Cyber Resilience Organizer and Moderator: Bharat Doshi Senior Research Scientist US Army CERDEC S&TCD
|
|
- Roberta Turner
- 6 years ago
- Views:
Transcription
1 Cyber Resilience Organizer and Moderator: Bharat Doshi Senior Research Scientist US Army CERDEC S&TCD 1
2 Panelists Dr. Patrick McDaniel, Professor, Compute Science & Engineering Department, Pennsylvania State University Dr. Nader Mehravari, MBCP, MBCI Cyber Risk and Resilience Management Team Software Engineering Institute Carnegie Mellon University Mr. Jim Gosler, Senior Fellow, Johns Hopkins University Applied Physics Laboratory (JHU/APL) 2
3 Questions What is Cyber Resilience? Anything special about 'Resilience' in Cyber domain? Why is 'Cyber Resilience' important? Why is it needed? What changes as we focus on 'Cyber Resilience'? Why is 'Cyber Resilience' challenging to achieve? Are there particular techniques/approach that have been successful? What is likely to succeed? 3
4 Patrick McDaniel Professor in the Computer Science and Engineering Department at the Pennsylvania State University Co-director of the Systems and Internet Infrastructure Security Laboratory IEEE Fellow, and Chair of the IEEE Technical Committee for Security and Privacy. Patrick's research efforts currently focus on network, telecommunications, systems security, languagebased security, and technical public policy. The Program manager and lead scientist for the newly created Cyber-Security Collaborative Research Alliance. 4
5 A Science of Cyber-Resilience Professor Patrick McDaniel Cyber-Security Collaborative Research Alliance Pennsylvania State University 5
6 What is Cyber-Resilience? A property of a system process or environment to sustain performance, fidelity, and access in the presence of Component Failures Resource starvation Adversarial action Human error Internet (edge) (remote hosts/servers) (hosts/desktops) LAN (perimeter) (server) 6
7 Physical Resilience Environment Humans are constantly put into vehicles that travel of MPH thousands of feet off the ground in unpredictable conditions. Pilot training and skills uneven Failure costs are immense Science/engineering: Difficult to get into a spin Hands-off flight is stable Engines are very robust Human performance: Constant failure detection Contingency planning Procedure driven recovery 7 Challenge: how to transfer centuries of resilience science to cyber?
8 Why Cyber-Resilience? Many outside of the security community want a science to predict whether a specific system will be compromised... which is impossible. In all likelihood it is probably impossible to ascertain whether any general-purpose computing systems is compromise-able. What can we hope to accomplish? Probabilistically identify where compromise is likely. Identify modifications to the system/environment that will reduce the likelihood of compromise. Adapt to compromise and isolate and control impacts of adversarial action! 8
9 Cyber-resilience requires making progress in the face of adversarial action is related but distinct from security which prevents adversarial action from being effective 9
10 Cyber-resilience operational challenge: Given a security and environmental state, what cyber-maneuvers best mitigate attacker actions and maximize operation success? Operation survivability is modeled as a continuous optimization (reconfiguration) of the security configuration and network capabilities in response to detected adversarial operations and situational needs of users and defenders. Cost and risk metrics are used to select optimal strategies and configurations that maximize operation success probabilities while mitigating adversarial actions. 10
11 The technical community does not know how to engineer resilient systems, and Security measurement (state, security posture, rates of change, intent, impact) Security configuration and reconfiguration Autonomic systems design (e.g., MTD) Risk collection and analysis Cyber decision making These are disciples with limited results because they are very difficult but must be overcome for us to realize operationally robust systems. Progress will lead to a science of cyber-resilience 11
12 Nader Mehravari CERT Division of SEI at CMU Current Areas: Operational Resilience Cyber Security Critical Infrastructure Protection and Sustainment Risk Management Etc. 33 Years: CERT (4), Lockheed Martin (19), Bell Labs (10) 12
13 Cyber Resilience Protecting and Sustaining Organizational Missions in Face of Modern Cyber Risk Dr. Nader Mehravari, MBCP, MBCI Cyber Risk and Resilience Management Team Software Engineering Institute Carnegie Mellon University October 28, Carnegie Mellon University
14 Outline 1. Setting the Stage Operational Stress Resilience Defined Risk and Resilience 2. From Resilience to Cyber Resilience Cybersecurity to Cyber Resilience 3. Techniques for Introducing, Improving and Managing Cyber Resilience Organizational Aspects Risk Management Aspects Non-Technology Aspects 14
15 What do you see here? 15 15
16 Look Again! 16 A tree under operational stress, while achieving its business mission. 16
17 Scope of Operational Stress Natural or Manmade Information Accidental or Intentional Small or Large Affecting Technology Facilities Information Technology or Operational Technology Kinetic of Cyber People Supply Chain / Raw Material 17
18 re sil ience noun [ri-ˈzil-yəns] power or ability to return to the original form, position, etc., after being bent, compressed, or stretched ability of an ecosystem to return to its original state after being disturbed physical property of a material that can return to its original shape or position after deformation that does not exceed its elastic limit Resiliency ability to recover from or adjust easily to misfortune or change ability to provide and maintain an acceptable level of service in the face of faults and challenges to normal operation ability to recover readily from illness, depression, adversity, or the like capability of a strained body to recover its size and shape after deformation 18
19 Operational Resilience The emergent property of an entity that can continue to carry out its mission in the presence of operational stress and disruption that does not exceed its limit The ability of an entity to Prevent disruptions from occurring; And when struck by a disruption, the ability to quickly respond to and recover from a disruption in the primary business processes. 19
20 An Analogy: Health Is there a place that you can purchase health? Is there a place where health is manufactured? How do you become healthy? Health & Resilience: They are both emergent properties. 20
21 Federal Government s Definition The term "resilience" means the ability to prepare for and adapt to changing conditions and withstand and recover rapidly from disruptions. Resilience includes the ability to withstand and recover from deliberate attacks, accidents, or naturally occurring threats or incidents. February 2013 Executive Order (Improving Critical Infrastructure Cybersecurity) & Presidential Policy Directive PPD 21 (Critical Infrastructure Security and Resilience) 21
22 Not a New Concept For example, a formalization from 2008: Framework for managing and improving operational resilience A process improvement model 22
23 Operational Risk and Resilience A form of risk affecting day-to-day business operations A very broad risk category from high-frequency low-impact to low-frequency high-impact Exacerbated by actions of people systems and technology failures failed internal processes external events All Risk Faced by an Entity Operational Risk Operational resilience emerges from effective management of operational risk. 23
24 From Operational Risk to Cybersecurity Risk All Risk Faced by an Entity Operational Risk Cybersecurity Risk Cyber Resilience Operational Resilience 24
25 Cyber Intrusions are a Fact of Life 25
26 Traditional Information Security Function Protect / Shield / Defend / Prevent Is necessary Is not sufficient Fails too frequently 26
27 from Cybersecurity The desire to go Information Security IT Security OT Security to 27
28 Operational Resilience Starts at Asset Level Asset Protect Event Sustain Manage Conditions of Risk Keep assets from exposure to disruption (e.g., Fault-Tolerance & High- Availability Designs; Preparedness; Information Security) Manage Consequences of Risk Keep assets productive during adversity (e.g., Disaster Recovery, Business Continuity, Pandemic Planning, Crisis Management, COOP) 28
29 Techniques for Improving and Managing Cyber Resilience 29
30 Organizational Aspects How should organizational strategies, structures, roles, and responsibilities be adapted? Example: Traditional vs. Modern chief information security officer (CISO) 30
31 Prevention is futile 31
32 Modern CISO Protect / Shield / Defend / Prevent Monitor / Detect / Hunt Respond/ Recover / Sustain Management, Governance, Compliance, Education, Risk Management. 32
33 Risk Management Aspects How should organizations adapt their overall operational and cyber risk management principles and practices? Example: Integration, coordination, and convergence of operational and cyber risk management activities. 33
34 Continually balance protection and sustainment activities IT Security Info Security High-Availability Fault-Tolerance Physical Security Protection Activities COOP IT DR Incident Mgmt Crisis Mgmt Business Cont. Sustainment Activities 34
35 Integrate and coordinate all operational risk management activities Protection Activities Sustainment Activities 35
36 Integrate and coordinate all operational risk management activities Continuity of Operation (COOP) Contingency Planning Cyber Protection Supply Chain Continuity Pandem ic Planning Workforce Continuity Health & Safety Privacy Business Continuity Preparedness Planning Informati on Security IT Disaster Recovery Crisis Communications Crisis Manageme nt IT Operations Enterprise Risk Management Emergency Management Risk Manageme nt Operational Risk Management Workforce Continuity Physical Security Business Continuity IT Disaster Recovery Cyber & Operational Resilience Health & Safety Emergency Management Supply Chain Continuity IT Operations Information Security Crisis Management 36
37 Above and Beyond Technology Aspects What non-technology based tools and techniques could guide and assist organizations? Examples: Institutionalization and culture Use of structured (i.e., not ad hoc) frameworks Resilience Management Model 37
38 Create a culture of resilience 38
39 Invest in people and process (Not only in technology) 39
40 Utilize a proven and structured framework to guide resilience management activities Get model & tool Implement Improvements Perform Evaluation Prioritize and Plan Analyze Identified Gaps 40
41 What is Resilience Management Model? Framework for managing and improving operational resilience Guides implementation, mgmt., and sustainment of operational risk management activities Improves confidence in how an organization manages and responds to operational stress Focuses on What not How Applicable to a variety of organizations small or large simple or complex public or private an extensive super-set of the things an organization could do to be more resilient. - CERT-RMM adopter 41
42 A Sampling of CERT-RMM Applications and Derivatives 42
43 Notices Copyright 2015 Carnegie Mellon University and IEEE This material is based upon work funded and supported by the Department of Defense under Contract No. FA C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN AS-IS BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT. This material has been approved for public release and unlimited distribution. This material may be reproduced in its entirety, without modification, and freely distributed in written or electronic form without requesting formal permission. Permission is required for any other use. Requests for permission should be directed to the Software Engineering Institute at permission@sei.cmu.edu. Carnegie Mellon and CERT are registered marks of Carnegie Mellon University. DM
44 Jim Gosler Senior Fellow at JHU/APL Member of several boards in DoD and IC (DSB, NSD, NSA Advisory Board,..) Cyber Security, Critical Infrastructure Protection, Counter-Proliferation, and Counter-Terrorism 33 years at Sandia, Fellow of Sandia, Visiting Scientist NSA, Senior Intelligence Service at CIA as the first Director of the Clandestine Information Technology Office (CITO). Several major awards DSB Study Report: Resiliency of Military Systems 44
45 The Digital Dimension CYBER Resilience Panel Jim Gosler October 28,
46 Defense Science Board Task Force The United States cannot be confident that our critical Information Technology (IT) systems will work under attack from a sophisticated and well-resourced opponent utilizing cyber capabilities in combination with all of their military and intelligence capabilities (a full spectrum adversary). 46
47 Resiliency of Military Systems in the Face of What? A normal and adversary free environment (MTBF) Abnormal but adversary free environment Act of God, user error, shock, fire, water, electrostatic, temperature, Conventional adversary jam, kinetic, Unconventional adversary (Somalia pirate Iran) Nation State adversary (China-Russia) Full spectrum Strategic preparation of the battlefield Aggressive use of global supply chain 47
48 Classes of Adversary Hacker ($10K) Criminal ($10M) Sophisticated ($10B) Red Team 48
49 Characteristics of Sophisticated Offensive Organization Significant Resources Worldwide Presence Mature Operational Tradecraft Diverse Network of Trusted Partners Diverse Network of Untrusted Partners Worldwide Secure Comms and Logistics Effective Security Program Mid-Point Collection Targeting and Analysis High Performance Computing and Cryptography Integration of Human and Technical Operations Integration of Offensive and Defensive Elements Ability to Operationally Introduce Exploitable Vulnerabilities Technically Feasible, Operationally Viable, Policy Friendly, and Politically Acceptable 49
50 The Ambiguity of Computer Network Defense Microelectronics and Software Satellite SCADA Weapons Network C 2 Logistics Switches Targets Common Perception of CND SIPRNET Cyber Defenses: Firewall Spyware Virus IDS Offensive Methods Entry Human Sigint ClanTech Cyber Special Liaison Deception Cover Company 50 Time, Place, Combination of Methods, and Secrecy
51 Risk Management 51
52 52
53 Observations NO short term answer. Technology alone will never be sufficient. NO Belly Button in charge, responsible, accountable across the full spectrum threat systems solution required. Strategies to deal with long term critical challenges must be sustainable across administrations and senior leadership rotation. Insufficient coupling between US offensive and defensive activities. Insufficient effort focused on development of a National technical cadre. IC not sufficiently engaged in the collection, analysis and reporting on the threat. IC reporting, in general, not actionable from defensive perspective. Many Senior decision makers lack sufficient insight into the criticality and complexity of this issue Risk Management difficult. Many Mission owners lack sufficient insight into strong connection between mission assurance and cyber assurance. Emphasis between enterprise networks and embedded systems is out-of-balance. Mission performance and functionality always trumps security. Probability of detection, probability of attribution, impact of defensive failure and consequence to the attacker are way out of balance. Principal adversaries of the US understand and are acting upon the asymmetric opportunities in this area the adversary gets a BIG VOTE. Our technical superiority could well become our greatest vulnerability in the face of tier 5/6 threats. 53
The Need for Operational and Cyber Resilience in Transportation Systems
The Need for Operational and Cyber Resilience in Transportation Systems January 14, 2016 Dr. Nader Mehravari, MBCP, MBCI Cyber Risk and Resilience Management Software Engineering Institute Software Carnegie
More informationInformation Security Is a Business
Information Security Is a Business Continuity Issue: Are You Ready? Dr. Nader Mehravari Cyber Risk and Resilience Management Team CERT Division Software Engineering Institute Carnegie Mellon University
More informationEvaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure
Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure March 2015 Pamela Curtis Dr. Nader Mehravari Katie Stewart Cyber Risk and Resilience Management Team CERT
More informationCyber Hygiene: A Baseline Set of Practices
[DISTRIBUTION STATEMENT A] Approved for public Cyber Hygiene: A Baseline Set of Practices Matt Trevors Charles M. Wallen Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Copyright
More informationAdvancing Cyber Intelligence Practices Through the SEI s Consortium
Advancing Cyber Intelligence Practices Through the SEI s Consortium SEI Emerging Technology Center Jay McAllister Melissa Kasan Ludwick Copyright 2015 Carnegie Mellon University This material is based
More informationCyber Threat Prioritization
Cyber Threat Prioritization FSSCC Threat and Vulnerability Assessment Committee Jay McAllister Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden for the collection of information
More informationBe Like Water: Applying Analytical Adaptability to Cyber Intelligence
SESSION ID: HUM-W01 Be Like Water: Applying Analytical Adaptability to Cyber Intelligence Jay McAllister Senior Analyst Software Engineering Institute Carnegie Mellon University @sei_etc Scuttlebutt Communications
More informationSoftware, Security, and Resiliency. Paul Nielsen SEI Director and CEO
Software, Security, and Resiliency Paul Nielsen SEI Director and CEO Dr. Paul D. Nielsen is the Director and CEO of Carnegie Mellon University's Software Engineering Institute. Under Dr. Nielsen s leadership,
More informationResearching New Ways to Build a Cybersecurity Workforce
THE CISO ACADEMY Researching New Ways to Build a Cybersecurity Workforce Pamela D. Curtis, Summer Craze Fowler, David Tobar, and David Ulicne December 2016 Organizations across the world face the increasing
More informationDefining Computer Security Incident Response Teams
Defining Computer Security Incident Response Teams Robin Ruefle January 2007 ABSTRACT: A computer security incident response team (CSIRT) is a concrete organizational entity (i.e., one or more staff) that
More informationThe Confluence of Physical and Cyber Security Management
The Confluence of Physical and Cyber Security Management GOVSEC 2009 Samuel A Merrell, CISSP James F. Stevens, CISSP 2009 Carnegie Mellon University Today s Agenda: Introduction Risk Management Concepts
More informationUsing CERT-RMM in a Software and System Assurance Context
Using CERT-RMM in a Software and System Assurance Context Julia Allen SEPG NA 2011 24 March 2011 Agenda What is the CERT Resilience Management Model (CERT-RMM)? Model Building Blocks CERT-RMM for Assurance
More informationEvolving the Security Strategy for Growth. Eric Schlesinger Global Director and CISO Polaris Alpha
Evolving the Security Strategy for Growth Eric Schlesinger Global Director and CISO Polaris Alpha Evolving the Security Strategy for Growth Where Do We Start? Our History, Making History In late 2016,
More informationJulia Allen Principal Researcher, CERT Division
Improving the Security and Resilience of U.S. Postal Service Mail Products and Services Using CERT -RMM (Case Study) Julia Allen Principal Researcher, CERT Division Julia Allen is a principal researcher
More informationRoles and Responsibilities on DevOps Adoption
Roles and Responsibilities on DevOps Adoption Hasan Yasar Technical Manager, Adjunct Faculty Member Secure Lifecycle Solutions CERT SEI CMU Software Engineering Institute Carnegie Mellon University Pittsburgh,
More informationARC VIEW. Critical Industries Need Active Defense and Intelligence-driven Cybersecurity. Keywords. Summary. By Sid Snitkin
ARC VIEW DECEMBER 7, 2017 Critical Industries Need Active Defense and Intelligence-driven Cybersecurity By Sid Snitkin Keywords Industrial Cybersecurity, Risk Management, Threat Intelligence, Anomaly &
More informationThe CERT Top 10 List for Winning the Battle Against Insider Threats
The CERT Top 10 List for Winning the Battle Against Insider Threats Dawn Cappelli CERT Insider Threat Center Software Engineering Institute Carnegie Mellon University Session ID: STAR-203 Session Classification:
More informationCyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships. from the most trusted name in information security
CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships About SANS The SANS (SysAdmin, Audit, Network, Security) Institute Established in 1989 Cooperative research
More informationOverview & Practical Applications of CERT Resilience Management Model (CERT RMM)
Notices Overview & Practical Applications of CERT Resilience Model (CERT RMM) Dr. Nader Mehravari, MBCP, MBCI Resilience Team Software Engineering Institute Carnegie Mellon University nmehravari@sei.cmu.edu
More informationSmart Grid Maturity Model
Smart Grid Maturity Model Austin Montgomery Software Engineering Institute Carnegie Mellon University Software Engineering Institute Carnegie Mellon University 2 SEI is a federally-funded research and
More informationEngineering Improvement in Software Assurance: A Landscape Framework
Engineering Improvement in Software Assurance: A Landscape Framework Lisa Brownsword (presenter) Carol C. Woody, PhD Christopher J. Alberts Andrew P. Moore Agenda Terminology and Problem Scope Modeling
More informationCybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com
Cybersecurity Presidential Policy Directive Frequently Asked Questions kpmg.com Introduction On February 12, 2013, the White House released the official version of the Presidential Policy Directive regarding
More informationTHE POWER OF TECH-SAVVY BOARDS:
THE POWER OF TECH-SAVVY BOARDS: LEADERSHIP S ROLE IN CULTIVATING CYBERSECURITY TALENT SHANNON DONAHUE DIRECTOR, INFORMATION SECURITY PRACTICES 1 IT S A RISK-BASED WORLD: THE 10 MOST CRITICAL UNCERTAINTIES
More informationCyber Resilience. Think18. Felicity March IBM Corporation
Cyber Resilience Think18 Felicity March 1 2018 IBM Corporation Cyber Resilience Cyber Resilience is the ability of an organisation to maintain its core purpose and integrity during and after a cyber attack
More informationIndustry role moving forward
Industry role moving forward Discussion with National Research Council, Workshop on the Resiliency of the Electric Power Delivery System in Response to Terrorism and Natural Disasters February 27-28, 2013
More informationBUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE
BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE 1 WHAT IS YOUR SITUATION? Excel spreadsheets Manually intensive Too many competing priorities Lack of effective reporting Too many consultants Not
More informationMaintaining Resiliency Within the Defense Industrial Base Through Preparedness Response and Recovery
Maintaining Resiliency Within the Defense Industrial Base Through Preparedness Response and Recovery Dave Komendat Chief Security Officer The Boeing Company What We Do Today Design, assemble and support
More informationSYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security
SYMANTEC: SECURITY ADVISORY SERVICES Symantec Security Advisory Services The World Leader in Information Security Knowledge, as the saying goes, is power. At Symantec we couldn t agree more. And when it
More informationUNCLASSIFIED. FY 2016 Base FY 2016 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense Date: February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: COST ($ in Millions) Prior
More informationToday s cyber threat landscape is evolving at a rate that is extremely aggressive,
Preparing for a Bad Day The importance of public-private partnerships in keeping our institutions safe and secure Thomas J. Harrington Today s cyber threat landscape is evolving at a rate that is extremely
More informationIncident Response Services to Help You Prepare for and Quickly Respond to Security Incidents
Services to Help You Prepare for and Quickly Respond to Security Incidents The Challenge The threat landscape is always evolving and adversaries are getting harder to detect; and with that, cyber risk
More informationCONE 2019 Project Proposal on Cybersecurity
CONE 2019 Project Proposal on Cybersecurity Project title: Comprehensive Cybersecurity Platform for Bangladesh and its Corporate Environments Sector or area: Cybersecurity for IT, Communications, Transportation,
More informationJune 5, 2018 Independence, Ohio
June 5, 2018 Independence, Ohio The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Securing the Nation at the Community Level 2018 Cuyahoga
More informationStrengthening the Cybersecurity of Federal Networks and Critical Infrastructure
Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure Executive Order 13800 Update July 2017 In Brief On May 11, 2017, President Trump issued Executive Order 13800, Strengthening
More informationOverview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 PPD-21: CI Security and Resilience On February 12, 2013, President Obama signed Presidential Policy Directive
More informationAddressing Vulnerabilities By Integrating Your Incident Response Plans. Brian Coates Enaxis Consulting
Addressing Vulnerabilities By Integrating Your Incident Response Plans Brian Coates Enaxis Consulting Contents Enaxis Introduction Presenter Bio: Brian Coates Incident Response / Incident Management in
More informationWhy you should adopt the NIST Cybersecurity Framework
Why you should adopt the NIST Cybersecurity Framework It s important to note that the Framework casts the discussion of cybersecurity in the vocabulary of risk management Stating it in terms Executive
More informationDEFENSE LOGISTICS AGENCY
DEFENSE LOGISTICS AGENCY AMERICA S COMBAT LOGISTICS SUPPORT AGENCY Cyber Resilience Integration Mr. Linus Baker DLA Information Operations Director, Cybersecurity 1 Mission Assurance/Cybersecurity Concern
More informationBundling Arrows: Making a Business Case for Adopting an Incident Command System (ICS) 2012 The Flynt Group, Inc.; All Rights Reserved. FlyntGroup.
Bundling Arrows: Making a Business Case for Adopting an Incident Command System (ICS) 2012 The Flynt Group, Inc.; All Rights Reserved FlyntGroup.com Flynt Group White Paper Bundling Arrows: Making a Business
More informationCyber Intelligence Professional Certificate Program Booz Allen Hamilton 2-Day Seminar Agenda September 2016
Cyber Intelligence Professional Certificate Program Booz Allen Hamilton 2-Day Seminar Agenda 21-22 September 2016 DAY 1: Cyber Intelligence Strategic and Operational Overview 8:30 AM - Coffee Reception
More informationCyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS
Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Continual disclosed and reported
More informationNational Policy and Guiding Principles
National Policy and Guiding Principles National Policy, Principles, and Organization This section describes the national policy that shapes the National Strategy to Secure Cyberspace and the basic framework
More informationUNCLASSIFIED. UNCLASSIFIED Office of Secretary Of Defense Page 1 of 8 R-1 Line #18
Exhibit R-2, RDT&E Budget Item Justification: PB 2015 Office of Secretary Of Defense Date: March 2014 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: Applied Research COST ($ in Millions)
More informationExecutive Order on Coordinating National Resilience to Electromagnetic Pulses
Executive Order on Coordinating National Resilience to Electromagnetic Pulses The Wh... Page 1 of 11 EXECUTIVE ORDERS Executive Order on Coordinating National Resilience to Electromagnetic Pulses INFRASTRUCTURE
More informationCanada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?
Canada Highlights Cybersecurity: Do you know which protective measures will make your company cyber resilient? 21 st Global Information Security Survey 2018 2019 1 Canada highlights According to the EY
More informationOutreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness
2011/EPWG/WKSP/020 Session 4 Outreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness Submitted by: Australia Workshop on Private Sector Emergency Preparedness Sendai,
More informationCritical Infrastructure Resilience
Critical Infrastructure Resilience Climate Resilience Webinar Series U.S. Department of Housing and Urban Development Disclaimer This presentation is intended to provide communities and states with the
More informationMission Aware Cybersecurity
Mission Aware Cybersecurity Cody Fleming (UVA) Scott Lucero (OSD) Peter Beling, Barry Horowitz (UVA), Calk Elks (VCU) October 2016 1 Systems Engineering Research Center (SERC) Overview DoD and the Intelligence
More informationGreg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security
1 Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security 2 Government Services 3 Business Education Social CYBERSPACE
More informationGoal-Based Assessment for the Cybersecurity of Critical Infrastructure
Goal-Based Assessment for the Cybersecurity of Critical Infrastructure IEEE HST 2010 November 10, 2010 NO WARRANTY THIS MATERIAL OF CARNEGIE MELLON UNIVERSITY AND ITS SOFTWARE ENGINEERING INSTITUTE IS
More informationSection One of the Order: The Cybersecurity of Federal Networks.
Summary and Analysis of the May 11, 2017 Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. Introduction On May 11, 2017, President Donald
More informationSTRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE
STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby
More informationMANAGING CYBER RISK: THE HUMAN ELEMENTS OF CYBERSECURITY
19 MAY 2016 MANAGING CYBER RISK: THE HUMAN ELEMENTS OF CYBERSECURITY CHRIS FURLOW PRESIDENT RIDGE GLOBAL cfurlow@ridgeglobal.com www.ridgeglobal.com ABOUT RIDGE GLOBAL Ridge Global is the risk management
More informationPanelists. Moderator: Dr. John H. Saunders, MITRE Corporation
SCADA/IOT Panel This panel will focus on innovative & emerging solutions and remaining challenges in the cybersecurity of industrial control systems ICS/SCADA. Representatives from government and infrastructure
More informationThe University of Queensland
UQ Cyber Security Strategy 2017-2020 NAME: UQ Cyber Security Strategy DATE: 21/07/2017 RELEASE:0.2 Final AUTHOR: OWNER: CLIENT: Marc Blum Chief Information Officer Strategic Information Technology Council
More informationCALIFORNIA CYBERSECURITY TASK FORCE
CALIFORNIA CYBERSECURITY TASK FORCE Advancing California s cybersecurity priorities through public, private, corporate, and academic sector collaboration. Agenda Task Force Overview California Cybersecurity
More informationRIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015
www.pwc.com RIMS Perk Session 2015 - Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015 Los Angeles RIMS Agenda Introductions What is Cybersecurity? Crown jewels The bad
More informationChapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS
Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS The Saskatchewan Power Corporation (SaskPower) is the principal supplier of power in Saskatchewan with its mission to deliver power
More informationCyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.
Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK. In today s escalating cyber risk environment, you need to make sure you re focused on the right priorities by
More informationSTRATEGIC PLAN. USF Emergency Management
2016-2020 STRATEGIC PLAN USF Emergency Management This page intentionally left blank. Organization Overview The Department of Emergency Management (EM) is a USF System-wide function based out of the Tampa
More informationData to Decisions Terminate, Tolerate, Transfer, or Treat
I N S T I T U T E F O R D E F E N S E A N A L Y S E S Data to Decisions Terminate, Tolerate, Transfer, or Treat Laura A. Odell 25 July 2016 Approved for public release; distribution is unlimited. IDA Non-Standard
More informationDenial of Service Attacks
Denial of Service Attacks CERT Division http://www.sei.cmu.edu REV-03.18.2016.0 Copyright 2017 Carnegie Mellon University. All Rights Reserved. This material is based upon work funded and supported by
More informationAMRDEC CYBER Capabilities
Presented to: HAMA AMRDEC CYBER Capabilities Distribution Statement A: Approved for public release: distribution unlimited 08 July 16 Presented by: Julie Locker AMRDEC Cyber Lead U.S. Army Aviation and
More informationControl Systems Cyber Security Awareness
Control Systems Cyber Security Awareness US-CERT Informational Focus Paper July 7, 2005 Produced by: I. Purpose Focus Paper Control Systems Cyber Security Awareness The Department of Homeland Security
More informationSEI/CMU Efforts on Assured Systems
Unclassified//For Official Use Only SEI/CMU Efforts on Assured Systems 15 November 2018 *** Greg Shannon CERT Division Chief Scientist Software Engineering Institute Carnegie Mellon University Pittsburgh,
More informationStatement for the Record
Statement for the Record of Seán P. McGurk Director, Control Systems Security Program National Cyber Security Division National Protection and Programs Directorate Department of Homeland Security Before
More informationBusiness Continuity Planning
Business Continuity Planning The Unexpected Happens Be Ready Copyright -Business Survival Partners, llc. 2011 - All Rights Reserved www.survivalpartners.biz RISK 2 Risks to National Security A secure and
More informationIntroducing Cyber Resiliency Concerns Into Engineering Education
Introducing Cyber Resiliency Concerns Into Engineering Education Mr. Tom McDermott Georgia Tech Research Institute Mr. Barry Horowitz University of Virginia NDIA 20 th Annual Systems Engineering Conference
More informationThe Perfect Storm Cyber RDT&E
The Perfect Storm Cyber RDT&E NAVAIR Public Release 2015-87 Approved for public release; distribution unlimited Presented to: ITEA Cyber Workshop 25 February 2015 Presented by: John Ross NAVAIR 5.4H Cyberwarfare
More informationRSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE
WHITEPAPER RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE CONTENTS Executive Summary........................................ 3 Transforming How We Think About Security.......................... 4 Assessing
More informationMedical Device Cybersecurity: FDA Perspective
Medical Device Cybersecurity: FDA Perspective Suzanne B. Schwartz MD, MBA Associate Director for Science and Strategic Partnerships Office of the Center Director (OCD) Center for Devices and Radiological
More informationARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin
ARC VIEW FEBRUARY 1, 2018 Critical Industries Need Continuous ICS Security Monitoring By Sid Snitkin Keywords Anomaly and Breach Detection, Continuous ICS Security Monitoring, Nozomi Networks Summary Most
More informationHow to Underpin Security Transformation With Complete Visibility of Your Attack Surface
How to Underpin Security Transformation With Complete Visibility of Your Attack Surface YOU CAN T SECURE WHAT YOU CAN T SEE There are many reasons why you may be considering or engaged in a security transformation
More informationCYBERSECURITY FOR STARTUPS AND SMALL BUSINESSES OVERVIEW OF CYBERSECURITY FRAMEWORKS
CYBERSECURITY FOR STARTUPS AND SMALL BUSINESSES OVERVIEW OF CYBERSECURITY FRAMEWORKS WILLIAM (THE GONZ) FLINN M.S. INFORMATION SYSTEMS SECURITY MANAGEMENT; COMPTIA SECURITY+, I-NET+, NETWORK+; CERTIFIED
More informationRegional Resilience: Prerequisite for Defense Industry Base Resilience
Regional Resilience: Prerequisite for Defense Industry Base Resilience Paula Scalingi, Director Pacific Northwest Center for Regional Disaster Resilience Vice Chair, The Infrastructure Security Partnership
More informationHPH SCC CYBERSECURITY WORKING GROUP
HPH SCC A PRIMER 1 What Is It? The cross sector coordinating body representing one of 16 critical infrastructure sectors identified in Presidential Executive Order (PPD 21) A trust community partnership
More informationINTELLIGENCE DRIVEN GRC FOR SECURITY
INTELLIGENCE DRIVEN GRC FOR SECURITY OVERVIEW Organizations today strive to keep their business and technology infrastructure organized, controllable, and understandable, not only to have the ability to
More informationA New Cyber Defense Management Regulation. Ophir Zilbiger, CRISC, CISSP SECOZ CEO
A New Cyber Defense Management Regulation Ophir Zilbiger, CRISC, CISSP SECOZ CEO Personal Background IT and Internet professional (since 1992) PwC (1999-2003) Global SME for Network Director Information
More informationDHS Cybersecurity Services and Resources
DHS Cybersecurity Services and Resources September 18 th, 2018 Harley D. Rinerson Chief of Operations Central U.S. Cyber Advisor Program Cybersecurity Advisor Program Department of Agenda Cyber Advisor
More informationCritical Information Infrastructure Protection Law
Critical Information Infrastructure Protection Law CCD COE Training 8 September 2009 Tallinn, Estonia Maeve Dion Center for Infrastructure Protection George Mason University School of Law Arlington, Virginia.
More informationLong-Term Power Outage Response and Recovery Tabletop Exercise
1 Long-Term Power Outage Response and Recovery Tabletop Exercise After Action Report [Template] The After-Action Report/Improvement Plan (AAR/IP) aligns exercise objectives with preparedness doctrine to
More informationBalancing Compliance and Operational Security Demands. Nov 2015 Steve Winterfeld
Balancing Compliance and Operational Security Demands Nov 2015 Steve Winterfeld What is more important? Compliance with laws / regulations Following industry best practices Developing a operational practice
More informationDefining the Challenges and Solutions. Resiliency Model. A Holistic Approach to Risk Management. Discussion Outline
Resiliency Model A Holistic Approach to Risk Management Discussion Outline Defining the Challenges and Solutions The Underlying Concepts of Our Approach Outlining the Resiliency Model (RM) Next Steps The
More informationGEORGIA CYBERSECURITY WORKFORCE ACADEMY. NASCIO 2018 State IT Recognition Awards
GEORGIA CYBERSECURITY WORKFORCE ACADEMY NASCIO 2018 State IT Recognition Awards Title: Georgia Cybersecurity Workforce Academy Category: Cybersecurity State: Georgia Contact: Stanton Gatewood Stan.Gatewood@gta.ga.gov
More informationNCSF Foundation Certification
NCSF Foundation Certification Overview This ACQUIROS accredited training program is targeted at IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity
More informationNational Cyber Incident Response - Architectural Concepts
CSIRT Contributions to National Cyber Incident Response: An Architectural Perspective with U.S. Examples Bradford J. Willke Team Lead, Information Security Assessment & Evaluation Survivable Enterprise
More informationAchieving a Secure and Resilient Cyber Ecosystem: A Way Ahead
Achieving a Secure and Resilient Cyber Ecosystem: A Way Ahead January 2016 Continuing to strengthen the security and resilience of our nation s critical infrastructure in partnership with you Our Responsibilities
More informationSecuring Your Digital Transformation
Securing Your Digital Transformation Security Consulting Managed Security Leveraging experienced, senior experts to help define and communicate risk and security program strategy using real-world data,
More informationCybersecurity-Related Information Sharing Guidelines Draft Document Request For Comment
Cybersecurity-Related Information Sharing Guidelines Draft Document Request For Comment SWG G 3 2016 v0.2 ISAO Standards Organization Standards Working Group 3: Information Sharing Kent Landfield, Chair
More informationUNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2013 Office of Secretary Of Defense DATE: February 2012 0400: Research,, Test & Evaluation, Defense-Wide BA 3: Advanced Technology (ATD) COST ($ in Millions)
More informationCOMPASS FOR THE COMPLIANCE WORLD. Asia Pacific ICS Security Summit 3 December 2013
COMPASS FOR THE COMPLIANCE WORLD Asia Pacific ICS Security Summit 3 December 2013 THE JOURNEY Why are you going - Mission Where are you going - Goals How will you get there Reg. Stnd. Process How will
More informationChapter X Security Performance Metrics
Chapter X Security Performance Metrics Page 1 of 10 Chapter X Security Performance Metrics Background For many years now, NERC and the electricity industry have taken actions to address cyber and physical
More informationMITIGATE CYBER ATTACK RISK
SOLUTION BRIEF MITIGATE CYBER ATTACK RISK CONNECTING SECURITY, RISK MANAGEMENT & BUSINESS TEAMS TO MINIMIZE THE WIDESPREAD IMPACT OF A CYBER ATTACK DIGITAL TRANSFORMATION CREATES NEW RISKS As organizations
More informationI n t e g r i t y - S e r v i c e - E x c e l l e n c e
I n t e g r i t y - S e r v i c e - E x c e l l e n c e Headquarters U.S. Air Force I n t e g r i t y - S e r v i c e - E x c e l l e n c e AF Chief Information Security Officer (CISO) Mr. Pete Kim (SES)
More informationICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)
ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update) June 2017 INSERT YEAR HERE Contact Information: Jeremy Dalpiaz AVP, Cyber and Data Security Policy Jeremy.Dalpiaz@icba.org ICBA Summary
More informationCybersecurity in Acquisition
Kristen J. Baldwin Acting Deputy Assistant Secretary of Defense for Systems Engineering (DASD(SE)) Federal Cybersecurity Summit September 15, 2016 Sep 15, 2016 Page-1 Acquisition program activities must
More informationBusiness continuity management and cyber resiliency
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Business continuity management and cyber resiliency Introductions Eric Wunderlich,
More informationAn Operational Cyber Security Perspective on Emerging Challenges. Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL)
An Operational Cyber Security Perspective on Emerging Challenges Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL) Johns Hopkins University Applied Physics Lab (JHU/APL) University
More informationProtecting the Nation s Critical Assets in the 21st Century
Protecting the Nation s Critical Assets in the 21st Century Dr. Ron Ross Computer Security Division Information Technology Laboratory OPM. Anthem BCBS. Ashley Madison. 2 Houston, we have a problem. Complexity.
More informationTHE WHITE HOUSE. Office of the Press Secretary. EMBARGOED UNTIL DELIVERY OF THE PRESIDENT'S February 12, 2013 STATE OF THE UNION ADDRESS
THE WHITE HOUSE Office of the Press Secretary EMBARGOED UNTIL DELIVERY OF THE PRESIDENT'S February 12, 2013 STATE OF THE UNION ADDRESS February 12, 2013 PRESIDENTIAL POLICY DIRECTIVE/PPD-21 SUBJECT: Critical
More information