Train Like You Will Fight

Similar documents
Guide for Designing Cyber Security Exercises

2015 Michigan NASCIO Award Nomination. Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy

CyberNEXS Global Services

Computer Hacking Forensic Investigator v8

Cyber Exercises, Small and Large

Advanced Threat Protection with Dell SecureWorks Security Services

The 5 Cybersecurity Concerns You Can t Overlook

The Value of Automated Penetration Testing White Paper

The Case for Support: The Center for Cyber Security Studies at the U. S. Naval Academy

Threat Intelligence Pty Ltd Specialist Security Training Catalogue

CYBER SECURITY TRAINING SAFE AND SECURE

i Network, Inc Technology Solutions, Products & Services Providing the right information, to the right customer, at the right time.

The Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco.

Cyber Liability Insurance

Cyber Threats Insights from history and current operations. Prepared by Cognitio May 5, 2015

Participants: Introduction:


UTCS CyberSecurity. Educating Cyber Professionals. Dr. Bill Young Department of Computer Sciences University of Texas at Austin. Spring Semester, 2015

Minnesota State Community and Technical College Detroit Lakes Campus

defense through discovery

Cyber Security :: Insights & Recommendations for Secure Operations. N-Dimension Solutions, Inc.

SECURITY. Risk & Compliance Services

CyberSecurity for Law Firms

Confrontation or Collaboration?

DETECT. LEARN. ADAPT. DEFEND. WIN EVERY ATTACK.

Developing a robust cyber security governance framework 16 April 2015

SentinelOne Labs. Advanced Threat Intelligence Report Predictions

CLASS FINAL REPORT UNIVERSITY OF CENTRAL FLORIDA FRONTIERS IN INFORMATION TECHNOLOGY COP 4910

How to Respond When Sensitive Customer and Employee Data is Breached, Stolen or Compromised

SCADA Security Training

Panel on Emerging Cyber Security Technologies. Robert F. Brammer, Ph.D., VP and CTO. Northrop Grumman Information Systems.

EC-Council. Certified Ethical Hacker. Program Brochure

Oil & Gas Cybersecurity

Information Assurance Program at West Point

Cyber Warfare. Global Economic Crime Survey. Causes of Cyber Attacks. David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP. Why Cybercrime?

Deloitte Cyber Risk Services Providing trust in a digital world

Contestant Requirements:

PREPARE YOUR INCIDENT RESPONSE TEAM

Threat Intelligence is Like Three Day Potty Training

ACADEMIC AFFAIRS COUNCIL ******************************************************************************

IT AUDIT WHO WE ARE. Current Trends and Top Risks of /9/2015. Eric Vyverberg. Randy Armknecht. David Kupinski

SCADA/ICS Security in an.

CAST Center for Advanced Security Training

The Future Is SECURITY THAT MAKES A DIFFERENCE. Overview of the 20 Critical Controls. Dr. Eric Cole

An Accelerated Pathway to Careers in Cybersecurity for Transitioning Veterans. NICE Annual Conference November 2015

Cybersecurity: A Growing Concern for All Businesses. RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

New-Age Master s Programme

Cybersecurity Guidance for Industrial Automation in Oil and Gas Applications

Hackers are here. Where are you?

CYBER DEFENSE COMPETITION: A TALE OF TWO TEAMS *

Two Approaches to PCI-DSS Compliance

Cyber Adversary Characterization. Know thy enemy!

CYBER SECURITY: A REPORT FROM THE TRENCHES 2015 AGC NATIONAL & CHAPTER LEADERSHIP CONFERENCE MIKE.ZUSMAN@CARVESYSTEMS.COM

Data Analytics & Information Security

What Data? I m A Trucking Company!

BIG DATA AND CYBERSECURITY:

RETHINKING CYBER SECURITY Changing the Business Conversation

HOW TO ADDRESS THE CURRENT IT SECURITY SKILLS SHORTAGE

Including Threat Actor Capability and Motivation in Risk Assessment for Smart Grids

Course Descriptions November 2014

Unified Security Management and Open Threat Exchange

RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123. Cybersecurity: A Growing Concern for Small Businesses

TABLETOP EXERCISE FACILITATOR S GUIDE:

PENETRATION TESTING GUIDE. 1

Assessing the strength of your security operating model

OVERVIEW DEGREES & CERTIFICATES

DATA SECURITY BREACH: THE NEW THIRD CERTAINTY OF LIFE

Managing the Unpredictable Human Element of Cybersecurity

Defensible Strategy To. Cyber Incident Response

Data Breach and Senior Living Communities May 29, 2015

Protecting critical infrastructure from Cyber-attack

C HFI C HFI. EC-Council. EC-Council. Computer Hacking Forensic Investigator. Computer. Computer. Hacking Forensic INVESTIGATOR

IoT & INFOSEC: A REPORT FROM THE TRENCHES - AGC IT Conference- July 2015 MIKE.ZUSMAN@CARVESYSTEMS.COM

Transcription:

Train Like You Will Fight Reliability First Workshop 1 October 2015 Dr. Joe Adams

Disclaimer 2 The content of this presentation is based on personal and professional experience of the speaker. The content is highly opinionated, personal, and full of behind the scenes stories. This presentation is intended to be thought provoking and provide an insider s view of training and exercises. The content, this presentation, and any of the jokes or comments made by the speaker are his and his alone, and do not represent the official position or opinions of Merit Network, Inc. or anyone else.

Introduction 3 Dr. Joe Adams Vice President of Research and Cyber Security Degrees in Computer Engineering Masters of Strategic Studies, US Army War College 26 years Army Signal Corps Associate Professor at US Military Academy 3 time winner of the NSA s Inter- Service Academy CDX Senior Member IEEE Distinguished Fellow, Ponemon Institute

Agenda 4 Why Defense? Building a Better Defender Elements of an Exercise Types of Exercises Tabletops Force on Force Capture the Flag Putting It All Together

Cyber-Attack Threat Cyber-Attacks Are the Biggest National Security Threat. Leon Panetta My greatest fear is that, rather than having a cyber Pearl Harbor event, we will instead have this death of a thousand cuts. Richard Clarke

The Mythical Air Gap 6

I Can See You 7

The Enemy Are Us 8

Cause First World Problems

Why Defense? Critical Infrastructure 85% owned by the private sector (GAO-07-39) Small Business Industrial Control Systems Enterprise Systems Only as strong as the weakest link

Privately Owned Infrastructure 11

Federal Response 12

Are You Ready? 13

Where Are We Going? 14

Building a Better Defender 15 Hack Back vs. Attribution IT Skills vs. Incident Response Teaching Offense to Learn Better Defense Ethics Play a Big Role

Building a Better Defender 16 Communication is the Key Skill Understanding the Architecture Where do you fit in? 2 nd and 3 rd Order Effects of your actions Maintaining Your Skills Certification Maintenance = CEUs Try New Things

First There is a Plan 17

First There is a Plan 18 What information is the most important to you? Where is it stored? How much of it is stored? Where is it processed? What are the reporting requirements in case of a breach? Who do you call? Who does what?

But then 19

Too Late to Practice 20

Elements of an Exercise 21 Safe Entry/Exit No spillage into the production environment Objective-based Challenges It s about training the Blue Team Defined Assessment Standards Task Condition - Standard

Elements of an Exercise 22 Exercise Directive Scenario Communications Plan Objectives Master Scenario Event List It s about training the Blue Team Keeps everyone engaged Assessment Checklist The unexpected isn t always bad After Action Review Stay positive Structured to avoid emotion

Realistic Exercises

Are You Ready? 24

Crawl Walk - Run 25

Crawl 26 Understand communication links Operating systems Applications Security fundamentals Technical Skills Taught through Structured classes Self-paced labs Experiential learning Basic, consistent training Certificate of completion Continuing education credit Results in

Table Top Exercises 27 Meet the Players Identify and Gather Information Identify Paths of Communication Agree on Taxonomy

Walk 28 Small Group Training Specialization Media Management Work as a team Roles The Message Communication Responsibilities 2 nd & 3 rd order effects Priorities

Capture the Flag 29 Self-Paced Takes the training wheels off Same Tools & Techniques as in class Individual Skill Threads Penetration testing Forensics SCADA PII Database security Scoring engine Encourages competition

Red vs. Blue Exercises 30 Focus on system & service security and continuity Synchronous attack & defend Good to get started working as a team Observe and Review hackers in action

Training Camp 31

Run 32 Collective Training Full Speed Force-onforce Objectivebased Remote Teams Experience out-thinking a live adversary Practice teamwork Relationships & collaboration outside the team

Incident Response Exercises 33 Asynchronous Red team creates havoc Blue team diagnoses and recovers Objectives Communications Teamwork Validating plans and procedures at full speed

Welcome to Alphaville 34

36 A Sense of Place

37 Alphaville Power & Electric

38 Alphaville 3D

Summary 39

40 Make a Plan

Teach Individual Skills 41

Learn how to respond in crisis 42

Be Ready to Go! 43

And Jump 44

Questions? 45

Michigan Cyber Range

47 www.merit.edu/cyberrange 734.527.5700 1000 Oakbrook Drive Suite 200 Ann Arbor, Michigan 48104-6794 Thank You

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information