From Situational Awareness to Knowledge: Strategic Cyber Security Operations
|
|
- Ellen Whitehead
- 6 years ago
- Views:
Transcription
1 From Situational Awareness to Knowledge: Strategic Cyber Security Operations 25 June Christopher Barnett Chief Security Architect Intelligence Solutions Division
2 Discussion Topics Computer Network Defense: The Evolution of a Global Enterprise Cyber Security in a Cloud Context Managing Cyber in a Cloud Environment Risk Management Framework Moving to a Risk Based Security Framework 2
3 Computer Network Defense: The Evolution of a Global Enterprise
4 In the Beginning Enterprise network sensors were re-purposed, dual-homed desktops bound for the recycling bin or worse Open source detection tools only; budget minimal SSH for log xfer and remote management 4
5 Data Types/Amount Outpacing Analysts Ability Highly federalized enterprise; from 5K to >90K employees in <10 years Monitoring over 25 Internet Access Points; centralizing 200GB logs/day Consuming 12 TB, 63 TB Weekly, 265 TB Monthly. ~2 PB every six months 45K indicators managed and growing; dozens of weekly malware samples Historical data for trending, incident/le response and forensics required 5
6 Evolution of the Sensor Platform (Now) Modified BRO Sensor Application Meta Data extraction and retention High Volume Indicator Detection thru alerts generated from Meta-Data analysis SNORT IDS engine for deployment of community SNORT signatures File object malware analysis Flow Sensor (Lancope) Traffic flow capture and long term retention Anomaly based threat detection using flow Network Forensic Capture Capture and Presentation of PCAP data to analysts on demand True forensic record of actual events Event resolution not detection Analytical Platform(s) ArcSight SIEM Log Data Management (Splunk) Indicator Database SQL output to Subversion/GitHub (hourly updates to sensor grid) 6
7 7 From Indicators and Warnings to Situational Knowledge Cyber COP
8 CyberCOP Conceptual Architecture 8
9 Moving from Passive to Dynamic Cyber Defense Provides in-depth static analysis and reverse engineering of significant malware samples, typically associated with APT. Extracted indicators of compromise are fed back into the workflow, enhancing Detect and Countermeasures functions. Malicious Analysis Team (MAT) Incident Detection Team (IDT) Provides network monitoring and analysis for the purpose of identifying anomalous activity that has the potential be nefarious or non-compliant in nature. Incident Response Team (IRT) Uses dynamic analysis to expeditiously identify the intent of a file, and any indicators of compromise programmed within (e.g., command and control (C2) domains and IP addresses). Tracks targeted, APT, and emerging threat activity. This is accomplished by analyzing enterprise and community OSINT reporting and data for the purpose of identifying patterns that can ultimately be attributed to an individual or group. Collaborates with industry, DoD, IC, and LE/CI partners to provide attribution to cyber activity. Fusion Analysis Support Team (FAST) Defense Counter Measure Team (DCM) Implements and maintains active and passive signatures. Maintains continuous awareness of threat evolution and TTPs by tracking industry and community reporting, as well as the activity on the enterprise. 9
10 Cyber Security in a Cloud Context: Managing Security in a Cloud Environment
11 The Cloud Based Cyber Challenge 11
12 Cloud Based Cyber Strategy Evolving Technology Advancements Orchestration Layer hardening Integrating forensics findings from CSP(s) and app space (DFXML) Cross-app SSO (CloudMinder, Okta, PingIdentity, Centrify) Key recovery, management, destruction Post-signature world Industry Standards Evolving ISO/IEC Cloud Security Services Standard (draft) Cloud Security Alliance Guidance PCI DSS Cloud Computing Guidelines NIST Cloud Computer Security Reference Architecture EU Data Privacy Standards Data Centric Model Data protection at rest, in motion Automated data destruction per retention target Object-level tagging Synchronizing data controls across all cloud platforms and providers (where my data is) Government Policy Evolution DCID 6/3 to ICD 503 DIACAP to DIARMF Cloud First Strategy FedRAMP/NIST Approval of Commercial Cloud for DoD Level and 2 Services DISA/NSA/Service Guidance 12
13 Core Foundational Capabilities Cloud Services Cloud Based Attack Vectors Can be Mitigated User Tools Software as a Service (SaaS) / Applications Citizen Engagement Gov Productivity Wikis / Blogs / IM Gov Enterprise Apps Business Svcs Apps Application Integration User / Admin Portal Reporting & Analytics Social Networking Virtual Desktop Core Mission Apps API s Collaboration & Particpatory Tools Platform as a Service (PaaS) Database Office Automation Testing Tools Legacy Apps (Mainframes) Developer Tools Workflow Engine EAI User Profile Mgmt Order Mgmt Analytic Tools Reporting OEMS Directory Services Mobile Device Integration Trouble Mgmt Infrastructure as a Service (IaaS) Storage Virtual Machines Web Hosting Data Migration Tools Billing / Invoice Tracking App Services Content Distribution Network ETL Product Catalog Service Mgmt & Provisioning Service Provisioning SLA Mgmt Utilization Monitoring DR / Backup Operations Mgmt Data Mgmt Security & Data Privacy Data / Network Security Data Privacy Certification & Compliance Authentication & Authorization Auditing & Accounting Data Center Facilities Routers / Firewalls LAN / WAN Internet Access Hosting Centers
14 Cloud Forensics Challenges Who Owns the Data? Where is the data? What if it is stored, partially or in totem OCONUS? Identify Obfuscation (who did what when?) Overlapping and complex architectures requiring coordination between your IaaS, PaaS and SaaS provider(s) Encryption is good except when you don t want it (please tell me you have a master key) Transience (huge problem) 14
15 Cloud Forensics Opportunities You can literally do forensics from anywhere Easy snapshotting, multi-tb memory dumps available Faster investigation times and version comparisons API calls, machine instance activity logged and tagged (e.g., CloudTrail by AWS) aiding the investigator Investigator roles can be created and managed via the Orchestration Layer, providing some oversight CSPs typically have security team and tools to assist 15
16 Risk Management Framework: Moving to a Risk Based Security Framework
17 IC Directive 503 Overview ICD 503: Rescinds DCID 6/3 (DNI Signed 9/2008) Establishes IC policy for IT systems security risk management, certification and accreditation Adopts the RMF and CM for the IC Harmonizes IC C&A requirements and controls with DoD and FedCiv agencies Additional/augmented controls expected for SCI systems DIARMF: Replaces DIACAP (Effective 2014) Bottom line: DoD systems must transition to the RMF NLT their next re-accreditation Systems whose accreditation is expiring must transition to the new version of CNSSI 1253 immediately and execute RMF. NIST , Recommended Security Controls for Federal Agencies GDIT Proprietary 17
18 Risk Management Framework GDIT Proprietary 18
19 RMF vs. What Came Before Control Selection Risk Management Framework Granular but flexible (Low, Med. High) with overlays based on mission Legacy (DCID 6/3, DIACAP) More strictly defined based on mission Re- accreditation Continuous once granted Every three years Emerging Technology Can be accounted for in control matrix Difficult to categorize Continuous Monitoring of Selected Controls Constant, core RMF requirement Optional/Undefined Security Taxonomy Common across DoD, IC, FedCiv Department/agency dervied Upstream Security Reporting Core requirement, automated (eventually) Piecemeal, often non-automated Control Set Definitions NIST r4 IC guidance, DoDI Reciprocity Based on budget, threat, politics Based on budget, threat, politics Risk Awareness Potentially more enhanced sharing of risk data across/between organizations Limited organizational view SDLC Closely tied Loosely coupled GDIT Proprietary 19
20 Lessons in RMF Adoption Don t assume ISSOs/system owners know anything about RMF Engage system owners immediately upon program start-up/system design Define the categorization process for IT systems in the organization, and then decide whether to follow the security control binning found in NIST SP (for non-nss systems) or CNSSI 1253 (for NSS systems) Analyze NIST SP establishing what modifications needed to develop a process workflow meeting organizational requirements Identify and validate common, inherited controls Execute a process pilot, and then look for opportunities to automate Develop a communications and training plan for all stakeholders Know thy vendor Effective CM relies on commercial log technology; are your SE s prepared? GDIT Proprietary 20
21 Closing Thoughts A lot of challenges and exciting opportunities to collaborate across CND, cloud and risk Take stock of the research community; consider leveraging them for solutions if you are not already Are we entering a post-malware world? Analyzing the cost/benefit of the Comprehensive National Cyber Initiative (CNCI); total success or time to recalibrate? 21
22 Thank You and Contact Information Christopher Barnett (O) (M)
23 23
locuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationBUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE
BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE 1 WHAT IS YOUR SITUATION? Excel spreadsheets Manually intensive Too many competing priorities Lack of effective reporting Too many consultants Not
More informationSecurity Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:
Position: Reports to: Location: Security Monitoring Engineer / (NY or NC) Director, Information Security New York, NY or Winston-Salem, NC Position Summary: The Clearing House (TCH) Information Security
More informationMicrosoft SharePoint Server 2013 Plan, Configure & Manage
Microsoft SharePoint Server 2013 Plan, Configure & Manage Course 20331-20332B 5 Days Instructor-led, Hands on Course Information This five day instructor-led course omits the overlap and redundancy that
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V3.0, MAY 2017 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationSecurity & Compliance in the AWS Cloud. Amazon Web Services
Security & Compliance in the AWS Cloud Amazon Web Services Our Culture Simple Security Controls Job Zero AWS Pace of Innovation AWS has been continually expanding its services to support virtually any
More informationCyber Security Technologies
1 / Cyber Security Technologies International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center Lisbon, 12 th September 2013 23 / Key highlights - Thales Group Thales
More informationNext Generation Enterprise Network- Recompete (NGEN-R) Industry Day
Next Generation Enterprise Network- Recompete (NGEN-R) Industry Day CAPT Michael Abreu Program Manager Naval Enterprise Networks (PMW-205) 25 January 2017 Topics Network as Mission Enabler Delivering Capability
More informationSecurity & Compliance in the AWS Cloud. Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web
Security & Compliance in the AWS Cloud Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web Services @awscloud www.cloudsec.com #CLOUDSEC Security & Compliance in the AWS Cloud TECHNICAL & BUSINESS
More informationEnhancing the Cybersecurity of Federal Information and Assets through CSIP
TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Risk Monitoring Risk Monitoring assesses the effectiveness of the risk decisions that are made by the Enterprise.
More informationSecure & Unified Identity
Secure & Unified Identity for End & Privileged Users Copyright 2015 Centrify Corporation. All Rights Reserved. 1 Key Point #1: Perimeter is Dissolving Making Identity Matter Most You must plant a strong
More informationAccelerate Your Enterprise Private Cloud Initiative
Cisco Cloud Comprehensive, enterprise cloud enablement services help you realize a secure, agile, and highly automated infrastructure-as-a-service (IaaS) environment for cost-effective, rapid IT service
More informationCOMPLIANCE IN THE CLOUD
COMPLIANCE IN THE CLOUD 3:45-4:30PM Scott Edwards, President, Summit 7 Dave Harris Society for International Affairs COMPLIANCE IN THE CLOUD Scott Edwards scott.edwards@summit7systems.com 256-541-9638
More informationEmerging Privacy Issues
Emerging Privacy Issues Privacy Considerations in Cloud Computing Lewis Oleinick, CIPP/G Chief Privacy and FOIA Officer Defense Logistics Agency Disclaimer The views presented herein are my own and do
More informationTransforming IT: From Silos To Services
Transforming IT: From Silos To Services Chuck Hollis Global Marketing CTO EMC Corporation http://chucksblog.emc.com @chuckhollis IT is being transformed. Our world is changing fast New Technologies New
More informationWITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:
SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE Protecting your business assets and sensitive data requires regular vulnerability assessment,
More informationMicrosoft Security Management
Microsoft Security Management MICROSOFT SECURITY MANAGEMENT SECURITY MANAGEMENT CHALLENGES Some large financial services organizations have as many as 40 or more different security vendors inside their
More informationA Security Admin's Survival Guide to the GDPR.
A Security Admin's Survival Guide to the GDPR www.manageengine.com/log-management Table of Contents Scope of this guide... 2 The GDPR requirements that need your attention... 2 Prep steps for GDPR compliance...
More informationSecurity Readiness Assessment
Security Readiness Assessment Jackson Thomas Senior Manager, Sales Consulting Copyright 2015 Oracle and/or its affiliates. All rights reserved. Cloud Era Requires Identity-Centric Security SaaS PaaS IaaS
More informationTRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald
TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE John McDonald 1 What is Trust? Can I trust that my assets will be available when I need them? Availability Critical Assets Security Can I trust
More informationSupporting the Cloud Transformation of Agencies across the Public Sector
SOLUTION SERVICES Supporting the Cloud Transformation of Agencies across the Public Sector BRIEF Digital transformation, aging IT infrastructure, the Modernizing Government Technology (MGT) Act, the Datacenter
More informationCyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS
Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Continual disclosed and reported
More informationSTUDENT GUIDE Risk Management Framework Step 1: Categorization of the Information System
Slide 1 RMF Overview RMF Module 1 RMF takes into account the organization as a whole, including strategic goals and objectives and relationships between mission/business processes, the supporting information
More informationBUILDING AND MAINTAINING SOC
BUILDING AND MAINTAINING SOC Digit Oktavianto KOMINFO 7 December 2016 digit dot oktavianto at gmail dot com 1 Digit Oktavianto Profile in 1 Page Currently working as a Security Architect Professional Certifications:
More informationSynergistic Efforts Between Financial Audit and Cyber Security
DEPARTMENT OF THE NAVYCHIEF INFORMATION OFFICER Synergistic Efforts Between Financial Audit and Cyber Security Amira Tann, DON CIO IT Audit Readiness Lead Danny Chae, ASM FMC FMP IT Controls Lead June
More informationAZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES. To Secure Azure and Hybrid Cloud Environments
AZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES To Secure Azure and Hybrid Cloud Environments Introduction Cloud is at the core of every successful digital transformation initiative. With cloud comes new
More informationCloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud Services http://www.cloud-council.org/deliverables/cloud-customer-architecture-for-securing-workloads-on-cloud-services.htm Webinar April 19,
More informationDigital Forensics Readiness PREPARE BEFORE AN INCIDENT HAPPENS
Digital Forensics Readiness PREPARE BEFORE AN INCIDENT HAPPENS Digital Forensics Readiness: PREPARE BEFORE AN INCIDENT HAPPENS 2 Digital Forensics Readiness The idea that all networks can be compromised
More informationJim Reavis CEO and Founder Cloud Security Alliance December 2017
CLOUD THREAT HUNTING Jim Reavis CEO and Founder Cloud Security Alliance December 2017 A B O U T T H E BUILDING SECURITY BEST PRACTICES FOR NEXT GENERATION IT C L O U D S E C U R I T Y A L L I A N C E GLOBAL,
More informationUNCLASSIFIED. FY 2016 Base FY 2016 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense : February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 7: Operational Systems Development
More informationMeeting RMF Requirements around Compliance Monitoring
Meeting RMF Requirements around Compliance Monitoring An EiQ Networks White Paper Meeting RMF Requirements around Compliance Monitoring Purpose The purpose of this paper is to provide some background on
More informationNew Guidance on Privacy Controls for the Federal Government
New Guidance on Privacy Controls for the Federal Government IAPP Global Privacy Summit 2012 March 9, 2012 Dr. Ron Ross Computer Security Division, NIST Martha Landesberg, J.D., CIPP/US The Privacy Office,
More informationSECURITY & PRIVACY DOCUMENTATION
Okta s Commitment to Security & Privacy SECURITY & PRIVACY DOCUMENTATION (last updated September 15, 2017) Okta is committed to achieving and preserving the trust of our customers, by providing a comprehensive
More information10 Considerations for a Cloud Procurement. March 2017
10 Considerations for a Cloud Procurement March 2017 2017, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document is provided for informational purposes only. It represents
More informationManaging and Auditing Organizational Migration to the Cloud TELASA SECURITY
Managing and Auditing Organizational Migration to the Cloud 1 TELASA SECURITY About Me Brian Greidanus bgreidan@telasasecurity.com 18+ years of security and compliance experience delivering consulting
More informationEXABEAM HELPS PROTECT INFORMATION SYSTEMS
WHITE PAPER EXABEAM HELPS PROTECT INFORMATION SYSTEMS Meeting the Latest NIST SP 800-53 Revision 4 Guidelines SECURITY GUIDELINE COMPLIANCE There has been a rapid increase in malicious insider threats,
More informationNIST Security Certification and Accreditation Project
NIST Security Certification and Accreditation Project An Integrated Strategy Supporting FISMA Dr. Ron Ross Computer Security Division Information Technology Laboratory 1 Today s Climate Highly interactive
More informationMicrosoft Core Solutions of Microsoft SharePoint Server 2013
1800 ULEARN (853 276) www.ddls.com.au Microsoft 20331 - Core Solutions of Microsoft SharePoint Server 2013 Length 5 days Price $4290.00 (inc GST) Version B Overview This course will provide you with the
More informationProtecting organisations from the ever evolving Cyber Threat
Protecting organisations from the ever evolving Cyber Threat Who we are .At a glance 16+ Up to 190B 2B+ Dell SecureWorks is one of the most promising MSSPs in the GCC region MSS Market Report on GCC, Frost
More informationAltius IT Policy Collection Compliance and Standards Matrix
Governance Context and Alignment Policy 4.1 4.4 800-26 164.308 12.4 EDM01 IT Governance Policy 5.1 800-30 12.5 EDM02 Leadership Mergers and Acquisitions Policy A.6.1.1 800-33 EDM03 Context Terms and Definitions
More informationCloud Security. Copyright Ramesh Nagappan. All rights reserved.
Cloud Security 1 Cloud Security Week 1 Lecture 1 Ramesh Nagappan Harvard University Extension School Brandeis University GPS 2 Week 1 Lecture - 1 Course Introduction Evolution of Cloud Computing Introduction
More informationData Protection Modernization: Meeting the Challenges of a Changing IT Landscape
Data Protection Modernization: Meeting the Challenges of a Changing IT Landscape Tom Clark IBM Distinguished Engineer, Chief Architect Software 1 Data growth is continuing to explode Sensors & Devices
More informationMIS Week 9 Host Hardening
MIS 5214 Week 9 Host Hardening Agenda NIST Risk Management Framework A quick review Implementing controls Host hardening Security configuration checklist (w/disa STIG Viewer) NIST 800-53Ar4 How Controls
More informationMapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective
Mapping Your Requirements to the NIST Cybersecurity Framework Industry Perspective 1 Quest has the solutions and services to help your organization identify, protect, detect, respond and recover, better
More informationSIEM: Five Requirements that Solve the Bigger Business Issues
SIEM: Five Requirements that Solve the Bigger Business Issues After more than a decade functioning in production environments, security information and event management (SIEM) solutions are now considered
More informationDATABASE SECURITY REQUIREMENTS GUIDE (SRG) TECHNOLOGY OVERVIEW. Version 2, Release October Developed by DISA for the DoD
DATABASE SECURITY REQUIREMENTS GUIDE (SRG) TECHNOLOGY OVERVIEW Version 2, Release 5 28 October 2016 Developed by for the DoD 28 October 2016 Developed by for the DoD Trademark Information Names, products,
More informationΟ ρόλος της τεχνολογίας στο ταξίδι της συμμόρφωσης με τον Γενικό Κανονισμό. Αντιγόνη Παπανικολάου & Νίκος Αναστόπουλος
Ο ρόλος της τεχνολογίας στο ταξίδι της συμμόρφωσης με τον Γενικό Κανονισμό Αντιγόνη Παπανικολάου & Νίκος Αναστόπουλος Providing clarity and consistency for the protection of personal data The General
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Port Security Port Security helps to control access to logical and physical ports, protocols, and services. This
More informationTop 10 use cases of HP ArcSight Logger
Top 10 use cases of HP ArcSight Logger Sridhar Karnam @Sri747 Karnam@hp.com #HPSecure Big data is driving innovation The Big Data will continue to expand Collect Big Data for analytics Store Big Data for
More informationEMERGING THREATS & STRATEGIES FOR DEFENSE. Paul Fletcher Cyber Security
EMERGING THREATS & STRATEGIES FOR DEFENSE Paul Fletcher Cyber Security Evangelist @_PaulFletcher Threats by Customer Environment Cloud Environment On Premise Environment 1.96% 0.13% 0.02% application-attack
More informationto protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large
Executive Summary As a County Government servicing about 1.5 million citizens, we have the utmost responsibility to protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large
More informationIBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan
IBM Cloud Security for the Cloud Amr Ismail Security Solutions Sales Leader Middle East & Pakistan Today s Drivers for Cloud Adoption ELASTIC LOWER COST SOLVES SKILLS SHORTAGE RAPID INNOVATION GREATER
More informationSecurity
Security +617 3222 2555 info@citec.com.au Security With enhanced intruder technologies, increasingly sophisticated attacks and advancing threats, your data has never been more susceptible to breaches from
More informationAltius IT Policy Collection Compliance and Standards Matrix
Governance Context and Alignment Policy 4.1 4.4 800-26 164.308 12.4 EDM01 IT Governance Policy 5.1 800-30 12.5 EDM02 Leadership Mergers and Acquisitions Policy A.6.1.1 800-33 EDM03 Context Terms and Definitions
More information20331B: Core Solutions of Microsoft SharePoint Server 2013
20331B: Core Solutions of Microsoft SharePoint Server 2013 Course Details Course Code: Duration: Notes: 20331B 5 days This course syllabus should be used to determine whether the course is appropriate
More informationCloud First Policy General Directorate of Governance and Operations Version April 2017
General Directorate of Governance and Operations Version 1.0 24 April 2017 Table of Contents Definitions/Glossary... 2 Policy statement... 3 Entities Affected by this Policy... 3 Who Should Read this Policy...
More informationexisting customer base (commercial and guidance and directives and all Federal regulations as federal)
ATTACHMENT 7 BSS RISK MANAGEMENT FRAMEWORK PLAN [L.30.2.7, M.2.2.(7), G.5.6; F.2.1(41) THROUGH (76)] A7.1 BSS SECURITY REQUIREMENTS Our Business Support Systems (BSS) Risk MetTel ensures the security of
More informationSIEM Solutions from McAfee
SIEM Solutions from McAfee Monitor. Prioritize. Investigate. Respond. Today s security information and event management (SIEM) solutions need to be able to identify and defend against attacks within an
More informationCIAM: Need for Identity Governance & Assurance. Yash Prakash VP of Products
CIAM: Need for Identity Governance & Assurance Yash Prakash VP of Products Key Tenets of CIAM Solution Empower consumers, CSRs & administrators Scale to millions of entities, cloud based service Security
More informationDEVELOP YOUR TAILORED CYBERSECURITY ROADMAP
ARINC cybersecurity solutions DEVELOP YOUR TAILORED CYBERSECURITY ROADMAP Getting started is as simple as assessing your baseline THE RIGHT CYBERSECURITY SOLUTIONS FOR YOUR UNIQUE NEEDS Comprehensive threat
More informationLTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security
LTI Security Intelligent & integrated Approach to Cyber & Digital Security Overview As businesses are expanding globally into new territories, propelled and steered by digital disruption and technological
More informationMinfy-Magnaquest Migration Use Case
Document Details Use Case Name Minfy Migration Use Case04 First Draft 15 th August 2018 Author Prabhakar D Reviewed By Pradeep Narayanaswamy Scope This document provides a detailed use case study on data
More informationLBI Public Information. Please consider the impact to the environment before printing this.
LBI Public Information. Please consider the impact to the environment before printing this. DGPC Framework People Executive management commitment Engaged management team Integrated governance organization
More informationThe Challenge of Cloud Security
The Challenge of Cloud Security Dr. Ray Klump Chair, Mathematics & Computer Science Director, MS in Information Security Lewis University Poll Question #1: What type of cloud service are you
More informationSecuring Data in the Cloud: Point of View
Securing Data in the Cloud: Point of View Presentation by Infosys Limited www.infosys.com Agenda Data Security challenges & changing compliance requirements Approach to address Cloud Data Security requirements
More information85% 89% 10/5/2018. Do You Have A Firewall Around Your Cloud? Conquering The Big Threats & Challenges
Do You Have A Firewall Around Your Cloud? California Cybersecurity Education Summit 2018 Tyson Moler Oracle Security, North America Public Sector Conquering The Big Threats & Challenges Real Life Threats
More informationDefense Information Systems Agency (DISA) Department of Defense (DoD) Cloud Service Offering (CSO) Initial Contact Form
Defense Information Systems Agency (DISA) Department of Defense (DoD) Cloud Service Offering (CSO) Initial Contact Form Page 1 of 5 Submitted to DISA s DoD Cloud Support Office by: Signature (Prefer CAC
More informationCompTIA Cloud Essentials Certification Exam Objectives EXAM NUMBER: CLO-001
CompTIA Cloud Essentials Certification Exam Objectives EXAM NUMBER: CLO-001 1 About the Exam The CompTIA Cloud Essentials certification exam is a vendor-neutral technical qualification. The exam is relevant
More informationEC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led
EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led Certification: Certified Network Defender Exam: 312-38 Course Description This course is a vendor-neutral, hands-on,
More informationNational Cyber Security Operations Center (N-CSOC) Stakeholders' Conference
National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference Benefits to the Stakeholders A Collaborative and Win-Win Strategy Lal Dias Chief Executive Officer Sri Lanka CERT CC Cyber attacks
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Host Intrusion The Host Intrusion employs a response to a perceived incident of interference on a host-based system
More informationAKAMAI CLOUD SECURITY SOLUTIONS
AKAMAI CLOUD SECURITY SOLUTIONS Whether you sell to customers over the web, operate data centers around the world or in the cloud, or support employees on the road, you rely on the Internet to keep your
More informationAbout the DISA Cloud Playbook
Cloud Playbk About the DISA Cloud Playbk Cloud Adopters, As you attempt to help the department move more data into the Cloud, there will be many challenges to overcome and learning to be realized. We
More informationCloud Computing. Faculty of Information Systems. Duc.NHM. nhmduc.wordpress.com
Cloud Computing Faculty of Information Systems Duc.NHM nhmduc.wordpress.com Evaluating Cloud Security: An Information Security Framework Chapter 6 Cloud Computing Duc.NHM 2 1 Evaluating Cloud Security
More informationWhy Microsoft Azure is the right choice for your Public Cloud, a Consultants view by Simon Conyard
Why Microsoft Azure is the right choice for your Public Cloud, a Consultants view by Simon Conyard In my view, Microsoft Azure is fast becoming the trusted platform of choice for SMB and Enterprise customers.
More informationRISK MANAGEMENT FRAMEWORK COURSE
RISK MANAGEMENT FRAMEWORK COURSE Secure Managed Instructional Systems, LLC Consulting Training Staffing Support 3350 Riverview Pkwy Suite 1900 * Atlanta, Georgia 30339 * Phone: 800-497-3376 * Email: semais@semais.net.*
More informationSoftware & Supply Chain Assurance: Enabling Enterprise Resilience through Security Automation, Software Assurance and Supply Chain Risk Management
Software & Supply Chain Assurance: Enabling Enterprise Resilience through Security Automation, Software Assurance and Supply Chain Risk Management Joe Jarzombek, PMP, CSSLP Director for Software & Supply
More informationTelos and Amazon Web Services (AWS): Accelerating Secure and Compliant Cloud Deployments
` Telos and Amazon Web Services (AWS): Accelerating Secure and Compliant Cloud Deployments Telos Corporation 19886 Ashburn Road Ashburn, VA 24445 www.telos.com ` Introduction Telos Corporation and Amazon
More informationData Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle
Data Security and Privacy : Compliance to Stewardship Jignesh Patel Solution Consultant,Oracle Agenda Connected Government Security Threats and Risks Defense In Depth Approach Summary Connected Government
More informationCloudSOC and Security.cloud for Microsoft Office 365
Solution Brief CloudSOC and Email Security.cloud for Microsoft Office 365 DID YOU KNOW? Email is the #1 delivery mechanism for malware. 1 Over 40% of compliance related data in Office 365 is overexposed
More informationDFARS Compliance. SLAIT Consulting SECURITY SERVICES. Mike D Arezzo Director of Security Services. SLAITCONSULTING.com
DFARS Compliance SLAIT Consulting SECURITY SERVICES Mike D Arezzo Director of Security Services Introduction 18+ year career in Information Technology and Security General Electric (GE) as Software Governance
More informationInformation Systems Security Requirements for Federal GIS Initiatives
Requirements for Federal GIS Initiatives Alan R. Butler, CDP Senior Project Manager Penobscot Bay Media, LLC 32 Washington Street, Suite 230 Camden, ME 04841 1 Federal GIS "We are at risk," advises the
More informationManaging Your Privileged Identities: The Choke Point of Advanced Attacks
Managing Your Privileged Identities: The Choke Point of Advanced Attacks Shirief Nosseir EMEA Alliances Director Identity & API Management Tuesday, 16 May 2017 Agenda Why Privileged Access Management Why
More informationGoogle Identity Services for work
INTRODUCING Google Identity Services for work One account. All of Google Enter your email Next Online safety made easy We all care about keeping our data safe and private. Google Identity brings a new
More informationAutomating the Top 20 CIS Critical Security Controls
20 Automating the Top 20 CIS Critical Security Controls SUMMARY It s not easy being today s CISO or CIO. With the advent of cloud computing, Shadow IT, and mobility, the risk surface area for enterprises
More informationPractical Guide to Hybrid Cloud Computing. Cloud-Computing.
Practical Guide to Hybrid Cloud Computing http://www.cloud-council.org/deliverables/cscc-practical-guide-to-hybrid- Cloud-Computing.pdf April 21, 2016 The Cloud Standards Customer Council THE Customer
More informationIBM Case Manager on Cloud
Service Description IBM Case Manager on Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means and includes the company, its authorized users or recipients of the
More informationTEL2813/IS2621 Security Management
TEL2813/IS2621 Security Management James Joshi Associate Professor Lecture 4 + Feb 12, 2014 NIST Risk Management Risk management concept Goal to establish a relationship between aggregated risks from information
More informationSecurity and Privacy Governance Program Guidelines
Security and Privacy Governance Program Guidelines Effective Security and Privacy Programs start with attention to Governance. Governance refers to the roles and responsibilities that are established by
More informationSolutions Technology, Inc. (STI) Corporate Capability Brief
Solutions Technology, Inc. (STI) Corporate Capability Brief STI CORPORATE OVERVIEW Located in the metropolitan area of Washington, District of Columbia (D.C.), Solutions Technology Inc. (STI), women owned
More informationMeeting PCI DSS 3.2 Compliance with RiskSense Solutions
Meeting PCI DSS 3.2 Compliance with Solutions Platform the industry s most comprehensive, intelligent platform for managing cyber risk. 2018, Inc. What s Changing with PCI DSS? Summary of PCI Business
More informationAccess Governance in a Cloudy Environment. Nabeel Nizar VP Worldwide Solutions
Access Governance in a Cloudy Environment Nabeel Nizar VP Worldwide Solutions Engineering @nabeelnizar Nabeel.Nizar@saviynt.com How do I manage multiple cloud instances from a single place? Is my sensitive
More informationTechnology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited
Technology Risk Management in Banking Industry Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Change in Threat Landscape 2 Problem & Threats faced by Banking Industry
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationCompare Security Analytics Solutions
Compare Security Analytics Solutions Learn how Cisco Stealthwatch compares with other security analytics products. This solution scales easily, giving you visibility across the entire network. Stealthwatch
More informationCSN38: Tracking Privileged User Access within an ArcSight Logger and SIEM Environment Philip Lieberman, President and CEO
CSN38: Tracking Privileged User Access within an ArcSight Logger and SIEM Environment Philip Lieberman, President and CEO 2009 by Lieberman Software Corporation. Rev 20090921a Identity Management Definitions
More informationTwilio cloud communications SECURITY
WHITEPAPER Twilio cloud communications SECURITY From the world s largest public companies to early-stage startups, people rely on Twilio s cloud communications platform to exchange millions of calls and
More informationIASM Support for FISMA
Introduction Most U.S. civilian government agencies, and commercial enterprises processing electronic data on behalf of those agencies, are concerned about whether and how Information Assurance products
More informationCompTIA Cloud Essentials Certification Exam Objectives EXAM NUMBER: CLO-001
CompTIA Cloud Essentials Certification Exam Objectives EXAM NUMBER: CLO-001 1 About the Exam The CompTIA Cloud Essentials certification exam is a vendor-neutral technical qualification. The exam is relevant
More information