The STAGEnet Security Model

Similar documents

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

The Protection Mission a constant endeavor

Logging In: Auditing Cybersecurity in an Unsecure World

Enterprise Cybersecurity: Building an Effective Defense

Cybersecurity: What CFO s Need to Know

A HELPING HAND TO PROTECT YOUR REPUTATION

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015

Four Top Emagined Security Services

Cybersecurity in an All-IP World Are You Prepared?

Bellevue University Cybersecurity Programs & Courses

7 Homeland. ty Grant Program HOMELAND SECURITY GRANT PROGRAM. Fiscal Year 2008

Enterprise Security Tactical Plan

Designing a security policy to protect your automation solution

Personal Security Practices of the CAO

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

O N L I N E I N C I D E N T R E S P O N S E C O M M U N I T Y

Information Security Review

Incident Response. Six Best Practices for Managing Cyber Breaches.

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST

Enterprise Cybersecurity: Building an Effective Defense

Client Security Risk Assessment Questionnaire

Incident Response. Six Best Practices for Managing Cyber Breaches. Nick Pollard, Senior Director Professional Services EMEA / APAC, Guidance Software

North Dakota University System System Information Technology Services Annual Report

Introduction to Cyber Security / Information Security

IBX Business Network Platform Information Security Controls Document Classification [Public]

Advanced Threats: The New World Order

Critical Controls for Cyber Security.

Governor s Cybersecurity Task Force. Monday, November 23, 2015 Roughrider Room State Capitol Building

TENDER NOTICE No. UGVCL/SP/III/608/GPRS Modem Page 1 of 6. TECHNICAL SPECIFICATION OF GPRS based MODEM PART 4

TERMS OF REFERENCE (TORs) OF CONSULTANTS - (EAG) 1. Reporting Function. The Applications Consultant reports directly to the CIO

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

Security from a customer s perspective. Halogen s approach to security

Effective Threat Management. Building a complete lifecycle to manage enterprise threats.

State of Vermont. Intrusion Detection and Prevention Policy. Date: Approved by: Tom Pelham Policy Number:

INCIDENT RESPONSE CHECKLIST

Securing Smart City Platforms IoT, M2M, Cloud and Big Data

How are we keeping Hackers away from our UCD networks and computer systems?

INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION

Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks

University of Pittsburgh Security Assessment Questionnaire (v1.5)

IBM QRadar Security Intelligence April 2013

Defending Against Data Beaches: Internal Controls for Cybersecurity

State Agency Cyber Security Survey v October State Agency Cybersecurity Survey v 3.4

Working with the FBI

PCI Overview. PCI-DSS: Payment Card Industry Data Security Standard

Cloud Security Trust Cisco to Protect Your Data

How To Protect Your Network From Attack

Fear Not What Security Can Do to Your Firm; Instead, Imagine What Your Firm Can Do When Secured!

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer

FIVE PRACTICAL STEPS

The Role of Threat Intelligence and Layered Security for Intrusion Prevention in the Post-Target Breach Era

OFFICE OF ENTERPRISE TECHNOLOGY SERVICES QUARTERLY REPORT ON

Securely Yours LLC Top Security Topics for Sajay Rai, CPA, CISSP, CISM

Current IBAT Endorsed Services

Cybersecurity The role of Internal Audit

Network Security Administrator

National Railroad Passenger Corp. (AMTRAK) Session 1 Threats and Constraints. Continuous. - Continuous Monitoring. - Continuous Assessment

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

White Paper: Consensus Audit Guidelines and Symantec RAS

EMERGING THREATS & STRATEGIES FOR DEFENSE. Stephen Coty Chief Security

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Evolution Of Cyber Threats & Defense Approaches

The Role of Threat Intelligence and Layered Security for Intrusion Prevention in the Post-Target Breach Era

Unified Security Anywhere HIPAA COMPLIANCE ACHIEVING HIPAA COMPLIANCE WITH MASERGY PROFESSIONAL SERVICES

INFORMATION TECHNOLOGY DEPARTMENT INDEPENDENT SERVICE ORGANIZATION AUDIT For the period 4/1/ /1/2014

Verve Security Center

Prevent cyber attacks. SEE. what you are missing. Netw rk Infrastructure Security Management

Western Australian Auditor General s Report. Information Systems Audit Report

2012 Risk Assessment Workshop

Big Data, Big Risk, Big Rewards. Hussein Syed

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

Agenda. Cyber Security: Potential Threats Impacting Organizations 1/6/2015. January 10, 2015 Scott Petree

STATEMENT OF RANDY S. MISKANIC VICE PRESIDENT, SECURE DIGITAL SOLUTIONS U.S. POSTAL SERVICE BEFORE THE SUBCOMMITTEE ON FEDERAL WORKFORCE, U.

CESG Certification of Cyber Security Training Courses

Information Blue Valley Schools FEBRUARY 2015

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1

Best Practices For Department Server and Enterprise System Checklist

NIST CYBERSECURITY FRAMEWORK COMPLIANCE WITH OBSERVEIT

A Systems Approach to Protecting the U.S. Air Traffic Control System Against Cyber-Terrorism

MOBILITY & INTERCONNECTIVITY. Features SECURITY OF INFORMATION TECHNOLOGIES

Secure networks are crucial for IT systems and their

Increase insight. Reduce risk. Feel confident.

A Practical Approach to Network Vulnerability Assessment AN AUDITOR S PERSPECTIVE BRYAN MILLER, IT DIRECTOR JOHN KEILLOR, CPA, AUDIT PARTNER

SANS Top 20 Critical Controls for Effective Cyber Defense

south dakota enterprise cyber security operations 2014 NASCIO Recognition Award Nomination Category: Cybersecurity Initiatives

National Initiative for Cybersecurity Education

Firewall Environments. Name

SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Behavioral Interview Guidelines by Job Roles

We are Passionate about Total Security Management Architecture & Infrastructure Optimisation Review

McAfee Security Architectures for the Public Sector

Security challenges in Southern Europe. Thanassis Papadopoulos Country Manager

Computer Crime & Security Survey

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Securely Yours LLC IT Hot Topics. Sajay Rai, CPA, CISSP, CISM

SAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts

Security Tool Kit System Checklist Departmental Servers and Enterprise Systems

Transcription:

NDSU 2015 Cyber Security Conference The STAGEnet Security Model Peeling Away the Layers March 17, 2015 NDSU Memorial Union Rose Room

NDSU 2015 Cyber Security Conference Art Bakke Enterprise Information Security Administrator / Security Architect

Goal To describe how security is strategically developed and implemented for STAGEnet enterprise network based on the needs of the various stakeholders.

Agenda The Crown Jewels Roles and Responsibilities STAGEnet Cybersecurity Framework

The Crown Jewels From Cradle To Grave And Beyond!

ITD s Roles and Responsibilities Per NDCC 54-59-05.2 and 54-59-05.14 ITD has the authority and responsibility for information systems security surrounding State of North Dakota information technology assets. ITD is responsible for protecting the availability, integrity, and confidentiality of the state s information systems and the data stored in information systems that are managed by ITD. ITD also directs the development of standards, policies and guidelines for enterprise security. This is done in collaboration with state agencies through the Enterprise Architecture process. Centralized Model

ITD Security Administrator Roles and Responsibilities Lead enterprise information security team; manage and provide oversight for information security projects and programs Develop security direction for ITD, State of North Dakota, political subdivisions & K-12 schools Provide guidance to meet technical & legal requirements for access to 1,700+ servers, 10,000+ endpoints for 100,000+ users

What is STAGEnet? STAGEnet The North Dakota Statewide Technology Access for Government and Education network (STAGEnet) provides broadband connectivity, Internet access, video conferencing and other networking services to all state agencies, colleges and universities, local government, and K-12.

What is STAGEnet? (continued) STAGEnet is governed as a partnership between government and education that consists of three committees*, which aid in planning, prioritizing, approving standards, policies and procedures. Because of the varied nature and the variety of resources that use this network, security for it is built based on layers much like those of an onion. *Executive Committee (State CIO, NDUS CIO, K12 Director, ITD Network Services Director) *Management Committee (State, NDUS, ITD, IVN) *Technical Committee (State, NDUS, ITD, K12)

Cybersecurity Framework

Cybersecurity Framework

Cybersecurity Framework Security Framework Roles and Responsibilities ITD Executive and Information Security Management CIO/Deputy CIO Responsibilities Enterprise Security Administrator ITD Virtual Security Team Information/Application Owners Agency Directors Agency IT Coordinators Agency Security Officers

Cybersecurity Framework Security Framework Roles and Responsibilities Technology Providers ITD Architects Project Managers Developers Network and System Administrators Supporting Functions Audit, Physical Security, Contingency Planning Quality Assurance, Training, Procurement Human Resources, Facilities Users of Information and Systems

Cybersecurity Framework Core Security Areas Network Security Host Security Application Security User Security

Cybersecurity Framework

Cybersecurity Functions The basis for our Framework Identify Protect Detect Respond Recover

Cybersecurity Functions The basis for our Framework Identify What do I need to protect? Protect What controls do I use? Detect How do I know I am being attacked? Respond What actions do I take? Recover How do I return to normal operations? Effective security encompasses the relationship between all five functions it is a process, not a product.

Cybersecurity Principles Security by Design Defense in Depth Compartmentalize Utilize Control Points (Choke) Points Fail Securely Secure the Weakest Link

What Do I Need to Protect? Identify Security Frameworks Audits/Risk Assessments Data Classification

What controls do I use? Encryption Virtual Private Networks (VPN) Protect Advanced Firewalls & Intrusion Prevention Systems (IPS) Physical Security Awareness & Training Identity & Access Management

How do I know I am being attacked? Intrusion Detection Systems (IDS) Vulnerability Scanning Detect Audit Logs Security Information and Event Management (SIEM) Systems

What actions do I take? Security Incident Response Team and processes Cybersecurity Forensics Proactive Vulnerability Management Respond

How do I return to normal operations? Contingency Planning Data Backups and High Availability Systems Secondary Data Centers Recover

Conclusion The Crown Jewels Roles and Responsibilities STAGEnet Cybersecurity Framework

Cybersecurity Functions The basis for our Framework Identify Protect Detect Respond Recover Questions?

Thank you! Art Bakke Enterprise Information Security Administrator / Security Architect State of North Dakota ambakke@nd.gov