Bird of a Feather Automated Responses
|
|
- Sheryl Bradford
- 5 years ago
- Views:
Transcription
1 Bird of a Feather Automated Responses Energy-Sec Summit Th Security and Compliance August 2017
2 INL s Position Nationally A network of 17 DOE national labs DOE s lead lab for nuclear energy A major center for National Security National Labs are Capability Machines that rely on unique capabilities They innovate to solve multi-disciplinary problems of national interest They do what Universities and Industry Can t, Won t or Shouldn t do Research in the National Interest that Maintains American Competitiveness & Security 2
3 INL National & Homeland Security RDD&D Capabilities Control Systems Cybersecurity Electric Grid Resilience Nuclear Safeguards & Security by Design Emergency Training & Response Nuclear Forensics/ Ultratrace Detection Materials & Energetics Wireless Communications & RF Modeling Over 120 professionals focused on cyber security of industrial control systems Armor Development National Laboratories are Capability Machines 3
4 The Nexus of Critical Infrastructure Protection Cyber Power Wireless Control Systems Unique Focus on the Interdependencies Enhances Critical Infrastructure Resilience 4
5 Agenda Cyber Security Core for Industrial Control Systems Programs DHS National Cybersecurity and Communications Integration Center (NCCIC) DOE-OE Cybersecurity for Energy Delivery Systems (CEDS) Industry Automated Response Why Needed? State of Art in Information Technology Energy Sector Focus Measuring and Evaluating Feasibility Performance Mitigation Actions Mitigation Trade-offs Security 5
6 Cyber Security Leadership INL Reputation for Top Cyber Security Researchers throughout International Critical Infrastructure Cyber Security Groups Participated in DHS Cyber Skills Task Force 10 Skills - 5 Objectives People want to work with us based on reputation Partnering Control Engineers with Cyber Researchers Employees Are Actively Recruited Top U.S. Cyber Defenders Work in Idaho Falls -Wall Street Journal November 14, 2012 As the department moves ahead, I will look to your leadership and expertise... Janet Napolitano Secretary, Homeland Security 6
7 Core Programs Research Since 2004, Department of Homeland Security NCICC Vulnerability Analysis, Disclosure and Guidance Incident Response, Advanced Analytics Malware Since 2003, Department of Energy Office of Electricity Delivery and Energy Reliability CEDS National SCADA Test Bed Other Government: Defense Advanced Research Project Agency (DARPA); Cyber Commands Industry Strategic Partnerships Resilient Control Systems Signature Area Laboratory Directed Research and Development 7
8 Leveraged Concepts DHS Malware Analysis, Automated Vulnerability Assessment; Consequence Based Analysis DOE-OE Validation and Measurement of Automated Response (VMAR) Exploit, Malware and Vulnerability (EMV) California Energy System for the 21 st Century Machine to Machine Automated Threat Response Structured Threat Information exchange (STIX) DARPA Rapid Attack Detection, Isolation and Characterizations Systems (RADICS) Test Effect Payloads LDRD Firmware Validation, Binary Analysis Official Use Only - Business Sensitive 8
9 What is Automated Response Needed? Patching cycles are problematic Patch availability, Proof of Implementation Impact, Application Always after detection or incident later on the cyber kill chain Automated Response for Information Technology Finance Sector: Orchestrators; Indicators of Compromise; Remediation Actions: Block IP, Match Hashes, Block URLs Volume and Velocity of Indicators Pre- Compromise Compromise Post- Compromise Reconnaissance Weaponized Delivery Exploitation Installation Command & Control Actions on Intent Official Use Only - Business Sensitive 9
10 What Could Automated Response Be? Focused on the most Critical Functions in Energy Systems Detect targeted indicator for targeted consequence Actions matching Threat and Vulnerabilities Moving Left of BOOM Agile and Responsive - Provide a response platform added capability Unique, temporary remediation actions Roll-back remediation actions after better mitigations designed and tested Proven Indicators and Remediation Actions Shared via common language Machine Speed implementation Official Use Only - Business Sensitive 10
11 Focus on Exploit Malware Vulnerability & Threat Solves the Volume and Velocity Problem EMV Scoring for Priority Issues Urgency Incident source, Availability, Repeatability Maturity Sophistication Persistence, Stealth, Simplicity Functional Impact Foothold to degraded resource to physical damage Exposure steps required, layers to cross Ability to Defend detection, removal of EM, isolation, patch Consequence slow down - reputation Threat Motivation Capability Opportunity Intent Official Use Only - Business Sensitive 11
12 Indicators and Remediation Actions Official Use Only - Business Sensitive 12
13 GIRL Graph Indicator Remediation Language Backdoor.Industroyer Official Use Only - Business Sensitive 13
14 Why Measurements are Needed Availability and Integrity are Critical in Control Largest Concern for Operations is Latency Monitoring for Indicators and Remediation Actions Pull version vs Matched hash Monitoring for Performance Measuring and Testing provides assurances that Indicators and Remediation Actions will not impact operations Trade-offs in Remediation Actions Temporary fix cost to remove and apply a more permanent mitigation Official Use Only - Business Sensitive 14
15 Tale of Two Configurations Technologies for Interface Historian IED Management System Threat Management C&C SCADA Legacy Substation HMI PLC 1 PLC 2 Software Defined Substation -Virtual Machine -Firewall -Remote Access Proxy Hardware Defined Substation -RTU -PLC -Protective Relay Protective Relay Network Switch Transformer Monitor Threat Monitor Appliance (TMA) Sensors Sensor 1 Open Source Tools: Exploit; IDS; SIEM Tools Data Collection Sensors Threat Monitor Appliance (TMA) Tools Data Collection Sensor 3 Sensor 2 NetFlow Switch NetFlow Switch Test Lab Laptops Testing Tools Official Use Only - Business Sensitive 15
16 Next Steps in Measuring Automated Response Collect Performance Data Run baselines static and under duress Run indicators and remediation actions Compare highly integrated orchestrator to standards-based response Data Analytics of Volume and Velocity for Applicability for integrations Coding EMV for machine readable automated prioritization Incorporate vulnerability scanners, discovery products Move to Firmware Race to Bottom Malware Segments for key malware functions Dynamic binary analysis Official Use Only - Business Sensitive 16
17 OASIS and STIX OASIS is the Organization for the Advancement of Structured Information Standards, a not-for-profit, international consortium that drives the development, convergence and adoption of open standards for the global information society DHS turned over custody of STIX to OASIS in early 2015 Changes to STIX Language are required for ICS applications such as CES-21 As part of Task 6, New Context (a voting member of OASIS) is the CES-21 advocate to getting these necessary STIX changes adopted Some of the significant players in OASIS include: 17
18 Next Generation Grid Systems: From Reliable to Resilient Threats are those elements that counter normalcy and destabilize grid system networks human error, damaging storms, malicious attacks, complex failures & interdependencies State Awareness provides essential knowledge of operating parameters to fully characterize the decision space Resilient Design provides an adaptive capacity and agility for response to threats, including those that are not well characterized by traditional means Resilience is the capacity of a grid system to maintain state awareness and an accepted level of operational normalcy in response to disturbances, including threats of an unexpected and malicious nature. 18
19 Resilient Cyber Tools/Demonstrations at INL Sophia Fingerprints conversations across a network for better situational awareness NextDefense commercialization (2013) Intelligent Cyber Sensor Protection of field devices allowing for agile response, better situational awareness (2013) Data Fusion Provides common view and quality of data for better situational awareness (2013) Resilient Metrics Prototyped (2014) Predictive Battery Recharging (2012) Resilient Design Microgrid Controls(2013) Situational Awareness Demonstration (2013) Mitigation Actions (2016) 19
20 Power Systems Research & Testing Unique Facilities/Equipment/Experience Infrastructure INL utility scale power grid with real-time INL monitoring and control located at INL s 890 square mile federal reservation Experience Test design and grid configuration, data collection and analysis Personnel Electrical/power engineers PhD analysis, utility and research test design engineering, utility operations 20
21 Other Leveraged Research DOE-OE Funded Projects Over 40 Vulnerability Assessments Sophia fingerprinting tool for control systems transferred to NextDefense RENDER Risk Evaluation Nexus for the Digital-age Energy Reliability 2013/14 ATAC Advanced Threat Analysis Characterization 2013/14 ReACT - Root-Cause Attack Characterization of Threat 2013/14 CYOTE-A/B and CET - Cybersecurity for the Operational Technology Environment Pilot and Full Assessment and Cybersecurity Emerging Threat 2016/7 Support of ISER and Incident Response Department of Homeland Security Funded Projects NAVV Network Analysis Verification and Validation, CSET Cyber Security Evaluation Tool & RRAP - Regional Resiliency Assessment Program CLAPI Component Level Access Physical Impact 2015 AVA Automated Vulnerability Assessment 2016 Other (funding source) GrassMarlin, Bro, Security Onion (open source tools) CRITs Collaborative Research Into Threats (Open Source MITRE) CCE - Consequence-Driven Cyber-Informed Engineering (INL) 2016/7 RIM - Risk Informed Methods (INL) 2016 IACD - Integrated Adaptive Cyber Defense (JH/APL)
Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation
SCADA/IOT Panel This panel will focus on innovative & emerging solutions and remaining challenges in the cybersecurity of industrial control systems ICS/SCADA. Representatives from government and infrastructure
More informationPower Grid Resilience, Reliability and Security Research at Idaho National Laboratory
Power Grid Resilience, Reliability and Security Research at Idaho National Laboratory Brent J. Stacey Associate Laboratory Director National & Homeland Security Presented at: 69 th Annual Meeting of the
More informationCyber Threat Intelligence Standards - A high-level overview
Cyber Threat Intelligence Standards - A high-level overview Christian Doerr TU Delft, Cyber Threat Intelligence Lab Delft University of Technology Challenge the future ~ whoami At TU Delft since 2008 in
More informationGreg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security
1 Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security 2 Government Services 3 Business Education Social CYBERSPACE
More informationWhite Paper. View cyber and mission-critical data in one dashboard
View cyber and mission-critical data in one dashboard Table of contents Rising cyber events 2 Mitigating threats 2 Heighten awareness 3 Evolving the solution 5 One of the direct benefits of the Homeland
More informationCALIFORNIA CYBERSECURITY TASK FORCE
CALIFORNIA CYBERSECURITY TASK FORCE Advancing California s cybersecurity priorities through public, private, corporate, and academic sector collaboration. Agenda Task Force Overview California Cybersecurity
More informationICS-CERT Year in Review. Industrial Control Systems Cyber Emergency Response Team
ICS-CERT Year in Review Industrial Control Systems Cyber Emergency Response Team 2012 What s Inside Welcome 1 Organization 3 Outreach 4 Industrial Control Systems Joint Working Group 5 Advanced Analytical
More informationUNCLASSIFIED. FY 2016 Base FY 2016 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense Date: February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: COST ($ in Millions) Prior
More informationBuilding Resilience in a Digital Enterprise
Building Resilience in a Digital Enterprise Top five steps to help reduce the risk of advanced targeted attacks To be successful in business today, an enterprise must operate securely in the cyberdomain.
More informationImproving SCADA System Security
Improving SCADA System Security NPCC 2004 General Meeting Robert W. Hoffman Manager, Cyber Security Research Department Infrastructure Assurance and Defense Systems National Security Division, INEEL September
More informationSTANDARD INFORMATION SHARING FORMATS. Will Semple Head of Threat and Vulnerability Management New York Stock Exchange
STANDARD INFORMATION SHARING FORMATS Will Semple Head of Threat and Vulnerability Management New York Stock Exchange AGENDA Information Sharing from the Practitioner s view Changing the focus from Risk
More informationCYBER SECURITY AIR TRANSPORT IT SUMMIT
CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY CYBER
More informationCyber Security Technologies
1 / Cyber Security Technologies International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center Lisbon, 12 th September 2013 23 / Key highlights - Thales Group Thales
More informationEnd-to-End Trust, Segmentation and Segregation in the IIoT
End-to-End Trust, Segmentation and Segregation in the IIoT www.blackridge.us Michael Murray - SVP & GM Cyber Physical Systems www.blackridge.us Company Origin BlackRidge technology originated from a Department
More informationToward All-Hazards Security and Resilience for the Power Grid
Toward All-Hazards Security and Resilience for the Power Grid Juan Torres Associate Laboratory Director, Energy Systems Integration National Renewable Energy Laboratory December 6, 2017 1 Grid Modernization
More informationNATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium
NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium Securing Cyber Space & America s Cyber Assets: Threats, Strategies & Opportunities September 10, 2009, Crystal Gateway Marriott, Arlington,
More informationBUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE
BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE 1 WHAT IS YOUR SITUATION? Excel spreadsheets Manually intensive Too many competing priorities Lack of effective reporting Too many consultants Not
More informationStatement for the Record
Statement for the Record of Seán P. McGurk Director, Control Systems Security Program National Cyber Security Division National Protection and Programs Directorate Department of Homeland Security Before
More informationSummary of Cyber Security Issues in the Electric Power Sector
Summary of Cyber Security Issues in the Electric Power Sector Jeff Dagle, PE Chief Electrical Engineer Energy Technology Development Group Pacific Northwest National Laboratory (509) 375-3629 jeff.dagle@pnl.gov
More informationSoftware & Supply Chain Assurance: Enabling Enterprise Resilience through Security Automation, Software Assurance and Supply Chain Risk Management
Software & Supply Chain Assurance: Enabling Enterprise Resilience through Security Automation, Software Assurance and Supply Chain Risk Management Joe Jarzombek, PMP, CSSLP Director for Software & Supply
More informationHPH SCC CYBERSECURITY WORKING GROUP
HPH SCC A PRIMER 1 What Is It? The cross sector coordinating body representing one of 16 critical infrastructure sectors identified in Presidential Executive Order (PPD 21) A trust community partnership
More informationDesigning and Building a Cybersecurity Program
Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework (CSF) Larry Wilson lwilson@umassp.edu ISACA Breakfast Meeting January, 2016 Designing & Building a Cybersecurity
More informationIndustry role moving forward
Industry role moving forward Discussion with National Research Council, Workshop on the Resiliency of the Electric Power Delivery System in Response to Terrorism and Natural Disasters February 27-28, 2013
More informationSecurity by Default: Enabling Transformation Through Cyber Resilience
Security by Default: Enabling Transformation Through Cyber Resilience FIVE Steps TO Better Security Hygiene Solution Guide Introduction Government is undergoing a transformation. The global economic condition,
More information2016 Nationwide Cyber Security Review: Summary Report. Nationwide Cyber Security Review: Summary Report
Nationwide Cyber Security Review: Summary Report Nationwide Cyber Security Review: Summary Report ii Nationwide Cyber Security Review: Summary Report Acknowledgments The Multi-State Information Sharing
More informationProtecting Against Modern Attacks. Protection Against Modern Attack Vectors
Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches
More informationThe Perfect Storm Cyber RDT&E
The Perfect Storm Cyber RDT&E NAVAIR Public Release 2015-87 Approved for public release; distribution unlimited Presented to: ITEA Cyber Workshop 25 February 2015 Presented by: John Ross NAVAIR 5.4H Cyberwarfare
More informationCyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS
Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Continual disclosed and reported
More informationDmitry Ishchenko/Reynaldo Nuqui/Steve Kunsman, September 21, 2016 Collaborative Defense of Transmission and Distribution Protection & Control Devices
Dmitry Ishchenko/Reynaldo Nuqui/Steve Kunsman, September 21, 2016 Collaborative Defense of Transmission and Distribution Protection & Control Devices Against Cyber Attacks (CODEF) Cyber Security of the
More informationDHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017
DHS Cybersecurity Election Infrastructure as Critical Infrastructure June 2017 Department of Homeland Security Safeguard the American People, Our Homeland, and Our Values Homeland Security Missions 1.
More informationTestimony. Christopher Krebs Director Cybersecurity and Infrastructure Security Agency U.S. Department of Homeland Security FOR A HEARING ON
Testimony Christopher Krebs Director Cybersecurity and Infrastructure Security Agency U.S. Department of Homeland Security FOR A HEARING ON Defending Our Democracy: Building Partnerships to Protect America
More information2011 North American SCADA & Process Control Summit March 1, 2011 Orlando, Fl
Beyond Compliance Greg Goodrich Supervisor, Enterprise Security New York Independent System Operator 2011 North American SCADA & Process Control Summit March 1, 2011 Orlando, Fl Roles of the NYISO Reliable
More informationAdvanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018
Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018 The Homeland Security Systems Engineering and Development Institute (HSSEDI ) is a trademark of the U.S. Department of Homeland
More informationDOE s Roles and Responsibilities for Energy Sector Cybersecurity
Written Testimony of Under Secretary Mark Menezes U.S. Department of Energy Before the Subcommittee on Energy Committee on Energy and Commerce U.S. House of Representatives March 14, 2018 Introduction
More informationDHS Cybersecurity: Services for State and Local Officials. February 2017
DHS Cybersecurity: Services for State and Local Officials February 2017 Department of Established in March of 2003 and combined 22 different Federal departments and agencies into a unified, integrated
More informationCyber Partnership Blueprint: An Outline
Approved for Public Release; Distribution Unlimited. 13-3851 The MITRE Corporation Cyber Partnership Blueprint: An Outline October 26, 2013 Copyright 1997-2013, The MITRE Corporation. All rights reserved.
More informationAddressing Cyber Threats in Power Generation and Distribution
Addressing Cyber Threats in Power Generation and Distribution VEO, Asko Tuomela o Bachelor of Science in Electrical Power Engineering o Over 6 years experience in power projects, PLCs and supervision systems
More informationIntegrated Cyber Defense Working Group (ICD WG) Introduction
Integrated Cyber Defense Working Group (ICD WG) Introduction Cory Huyssoon Allison Cline October 16, 2017 2017 by The Johns Hopkins Applied Physics Laboratory. Material is made available under the Creative
More informationEPRI Research Overview IT/Security Focus. Power Delivery & Energy Utilization Sector From Generator Bus Bar to End Use
EPRI Research Overview IT/Security Focus November 29, 2012 Mark McGranaghan VP, Power Delivery and Utilization Power Delivery & Energy Utilization Sector From Generator Bus Bar to End Use Transmission
More informationChallenges and Opportunities in Cyber Physical System Research
Homeland Security Advanced Research Projects Agency Challenges and Opportunities in Cyber Physical System Research Dec 11, 2013 ACSAC Panel Dr. Dan Massey Program Manager Cyber Security Program Areas Trustworthy
More informationPosition Description. Computer Network Defence (CND) Analyst. GCSB mission and values. Our mission. Our values UNCLASSIFIED
Position Description Computer Network Defence (CND) Analyst Position purpose: Directorate overview: The CND Analyst seeks to discover, analyse and report on sophisticated computer network exploitation
More informationNGA Governor s Energy Advisors Energy Policy Institute Resiliency Panel
U.S. DEPARTMENT OF ENERGY Infrastructure Security & Energy Restoration Prepare. Respond. Adapt. NGA Governor s Energy Advisors Energy Policy Institute Resiliency Panel Puesh M. Kumar Director, Preparedness
More informationUNCLASSIFIED. R-1 Program Element (Number/Name) PE D8Z / Software Engineering Institute (SEI) Applied Research. Prior Years FY 2013 FY 2014
Exhibit R-2, RDT&E Budget Item Justification: PB 2015 Office of Secretary Of Defense Date: March 2014 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: COST ($ in Millions) Prior Years
More informationSecurity and resilience in Information Society: the European approach
Security and resilience in Information Society: the European approach Andrea Servida Deputy Head of Unit European Commission DG INFSO-A3 Andrea.servida@ec.europa.eu What s s ahead: mobile ubiquitous environments
More informationSecuring the Smart Grid. Understanding the BIG Picture 11/1/2011. Proprietary Information of Corporate Risk Solutions, Inc. 1.
Securing the Smart Grid Understanding the BIG Picture The Power Grid The electric power system is the most capital-intensive infrastructure in North America. The system is undergoing tremendous change
More informationCyber Security Program
Cyber Security Program Cyber Security Program Goals and Objectives Goals Provide comprehensive Security Education and Awareness to the University community Build trust with the University community by
More informationSupply Chain Integrity and Security Assurance for ICT. Mats Nilsson
Supply Chain Integrity and Security Assurance for ICT Mats Nilsson The starting point 2 B Internet users 85% Population coverage 5+ B Mobile subscriptions 10 years of Daily upload E-Books surpassing Print
More informationWhy Should You Care About Control System Cybersecurity. Tim Conway ICS.SANS.ORG
Why Should You Care About Control System Cybersecurity Tim Conway ICS.SANS.ORG Events Example #1 Dec 23, 2015 Cyber attacks impacting Ukrainian Power Grid Targeted, synchronized, & multi faceted Three
More informationMedical Device Cybersecurity: FDA Perspective
Medical Device Cybersecurity: FDA Perspective Suzanne B. Schwartz MD, MBA Associate Director for Science and Strategic Partnerships Office of the Center Director (OCD) Center for Devices and Radiological
More informationOverview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 PPD-21: CI Security and Resilience On February 12, 2013, President Obama signed Presidential Policy Directive
More informationBoston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018
Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security BRANDEIS UNIVERSITY PROFESSOR ERICH SCHUMANN MAY 2018 1 Chinese military strategist Sun Tzu: Benchmark If you know your
More informationCybersecurity and Hospitals: A Board Perspective
Cybersecurity and Hospitals: A Board Perspective Cybersecurity is an important issue for both the public and private sector. At a time when so many of our activities depend on information systems and technology,
More informationCybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com
Cybersecurity Presidential Policy Directive Frequently Asked Questions kpmg.com Introduction On February 12, 2013, the White House released the official version of the Presidential Policy Directive regarding
More informationThe NIST Cybersecurity Framework
The NIST Cybersecurity Framework U.S. German Standards Panel 2018 April 10, 2018 Adam.Sedgewick@nist.gov National Institute of Standards and Technology About NIST Agency of U.S. Department of Commerce
More informationVulnerability Disclosure
Vulnerability Disclosure Rita Wells National SCADA Test Bed DoE-OE September 09, 2008 Department of Energy-Office of Electricity Delivery and Energy Reliability: National SCADA Test Bed Program Mission
More informationCONE 2019 Project Proposal on Cybersecurity
CONE 2019 Project Proposal on Cybersecurity Project title: Comprehensive Cybersecurity Platform for Bangladesh and its Corporate Environments Sector or area: Cybersecurity for IT, Communications, Transportation,
More informationSneak Peak at CIS Critical Security Controls V 7 Release Date: March Presented by Kelli Tarala Principal Consultant Enclave Security
Sneak Peak at CIS Critical Security Controls V 7 Release Date: March 2018 2017 Presented by Kelli Tarala Principal Consultant Enclave Security 2 Standards and Frameworks 3 Information Assurance Frameworks
More informationIllinois Cyber Navigator Program
Illinois Cyber Navigator Program Illinois State Board of Elections PA 100-0587 (10 ILCS 5/1A-55) Sec. 1A-55. Cyber security efforts. The State Board of Elections shall provide by rule, after at least 2
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationLanguage for Control Systems
Cyber Security Procurement e Language for Control Systems Rita Wells Idaho National Laboratory Program Sponsor: National Cyber Security Division Control Systems Security Program Agenda Background Foundation
More informationLESSONS LEARNED IN SMART GRID CYBER SECURITY
LESSONS LEARNED IN SMART GRID CYBER SECURITY Lynda McGhie CISSP, CISM, CGEIT Quanta Technology Executive Advisor Smart Grid Cyber Security and Critical Infrastructure Protection lmcghie@quanta-technology.com
More informationA Strategic Approach to Industrial CyberSecurity. Kaspersky Industrial CyberSecurity
A Strategic Approach to Industrial Cyber Kaspersky Industrial Cyber 2015 Do industrial control networks need protection from cyberattacks? It s a question that, just a few years ago, was unlikely to feature
More informationIncident response to a breach: Right of boom you find ashes
Incident response to a breach: Right of boom you find ashes Dr. Samuel Liles http://selil.com Opinions, or other information expressed are presenters and do not reflect current, former, future, or unaffiliated
More informationCyber Security & Homeland Security:
Cyber Security & Homeland Security: Cyber Security for CIKR and SLTT Michael Leking 19 March 2014 Cyber Security Advisor Northeast Region Office of Cybersecurity and Communications (CS&C) U.S. Department
More informationPOSTMARKET MANAGEMENT OF CYBERSECURITY IN MEDICAL DEVICES FINAL GUIDANCE MARCH 29, TH ANNUAL MEDICAL DEVICE QUALITY CONGRESS
POSTMARKET MANAGEMENT OF CYBERSECURITY IN MEDICAL DEVICES FINAL GUIDANCE MARCH 29, 2017 14TH ANNUAL MEDICAL DEVICE QUALITY CONGRESS 1 Fact vs. Myth Let s Play: Fact vs. Myth The FDA is the federal entity
More informationAddressing Cybersecurity in Infusion Devices
Addressing Cybersecurity in Infusion Devices Authored by GEORGE W. GRAY Chief Technology Officer / Vice President of Research & Development Ivenix, Inc. INTRODUCTION Cybersecurity has become an increasing
More informationProposed Capability-Based Reference Architecture for Real-Time Network Defense
Proposed Capability-Based Reference Architecture for Real-Time Network Defense 16 November 2015 DISTRIBUTION STATEMENT A - APPROVAL FOR PUBLIC RELEASE: DISTRIBUTION IS UNLIMITED Based on work funded by
More informationEnhancing the Cybersecurity of Federal Information and Assets through CSIP
TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3
More informationCompTIA Cybersecurity Analyst+
CompTIA Cybersecurity Analyst+ Course CT-04 Five days Instructor-Led, Hands-on Introduction This five-day, instructor-led course is intended for those wishing to qualify with CompTIA CSA+ Cybersecurity
More informationThe NIS Directive and Cybersecurity in
The NIS Directive and Cybersecurity in ehealth Dr. Athanasios Drougkas Officer in NIS Belgian Hospitals Meeting on Security Brussels 13 th October European Union Agency For Network And Information Security
More informationDepartment of Homeland Security Science and Technology Directorate
Department of Homeland Security Science and Technology Directorate Overview Presented to the Transportation Research Board Infrastructure and Geophysical Division Science and Technology Directorate Department
More informationNational Policy and Guiding Principles
National Policy and Guiding Principles National Policy, Principles, and Organization This section describes the national policy that shapes the National Strategy to Secure Cyberspace and the basic framework
More informationSIEM: Five Requirements that Solve the Bigger Business Issues
SIEM: Five Requirements that Solve the Bigger Business Issues After more than a decade functioning in production environments, security information and event management (SIEM) solutions are now considered
More informationSecuring the Internet of Things (IoT) at the U.S. Department of Veterans Affairs
Securing the Internet of Things (IoT) at the U.S. Department of Veterans Affairs Dominic Cussatt Acting Deputy Assistant Secretary / Chief Information Security Officer (CISO) February 20, 2017 The Cyber
More informationGPS Vulnerability and DHS Mitigation Efforts. David Wulf Acting Deputy Assistant Secretary Infrastructure Protection Department of Homeland Security
GPS Vulnerability and DHS Mitigation Efforts David Wulf Acting Deputy Assistant Secretary Infrastructure Protection Department of Homeland Security The Office of Infrastructure Protection National Protection
More informationARC VIEW. Critical Industries Need Active Defense and Intelligence-driven Cybersecurity. Keywords. Summary. By Sid Snitkin
ARC VIEW DECEMBER 7, 2017 Critical Industries Need Active Defense and Intelligence-driven Cybersecurity By Sid Snitkin Keywords Industrial Cybersecurity, Risk Management, Threat Intelligence, Anomaly &
More informationEvaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure
Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure March 2015 Pamela Curtis Dr. Nader Mehravari Katie Stewart Cyber Risk and Resilience Management Team CERT
More informationControl Systems Cyber Security Awareness
Control Systems Cyber Security Awareness US-CERT Informational Focus Paper July 7, 2005 Produced by: I. Purpose Focus Paper Control Systems Cyber Security Awareness The Department of Homeland Security
More informationAutomating the Top 20 CIS Critical Security Controls
20 Automating the Top 20 CIS Critical Security Controls SUMMARY It s not easy being today s CISO or CIO. With the advent of cloud computing, Shadow IT, and mobility, the risk surface area for enterprises
More informationDoD Strategy for Cyber Resilient Weapon Systems
DoD Strategy for Cyber Resilient Weapon Systems Melinda K. Reed Office of the Deputy Assistant Secretary of Defense for Systems Engineering NDIA Systems Engineering Conference October 2016 10/24/2016 Page-1
More informationTowards Effective Cybersecurity for Modular, Open Architecture Satellite Systems
SSC16-IV-6 Towards Effective Cybersecurity for Modular, Open Architecture Satellite Systems Presented to: 30 th Annual AIAA/USU Conference on Small Satellites August 2016 Presented by: Geancarlo Palavicini
More informationContinuous protection to reduce risk and maintain production availability
Industry Services Continuous protection to reduce risk and maintain production availability Managed Security Service Answers for industry. Managing your industrial cyber security risk requires world-leading
More informationCYBERBIT P r o t e c t i n g a n e w D i m e n s i o n
CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n CYBETBIT in a Nutshell A leader in the development and integration of Cyber Security Solutions A main provider of Cyber Security solutions for the
More informationFederal Continuous Monitoring Working Group. March 21, DOJ Cybersecurity Conference 2/8/2011
Federal Continuous Monitoring Working Group March 21, 2011 DOJ Cybersecurity Conference 2/8/2011 4/12/2011 Why Continuous Monitoring? Case for Change Strategy Future State Current State Current State Case
More informationThe Water Sector Approach to Cybersecurity
The Water Sector Approach to Cybersecurity Standards Certification Education & Training Publishing Conferences & Exhibits Kevin M. Morley, PhD American Water Works Association 2016 ISA Water / Wastewater
More informationProtecting your next investment: The importance of cybersecurity due diligence
Protecting your next investment: The importance of cybersecurity due diligence Oct. 11, 2018 Baker Tilly Virchow Krause, LLP. All rights reserved. Baker Tilly refers to Baker Tilly Virchow Krause, LLP,
More informationEnhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationAdvanced Technology Academic Research Council Federal CISO Summit. Ms. Thérèse Firmin
Advanced Technology Academic Research Council Federal CISO Summit Ms. Thérèse Firmin Acting Deputy DoD CIO Cyber Security Department of Defense 25 January 2018 2 Overview Secretary Mattis Priorities Cybersecurity
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationNext Generation Distribution Automation Phase III, Intelligent Modern Pole (IMP) Field Demonstration
Next Generation Distribution Automation Phase III, Intelligent Modern Pole (IMP) Field Demonstration EPIC Workshop Fresno California November 09, 2018 Southern California Edison Background (Innovation
More informationRocky Mountain Cyberspace Symposium 2018 DoD Cyber Resiliency
Rocky Mountain Cyberspace Symposium 2018 DoD Cyber Resiliency Mr. Ed Brindley Acting Deputy Cyber Security Department of Defense 7 March 2018 SUPPORT THE WARFIGHTER 2 Overview Secretary Mattis Priorities
More informationNEXT GENERATION SECURITY OPERATIONS CENTER
DTS SOLUTION NEXT GENERATION SECURITY OPERATIONS CENTER SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 - SUCCESS FACTORS SOC 2.0 - FUNCTIONAL COMPONENTS DTS SOLUTION SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 Protecting
More informationISAO SO Product Outline
Draft Document Request For Comment ISAO SO 2016 v0.2 ISAO Standards Organization Dr. Greg White, Executive Director Rick Lipsey, Deputy Director May 2, 2016 Copyright 2016, ISAO SO (Information Sharing
More informationOUTSMART ADVANCED CYBER ATTACKS WITH AN INTELLIGENCE-DRIVEN SECURITY OPERATIONS CENTER
OUTSMART ADVANCED CYBER ATTACKS WITH AN INTELLIGENCE-DRIVEN SECURITY OPERATIONS CENTER HOW TO ADDRESS GARTNER S FIVE CHARACTERISTICS OF AN INTELLIGENCE-DRIVEN SECURITY OPERATIONS CENTER 1 POWERING ACTIONABLE
More informationSymantec Ransomware Protection
Symantec Ransomware Protection Protection Against Ransomware Defense in depth across all control points is required to stop ransomware @ Email Symantec Email Security.cloud, Symantec Messaging Gateway
More informationSANS Top 20 CIS. Critical Security Control Solution Brief Version 6. SANS Top 20 CIS. EventTracker 8815 Centre Park Drive, Columbia MD 21045
Critical Security Control Solution Brief Version 6 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable,
More informationSecurity Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:
Position: Reports to: Location: Security Monitoring Engineer / (NY or NC) Director, Information Security New York, NY or Winston-Salem, NC Position Summary: The Clearing House (TCH) Information Security
More informationDepartment of Defense. Installation Energy Resilience
Department of Defense Installation Energy Resilience Lisa A. Jung DASD (Installation Energy) OASD(Energy, Installations and Environment) 19 June 2018 Installation Energy is Energy that Powers Our Military
More informationHOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS
HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS Danielle M. Zeedick, Ed.D., CISM, CBCP Juniper Networks August 2016 Today s Objectives Goal Objectives To understand how holistic network
More informationElection Infrastructure Security: The How and Why of It
Election Infrastructure Security: The How and Why of It Minnesota County Auditor Election Training Conference May 3, 2018 Contents Election Infrastructure Security Overview Cyber and Physical Security
More information