Rising to the Challenge

Similar documents
DoD Strategy for Defending Networks, Systems, and Data

Time Is Not On Our Side!

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

I D C A N A L Y S T C O N N E C T I O N

Seven Things To Consider When Evaluating Privileged Account Security Solutions

Strengthen security with intelligent identity and access management

Defending against modern threats Kruger National Park ICCWS 2015

Cloud Computing Technologies Achieving Greater Trustworthiness and Resilience

Applying machine learning techniques to achieve resilient, accurate, high-speed malware detection

Managing the Unpredictable Human Element of Cybersecurity

Enterprise Security Tactical Plan

Addressing the Full Attack Continuum: Before, During, and After an Attack. It s Time for a New Security Model

Northrop Grumman White Paper

Experience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC.

Requirements When Considering a Next- Generation Firewall

Cybersecurity Delivering Confidence in the Cyber Domain

Cybersecurity Enhancement Account. FY 2017 President s Budget

Cybersecurity: Mission integration to protect your assets

Cyber Security Risk Management: A New and Holistic Approach

Retail Security: Enabling Retail Business Innovation with Threat-Centric Security.

STATEMENT OF. Dr. David McClure Associate Administrator Office of Citizen Services and Innovative Technologies General Services Administration

Cloud Security for Federal Agencies

Security Architecture: From Start to Sustainment. Tim Owen, Chief Engineer SMS DGI Cyber Security Conference June 2013

Cybersecurity on a Global Scale

Increase insight. Reduce risk. Feel confident.

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness

Stop advanced targeted attacks, identify high risk users and control Insider Threats

By John Pirc. THREAT DETECTION HAS moved beyond signature-based firewalls EDITOR S DESK SECURITY 7 AWARD WINNERS ENHANCED THREAT DETECTION

NICE and Framework Overview

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program

Cyber Security Solutions Integrated. Proactive. Resilient.

Cyber Watch. Written by Peter Buxbaum

Cyber Security: Confronting the Threat

ISSUE BRIEF. Cloud Security for Federal Agencies. Achieving greater efficiency and better security through federally certified cloud services

Innovation, Partnership, Development

IBM Smarter Cities Cybersecurity Update

Defending Against Cyber Attacks with SessionLevel Network Security

Microsoft s cybersecurity commitment

Cybersecurity Strategic Talent Management. March, 2012

White Paper: The Current State of BYOD

Northrop Grumman Cybersecurity Research Consortium

How To Secure Cloud Infrastructure Security

IG ISCM MATURITY MODEL FOR FY 2015 FISMA FOR OFFICIAL USE ONLY

CLOUD COMPUTING SERVICES CATALOG

GOVERNMENT USE OF MOBILE TECHNOLOGY

BlacKnight. Cyber Security international A BUSINESS / MARKETING PRESENTATION

Vulnerability Management

A Modern Framework for Network Security in Government

FREQUENTLY ASKED QUESTIONS

Addressing Cyber Risk Building robust cyber governance

Carbon Black and Palo Alto Networks

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS

Fighting Advanced Threats

BlackRidge Technology Transport Access Control: Overview

Solving the Security Puzzle

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

Malware isn t The only Threat on Your Endpoints

Remarks for Admiral David Simpson WTA Advocates for Rural Broadband Spring Meeting Cybersecurity Panel

Reliable, Repeatable, Measurable, Affordable

CYBERSECURITY CHALLENGES FOR DOD ACQUISITION PROGRAMS. Steve Mills DAU-South

SITUATIONAL AWARENESS MITIGATE CYBERTHREATS

STAND THE. Cybersecurity. Q&A with Industry Leaders

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

The Comprehensive National Cybersecurity Initiative

Compliance Guide ISO Compliance Guide. September Contents. Introduction 1. Detailed Controls Mapping 2.

Statement of Danny Harris, Ph.D. Chief Information Officer U.S. Department of Education

Securing Government Clouds Preparing for the Rainy Days

Opening Up a Second Front for Cyber Security and Risk Management

SOLUTION BRIEF. Next Generation APT Defense for Healthcare

Update On Smart Grid Cyber Security

THE FUTURE OF SMART GRID COMMUNICATIONS

Cyber security in healthcare

Cyber Situational Awareness for Enterprise Security

REPORT. Next steps in cyber security

Triangle InfoSeCon. Alternative Approaches for Secure Operations in Cyberspace

Addressing FISMA Assessment Requirements

How do you give cybersecurity the highest priority in your organization? Cyber Protection & Resilience Solutions from CGI

The Path Ahead for Security Leaders

RETHINKING CYBER SECURITY

ADVANCED PERSISTENT THREATS & ZERO DAY ATTACKS

Unified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice

White Paper: Leveraging Web Intelligence to Enhance Cyber Security

Rethinking Information Security for Advanced Threats. CEB Information Risk Leadership Council

Accenture Cyber Security Transformation. October 2015

Risk Calculation and Predictive Analytics: Optimizing Governance, Risk and Compliance.

Cybersecurity in the States 2012: Priorities, Issues and Trends

RSA, The Security Division of EMC. Zamanta Anguiano Sales Manager RSA

Incident Response. Six Best Practices for Managing Cyber Breaches.

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Security Risk Management For Health IT Systems and Networks

STATEMENT OF SYLVIA BURNS CHIEF INFORMATION OFFICER U.S. DEPARTMENT OF THE INTERIOR BEFORE THE

Sponsored by. A REPORT BY HARVARD BUSINESS REVIEW ANALYTIC SERVICES Aggressive and Persistent: Using Frameworks to Defend Against Cyber Attacks

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

EXECUTIVE OFFICE OF THE PRESIDENT OFFICE OF MANAGEMENT AND BUDGET WASHINGTON, D.C October 30, 2015

EEI Business Continuity. Threat Scenario Project (TSP) April 4, EEI Threat Scenario Project

Why Device Fingerprinting Provides Better Network Security than IP Blocking. How to transform the economics of hacking in your favor

Navigating the NIST Cybersecurity Framework

Transcription:

CYBERSECURITY: Rising to the Challenge Dialogues with Subject Matter Experts Advanced persistent threats. Zero-day attacks. Insider threats. Cybersecurity experts say that if IT leaders are not concerned about the ongoing evolution of the cyber landscape, it just means they are not paying enough attention. The problem is that these and other emerging cyber tactics are designed to evade traditional cyber defenses and escape detection until it s too late. The good news is it s not a lost cause. In this special report, two subject matter experts discuss cybersecurity technologies and strategies that can help agencies defend their systems and data against the latest cyber threats, today and into the future. Sponsored by

Sponsored Content The complexity of cybersecurity demands a systematic approach Jim Myers Sector Vice President and General Manager, Cyber Solutions Division, Northrop Grumman Information Systems Understanding your complete risk posture is essential. It is the difference between being proactive and in a good defensive position, versus reactive. How can an agency balance Q the need for better security with the need to provide a good user experience? A Understanding risk is critical when securing any digital environment. Today, mobile computing is where we see the most prevalent tradeoffs between user experience and security. Customers want the convenience and efficiencies that come from access to mobile apps. However, the greatest security risks are migrating to mobile, and these issues are limiting its full adoption. Developing essential security standards for application development can begin to address the inconsistency in security profiles that many mobile computing environments experience. At Northrop Grumman, we address security and user experience by taking a systematic approach and looking at mobile security in a holistic, risk-based way. Those customers who take a risk-based approach to developing enterprise cybersecurity policy and related solutions can deploy their resources and implement controls in a way that s best for them, resulting in a better user experience and lower risk. QIs mobile malware winning? What can agencies do to better protect themselves? AAt the moment, mobile malware is winning. That s because existing networks have not been architected with malware in mind, and the mobile environment is particularly vulnerable. Adversaries are using persistent and innovative approaches to get access to networks, and the only way agencies can tackle this is to secure the entire enterprise, including the device itself. You need a strong device security architecture, encryption for both data at rest and in motion, and identity management and authentication solutions to secure mobile users. Two-factor authentication is the classic approach, but there are also biometrics and other ways you can approach identity management. The same way you determine who gets access to certain types of data in a corporate environment, you want to have a similar process in place for a mobile environment. Mobile malware is best managed with non-signature based detection technology. Putting that technology at the network gateway allows you to isolate data and applications that are potentially suspect. We recommend that agencies develop end-to-end trusted mobility solutions that go beyond the gateway approach to include on-device malware detection and identity management. At Northrop Grumman, we re developing innovative security solutions in the mobile data environment, leveraging ideas from our university consortium and developing them through our own technology investments to help advance technology quickly.

QRisk management is an oft-used phrase in cybersecurity today. What does it mean to you, and how well do agencies understand it and practice it? AIn our business, we manage mission critical systems for our customers. As we see it, risk management is the ability to balance key elements of risk tolerance: the cost to implement security with the ability to effectively execute the mission. This is a delicate balance that can only be achieved by partnering with the customer to develop a deep understanding of their mission. We ve been doing this for more than 30 years, and it s this approach that helps enable a meaningful enterprise risk assessment. To help customers and our security practitioners develop this understanding, we created the Fan, a layered cyber defense approach that assesses risk at each level of the IT enterprise the perimeter, network, applications, data and client. The Fan allows us to be agnostic to platform and architecture. Each agency has different IT architectures and missions, and they think about risk differently. This approach allows us to leverage a common view of the enterprise and to identify where risk exists in each customer s architecture. Understanding your complete risk posture is essential. It is the difference between being proactive and in a good defensive position, versus reactive. QThe relationship between government and industry is seen as crucial to progress in cybersecurity. Where does it stand now, and does it still need to improve? How? The relationship is good, and it s a critical A one. This partnership is constantly improving through programs like the Defense Industrial Base cyber pilot. The cyber threat is still a new phenomenon to most, and the ability for agencies to implement even basic cybersecurity practices differs a lot. As we work collectively to get in front of the threat, building cybersecurity early in the acquisition lifecycle is imperative. Creating core cybersecurity criteria for evaluation will be important to establish within future acquisition documents. One area that still needs improvement is securing the supply chain. Government and industry need to work together to find better ways to leverage COTS in secure environments without compromising security. The NIST cyber framework is a great step forward and very useful for communicating how to manage risk by establishing a detection baseline and aggregating and correlating the event data. QWhat s the state of the government cybersecurity workforce? How can it be improved? The demand for cybersecurity experts A far exceeds the availability of this critical talent. That s why we have focused so much effort and investment into enhancing today s workforce and in developing tomorrow s talent. We created our own training program called Cyber Academy, a cyber education continuum for both internal and external customers. We also know the importance of reaching down to the middle and high school levels to get students excited about a career in STEM and cybersecurity. To that end, we re entering our fourth year as presenting sponsor of the Air Force Association s CyberPatriot program, the national youth cyber defense competition. We also partner with universities across the country to develop the cyber workforce. This includes funding the nation s first cybersecurity honors program, the Advanced Cybersecurity Experience for Students at the University of Maryland, and the Cyber Scholars program and the Cync incubator at the University of Maryland, Baltimore County. We also created the Cybersecurity Research Consortium, which includes Carnegie Mellon, Massachusetts Institute of Technology, Purdue and the University of Southern California, and opened a cyber lab at Cal Poly San Luis Obispo. We see our customers extending their training programs in cyber, and the workforce is growing. We also see the military academies offering cyber degrees. In total, there is much to do but I see the ranks of cyber-educated professionals increasing and ready to take on this critically important mission.

QWhat role do managed security services play in overall government cybersecurity? ACommercial managed security services are not always suitable for a government application. We see a wide range of adversaries attacking government IT enterprises, and a managed security service may not have the robustness to address the range of threats targeted at a government agency. If such a service is used, you ve potentially introduced a gap or vulnerability. That said, as IT infrastructure becomes more centralized through cloud computing, managed security services play a natural role. Some areas of the Department of Defense are migrating to shared IT infrastructure models and will likely expand their internal managed service models, including managed security services. Again, risk management is key. We encourage them to think about the risk tradeoffs, and at the same time to expand their internal managed security models with a higher level of security. QThe Snowden revelations have renewed concern about internal security lapses. What can agencies do to protect themselves against insider threats? AThis is one of the most challenging problems that we see today. There are a number of steps agencies can take to protect themselves, starting with basic practices such as evaluating hiring processes and compartmentalizing critical information. But that s not all. Going beyond the basics, there are data exfiltration prevention solutions in the marketplace; however, it s not clear that these current solutions can fully address the threat. This is a problem we ve studied extensively at Northrop Grumman, and we re developing some innovative capabilities for our customers to overcome this challenge. For instance, we re advancing automated solutions that can not only identify malware and provide situational awareness for network operators, but can also identify behavior of insiders that are suspect. Strong identity management, user authentication, and role-based access techniques are central to reducing the insider threat. User credentials, preferably enforced through biometric solutions, are mature enough to be deployed. Enhanced analytics can also be used to identify abnormal or suspicious behaviors. QPassword-only authentication seems to be rapidly falling out of favor. For government, what are the realistic alternatives over the next few years? AIn the coming years, new authentication approaches will replace passwords. With touch screen phone technology, for example, you ll be able to use fingerprint, voice and facial recognition. We see authentication approaches that will combine biometrics, encrypted PINs, and secure device provisioning as attractive alternatives to passwords. Even today there are alternatives available for authentication. CAC cards, for example, can be an interim step and can be used in combination with biometrics such as fingerprint detection. This approach supports our belief that singlefactor authentication is not sufficient. Again, it gets back to the discussion about risk tolerance and what the proper balance is for each agency. There are numerous statistics available now that identify the cost to an organization of a successful cyber intrusion. So once the attack has happened, the ROI for implementing even the most basic authentication and security improvements - as well as basic hygiene measures - is higher and clearly justified. QHow well does the government procurement process aid cybersecurity measures? What else would you like to see? AOur government customers are well aware of the role that procurement plays in cyber, and we stress the importance of designing security into that process. This is absolutely critical. If you can design it in upfront you can keep down costs and do a lot for affordability. We also talk about the need to consider supply chain security early in the process. Deployed systems have to meet proper security standards and that needs to be balanced with the expected advancements in technology and pervasive trends, such as mobility. If they do that, they ll find themselves in a better posture as far as getting the acquisitions underway. Clearly, the awareness among government

officials from the top down is growing and is being translated into policy. The government procurement process itself is very mature, but there is still work to do. In January, the GSA and DoD announced recommendations to improve cybersecurity resilience and address cyber risks in the federal acquisition process, a great step forward QHow well is the FedRAMP program working, and are any changes needed? Will it alone make cloud-based services more secure for agencies? AFedRAMP has a very challenging role in supporting the procurement of cloud services. They ve got a working process now for vetting cloud solutions, and it definitely brings efficiencies to government. The standardization FedRAMP has applied to this technologically diverse environment allows for further efficiencies for the federal government. If a federal CTO or CIO is presented with a cloud provider that has a provisional authority to operate, then they know that provider has a sound solution and their service is a lower security risk. Again, balancing risk tolerance. In that sense, FedRAMP is speeding up the whole process of selecting and acquiring cloud services and getting them much more mature solutions. In the last year, there were just over a dozen cloud providers granted FedRAMP provisional ATOs, so the process is clearly working. About Northrop Grumman Northrop Grumman is a leading integrator of cyber solutions for the Department of Defense, the intelligence community, civil/federal agencies, and for commercial and international customers - offering innovative solutions that are securing networks and products, worldwide. For more information, go to: www.northropgrumman.com

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information