Manned Information Security



Similar documents
The Protection Mission a constant endeavor

US-CERT Year in Review. United States Computer Emergency Readiness Team

Advanced Threat Protection with Dell SecureWorks Security Services

CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS

Microsoft s cybersecurity commitment

Written Testimony. Dr. Andy Ozment. Assistant Secretary for Cybersecurity and Communications. U.S. Department of Homeland Security.

network PRoteCtion and information L G S H a S P e R F o R M e D assurance networks R e D t e a M S e C U R i t Y

Obtaining Enterprise Cybersituational

Cyber4sight TM Threat. Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats

CyberSecurity Solutions. Delivering

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

(BDT) BDT/POL/CYB/Circular

Legislative Language

How To Buy Nitro Security

Combating a new generation of cybercriminal with in-depth security monitoring

RETHINKING CYBER SECURITY

A COMPLETE APPROACH TO SECURITY

NGA Paper. Act and Adjust: A Call to Action for Governors. for cybersecurity;

BlacKnight. Cyber Security international A BUSINESS / MARKETING PRESENTATION

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

Predictive Cyber Defense A Strategic Thought Paper

Cyber Learning Solutions

RETHINKING CYBER SECURITY Changing the Business Conversation

IBM Security IBM Corporation IBM Corporation

Enterprise Security Platform for Government

Cybersecurity. Are you prepared?

NIST Cybersecurity Framework Impacting Your Company? April 24, 2014 Presented By Sheila FitzPatrick, NetApp Jeff Greene, Symantec Andy Serwin, MoFo

How To Create An Insight Analysis For Cyber Security

Myths and Facts about the Cyber Intelligence Sharing and Protection Act (CISPA)

Overcoming Five Critical Cybersecurity Gaps

Testimony of Dan Nutkis CEO of HITRUST Alliance. Before the Oversight and Government Reform Committee, Subcommittee on Information Technology

2015 Michigan NASCIO Award Nomination. Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy

The U.S. Department of Homeland Security s Response to Senator Franken s July 1, 2015 letter

McAfee Deep Safe. Security beyond the OS. Kai-Ping Seidenschnur Senior Security Engineer. October 16, 2012

DEFENSE INFORMATION SYSTEMS AGENCY STRATEGIC PLAN UNITED IN SERVICE TO OUR NATION

Testimony of. Mr. Anish Bhimani. On behalf of the. Financial Services Information Sharing and Analysis Center (FS-ISAC) before the

Cybersecurity Enhancement Account. FY 2017 President s Budget

Requirements When Considering a Next- Generation Firewall

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

Keynote: FBI Wednesday, February 4 noon 1:10 p.m.

O N L I N E I N C I D E N T R E S P O N S E C O M M U N I T Y

Cyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties

Middle Class Economics: Cybersecurity Updated August 7, 2015

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems

NASCIO 2014 State IT Recognition Awards

Utilizing and Visualizing Geolocation Data for Powerful Analysis

The Comprehensive National Cybersecurity Initiative

You ll learn about our roadmap across the Symantec and gateway security offerings.

Cyber Threat Intelligence and Incident Coordination Center (C 3 ) Protecting the Healthcare Industry from Cyber Attacks

White Paper. Information Security -- Network Assessment

Cybersecurity on a Global Scale

2015 CEO & Board University Cybersecurity on the Rise. Matthew J. Putvinski, CPA, CISA, CISSP

Advanced Threats: The New World Order

Cisco Security: Moving to Security Everywhere. #TIGcyberSec. Stefano Volpi

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

U.S. Department of Energy Office of Inspector General Office of Audits and Inspections

How To Protect Your Network From Intrusions From A Malicious Computer (Malware) With A Microsoft Network Security Platform)

COUNTERINTELLIGENCE. Protecting Key Assets: A Corporate Counterintelligence Guide

I N T E L L I G E N C E A S S E S S M E N T

Active Network Defense: Real time Network Situational Awareness and a Single Source of Integrated, Comprehensive Network Knowledge

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES

FFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors

FFIEC Cybersecurity Assessment Tool

Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform

Defending Against Cyber Attacks with SessionLevel Network Security

CyberSecurity: Trends, Careers, & the Next Generation

SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Actions and Recommendations (A/R) Summary

TRITON AP-WEB COMPREHENSIVE REAL-TIME PROTECTION AGAINST ADVANCED THREATS & DATA THEFT

Developing a Mature Security Operations Center

A Modern Framework for Network Security in Government

ICBA Summary of FFIEC Cybersecurity Assessment Tool

Building a Cyber Security Operations Center

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape

An Accelerated Pathway to Careers in Cybersecurity for Transitioning Veterans. NICE Annual Conference November 2015

Network Management and Defense Telos offers a full range of managed services for:

Cybersecurity: Mission integration to protect your assets

Cisco Advanced Malware Protection for Endpoints

Intelligence Driven Security

Next-Generation Firewalls: Critical to SMB Network Security

PREPARED TESTIMONY OF THE NATIONAL CYBER SECURITY ALLIANCE MICHAEL KAISER, EXECUTIVE DIRECTOR ON THE STATE OF CYBERSECURITY AND SMALL BUSINESS

Cybersecurity Awareness for Executives

SourceFireNext-Generation IPS

How To Manage Security On A Networked Computer System

Transcription:

Manned Information Security Adversary Pursuit and Active Network Defense root9b Technologies (RTNB) Presented By: John Harbaugh, COO

CONFIDENTIALITY NOTICE This briefing, including any attachments, is for the sole use of the intended recipients and contains proprietary information. Any unauthorized review, use, disclosure or distribution is prohibited. 2

Who We Are root9b is a global cybersecurity leader founded on the principles of technical innovation, tailored operations and professional excellence. Advanced cyber operations, tactics, development and training for Commercial, Department of Defense and Law Enforcement organizations world-wide. TS//SCI cleared personnel Innovative TTP Development National-level research Strategic Partnerships Community Contributor Staffed with certified Department of Defense Computer Network Operations (CNO) operators, granting unparalleled vision, expertise, and experience. Established agile principles, allowing quick response to a dynamic cyber security market. 3

Corporate Locations Colorado Springs, Colorado San Antonio, Texas New York, New York San Diego, California Charlotte, North Carolina State-of-the-art training Cyber Range Support Forensic Laboratory Herndon, Virginia Honolulu, Hawaii Strategic positioning across advanced technical operations Mobile Training Team (MTT) training suite prepared to serve training needs worldwide. 4

Advisory Board Joseph J. Grano, Jr Chairman & CEO Premier Alliance o Chairman and CEO of Centurion Holdings LLC o Former Chairman and CEO of UBS Financial Services (formerly UBS PaineWebber) o Former Chairman of the Board of Governors of NASD; Member, Executive Committee o Former Chairman of the Homeland Security Advisory Council (2002 2005) Richard A. Grasso o Former NYSE chairman and chief executive officer (1995 2003) Judge William Webster o Chairman of the Homeland Security Advisory Council o Former Director of the Federal Bureau of Investigation (1978 1987) o Former Director of Central Intelligence (1987 1991) Michele Malvesti (Chairperson) o Former Senior Director, Combating Terrorism National Security Council o Vice President in the National Security Sector at Science Applications International Corporation (SAIC) o Board member, Special Operations Warrior Foundation Lewis Merletti o Former Director of United States Secret Service o Special Agent in Charge, Presidential Protective Division o Sergeant, Special Forces Green Beret, United States Army 5

What We Do Emerging Technologies Focused on development, prototyping and delivery advanced technical capabilities and tools for Intelligence, Law Enforcement and Commercial organizations worldwide. Cyber Operations Focused on enabling full spectrum cyber and active defense operations across Defense, Civil, Intelligence and Commercial organizations worldwide. Training & Tactics Focused on the development, and delivery of operationally focused and advanced cyber, intelligence analysis, tool and tactics training to support offensive and defensive cyber personnel worldwide. Threat Intelligence Focused on the development and delivery of tactical, actionable cyber threat intelligence to drive near real-time adversary eradication from a client s enterprise. Full Life Cycle Cyber & Intelligence Support Services 6

Our Philosophy Cybersecurity is our mission, not just a capability. We have unique perspective, expertise, and experience with the most challenging missions. We are innovative, agile, and committed to securing our nation. 7

Adaptive Threat Tailored Solutions 8

Cybersecurity Landscape Global estimated losses from cyber attacks are more than $300 Billion USD annually. U.S. losses are estimated between $24 and $120 Billion USD annually. Estimated annual increase: - Center for Strategic and International Studies (McAfee, 2013) 9

Cybersecurity Landscape Malware is prevalent. And outpacing network defenses. 10

Cybersecurity Landscape Malware Trends 250,000 Malware Samples (Day) 200,000 150,000 100,000 50,000 0 Q1 2011 Q2 2011 Q3 2011 Q4 2011 Q1 2012 Q2 2012 Q3 2012 Q4 2012 Q1 2013 Q2 2013 - McAfee, Symantec, Kaspersky Reports (2011 2013) 11

Cybersecurity Landscape Known CVE Vulnerabilities 60,000 Disclosed Vulnerabilities 50,000 40,000 30,000 20,000 10,000 0 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 - Risk I/O (2013) 12

Cybersecurity Landscape percent of Cyber attacks take several months or years to remediate. 13

Cybersecurity Landscape The average unknown vulnerability is unidentified for 200-300 Days How many exist that have yet to be discovered? 14

Cybersecurity Landscape Current Defenses - Capabilities Malware Analysis 51% Traffic Analysis 41% Rogue Device Scanning IP Geolocation Threat Intelligence Feeds External Footprint Examination Deep Packet Inspection Don't Know / Not Sure Threat Modeling 34% 31% 30% 27% 27% 25% 21% Advanced Techniques 9% - Annual PWC Report (2013) 15

Cybersecurity Landscape We invest in hardware and rely on automated solutions to certify systems. 16

Cybersecurity Landscape - EY, root9b (2012, 2014) 17

Cybersecurity Landscape Traditional network security methodology Secure (Prepare for attack) Automate Post-Incident (Postmortem, increase automation) Reaction (Contain, Eradicate, Recover, Reimage) Monitor (Identify, Detect and Analyze) 18

Cybersecurity Landscape Traditional passive defense is not sufficient. Things must be different. 19

Rethinking The Industry The adversary is HUMAN Understand the adversary Think like the adversary Maneuver like the adversary Tailored and adaptive defenses 20

Adversary Pursuit Methodology Active defense Continuous networking monitoring Actionable threat intelligence Looking for low and slow (stealthy), vice already known indicators Humans HUNTING Humans 21

Adversary Pursuit Center Centralized execution Centralized oversight Centralized control Supports decentralized and partnership-enabled operations Integrated Operations Center Located in downtown Colorado Springs and San Antonio Hunt opportunities are not restricted to business day Networks are always on Adversary is active 24/7 No one is conducting remote 24/7 HUNT operations for industry Provides unique, client-specific threat intelligence opportunity Scales to support current and future requirements Develops, maximizes, and grows a community restricted skillset 22

ORION Operations Aggressive platform, remote real-time active defense operations Remote live memory analysis and enterprise-wide surveillance Supports onsite deployment and client-executed operations Tailored operational training 23

24

25

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information