ADVANCED PERSISTENT THREATS & ZERO DAY ATTACKS

Transcription

1 ADVANCED PERSISTENT THREATS & ZERO DAY ATTACKS AN INFORMATION SECURITY BATTLEFIELD From Static to Dynamic Defense Cyber Security Strategies, LLC 1

2 Is The Cyber Tipping Point ESTONIA GEORGIA CABLE CUTS THUMB DRIVE BAN RESTRICTING SOCIAL NETWORKING CYBER ESPIONAGE/OPERATION AURORA CYBER CRIMINAL.CYBER TERRORISM Cyber Security Strategies, LLC 2

3 Strategic Security and Risk Management must be adopted in Corporate cultures Cyber Warfare it s targeting everyone leadership must prioritize the board room must care Malware changes landscape Comprehensive approach for Critical Infrastructure e.g Power Grid, Banks etc. A major cyber attack on Critical Infrastructure economically devastating Both state and non-state espionage has created the opportunity Cyber Security Strategies, LLC 3

4 Characterizing Advanced Persistent Threats Cyber Security Strategies, LLC 4

5 Cyber Security Maturity Model* Robust Information & Communications Technologies for Mission Success E Resilience Risk Management Most Organizations C D A B Agility / Speed of Action A B C D E Reactive & Manual People based following doctrine and doing their best to put out fires Tools-Based Integrated Picture Dynamic Defense Applying tools and technologies piecemeal to assist people in reacting faster Loosely integrated with focus on interoperability and standards based data exchange for IA situational awareness Resilient Enterprise Predictive and agile, the Predictive & mission enterprise instantiates focused, isolates and policy, illuminates events contains damage, secure and helps the operators supply chains and protect find, fix, and target for key critical infrastructures response to operate through cyber attack *Cyber Security Strategies, LLC 5

6 Prevention vs. Remediation Understand landscape and ruthless architecture engineering Standard Configurations and Inventory of Assets Trained and educated workforce (controlled Access/Use) Policy-based enterprise (interoperable infrastructure vs. point sol ns) Risk based model & decision making/continuous assessments Penetration Testing/Red and Blue teams and exercises Software & Systems Security Assurance Data Protection at rest/motion with rapid recovery and resiliency Cyber Security Strategies, LLC 6

7 Building A Dynamic Defense Reduce the Attack surface/agile defense Strong Identity protection/attribution for people and devices Mission-based architectures: automated mgmt of vulnerabilities/threats Enterprise Security Protection (encryption) and Management Persistent Attack, Sensing, Warning and Response from the perimeter to the edge Inbound & Outbound threat protection Deploy host based security Expand protection for mobile devices Cyber Security Strategies, LLC 7

8 Towards A Resilient Enterprise Business continuity during an attack Map & prioritize crown jewels Share tactical information with key business partners Flexible encryption and key mgmt Secure supply chains Systems assurance up and down the ISO Stack Link business continuity efforts to operate through cyber attack Cyber Security Strategies, LLC 8

9 Summary Strategic Security is only way to address advanced persistent threat Awareness/Commitment-from board room down Implementation of a pro-active prevention program Adopt Cyber Security Maturity Model* to achieve a dynamic defense capability with real-time interoperable detection and response Baking resilience into the enterprise to operate through cyber attack or disruption Cyber Security Strategies, LLC* 9

10 Further information Robert F. Lentz (phone) Cyber Security Strategies, LLC 10