C DIG COMMITTED TO EXCELLENCE IN CYBER DEFENCE. ONE MISSION. ONE GROUP. CSCSS / DEFENCE INTELLIGENCE GROUP

Transcription

1 C DIG CSCSS / DEFENCE INTELLIGENCE GROUP COMMITTED TO EXCELLENCE IN CYBER DEFENCE. ONE MISSION. ONE GROUP. CENTRE FOR STRATEGIC CSCSS CYBERSPACE + SECURITY SCIENCE

2 C DIG CSCSS / DEFENCE INTELLIGENCE GROUP IS YOUR SHIELD, YOUR FIRST LINE OF DEFENCE. Understanding what is at risk means you have the keys to protecting yourself. We live in a world of highly interconnected, network-centric, global systems. This provides endless opportunities for the development of new visions for growth and prosperity. The current economic shadow is generating increased competition from legitimate competitors as well as other players who strive for any advantage and present significant national, transnational and economic security risks and threats. These factors will foster new necessities for cyber defence. Complex,interrelated and dynamic forces will transform and recast the face of cyber defence, its role, priorities, strategies, frameworks and the methodologies necessary to meet the unique demands placed upon it. The threats faced are persistent, constantly evolving and transcend national boundaries.

3 DEFENCE INTELLIGENCE DEFINED [Intelligence is] The integration, evaluation, analysis, and interpretation of data into actionable information that you need to know to be successful. CSCSS Defence Intelligence Group C/DIG The CSCSS Defence Intelligence Group strives to change the paradigm identifying the: WHO, HOW and WHY behind cyberattacks. This enables a pro-active defence based on solid understanding of threats and players. C/DIG offers a spectrum of Intelligence products. At the strategic level we track national players to determine their policies, and intentions. At the operational level C/DIG documents their Tactics, Techniques and Procedures (TTP). At the tactical level we provide threat analysis, identification and forensic analysis. All of this data is used for awareness, education, prevention and defence from cyber-attacks and in support of contingency operations to protect your organization. Our Mission The Defence Intelligence Centre works in real-time to report, analyze, forecast providing credible, reliable, sustained intelligence services and contingency planning. Our Vision Provide the best all source cyber-centric intelligence, counterintelligence, and cyber-security services oriented to national players. Clear answers to your critical challenges We will help you to identify how key trends will impact your business and security strategy and you ll get direct answers to your most pressing security challenges and your defence Intelligence stance. What are we doing to protect information? Security is no longer simply about preventing external threats from entering the enterprise; it s about keeping critical information assets from leaving. Defence Intelligence plays a key role in Information security. It is an essential strategic business requirement resource that expands the strategic role of leadership, transforming them into point persons who lead and develop strategy, conduct an organization s business and manage security risk. Delivering Threat Intelligence for the Real World C/DIG - How are we responding to threats? The interconnected landscape around us continues to evolve at blinding speed, introducing new threats, complexities, concerns and exposures. This state of challenge has become the norm, requiring us to respond much more rapidly and effectively to stay ahead of the competition, our adversaries, and the security curve. This means organizations must understand threat information AND security as part of the constant business evolution process. Defence Intelligence is a component of the effort to be continually diligent in security strategies and risk management programs. A Snapshot - What is the Issue? Competitive Intelligence, corporate and foreign espionage, cyber attacks on the supply chain, counterfeiting, the global cyber crime epidemic, fraud, malware research + development, theft of proprietary and intellectual property and information. All this effort is focused on illicitly gaining competitive advantage. These threats can, and in most cases will, include national level players that seek to improve competitive advantage, their economies, technologies and militaries through specifically targeted activities YOU ARE A TARGET IF YOUR COMPANY: n has a technology or technological edge n has cutting edge proprietary information n has developed a process that manufactures an item at less cost than others n is negotiating with another company or country, the negotiators and negotiation strategy are highly confidential THE BOTTOM LINE VALUE AND ADVANTAGE TRADE SECRETS ARE AT RISK EVERY DAY If your company has invested time and resources developing a concept, market strategy, process, product or technology, you have to protect it. You will be a target and you should expect to be attacked.

4 THE FBI ESTIMATES THAT BILLIONS OF U.S. DOLLARS ARE LOST annually to foreign and domestic competitors who deliberately target economic intelligence in flourishing U.S. industries and technologies, and who cull intelligence out of Commercial Off-The-Shelf (COTS) technologies by exploiting open source information and company trade secrets How We Help The CSCSS Defence Intelligence Group provides a full range of cyber - Intelligence services in order to profile your organization and identify, detect, and neutralize exploitable threats. Our areas of expertise deliver extremely specialized risk management services mapped to, NIST, COBIT, ISO, BS25999 and/or other industry standards. It s about Focus We engage our clients with a team of professionals focused exclusively on defence intelligence. We provide the critical insight, advice, and information to enable senior-level business, IT, and security executives to make the strategic, organizational, and technology investment decisions required to control today s continually evolving business and security threat environments. We Deliver C/DIG will provide you with the insight you require to look beyond security and technology to gain an evocative, strategic approach to assessing and defending against the threats against you. You will have what you need to manage information security and mission-critical business processes and assets. You will get the clear and focused picture, without the hype, to deliver organizational competitive edge. THE INTELLIGENCE CYCLE Your MISSION and the ORIENTATION of what you are doing direct intelligence. We provide our leadership and experience, which we apply to the four components of DI to the Intelligence Cycle: DISSEMINATION DIRECTION PROCESSING COLLECTION Tactically, we provide practical solutions to issues through the DI Cycle that are both dynamic and fluid in nature to ensure security attempting to minimize the exposure of your organization. Strategically CSCSS and the Defence Intelligence Group recognize the Rule of Law and the application of internationally recognized principals, protocols and conventions to cyberspace. CSCSS, through the Defence Intelligence Group provides a response to nations that discard or refuse to comply with these principals. We operate as a Cyber-Defence partner against non-compliant nations. Strategic Commitment n Teamwork: Partnership across multinational and organizational boundaries for mission accomplishment n Integrity: Adherence to the highest legal and ethical principles in our work n Excellence: Deliver agile, empirical, and insightful professionalism and expertise in cyber-defence intelligence n Service: Dedication to our mission, goals, and objectives and clients to achieve the highest standards of excellence and greater stability in cyberspace Leadership / Research / Defence From thought leadership, strategy development, to operations, we deliver a highly skilled and agile team of professionals with leading-edge training, experience, skill, and technology to enable you to adapt to changing cyber threats and missioncritical information assurance environments. We focus on critical, cyberspace/cyber security decisions, and provide cyber defence intelligence and support leadership whenever and wherever it is required. We do this by providing a response to unique policy, operational DI requirements and to respond to national defence intelligence missions. Defence Intelligence Group Experience + Expertise The Defence Intelligence Group is composed of: Intelligence Analysts, Network engineers, and Computer Security Analysts who have worked with various governments within the law enforcement and military intelligence community. C/DIG personnel have been security screened to NATO SECRET in accordance with host nation, 5i and NATO security requirements. Our standard is a comprehensive, highly trained, highly skilled and agile team. C/DIG enables CSCSS to provide a response to the evolving trends and challenges faced by our clients.

5 ACCORDING TO A GOVERNMENT OFFICIAL, the UK faces yearly some 44 million cyber-attacks against private companies, government institutions and crucial infrastructure sectors, costing about 27 billion a year. CSCSS Defence Intelligence Services Mapping Solutions to Evolving Threat Landscapes We deliver real-world computer / network security intelligence derived from our skills and experience within the defence intelligence community. We collect data points from numerous intelligence sources drawing on military defence intelligence backgrounds through which we analyzes data from a broad spectrum sources, including but not limited to: n Open Source Intelligence (OSINT) n Directed Research and Collection (DR+C) n Human Intelligence (HUMINT) n Network Intelligence (Technology Based) n Technical Intelligence (TECHINT) n Digital Forensics + Analysis n Cyber Intelligence (CYBINT) n Proprietary Resources and Techniques Our Defence Intelligence Services CSCSS DIG delivers its services through Actionable Intelligence and proactive programs and services to address real-world issues. Drawing from our expertise and experience with various agencies within the law enforcement and military intelligence communities we deliver a spectrum services: n Actionable Intelligence n Cyber-Centric Intelligence n Nation Player Threat profiling and Corporate Risk Profiling n Enterprise Risk Management n Information Assurance and Testing n Incident Response + Forensics / Malware Analysis n Defence Intelligence Education / Awareness Programmes Due to the sensitive, sometimes classified, nature of Defence Intelligence many of our services are not expressly described in our public literature or within our website and are highly specialized. Please contact CSCSS or the CSCSS Defence Intelligence Group to determine if we can help. Defence Intelligence + Practice Our diverse areas of practice include: n Cyber attack profiling n Cybersecurity threat assessments and testing n Cyber architecture development and evaluation n Cyber-Defence Strategy + Policy Development and implementation n Apply Defence Intelligence knowledge to security + business process n Support stakeholder mapping through educational awareness programs in order to support education Outreach and Collaboration n As a component of CSCSS and a partner with the Cyber Conflict Center, C/DIG Analyzes on-going attacks. C/DIG also provides warning of potential and ongoing attacks and persistent threats. Examples of CDIG activities include: We bring third party neutrality and confidentiality and integrity for reporting security and intelligence threats. This enables businesses to share data without compromise to their organization. n Threat analysis and identification, for setting priorities during an emergency response to issues or a breach of security. n Analysis and tracking of Advanced persistent threats (APT), intelligence gathering / industrial espionage n Detection of active internal / external threats, identifying target sets including intellectual property, identification of attacking malware designed to gather economic intelligence, including trade secrets, proprietary data, financial and other electronically stored private information n Evaluating and recommending strategic and tactical approaches, priorities, criteria for computer security and/or information protection n Providing leadership from the political, legal, and technical perspectives within two parallel DI focus areas the include Law & Policy Technical Security. n Supporting security transformation within organizations to assist leadership and policymakers to better understand the complexities of APT and Nation Players in relation to their organization

6 OFFICE OF THE NATIONAL COUNTERINTELLIGENCE EXECUTIVE China and Russia view themselves as strategic competitors of the United States and are the most aggressive collectors of US economic information and technology. CONTACT C DIG n FIND OUT MORE ABOUT THE ACTIVITIES OF THE ASYMMETRIC CYBER THREAT that may be putting your organization at risk. n UNDERSTAND THE IMPACT OF CORPORATE ESPIONAGE, cyber-fraud, and the insider threat to your organization and staff n LEARN TO IDENTIFY VULNERABILITIES in your supply chain. How secure is your partner? n EXAMINE YOUR INFORMATION MANAGEMENT STRATEGIES to mitigate the risks. n SUPPORT YOUR DEVELOPMENT OF YOUR CYBERSECURITY STRATEGY and concepts to help you navigate the threat landscape CSCSS Defence Intelligence / Situational Awareness Complimentary to our cyber-security efforts, C/DIG is engaged in creating Defence Intelligence training and educational materials to promote a stronger understanding of: n Using Intelligence to safeguard your computer / network security n Information security n APT ( Advanced Persistent Threats ) n Role of nation players / National actors The CSCSS Defence Intelligence Group is uniquely positioned to attract some of the foremost defence intelligence, strategists, and intelligence professionals to develop and high caliber, professional training and programs and services. Cyberspace threat awareness and protection must be driven by senior leadership through organization-wide cyber policy and awareness. DI Education / Awareness Products n Lectures / Presentations n Classes n Executive / C-Level Briefings n Roundtables n Workshops n Webinars Topics Include: n Organizational Defence Intelligence / Threat Level Profiling n Defining the cyber-environment (defining the area of operations) n Case Studies (cyber-attacks in detail) n Detailed Studies / Detailed Aggressor Briefings n Cyber-Attack (trends and potential types of cyber-attacks) n Smart Defence (designing a secure environment / countering an attack) n Leveraging cyber-capability (your return on security investment) Subscription Products n Intelligence Summaries (INTSUMs) n Weekly / Monthly reports designed to keep the subscriber current on specific topics. n Current cyber-threats from international players n Reports on Policies, Histories, TTP and Trends on a specific cyber-aggressor. n Intelligence Reports (INTREPs) These are spot reports on one specific incident or event

7 WALL STREET JOURNAL The bulk of the theft of U.S. corporate and economic secrets is carried out in cyberspace, where vast volumes of data can be stolen in seconds, according to U.S. intelligence officials. Custom Services + Products C/DIG provides insights on key issues, relating to DI as well as advisory services to government, military, industry and agencies. We strive to enhance the understanding of the defence and intelligence related to cyber threats posed by foreign intelligence services and transnational competitors to bring attention to national security issues of common concern. We offer a broad range of services to secure and better protect commercial activities, economic programs, and intellectual property in hostile environments, which, if lost, could dramatically impact national and economic security The Industries We Serve In an enabled world where everything is interconnected, our future is tied to information its manipulation, delivery, integrity and security. Cyberspace and related security cannot be treated as an afterthought. CSCSS Defence Intelligence Group serves public - privately industry spanning a wide range of sectors and industries. Civilian / Government Agencies Supporting the Civilian and Government Mission Government civil servants face complex challenges in cyberspace and with the related security issues of operating in a digital world. C/DIG strategy and technology experts have helped with strategic planning, intelligence management and analysis, information sharing, training, counterintelligence, and other forms of support. National Defence Agencies Globally, defence agencies face persistent, fast-paced, rapidly evolving threats and changing national security environments. To address threats and meet complex mission requirements, C/DIG and its associated internal groups and key partners provide intelligence support and will function as a resource. We will deliver strategic and tactical DI leadership to cyber/defence planners, interagency partners, and policymakers to defend cyberspace and related cyber security interests. Intelligence Community Supporting the Intelligence Community + Intelligence Mission CSCSS DIG collaborates with organizations in government, health, finance, transportation, energy and other critical sector industries to develop cyberspace risk assessments that deliver benchmarks and indicators to assist in securing cyber operations. Commercial Organizations CSCSS delivers programs that are tailored to meet unique requirements. We work to ensure they are better prepared to mitigate the risk of future attacks through: threat awareness, vulnerability assessment, enhanced processes, programs, services, policies, and technologies. We direct organizations through a dynamic, collaborative approach, helping our clients not only understand their weaknesses through assessments and vulnerability or penetration tests, but also to anticipate threats and respond to incidents when they occur. SECTORS WE SERVE PUBLICLY AND PRIVATELY HELD COMPANIES ACROSS A WIDE RANGE OF INDUSTRIES IN THE FOLLOWING SECTORS: Banking and Financial Science / Research Healthcare / Medical Health Sciences Manufacturing Telecommunications Payment Card Industry + Processing Public Sector Utilities and Government

8 C DIG CSCSS / DEFENCE INTELLIGENCE GROUP CSCSS Defence Intelligence Group / Putting it all Together We are dedicated to countering computer based threats by developing outreach materials; conducting workshops, training clients, participatinåg in conferences; working with industry, law enforcement and defence intelligence community, delivering targeted presentations. Our resources bring to bear Information and Communications Technology (ICT) solutions and advanced analytics that tie directly to CSCSS Internal resources including, Defence Intelligence, CSCSS Cyber Conflict Centre and ET+S Group resources supporting cyber security research that focuses solutions on people, process, and policy. Contact Us For more information on the Defence Intelligence Group or to find out how we can help you please contact us. CSCSS / Centre for Strategic Cyberspace + Security Science Defence Intelligence Group Washington D.C London, United Kingdom North America Middle East Australia defintel@cscss.org We respond to client requests globally and treat each contact and the information you provide to us with the highest regard for confidentiality. Our unique experience and expertise brings to bear, comprehensive capabilities recognized by agencies in several countries, including the FBI and intelligence communities, which we focus on client issue resolution. We can help. CSCSS.org CENTRE FOR STRATEGIC CSCSS CYBERSPACE + SECURITY SCIENCE About CSCSS The Centre for Strategic Cyberspace + Security Science / CSCSS is a multilateral, international not-for-profit organization that conducts independent cyber-centric research, development, analysis, and training in the areas of cyberspace, defence intelligence, cyber security, and science while addressing the threats, trends, and opportunities shaping international security policies and national cyberspace cyber security initiatives. CSCSS, as a strategic leader in cyberspace, works jointly with key partners to address, develop, and define cyber technologies, cyber defence force capabilities, information dominance, and concept operations. We deliver practical recommendations and innovative solutions and strategies to advance a secure cyberspace domain. All trademarks or registered trademarks are properties of their respective owners. Copyright 2013 The Centre for Strategic Cyberspace + Security Science. All rights reserved