrity Informa3on exchanges
5 Pladorm coherency appeared possible
6 Providing outreach among stards bodies seemed possible ISO ITU- T CCDB ETSI 3GPP ITU- R OMA CAB forum IETF FIRST NIST MITRE APWG CNIS IEEE OASIS TCG APP Dev Forums WiFi Forum IMS forum Cable Labs
7 Major related ins1tu1onal developments U.N. 15 July document among 15 major powers on reducing ICT conflict (a/k/a cyberwar) Exercise of cybersecurity authority by regulatory bodies e.g., Korea, FCC in U.S. High Level Cybersecurity Strategies (USTIC, Japan, UK, China, Korea) Cybersecurity as an issue at ongoing ITU Plenipoten1ary Conference Enhanced Criteria Development Board (CCDB)/NATO ac1vity New real- 1me, data reten1on, mobile forensics mates offshore Judicial ediscovery mates (e.g., FRCP Rule 26) in US offshore
8 Major related infrastructure developments Applica1on based infrastructure Mobile pladorms driving a world of a million applica1ons Poses major challenges (what is a good applica1on versus malware) Locator/ID Separa1on Protocol (LISP) Re- architects IP based public infrastructures Should solve significant ICT security related challenges, especially alribu1on Asia- Pacific- centricity Region has world s largest fastest growing infrastructure strong economies Pursuing technology implementa1ons, network innova1ons, venue leadership Mobile/nomadic- centricity Stressing mobile stards/collabora1ve forums Include mul1ple IdM/cyber security challenges
9 CYBEX is a substan1ve ongoing global Cyber/ICT security ini1a1ve Aimed at achieving meaningful security "lock down" the integrity of ICT systems, watch for undesired incidents, capture, analyze, process the forensics from those incidents to reduce vulnerabili1es, thwart alacks, ins1tute legal ac1on if appropriate The trusted exchange of informa1on is essen1al to accomplish these three tasks. The Cybersecurity Informa1on Exchange Framework (CYBEX) ini1a1ve aimed at iden1fying the emerging set of specifica1ons for the global pladorms for achieving these trusted exchanges Most of the work has been accomplished within exis1ng systems assurance, incident response, intelligence/surveillance communi1es Pro- ac1ve outreach is part of the ini1a1ve Constant alempt to survey what is occurring in all other forums bringing important capabili1es into the framework Constant analysis of what is missing or needed Unique no comparable ac1vity exists
10 CYBEX Exchange Model Cybersecurity En11es Cybersecurity Informa1on acquisi1on (out of scope*) structuring cybersecurity informa3on for exchange purposes iden3fying discovering cybersecurity informa3on en33es reques3ng responding with cybersecurity informa3on exchanging of cybersecurity informa3on over networks assuring cybersecurity informa3on exchanges Cybersecurity En11es Cybersecurity Informa1on use (out of scope*) * Some specialized cybersecurity exchange implementa1ons may require applica1on specific frameworks specifying acquisi1on use capabili1es
11 CYBEX Ontology Incident Hling Domain Knowledge Accumula3on Domain Warning Database Cyber Risk KB Coordinator Incident Database Vulnerability KB Threat KB Alack KB Mis- use KB Researcher Response Team Event Incident Alack Countermeasure KB IT Asset Management Domain Assessment Rule Detec1on / Protec1on Rule Registrar Administrator Network Operator Asset Database Internal Asset DB External Asset DB Product KB Version KB Configura1on KB Vendor
12 Informa1on Exchange Structuring Vulnerability/State Exchange Cluster Knowledge Base Event/Incident/Heuristics Exchange Cluster Platforms Weaknesses Vulnerabilities Exposures Event Expressions Malware Patterns Security State Measurement State Configuration Checklists Assessment Results Incident Attack Patterns Extensions for: DPI Traceback Smartgrid Phishing Evidence Exchange Cluster Terms conditions Hover of real time forensics Hover of retained data forensics Electronic Evidence Discovery
13 OVAL Open Vulnerability Assessment Language CWE Weakness CVE Vulnerabilities Exposures CPE Platform CVSS Vulnerability Scoring System CWSS Weakness Scoring System CCE Configuration XCCDF exensible Configuration Checklist Description Format ARF Assessment Result Format CEE Event Expression IODEF Incident Object Description Exchange Format CAPEC Attack Pattern Classification Application Specific Extensions Informa1on Exchange Schema
14 XCCDF exensible Configuration Checklist Description Format OVAL Open Vulnerability Assessment Language CVSS Vulnerability Scoring System CWSS Weakness Scoring System CPE Platform CCE Configuration ARF Assessment Result Format CVE Vulnerabilities Exposures CWE Weakness IODEF Incident Object Description Exchange Format CAPEC Attack Pattern Classification CEE Event Expression Informa1on Exchange Schema - Malware MAEC Malware Attribution Characterization Application Specific Extensions
15 XCCDF exensible Configuration Checklist Description Format OVAL Open Vulnerability Assessment Language CVSS Vulnerability Scoring System CWSS Weakness Scoring System SCAP Security Automation Tools CPE Platform CCE Configuration ARF Assessment Result Format CVE Vulnerabilities Exposures CWE Weakness Informa1on Exchange Schema SCAP Applica1on IODEF Incident Object Description Exchange Format Application Specific Extensions CAPEC Attack Pattern Classification CEE Event Expression
16 Informa1on Exchange Trust capabili1es Discovery of parties, stards, schema, enumerations, instances other objects Namespace Discovery enabling mechanisms Request distribution mechanisms Identity Assurance Cluster Exchange Cluster Trusted Platforms Authentication Assurance Methods Authentication Assurance Levels Trusted Network Connect Interaction Security Transport Security
17 CYBEX Implementa1on Exchange Policies Exchange Requests Exchange Policies Exchange Requests Weaknesses, Vulnerabilities & State Information + + Events, Incidents, & Heuristics Information Evidence Information Security Automation Schema Incident Detection Schema Trusted Network Connect Trusted Platform Modules Tools Software, systems, services, networks Tools
18 So where do we go from here: the challenges An en1re ITU- T Recom- menda1on X- series has been allocated Recs. X.cybex, X.cve, X.cvss should be approved in December Future of IODEF remains a ques1on mark Many addi1onal CYBEX pieces are in various stages of prepara1on for adop1on during subsequent maintenance A global structured website of cybersecurity organiza1ons has been created on ITU- T website Substan1al challenges remain
19 Challenge: Extent evolu1on of CYBEX Recommenda1on Is the framework currently complete? What stards should be included in the framework? What are the criteria for inclusion? Which stards get published as ITU- T Recommenda1ons which do not? How do ITU- T published versions maintain sync with authorita1ve community versions? How do regional na1onal variants/schemas become included? How should Security Content Automa1on Protocol (SCAP) schema be treated? Presently included in an appendix as examples How does CYBEX deal with sou stards, e.g., other ITU- T, ITU- D, ISO SC27 Presently referenced in an appendix
20 Challenge: Discovery trust capabili1es Cybersecurity object discovery, trust, related exchange policy mechanisms are compartmentalized, incoherent, frequently primi1ve Iden1ty Management for cybersecurity has complex assurance rela1onships
21 Ongoing relevant cybersecurity IdM developments ediscovery Trusted discovery of iden1fier meta informa1on is essen1al in distributed systems Bob Kahn has been leading effort in ITU- T to develop a X.discovery specifica1on Resolvers New joint ISO ITU- T specifica1on ITU- T X.673 ISO/IEC provides for DNS based ability to resolve OIDs to informa1on addresses Hles system proceeding in ITU- T Trust interoperability Joint ITU- T ISO X.eaa specifica1on currently being discussed ENISA trust interoperability protocol may be underway in OASIS Cloud/Smartgrid Iden1ty Mul1ple global ini1a1ves underway to develop specifica1ons for cloud Smartgrid Iden1ty (ITU- T, OASIS, 3GPP, CEN, ISO, NIST, etc) Pladorm trust Trusted Pladorm Module Trusted Network Connect now included in CYBEX stard Should Virtual TPMs be included? Distribu1on channel trust OID based NID stards emerging as a major object ID pladorm for distribu1on chain trust Hles based DOIs a second order choice What others exist? No apparent consensus on use of cyber security object iden1fiers NICT contribu1ons have been seminal in exploring naming discovery op1ons CNIS (Cyber- security Naming Informa1on Structures Group) is emerging as a significant new forum for trea1ng CYBEX informa1on iden1fiers
22 Challenge: Achieving implementa1on widespread use Much public industry dialogue is primi1ve, frac1ous, poli1cally conten1ous at best especially in the West See, e.g., FCC Cybersecurity Roadmap proceeding in Docket Meaningful pladorms (e.g., CYBEX), like the systems involved, are complex Best ini1al implementa1on avenues are within coherent bounded communi1es ISOG- J Na1onal government networks Criteria Control Board NATO SCAP implementa1ons should proliferate How to enumerate discover? Analy1cal bridging pladorms are emerging Deep Packet Inspec1on Applica1on/pladorm behavior signature enumera1ons Ul1mately carefully designed mates by na1onal regulatory authori1es seem likely to emerge
23 Exemplar: 6 th IT Security Automa1on Conference, Bal1more, Sep 2010* Emerging NIST view of CYBEX as SCAP A familiar ensemble A significant dependency Credit: Overview by Paul Cichonski, BAH- NIST *See: hlp://scap.nist.gov/events/2010/itsac/presenta1ons/index.html
24 Exemplar: Japan Vulnerability Notes
Enhancing Security for Next Generation Networks and Cloud Computing
V1.0 Enhancing Security for Next Generation Networks and Cloud Computing Tony Rutkowski Yaana Technologies Georgia Tech ITU-T Q.4/17 Rapporteur ETSI Workshop 19-20 January 2011 Sophia Antipolis, France
More informationICT Security Cybersecurity CYBEX Overview of activities in ITU-T with focus on Study Group 17
ICT Security Cybersecurity CYBEX Overview of activities in ITU-T with focus on Study Group 17 TSB Briefing to the Regional Offices, 28 Feb 2011 Martin Euchner Advisor of ITU-T Study Group 17 Martin.Euchner@itu.int
More informationQuestion(s): 4/17 Geneva, 16-25 September 2009 TEMPORARY DOCUMENT
INTERNATIONAL TELECOMMUNICATION UNION STUDY GROUP 17 TELECOMMUNICATION STANDARDIZATION SECTOR STUDY PERIOD 2009-2012 English only Original: English Question(s): 4/17 Geneva, 16-25 September 2009 Source:
More informationCYBEX The Cybersecurity Information Exchange Framework (X.1500)
CYBEX The Framework (X.1500) Anthony Rutkowski Yaana Technologies, USA tony@yaanatech.com Damir Rajnovic FIRST, USA gaus@cisco.com Youki Kadobayashi NAIST, Japan youki-k@is.naist.jp Robert Martin MITRE,
More informationSecure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities
Secure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities Sean Barnum sbarnum@mitre.org September 2011 Overview What is SCAP? Why SCAP?
More information3-5 Cybersecurity Information Exchange Techniques: Cybersecurity Information Ontology and CYBEX
3-5 Cybersecurity Information Exchange Techniques: Cybersecurity Information Ontology and CYBEX Cyber threats cross country borders, but most organizations are currently coping with them individually without
More informationInterna'onal Standards Ac'vi'es on Cloud Security EVA KUIPER, CISA CISSP EVA.KUIPER@HP.COM HP ENTERPRISE SECURITY SERVICES
Interna'onal Standards Ac'vi'es on Cloud Security EVA KUIPER, CISA CISSP EVA.KUIPER@HP.COM HP ENTERPRISE SECURITY SERVICES Agenda Importance of Common Cloud Standards Outline current work undertaken Define
More informationM2M & Cybersecurity Workshop TIA 2013 M2M Standards and Security. Mihai Voicu CIO/CSO ILS Technology LLC
M2M & Cybersecurity Workshop TIA 2013 M2M Standards and Security Mihai Voicu CIO/CSO ILS Technology LLC Topics 1 What is the role of standardization in security for M2M solutions? 2 How are TIA and other
More informationReference Ontology for Cybersecurity Operational Information
The Computer Journal Advance Access published October c The British 8, 2014 Computer Society 2014. This is an Open Access article distributed under the terms of the Creative Commons Attribution License
More informationHow To Use A Policy Auditor 6.2.2 (Macafee) To Check For Security Issues
Vendor Provided Validation Details - McAfee Policy Auditor 6.2 The following text was provided by the vendor during testing to describe how the product implements the specific capabilities. Statement of
More informationRegional Seminar on Cyber Preparedness ITU s work in Cybersecurity and Global Cybersecurity Index (GCI)
Regional Seminar on Cyber Preparedness Organised by World Bank Group, Financial Sector Advisory Center (FINSec) ITU s work in Cybersecurity and Global Cybersecurity Index (GCI) Vijay Mauree Programme Coordinator,
More informationBMC Client Management - SCAP Implementation Statement. Version 12.0
BMC Client Management - SCAP Implementation Statement Version 12.0 BMC Client Management - SCAP Implementation Statement TOC 3 Contents SCAP Implementation Statement... 4 4 BMC Client Management - SCAP
More informationComputer Security Incident Handling Detec6on and Analysis
Computer Security Incident Handling Detec6on and Analysis Jeff Roth, CISSP- ISSEP, CISA, CGEIT Senior IT Security Consultant 1 Coalfire Confiden+al Agenda 2 SECURITY INCIDENT CONTEXT TERMINOLOGY DETECTION
More informationMain Research Gaps in Cyber Security
Comprehensive Approach to cyber roadmap coordina5on and development Main Research Gaps in Cyber Security María Pilar Torres Bruna everis Aerospace and Defence Index CAMINO WP2: Iden8fica8on and Analysis
More informationAchieving Global Cyber Security Through Collaboration
Achieving Global Cyber Security Through Collaboration Steve Purser Head of Core Operations Department November 2013 European Union Agency for Network and Information Security www.enisa.europa.eu Agenda
More informationThe identity management (IdM) ecosystem: minding the gaps
The identity management (IdM) ecosystem: minding the gaps Tony Rutkowski trutkowski@verisign.com Georges Sebek sebek@itu.int Telecommunication Standardization Sector (ITU-T) International Telecommunication
More informationSecurity Information and Event Management
Security Information and Event Management sponsored by: ISSA Web Conference April 26, 2011 Start Time: 9 am US Pacific, Noon US Eastern, 5 pm London Welcome Conference Moderator Phillip H. Griffin ISSA
More informationWHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK
WHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK DATE OF RELEASE: 27 th July 2012 Table of Contents 1. Introduction... 2 2. Need for securing Telecom Networks... 3 3. Security Assessment Techniques...
More informationCFITS Industry Partners
UNIVERSITY OF SOUTH ALABAMA Les Barnett, Director 2015 CFITS Industry Partners INDUSTRY PARTNER PROGRAM CENTER FOR FORENSICS, INFORMATION TECHNOLOGY, AND SECURITY with the SCHOOL OF COMPUTING INDUSTRY
More informationWorkshop on Identity Management Trondheim, Norway, 8-9 May 2007. Tony Rutkowski VP Regulatory-Standards, VeriSign
V. 1.3 Workshop on Identity Management Trondheim, Norway, 8-9 May 2007 The Identity Management Ecosystem: minding the gaps Tony Rutkowski VP Regulatory-Standards, VeriSign mailto:trutkowski@verisign.com
More informationCDM Vulnerability Management (VUL) Capability
CDM Vulnerability Management (VUL) Capability Department of Homeland Security Office of Cybersecurity and Communications Federal Network Resilience Vulnerability Management Continuous Diagnostics and Mitigation
More informationINTERNATIONAL TELECOMMUNICATION UNION
INTERNATIONAL TELECOMMUNICATION UNION TELECOMMUNICATION STANDARDIZATION SECTOR STUDY PERIOD 2009-2012 English only Original: English Question(s): 4/17 Geneva, 11-20 February 2009 Ref. : TD 0244 Rev.2 Source:
More informationSharing Data / Information
Trustworthy Software Initiative (T S I) Sharing Data / Information Update Briefing for TF-CSIRT Thursday 26 th September 2013, London, UK Ian Bryant TSI Technical Director DMU/CSC/TS/2013/156 v1.0 2013-09-26
More informationCri$cal Infrastructure Security: The Emerging Smart Grid. Cyber Security Lecture 5: Assurance, Evalua$on, and Compliance Carl Hauser & Adam Hahn
Cri$cal Infrastructure Security: The Emerging Smart Grid Cyber Security Lecture 5: Assurance, Evalua$on, and Compliance Carl Hauser & Adam Hahn Overview Evalua$on Common Criteria Security Tes$ng Approaches
More informationHow To Protect Virtualized Data From Security Threats
S24 Virtualiza.on Security from the Auditor Perspec.ve Rob Clyde, CEO, Adap.ve Compu.ng; former CTO, Symantec David Lu, Senior Product Manager, Trend Micro Hemma Prafullchandra, CTO/SVP Products, HyTrust
More informationContinuous Monitoring
Continuous Monitoring The Evolution of FISMA Compliance Tina Kuligowski Tina.Kuligowski@Securible.com Overview Evolution of FISMA Compliance NIST Standards & Guidelines (SP 800-37r1, 800-53) OMB Memorandums
More informationPenetration Testing Guidelines For the Financial Industry in Singapore. 31 July 2015
For the Financial Industry in Singapore 31 July 2015 TABLE OF CONTENT 1. EXECUTIVE SUMMARY 3 2. INTRODUCTION 4 2.1 Audience 4 2.2 Purpose and Scope 4 2.3 Definitions 4 3. REQUIREMENTS 6 3.1 Overview 6
More informationBuilding an Effec.ve Cloud Security Program
Building an Effec.ve Cloud Security Program Laura Posey Senior Security Strategist, Microso3 Corpora6on Co- Chair, CSA CAIQ Programming Chair, NY Metro CSA Chapter Is Cloud worth it? Yes! Pla?orm for Innova.on
More informationWebinar: Having the Best of Both World- Class Customer Experience and Comprehensive Iden=ty Security
Webinar: Having the Best of Both World- Class Customer Experience and Comprehensive Iden=ty Security With Iden>ty Expert and UnboundID Customer Bill Bonney Today s Speakers Bill Bonney Formerly Director,
More informationNIST Email Security Improvements. William C. Barker and Scott Rose October 22, 2015 M3AAWG 35 th General Meeting
NIST Email Security Improvements William C. Barker and Scott Rose October 22, 2015 M3AAWG 35 th General Meeting Presenters Scott Rose Computer Scientist, NIST ITL William (Curt) Barker Guest Researcher,
More informationTop Practices in Health IT Compliance. Data Breach & Leading Program Prac3ces
Top Practices in Health IT Compliance Data Breach & Leading Program Prac3ces Overview Introduc3on to ID Experts & Secure Digital Solu3ons Healthcare Data Breach Trends & Drivers Data Incident Management
More informationMaintaining Herd Communication - Standards Used In IT And Cyber Security. Laura Kuiper
Maintaining Herd Communication - Standards Used In IT And Cyber Security Laura Kuiper So what is Cyber Security? According to ITU-T X.1205 Cybersecurity is the collection of tools, policies, security concepts,
More informationInformation and Communications Technology Supply Chain Risk Management (ICT SCRM) AND NIST Cybersecurity Framework
Information and Communications Technology Supply Chain Risk Management (ICT SCRM) AND NIST Cybersecurity Framework Don t screw with my chain, dude! Jon Boyens Computer Security Division IT Laboratory November
More informationManaged Incident Lightweight Exchange (MILE): Standards for Cross- Domain Incident Handling
Managed Incident Lightweight Exchange (MILE): Standards for Cross- Domain Incident Handling Brian Trammell, ETH Zürich Co- chair, IETF MILE Working Group CollaboraKve Security and Privacy Technologies
More informationSecurity Content Automation Protocol for Governance, Risk, Compliance, and Audit
UNCLASSIFIED Security Content Automation Protocol for Governance, Risk, Compliance, and Audit presented by: Tim Grance The National Institute of Standards and Technology UNCLASSIFIED Agenda NIST s IT Security
More informationOntological Approach toward Cybersecurity in Cloud Computing
Ontological Approach toward Cybersecurity in Cloud Computing Takeshi Takahashi Youki Kadobayashi National Institute of Nara Institute of Science and Information and Technology Communications Technology
More informationManage Vulnerabilities (VULN) Capability Data Sheet
Manage Vulnerabilities (VULN) Capability Data Sheet Desired State: - Software products installed on all devices are free of known vulnerabilities 1 - The list of known vulnerabilities is up-to-date Desired
More informationHIPAA Breaches, Security Risk Analysis, and Audits
HIPAA Breaches, Security Risk Analysis, and Audits Derrick Hill Senior Health IT Advisor Kentucky REC What cons?tutes PHI? HIPAA provides a list of 18 iden?fiers that cons?tute PHI. Any one of these iden?fiers
More informationPu?ng B2B Research to the Legal Test
With the global leader in sampling and data services Pu?ng B2B Research to the Legal Test Ashlin Quirk, SSI General Counsel 2014 Survey Sampling Interna6onal 1 2014 Survey Sampling Interna6onal Se?ng the
More informationFixed Scope Offering (FSO) for Oracle SRM
Fixed Scope Offering (FSO) for Oracle SRM Agenda iapps Introduc.on Execu.ve Summary Business Objec.ves Solu.on Proposal Scope - Business Process Scope Applica.on Implementa.on Methodology Time Frames Team,
More informationThe Real Score of Cloud
The Real Score of Cloud Mayur Sahni Sr. Research Manger IDC Asia/Pacific msahni@idc.com @mayursahni Digital Transformation Changing Role of IT Innova&on Informa&on Business agility Changing role of the
More informationTim Blevins Execu;ve Director Labor and Revenue Solu;ons. FTA Technology Conference August 4th, 2015
Tim Blevins Execu;ve Director Labor and Revenue Solu;ons FTA Technology Conference August 4th, 2015 Governance and Organiza;onal Strategy PaIerns of Fraud and Abuse in Government What tools can we use
More informationCapabili'es for Strengthening Cybersecurity Resilience
Capabili'es for Strengthening Cybersecurity Resilience In the Homeland Security Enterprise September 2012 DHS Cybersecurity Strategy A cyberspace that: Is Secure and Resilient Enables Innova=on Protects
More informationCluster on Data Protec/on, Security and Privacy in Cloud. Mee/ng of the 7th of Oct 2015 CloudForward 2015, Pisa. Erkuden Rios (TECNALIA)
Cluster on Data Protec/on, Security and Privacy in Cloud Mee/ng of the 7th of Oct 2015 CloudForward 2015, Pisa. Erkuden Rios (TECNALIA) Context Increase impact of EU- funded projects on Cloud working in
More informationFDCC & SCAP Content Challenges. Kent Landfield Director, Risk and Compliance Security Research McAfee Labs
FDCC & SCAP Content Challenges Kent Landfield Director, Risk and Compliance Security Research McAfee Labs Where we have been 1 st Security Automation Workshop nearly 20 people in a small room for the day
More informationPervade Software. Use Case PCI Technical Controls. PCI- DSS Requirements
OpAuditTM from is the first compliance management product on the market to successfully track manual controls and technical controls in the same workflow-based system. This ingenious solution gathers &
More informationUnderstanding How They Attack Your Weaknesses: CAPEC Sean Barnum MITRE
Understanding How They Attack Your Weaknesses: CAPEC Sean Barnum MITRE HS SEDI is a trademark of the U.S. Department of Homeland Security (DHS). The Long-established Principal of Know Your Enemy One who
More informationSCAP for VoIP Automating Configuration Compliance. 6 th Annual IT Security Automation Conference
SCAP for VoIP Automating Configuration Compliance 6 th Annual IT Security Automation Conference Presentation Overview 1. The Business Challenge 2. Securing Voice over IP Networks 3. The ISA VoIP Security
More informationImplementation of Universal Global Trusted Service Provider Identity (Trusted SPID)
V1.0 Implementation of Universal Global Trusted Service Provider Identity (Trusted SPID) Tony Rutkowski mailto:trutkowski@verisign.com Co-editor, ITU-T Rec X.idmreq ITU HLEG member International Telecommunication
More information(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework
(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework (U//FOUO) The United States lacks a comprehensive strategic international policy framework and coordinated engagement
More informationOnline Enrollment Op>ons - Sales Training. 2011. Benefi+ocus.com, Inc. All rights reserved. Confiden>al and Proprietary 1
Online Enrollment Op>ons - Sales Training 2011. Benefi+ocus.com, Inc. All rights reserved. Confiden>al and Proprietary 1 Agenda Understand Why This is Important Enrollment Op>ons Available EDI Blues Enroll
More informationCyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown
Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available
More informationUAB Cyber Security Ini1a1ve
UAB Cyber Security Ini1a1ve Purpose of the Cyber Security Ini1a1ve? To provide a secure Compu1ng Environment Individual Mechanisms Single Source for Inventory and Asset Management Current Repor1ng Environment
More informationSetup and Maintenance Factors of Adap3ve Case Management Systems
Setup and Maintenance Factors of Adap3ve Case Management Systems Thanh Tran Thi Kim 1 Max Pucher 1 Jan Mendling 2 Christoph Ruhsam 1 1. ISIS Papyrus Europe AG {thanh.tran,max.pucher,christoph.ruhsam}@isis-
More informationBig Data. The Big Picture. Our flexible and efficient Big Data solu9ons open the door to new opportuni9es and new business areas
Big Data The Big Picture Our flexible and efficient Big Data solu9ons open the door to new opportuni9es and new business areas What is Big Data? Big Data gets its name because that s what it is data that
More informationThe Emergence of Security Business Intelligence: Risk
The Emergence of Security Business Intelligence: Risk Management through Deep Analytics & Automation Mike Curtis Vice President of Technology Strategy December, 2011 Introduction As an industry we are
More informationNETWORK DEVICE SECURITY AUDITING
E-SPIN PROFESSIONAL BOOK VULNERABILITY MANAGEMENT NETWORK DEVICE SECURITY AUDITING ALL THE PRACTICAL KNOW HOW AND HOW TO RELATED TO THE SUBJECT MATTERS. NETWORK DEVICE SECURITY, CONFIGURATION AUDITING,
More informationFTC Data Security Standard
FTC Data Security Standard The FTC takes the posi6on (Being tested now in li6ga6on) that Sec6on 5 of the FTC Act requires Reasonable Security under the circumstances: that companies have reasonable controls
More informationQualys PC/SCAP Auditor
Qualys PC/SCAP Auditor Getting Started Guide August 3, 2015 COPYRIGHT 2011-2015 BY QUALYS, INC. ALL RIGHTS RESERVED. QUALYS AND THE QUALYS LOGO ARE REGISTERED TRADEMARKS OF QUALYS, INC. ALL OTHER TRADEMARKS
More informationQubera Solu+ons Access Governance a next genera0on approach to Iden0ty Management
Qubera Solu+ons Access Governance a next genera0on approach to Iden0ty Management Presented by: Toby Emden Prac0ce Director Iden0ty Management and Access Governance Agenda Typical Business Drivers for
More informationApplying the Continuous Monitoring Technical Reference Model to the Asset, Configuration, and Vulnerability Management Domains (DRAFT)
NIST Interagency Report 7800 (Draft) Applying the Continuous Monitoring Technical Reference Model to the Asset, Configuration, and Vulnerability Management Domains (DRAFT) David Waltermire, Adam Halbardier,
More informationSecurity compliance automation with Red Hat Satellite
Security compliance automation with Red Hat Satellite Matt Micene Solution Architect, DLT Solutions @cleverbeard @nzwulfin Created with http://wordle.net Compliance is a major problem About half of the
More informationIMPACT OF THE NEW ICD- 10 CODING SYSTEM ON THE MEDICAL BILLING AND PAYMENT PROCESS
IMPACT OF THE NEW ICD- 10 CODING SYSTEM ON THE MEDICAL BILLING AND PAYMENT PROCESS ICD- 10 Acronym Interna(onal Classifica(on of Diseases Tenth Revision ICD- 10 Basic Facts Replaces ICD- 9 Five digit coding
More informationCybersecurity Resources
Assessment Resources Cybersecurity Resources Cyber Resiliency Review (CRR) is a DHS assessment tool that measures the implementation of key cybersecurity capacities and capabilities. The goal of the CRR
More informationMember Municipality Security Awareness Training. End- User Informa/on Security Awareness Training
End- User Informa/on Security Awareness Training 1 Why Awareness Training? NCLM sanc:oned mul:ple Security Risk Assessments for a broad spectrum of member municipali:es The assessments iden:fied areas
More informationGetting Real with Policies for Software Defined Infrastructure. Manish Dave Principal Engineer, Intel IT
Getting Real with Policies for Software Defined Infrastructure Manish Dave Principal Engineer, Intel IT Manish Dave, Principal Engineer, Intel IT Network Security Architect @ Intel IT 15+ years of experience
More informationCyber Security Information Exchange
Cyber Security Information Exchange Luc Dandurand NATO Communications and Information Agency Session ID: SECT-T08 Session Classification: General Interest Overview Cyber security in NATO Highlight of existing
More informationIT Governance in Organizations Experiencing Decentralization. Jelena Zdravkovic
IT Governance in Organizations Experiencing Decentralization Jelena Zdravkovic Department of Computer & Systems Sciences (DSV), Stockholm University, Sweden Giannoulis About the Speaker Title: Associate
More informationPresenta<on to EMA GCP IWG. Cloud Services - A Framework for Adop<on in the Regulated Life Sciences Industry. Agenda item 03.1.1
Agenda item 03.1.1 Formed in 2004 >6000 members worldwide Not- for- profit organiza
More informationHow To Perform a SaaS Applica7on Inventory in. 5Simple Steps. A Guide for Informa7on Security Professionals. Share this ebook
How To Perform a SaaS Applica7on Inventory in 5Simple Steps A Guide for Informa7on Security Professionals WHY SHOULD I READ THIS? This book will help you, the person in the organiza=on who cares deeply
More informationPrivacy- Preserving P2P Data Sharing with OneSwarm. Presented by. Adnan Malik
Privacy- Preserving P2P Data Sharing with OneSwarm Presented by Adnan Malik Privacy The protec?on of informa?on from unauthorized disclosure Centraliza?on and privacy threat Websites Facebook TwiFer Peer
More informationAn Integrated Approach to Manage IT Network Traffic - An Overview Click to edit Master /tle style
An Integrated Approach to Manage IT Network Traffic - An Overview Click to edit Master /tle style Agenda A quick look at ManageEngine Tradi/onal Traffic Analysis Techniques & Tools Changing face of Network
More informationReneaué Railton Sr. Informa2on Security Analyst, Duke Medicine Cyber Defense & Response
Reneaué Railton Sr. Informa2on Security Analyst, Duke Medicine Cyber Defense & Response Incident Response What is the most importance component of an Incident Response Program? Tools? Processes? Governance?
More informationCDM Software Asset Management (SWAM) Capability
CDM Software Asset Management (SWAM) Capability Department of Homeland Security Office of Cybersecurity and Communications Federal Network Resilience Table of Contents 1 PURPOSE AND SCOPE... 2 2 THREAT
More informationAn Enterprise Continuous Monitoring Technical Reference Architecture
An Enterprise Continuous Monitoring Technical Reference Architecture 12/14/2010 Presenter: Peter Mell Senior Computer Scientist National Institute of Standards and Technology http://twitter.com/petermmell
More informationThe Ontological Approach for SIEM Data Repository
The Ontological Approach for SIEM Data Repository Igor Kotenko, Olga Polubelova, and Igor Saenko Laboratory of Computer Science Problems, Saint-Petersburg Institute for Information and Automation of Russian
More informationWorking Towards the 2020 Tokyo Olympics
Working Towards the 2020 Tokyo Olympics - The Current Situation in 2015 Mariko Miya Cyber Defense Institute, Inc. miya@cyberdefense.jp Agenda 1. Introduction 2. The current situation in Japan 2015 Analytics
More informationUnifying Incident Response Teams Via Multi Lateral Cyber Exercise for Mitigating Cros Border Incidents: Malaysia CERT Case Study
Unifying Incident Response Teams Via Multi Lateral Cyber Exercise for Mitigating Cros Border Incidents: Malaysia CERT Case Study Sharifah Roziah Mohd Kassim MyCERT CyberSecurity Malaysia Agenda Introduction
More informationEngaging and Maintaining Suppor/ve Rela/onships with School Systems
Engaging and Maintaining Suppor/ve Rela/onships with School Systems Carolyn B. Morgan QEM Consultant Professor Department of Mathema9cs Hampton University Hampton, VA 1 Outline Overview of Suppor8ve Rela8onships
More information6. Exercise: Writing Security Advisories
CERT Exercises Toolset 49 49 6. Exercise: Writing Security Advisories Main Objective Targeted Audience Total Duration Time Schedule Frequency The objective of the exercise is to provide a practical overview
More informationENISA: Cybersecurity policy in Energy Dr. Andreas Mitrakas, LL.M., M.Sc., Head of Unit Quality & data mgt
ENISA: Cybersecurity policy in Energy Dr. Andreas Mitrakas, LL.M., M.Sc., Head of Unit Quality & data mgt Cyber European Union Security Agency for Network Energia, and Informa8on Rome, Security 24/09/15
More informationWelcome. HITRUST 2014 Conference April 22, 2014 HITRUST. Health Information Trust Alliance
Welcome HITRUST 2014 Conference April 22, 2014 HITRUST Health Information Trust Alliance The Evolving Information Security Organization Challenges and Successes Jason Taule, Chief Security and Privacy
More informationUpdate on the Cloud Demonstration Project
Update on the Cloud Demonstration Project Khalil Yazdi and Steven Wallace Spring Member Meeting April 19, 2011 Project Par4cipants BACKGROUND Eleven Universi1es: Caltech, Carnegie Mellon, George Mason,
More informationFounda'onal IT Governance A Founda'onal Framework for Governing Enterprise IT Adapted from the ISACA COBIT 5 Framework
Founda'onal IT Governance A Founda'onal Framework for Governing Enterprise IT Adapted from the ISACA COBIT 5 Framework Steven Hunt Enterprise IT Governance Strategist NASA Ames Research Center Michael
More informationPASTA Abstract. Process for Attack S imulation & Threat Assessment Abstract. VerSprite, LLC Copyright 2013
2013 PASTA Abstract Process for Attack S imulation & Threat Assessment Abstract VerSprite, LLC Copyright 2013 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
More informationSymantec Control Compliance Suite Standards Manager
Symantec Control Compliance Suite Standards Manager Automate Security Configuration Assessments. Discover Rogue Networks & Assets. Harden the Data Center. Data Sheet: Security Management Control Compliance
More informationFRESCO: Modular Composable Security Services for So;ware- Defined Networks
FRESCO: Modular Composable Security Services for So;ware- Defined Networks Seungwon Shin, Phil Porras, Vinod Yegneswaran, MarIn Fong, Guofei Gu, and Mabry Tyson SUCCESS LAB, Texas A&M and SRI Interna7onal
More informationMassively Scaled Security Solutions for Massively Scaled IT
Massively Scaled Security Solutions for Massively Scaled IT Michael Smith, SecTor 2009 Who is Michael Smith? 8 years active duty army Graduate of Russian basic course, Defense Language Institute, Monterey,
More informationUpdate on the Cloud Demonstration Project
Update on the Cloud Demonstration Project Steven Wallace Joint Techs Summer 2011 13- July- 2011 Project Par4cipants BACKGROUND Twelve Universi,es: Caltech, Carnegie Mellon,Cornell George Mason, Indiana
More informationconfigurability compares with typical SIEM & Log Management systems Able to install collectors on remote sites rather than pull all data
Software Comparison Sheet SIEM & Log OpViewTM from Software leverages a completely new database architecture to deliver the most flexible monitoring system available on the market today. This award-winning
More informationSo#ware quality assurance - introduc4on. Dr Ana Magazinius
So#ware quality assurance - introduc4on Dr Ana Magazinius 1 What is quality? 2 What is a good quality car? 2 and 2 2 minutes 3 characteris4cs 3 What is quality? 4 What is quality? How good or bad something
More informationSan Jacinto College Banner & Enterprise Applica5on Review Task Force Report. November 01, 2011 FINAL
San Jacinto College Banner & Enterprise Applica5on Review Task Force Report November 01, 2011 FINAL 1 Content Review goal and approach 3 Barriers to effec5ve use of Banner: Consultant observa5ons 10 Consultant
More informationconfigurability compares with typical Asset Monitoring systems Able to install collectors on remote sites rather than pull all data
Software Comparison Sheet OpViewTM from Software leverages a completely new database architecture to deliver the most flexible monitoring system available on the market today. This award-winning solution
More informationSession 4: Programmes: the Core of the 10YFP
Session 4: Programmes: the Core of the 10YFP * Criteria * Initial and non-exhaustive list * 5 steps model to develop programmes * Request for additional programmas * Criteria and process for new programmes
More informationAllSeen Summit 2015: IoT: Taking PKI Where No PKI Has Gone Before Presented by: Scott Rea DigiCert Sr. PKI Architect ALLSEEN ALLIANCE
AllSeen Summit 2015: IoT: Taking PKI Where No PKI Has Gone Before Presented by: Scott Rea DigiCert Sr. PKI Architect Agenda Slide Title 3 Trust and PKI 9 Web Security - PKI example 26 Traditional PKI Principles
More informationADDING NETWORK INTELLIGENCE TO VULNERABILITY MANAGEMENT
ADDING NETWORK INTELLIGENCE INTRODUCTION Vulnerability management is crucial to network security. Not only are known vulnerabilities propagating dramatically, but so is their severity and complexity. Organizations
More informationRealizing Trusted Clouds
Realizing Trusted Clouds with Trusted Computing and SCAP SICS Security Seminar April 08, 2014 Mudassar Aslam (Researcher,PhD Student) Security LAB (SEC Lab) 1 Outline Cloud Computing Trusted Clouds Cloud
More informationPublic Safety VoIP + Bridging
Public Safety VoIP + Bridging Anna Paulson Electronics Engineer Public Safety Communica=ons Research Program apaulson@its.bldrdoc.gov 1 2 Department of Homeland Security Office for Interoperability and
More informationTelecom Testing and Security Certification. A.K.MITTAL DDG (TTSC) Department of Telecommunication Ministry of Communication & IT
Telecom Testing and Security Certification A.K.MITTAL DDG (TTSC) Department of Telecommunication Ministry of Communication & IT 1 Need for Security Testing and Certification Telecom is a vital infrastructure
More informationISAlliance SCAP VoIP Project Update 12 June 2009
1 ISAlliance SCAP VoIP Project Update 12 June 2009 Lawrence G Dobranski, CISSP-ISSAP, CISM, CSSLP Leader, Security Architecture & Compliance Carrier VoIP and Applications Solutions Nortel ldobran@nortel.com
More information