Synthetic Teammates and the Future of Cybersecurity
|
|
- Emil Anderson
- 5 years ago
- Views:
Transcription
1 Synthetic Teammates and the Future of Cybersecurity Dr. Fernando Maymí Lead Scientist, Cyberspace Operations Soar Technology, Inc. 1 8 August 2017
2 - THE FUTURE THREAT LANDSCAPE - SYNTHETIC TEAMMATES - WORKFORCE DEVELOPMENT 2
3 - THE FUTURE THREAT LANDSCAPE - SYNTHETIC TEAMMATES - WORKFORCE DEVELOPMENT 3
4 The Tactical Battlefield of 2050 Augmented humans Automated decision making and autonomous processes Misinformation as a weapon Micro-targeting Large-scale self-organization and collective decision making Cognitive modeling of the opponent Ability to understand and cope in a contested, imperfect, information environment 4
5 Threatcasting 5
6 6
7 7
8 8
9 9
10 10
11 11
12 Concerns Understanding the context is essential War on reality: the weaponization of data Blended attacks Micro-targeting Efficiency is easy to hack Complex autonomous systems 12
13 - THE FUTURE THREAT LANDSCAPE - SYNTHETIC TEAMMATES - WORKFORCE DEVELOPMENT 13
14 Partial Artificial Intelligence Taxonomy Machine Learning Cognitive Modeling 14
15 (Oversimplifying) Artificial Intelligence Analogous to Machine Learning Analogous to Cognitive Modeling 15 Source, Fair use,
16 Autonomous Agents Sense Learn Think Act 16
17 17 System 1 MACHINE LEARNING 17
18 Machine Learning External agent validates results during training phase Sense Data Filter Noise Extract Features Classify Sample Production (trained) system outputs results to other systems 18
19 Adversarial Machine Learning Original image classified as a panda with 60% confidence Tiny adversarial perturbation Imperceptibly modified image classified as a gibbon with 99% confidence This is a gibbon 19 Source, Fair use,
20 Adversarial Machine Learning Original image classified as malware with 60% confidence Tiny adversarial perturbation Imperceptibly modified file classified as whitelisted software with 99% confidence 20 Source, Fair use,
21 21 Towards a Solution
22 22 System 2 COGNITIVE MODELING 22
23 Towards a Common Model of TTPs Procedures: the algorithmic, atomic unit of cyberspace operations Techniques: unique ways to perform procedures Tactics: directed subgraphs of procedures with one or more goals as their terminal nodes 23
24 Towards a Common Model of TTPs Procedures: the algorithmic, atomic unit of cyberspace operations Techniques: unique ways to perform procedures Tactics: directed subgraphs of procedures with one or more goals as their terminal nodes 24
25 Towards Common Models of Threat Actors Partial model of APT28 (Fancy Bear) during Operation Pawn Storm 25
26 Simulated Cognitive Cyber Red-team Attack Model SC2RAM Command & Control Situation Reports Human Controller Cyber Actions 26 Network Under Test
27 27 SC2RAM Graphical User Interface
28 Network Attack Visualization 28 Developed by IHMC for SC2RAM
29 29 Using Synthetic Attackers for Cybersecurity
30 Autonomous Hunt Teammate Threat Intel Feeds Other Feeds Internal Models ISAC Social Media Assets TTPs DHS Commercial Dark Web Attacks Internal Sensors IDS Hypothesis Generator Logs Firewalls Hypothesis Evaluation Learning Module 30
31 - THE FUTURE THREAT LANDSCAPE - SYNTHETIC TEAMMATES - WORKFORCE DEVELOPMENT 31
32 Workforce Pipeline Access Employ Develop Retain 32
33 What Are We Looking For? Source, fair use: Access Employ Develop Retain 33
34 Why? Source, fair use: Access Employ Develop Retain 34
35 Key Hiring Trends in Cybersecurity Companies are seeking certified candidates - 35% of positions required a certification Companies are seeking educated candidates - 80% of positions require a Bachelor s degree Hands-on skills are more valuable than managerial ones - Lead Software Developer average salary: $ 233,333 - Chief Security Officer average salary: $ 225,000 Openings are harder to fill - Cybersecurity openings remain open 8% longer than IT ones - Security clearances or financial sector experience is even harder to fill Next-generation gap - Younger generation is not as interested in cybersecurity, particularly women Access Employ Develop Retain 35
36 Developing the Cybersecurity Workforce Source, fair use: Access Employ Develop Retain 36
37 Developing the Cybersecurity Workforce Access Employ Develop Retain Source, fair use: 37
38 Retention Access Employ Develop Retain 38
39 Most Importantly Source: Access Employ Develop Retain 39
40 40
Cyber Threat Intelligence Standards - A high-level overview
Cyber Threat Intelligence Standards - A high-level overview Christian Doerr TU Delft, Cyber Threat Intelligence Lab Delft University of Technology Challenge the future ~ whoami At TU Delft since 2008 in
More informationWhich Side Are You On?
12/9/2015 ARE YOU THE NEXT CYBER WARRIOR? Maria S. Thompson State Chief Risk/Security Officer Which Side Are You On? 8/17/2015 2 Information Technology 2 1 Cyber Professionals Deficiency Statistics Cybersecurity
More informationToday s cyber threat landscape is evolving at a rate that is extremely aggressive,
Preparing for a Bad Day The importance of public-private partnerships in keeping our institutions safe and secure Thomas J. Harrington Today s cyber threat landscape is evolving at a rate that is extremely
More informationAn Aflac Case Study: Moving a Security Program from Defense to Offense
SESSION ID: CXO-W11 An Aflac Case Study: Moving a Security Program from Defense to Offense Tim Callahan SVP & Global CISO Aflac Threat Landscape Selected losses > 30,000 records (updated 10/15/16) Security
More informationSOC Summit June 6, Strengthening Capacity in Cyber Talent sans.org/cybertalent
SOC Summit 2017 June 6, 2017 Strengthening Capacity in Cyber Talent sans.org/cybertalent Increasing Sense of Urgency Cyber threats to U.S. national and economic security are increasing in frequency, scale,
More informationCenter for Internet Security Confidence in the Connected World
Center for Internet Security Confidence in the Connected World Northeast Headquarters 31 Tech Valley Dr., East Greenbush, NY 12061 Mid-Atlantic Headquarters 1700 North Moore St., Suite 2100, Arlington,
More information4/13/2018. Certified Analyst Program Infosheet
4/13/2018 Certified Analyst Program Infosheet Contents I. Executive Summary II. Training Framework III. Course Structure, Learning Outcomes, and Skills List IV. Sign-up and More Information Executive Summary
More informationTHE DARK WEB AND HOW IT AFFECTS YOUR INDUSTRY
SESSION ID: TV-T05 THE DARK WEB AND HOW IT AFFECTS YOUR INDUSTRY Jason H. Rivera Manager Cyber Threat Intelligence Deloitte & Touche LLP Twitter Handle: @Jason_JHR How well do we understand the Dark Web?
More informationAn Aflac Case Study: Moving a Security Program from Defense to Offense
SESSION ID: TTA-F02 An Aflac Case Study: Moving a Security Program from Defense to Offense Tim Callahan SVP & Global Chief Security Officer Aflac Threat Landscape Security risks are growing at a faster
More informationAbstract. The Challenges. ESG Lab Review Lumeta Spectre: Cyber Situational Awareness
ESG Lab Review Lumeta Spectre: Cyber Situational Awareness Date: September 2017 Author: Tony Palmer, Senior IT Validation Analyst Enterprise Strategy Group Getting to the bigger truth. Abstract ESG Lab
More informationWhy the Security Workforce Needs More Women and Men
Why the Security Workforce Needs More Women and Men ISSA International Conference Tammy Moskites, CIO/CISO, Venafi October 10, 2015 A Little Bit About Me 25+ Years in IT & Security Current CIO/CISO of
More informationStrategies for a Successful Security and Digital Transformation
#RSAC SESSION ID: GPS-F02A Strategies for a Successful Security and Digital Transformation Jonathan Nguyen-Duy Vice President, Strategic Programs jnguyenduy@fortinet.com AGENDA 2017 Digital transformation
More informationOpening Doors to Cyber and Homeland Security Careers
Opening Doors to Cyber and Homeland Security Careers Opening Doors to Cyber and Homeland Security Careers Today s Presenters: Frederic Lemieux, Ph.D. Professor and Program Director, Cybersecurity Strategy
More informationC T I A CERTIFIED THREAT INTELLIGENCE ANALYST. EC-Council PROGRAM BROCHURE. Certified Threat Intelligence Analyst 1. Certified
EC-Council C T Certified I A Threat Intelligence Analyst CERTIFIED THREAT INTELLIGENCE ANALYST PROGRAM BROCHURE 1 Predictive Capabilities for Proactive Defense! Cyber threat incidents have taken a drastic
More informationHow Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity
How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity Why is the NIST framework important? GOH Seow Hiong Executive Director, Global Policy & Government Affairs, Asia Pacific
More informationManaged Enterprise Phishing Protection. Comprehensive protection delivered 24/7 by anti-phishing experts
Managed Enterprise Phishing Protection Comprehensive protection delivered 24/7 by anti-phishing experts MANAGED ENTERPRISE PHISHING PROTECTION 24/7 expert protection against phishing attacks that get past
More informationCCNA Cybersecurity Operations 1.1 Scope and Sequence
CCNA Cybersecurity Operations 1.1 Scope and Sequence Last updated June 18, 2018 Introduction Today's organizations are challenged with rapidly detecting cybersecurity breaches and effectively responding
More informationCCNA Cybersecurity Operations. Program Overview
Table of Contents 1. Introduction 2. Target Audience 3. Prerequisites 4. Target Certification 5. Curriculum Description 6. Curriculum Objectives 7. Virtual Machine Requirements 8. Course Outline 9. System
More informationCyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships. from the most trusted name in information security
CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships About SANS The SANS (SysAdmin, Audit, Network, Security) Institute Established in 1989 Cooperative research
More informationStrengthening Capacity in Cyber Talent sans.org/cybertalent
SANS Security Awareness Summit August 4th, 2016 Strengthening Capacity in Cyber Talent sans.org/cybertalent Cybersecurity: The Current State Skills Mismatch Emphasis on theory over practice Education focus
More informationCyber Security Advanced Education: Preparing the Emerging Workforce
Cyber Security Advanced Education: Preparing the Emerging Workforce Scott vonfischer, CISO We are all apprentices in a craft where no one ever becomes a master. Ernest Hemingway A Unique Perspective on
More informationInnovative Public/Private Partnership Approaches for Cybersecurity Workforce Development
Innovative Public/Private Partnership Approaches for Cybersecurity Workforce Development Eman El-Sheikh, Ph.D. Rajni Goel, Ph.D. Lori Gordon, MPA, PMP Kevin Hofstra, Chief Technology Officer 1 Why an Expanding
More information10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND
More informationCyber Threat Intelligence Debbie Janeczek May 24, 2017
Cyber Threat Intelligence Debbie Janeczek May 24, 2017 AGENDA Today s Cybersecurity Challenges What is Threat Intelligence? Data, Information, Intelligence Strategic, Operational and Tactical Threat Intelligence
More informationSecurity Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:
Position: Reports to: Location: Security Monitoring Engineer / (NY or NC) Director, Information Security New York, NY or Winston-Salem, NC Position Summary: The Clearing House (TCH) Information Security
More informationCROWDSTRIKE FALCON FOR THE PUBLIC SECTOR
C R O W D S T R I K E P U B L I C S E C T O R S O L U T I O N S CROWDSTRIKE FALCON FOR THE PUBLIC SECTOR SECURE YOUR ENTERPRISE WITH A THAT PROVIDES UNRIVALED PROTECTION, SECURITY EXPERTISE, AND OPTIMAL
More informationAchieving & Measuring the Value of Cyber Threat Information Sharing. Lindsley Boiney, Clem Skorupka (presenting)
Achieving & Measuring the Value of Cyber Threat Information Sharing Lindsley Boiney, Clem Skorupka (presenting) The MITRE Corporation 2018 International Information Sharing Conference McLean, VA 2 Acknowledgements
More informationFTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.
FTA 2017 SEATTLE Cybersecurity and the State Tax Threat Environment 1 Agenda Cybersecurity Trends By the Numbers Attack Trends Defensive Trends State and Local Intelligence What Can You Do? 2 2016: Who
More informationCYBER HUNTING. 4 th Annual Interdisciplinary Cyber Crime Conference Michigan State University March 3, Dr. Nicole Beebe, Ph.D.
CYBER HUNTING 4 th Annual Interdisciplinary Cyber Crime Conference Michigan State University March 3, 2017 Dr. Nicole Beebe, Ph.D. CISSP, CCFP, EnCE, ACE Department of Information Systems and Cyber Security
More informationPanelists. Moderator: Dr. John H. Saunders, MITRE Corporation
SCADA/IOT Panel This panel will focus on innovative & emerging solutions and remaining challenges in the cybersecurity of industrial control systems ICS/SCADA. Representatives from government and infrastructure
More informationThe Cyber Threat. Bob Gourley, Partner, Cognitio June 22, How we think. 1
The Cyber Threat Bob Gourley, Partner, Cognitio June 22, 2016 How we think. 1 About This Presentation Based on decades of experience in cyber conflict Including cyber defense, cyber intelligence, cyber
More informationProject 2020: Preparing Your Organization for Future Threats Today
Project 2020: Preparing Your Organization for Future Threats Today SESSION ID: STU-W01B Rik Ferguson Vice President Security Research Trend Micro @rik_ferguson PROJECT 2020 An initiative of the International
More informationCyber Security: It s all about TRUST
www.pwc.com/vn Cyber Security: It s all about TRUST 29 th March 2017 Robert Tran Cybersecurity leader, Vietnam Content s Digital IQ Survey 1 Current state of Cybersecurity in Vietnam 2 2 Our global team
More informationCYBERSECURITY. Protecting Against the Financial, Regulatory and Reputational Impacts of Cyber Attack
CYBERSECURITY Protecting Against the Financial, Regulatory and Reputational Impacts of Cyber Attack An Interview with the Department of Homeland Security s Office of Cybersecurity Since government agencies
More informationNY State s Cybersecurity Legislation Requirements for Risk Management, Security of Applications, and the Appointed CISO
NY State s Cybersecurity Legislation Requirements for Risk Management, Security of Applications, and the Appointed CISO June 28, 2017 Alan Calder IT Governance Ltd www.itgovernanceusa.com PLEASE NOTE THAT
More informationCyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS
Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Continual disclosed and reported
More informationSecurity in India: Enabling a New Connected Era
White Paper Security in India: Enabling a New Connected Era India s economy is growing rapidly, and the country is expanding its network infrastructure to support digitization. India s leapfrogging mobile
More informationRSA ADVANCED SOC SERVICES
RSA ADVANCED SOC SERVICES Consulting services to improve threat detection and response EXECUTIVE SUMMARY A holistic approach to enhanced cybersecurity operations This service is for organizations needing
More informationSemantic Cyberthreat Modelling
Semantic Cyberthreat Modelling Siri Bromander mnemonic siri@mnemonic.no Audun Jøsang University of Oslo josang@ifi.uio.no Martin Eian mnemonic meian@mnemonic.no Abstract Cybersecurity is a complex and
More informationDATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE
DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE EXECUTIVE SUMMARY ALIGNING CYBERSECURITY WITH RISK The agility and cost efficiencies
More informationWINNING THE WAR FOR CYBER TALENT
WINNING THE WAR FOR CYBER TALENT National Initiative for Cyber Education (NICE) Conference Keynote NOVEMBER 2017 AGENDA CYBER TALENT SUPPLY VS. DEMAND MULTIDIMENSIONAL APPROACH TO ADDRESS THE SUPPLY /
More informationU.S. Department of Homeland Security Office of Cybersecurity & Communications
U.S. Department of Homeland Security Office of Cybersecurity & Communications Council of State Governments Cybersecurity Session November 3, 2017 Cybersecurity & Communications (CS&C) CS&C s Mission ensure
More informationAmerican Association of Port Authorities Port Security Seminar & Expo Cyber Security Preparedness and Resiliency in the Marine Environment
American Association of Port Authorities Port Security Seminar & Expo Cyber Security Preparedness and Resiliency in the Marine Environment July 20, 2017 DECIDEPLATFORM.COM The new Reality of Cyber Security
More informationITU CBS. Digital Security Capacity Building: Role of the University GLOBAL ICT CAPACITY BUILDING SYMPOSIUM SANTO DOMINGO 2018
GLOBAL ICT CAPACITY BUILDING SYMPOSIUM ITU CBS SANTO DOMINGO 2018 Digital Capacity Building: Role of the University 18 20 June 2018 Santo Domingo, Dominican Republic Dr. Nizar Ben Neji Faculty of Sciences
More informationBREACHES HAPPEN: BE PREPARED. Endpoint Detection & Response
BREACHES HAPPEN: BE PREPARED. Endpoint Detection & Response INTRO PROTECT YOUR BUSINESS AND ITS DATA AGAINST ADVANCED ATTACKS Effective pre-compromise threat prevention is the cornerstone of cyber security,
More informationAdvanced Cyber Topics
International Academy, Research, and Industry Association (IARIA) Tutorial Advanced Cyber Topics Tutorial Session I Instructors: Dr. Thomas J. Klemas and Dr. Steve Chan 18 November 2018 Tutorial Syllabus
More informationPut an end to cyberthreats
Put an end to cyberthreats Automated and centralized Advanced Security CORPORATE CYBERSECURITY Who is behind cyberthreats?1 73% 28% 12% 50% What is the cost to companies? Global cost: $600,000 M3 Cost
More informationCYBER THREAT INTEL: A STATE OF MIND. Internal Audit, Risk, Business & Technology Consulting
CYBER THREAT INTEL: A STATE OF MIND Internal Audit, Risk, Business & Technology Consulting WHO ARE WE? Randy Armknecht, CISSP, EnCE Protiviti Director - IT Consulting randy.armknecht@protiviti.com Albin
More informationCTI Capability Maturity Model Marco Lourenco
1 CTI Capability Maturity Model Cyber Threat Intelligence Course NIS Summer School 2018, Crete October 2018 MARCO LOURENCO - ENISA Cyber Security Analyst Lead European Union Agency for Network and Information
More informationSECURITY OPERATIONS CENTER BUY BUILD BUY. vs. Which Solution is Right for You?
SECURITY OPERATIONS CENTER BUY vs. BUILD BUY Which Solution is Right for You? How Will You Protect Against Today s Cyber Threats? As cyber-attacks become more frequent and more devastating, many organizations
More informationThe UK s National Cyber Security Strategy
The UK s National Cyber Security Strategy 2016 2021 Vision for 2021: The UK is secure and resilient to cyber threats, prosperous and confident in the digital world 1 National Cyber Security Strategy 2016
More informationCurrent skills gap for capable CTI analysts: Training for forensics & analysis
Current skills gap for capable CTI analysts: Training for forensics & analysis WORKSHOP CTI EU Bonding EU Cyber Threat Intelligence 30-31 October, Link Campus University, Rome, Italy Ing. Selene Giupponi
More informationNISTCSF.COM. NIST Cybersecurity Framework (NCSF) Workforce Development Solutions
NISTCSF.COM NIST Cybersecurity Framework (NCSF) Workforce Development Solutions AGENDA The Cybersecurity Threat Landscape The Cybersecurity Challenge NIST Cybersecurity Framework NICE Cybersecurity Workforce
More informationTechnical Brief: Domain Risk Score Proactively uncover threats using DNS and data science
Technical Brief: Domain Risk Score Proactively uncover threats using DNS and data science 310 Million + Current Domain Names 11 Billion+ Historical Domain Profiles 5 Million+ New Domain Profiles Daily
More informationCYBER SOLUTIONS & THREAT INTELLIGENCE
CYBER SOLUTIONS & THREAT INTELLIGENCE STRENGTHEN YOUR DEFENSE DarkTower is a global advisory firm focused on security for some of the world s leading organizations. Our security services, along with real-world
More informationTHE ACCENTURE CYBER DEFENSE SOLUTION
THE ACCENTURE CYBER DEFENSE SOLUTION A MANAGED SERVICE FOR CYBER DEFENSE FROM ACCENTURE AND SPLUNK. YOUR CURRENT APPROACHES TO CYBER DEFENSE COULD BE PUTTING YOU AT RISK Cyber-attacks are increasingly
More informationRethinking Cybersecurity from the Inside Out
Rethinking Cybersecurity from the Inside Out An Engineering and Life Cycle-Based Approach for Building Trustworthy Resilient Systems Dr. Ron Ross Computer Security Division Information Technology Laboratory
More informationQualification Specification. Level 2 Award in Cyber Security Awareness For Business
Qualification Specification Level 2 Award in Cyber Security Awareness For Business ProQual 2016 Contents Page Introduction 3 Qualification profile 3 Centre requirements 4 Support for candidates 4 Assessment
More informationCybersecurity, Trade, and Economic Development
Cybersecurity, Trade, and Economic Development G7 ICT Priorities: Technology, Innovation, and the Global Economy UNCTAD E-Commerce Week Danielle Kriz Senior Director, Global Policy Palo Alto Networks April
More informationHacker Academy UK. Black Suits, White Hats!
Hacker Academy UK Black Suits, White Hats! Cyber Security Training and Services Do your devices Protect you against Cyber-attacks? Chinese hackers have allegedly stolen 50 terabytes of data on F-35 aircraft,
More informationUK Gender Pay Gap Report 2018
UK Gender Pay Gap Report 2018 As part of McAfee s commitment to build a better, more balanced workplace and community, we wholly embrace the UK Gender Pay Gap report. This year s calculations cover our
More informationCybersecurity for Health Care Providers
Cybersecurity for Health Care Providers Montgomery County Medical Society Provider Meeting February 28, 2017 T h e MARYLAND HEALTH CARE COMMISSION Overview Cybersecurity defined Cyber-Threats Today Impact
More informationSUMMARY DEPARTMENT OF DEFENSE CYBER STRATEGY
SUMMARY DEPARTMENT OF DEFENSE CYBER STRATEGY This page left intentionally blank INTRODUCTION American prosperity, liberty, and security depend upon open and reliable access to information. The Internet
More informationSTUDENT LEARNING OUTCOMES Beacom College of Computer and Cyber Sciences
STUDENT LEARNING OUTCOMES Beacom College of Computer and Cyber Sciences Undergraduate Programs - Bachelor B.S. Computer Game Design Upon completion of the B.S. degree in Computer Game Design, students
More informationIncident Response Services to Help You Prepare for and Quickly Respond to Security Incidents
Services to Help You Prepare for and Quickly Respond to Security Incidents The Challenge The threat landscape is always evolving and adversaries are getting harder to detect; and with that, cyber risk
More informationAre we breached? Deloitte's Cyber Threat Hunting
Are we breached? Deloitte's Cyber Threat Hunting Brochure / report title goes here Section title goes here Have we been breached? Are we exposed? How do we proactively detect an attack and minimize the
More informationWhite Paper. Why IDS Can t Adequately Protect Your IoT Devices
White Paper Why IDS Can t Adequately Protect Your IoT Devices Introduction As a key component in information technology security, Intrusion Detection Systems (IDS) monitor networks for suspicious activity
More informationAbout Me. SCADA and Me: A Book for Children and Management Little Bobby
ICS Active Defense About Me Robert M. Lee (@RobertMLee) AF Cyber Warfare Operations Officer My views/comments definitely only represent me Co-Founder Dragos Security LLC SANS ICS 515 Course Author SANS
More informationThis first article in the series covers Imperative 1 for cybersecurity success in
Four Imperatives for Cybersecurity Success in the Digital Age: We Must Flip the Scales Major General John Davis, USA, Ret PART ONE OF A FOUR PART SERIES* Having joined Palo Alto Networks following a 35-year
More informationISACA West Florida Chapter - Cybersecurity Event
ISACA West Florida Chapter - Cybersecurity Event Presented by Sri Sridharan Managing Director & Chief Operating Officer Florida Center for Cybersecurity CURRENT TRENDS Top Cybersecurity Trends of 2015
More informationCybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City
1 Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City The opinions expressed are those of the presenters and are not those of the Federal Reserve Banks, the
More informationHUNTING AND RESPONDING TO INDUSTRIAL INTRUSIONS
HUNTING AND RESPONDING TO INDUSTRIAL INTRUSIONS Hunting and Responding to Industrial Intrusions, Dragos, Inc., Hanover, MD, 1 March 2018 TABLE OF CONTENTS 2017: A YEAR IN HUNTING AND RESPONDING.......
More informationTrends in Cybersecurity in the Water Industry A Strategic Approach to Mitigate Control System Risk
Trends in Cybersecurity in the Water Industry A Strategic Approach to Mitigate Control System Risk Standards Certification Education & Training Publishing Conferences & Exhibits Steve Liebrecht W/WW Industry
More informationPREPARE & PREVENT. The SD Comprehensive Cybersecurity Portfolio for Business Aviation
PREPARE & PREVENT The SD Comprehensive Cybersecurity Portfolio for Business Aviation SD CYBERSECURITY SERVICES At SD, security isn t a slogan, it is our culture. Just because you are in a business jet
More informationNISTCSF.COM. NIST Cybersecurity Framework (NCSF) Workforce Development Solutions
NISTCSF.COM NIST Cybersecurity Framework (NCSF) Workforce Development Solutions AGENDA The Cybersecurity Threat Landscape The Cybersecurity Challenge NIST Cybersecurity Framework NICE Cybersecurity Workforce
More informationSharing What Matters. Accelerating Incident Response and Threat Hunting by Sharing Behavioral Data
Sharing What Matters Accelerating Incident Response and Threat Hunting by Sharing Behavioral Data Dan Gunter, Principal Threat Analyst Marc Seitz, Threat Analyst Dragos, Inc. August 2018 Today s Talk at
More informationBuilding a Threat Intelligence Program
WHITE PAPER Building a Threat Intelligence Program Research findings on best practices and impact www. Building a Threat Intelligence Program 2 Methodology FIELD DATES: March 30th - April 4th 2018 351
More informationCybersecurity Workshop: Critical Cybersecurity Education & Professional Development
Cybersecurity Workshop: Critical Cybersecurity Education & Professional Development Ben Scribner, Program Manager Department of Homeland Security (DHS) National Cybersecurity Education & Awareness Branch
More informationDepartment of Homeland Security Updates
American Association of State Highway and Transportation Officials Special Committee on Transportation Security and Emergency Management 2016 Critical Infrastructure Committee Joint Annual Meeting Department
More informationNetherlands Cyber Security Strategy. Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice
Netherlands Cyber Security Strategy Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice 1 Netherlands: small country, big time vulnerable #1 80% online banking 95% youth uses
More informationISACA MOSCOW CHAPTER Chapter meeting 22 September 2016
ISACA MOSCOW CHAPTER Chapter meeting 22 September 2016 Introduction Special guest speaker ISACA Audit committee member, Rosemary Amato Open dialog Wrap-up and close Special guest speaker CISA, CMA, CPA,
More informationCybersecurity Job Seekers
Cybersecurity Job Seekers 2018 Insights and Trends David Shearer, CISSP (ISC)² CEO 3 Who s This Guy?» Lead (ISC)² Certified CISSP» 30 years experience Public sector CIO, architecture, security, engineering
More informationTHE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION
BREACH & ATTACK SIMULATION THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION Cymulate s cyber simulation platform allows you to test your security assumptions, identify possible security gaps and receive
More informationFrom Managed Security Services to the next evolution of CyberSoc Services
From Managed Security Services to the next evolution of CyberSoc Services Gianluca Busco Arré Country Manager pandasecurity.com MSSP / MDR Where the Industry is going leaders and laggers MSSP industry
More informationTest and Evaluation. The Key to Successful Acquisition Outcomes. Steve Hutchison. 3 October Director Office of Test and Evaluation
Test and Evaluation The Key to Successful Acquisition Outcomes 3 October 2017 Steve Hutchison Director Office of Test and Evaluation DHS Test & Evaluation Year in Review USCG Fast Response Cutter FOT&E
More informationCompTIA Cybersecurity Analyst+
CompTIA Cybersecurity Analyst+ Course CT-04 Five days Instructor-Led, Hands-on Introduction This five-day, instructor-led course is intended for those wishing to qualify with CompTIA CSA+ Cybersecurity
More informationSecuring Digital Transformation
September 4, 2017 Securing Digital Transformation DXC Security Andreas Wuchner, CTO Security Innovation Risk surface is evolving and increasingly complex The adversary is highly innovative and sophisticated
More informationStrengthening the Cybersecurity of Federal Networks and Critical Infrastructure:
This document is scheduled to be published in the Federal Register on 07/12/2017 and available online at https://federalregister.gov/d/2017-14553, and on FDsys.gov Billing Code: 3510-13 DEPARTMENT OF COMMERCE
More informationMANAGING CYBER RISK: THE HUMAN ELEMENTS OF CYBERSECURITY
19 MAY 2016 MANAGING CYBER RISK: THE HUMAN ELEMENTS OF CYBERSECURITY CHRIS FURLOW PRESIDENT RIDGE GLOBAL cfurlow@ridgeglobal.com www.ridgeglobal.com ABOUT RIDGE GLOBAL Ridge Global is the risk management
More informationDHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017
DHS Cybersecurity Election Infrastructure as Critical Infrastructure June 2017 Department of Homeland Security Safeguard the American People, Our Homeland, and Our Values Homeland Security Missions 1.
More informationCybersecurity Risk Mitigation: Protect Your Member Data. Introduction
Cybersecurity Risk Mitigation: Protect Your Member Data Presented by Matt Mitchell, CISSP Knowledge Consulting Group Introduction Matt Mitchell- Director Risk Assurance 17 years information security experience
More informationRohana Palliyaguru Director -Operations Sri Lanka CERT CC APCERT AGM and Conference, 24 th October 2018 Shanghai, China MINISTRY OF TELECOMMUNICATION
Rohana Palliyaguru Director -Operations Sri Lanka CERT CC APCERT AGM and Conference, 24 th October 2018 Shanghai, China SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE Agenda o About Sri
More informationIntroducing Maryville University s CYBER SECURITY ONLINE PROGRAMS. Bachelor of Science in Cyber Security & Master of Science in Cyber Security
Introducing Maryville University s CYBER SECURITY ONLINE PROGRAMS Bachelor of Science in Cyber Security & Master of Science in Cyber Security The cyber security industry is calling for more experts. And
More informationSECURITY AUTOMATION BEST PRACTICES. A Guide on Making Your Security Team Successful with Automation SECURITY AUTOMATION BEST PRACTICES - 1
SECURITY AUTOMATION BEST PRACTICES A Guide on Making Your Security Team Successful with Automation SECURITY AUTOMATION BEST PRACTICES - 1 Introduction The best security postures are those that are built
More informationATT&CKing The Command Line & Hunting For More
ATT&CKing The Command Line & Hunting For More Evan Gaustad Principal Threat Detection Engineer LogicHub Agenda Threat Hunting Automation Motivation MITRE ATT&CK & LOLBAS Process Execution Logs Artificial
More informationEvolving the Security Strategy for Growth. Eric Schlesinger Global Director and CISO Polaris Alpha
Evolving the Security Strategy for Growth Eric Schlesinger Global Director and CISO Polaris Alpha Evolving the Security Strategy for Growth Where Do We Start? Our History, Making History In late 2016,
More informationCybersecurity Myths & Fallacies. John Gomez
Cybersecurity Myths & Fallacies John Gomez About Sensato 2013 Sensato is founded by John Gomez, ex-cto/president of AllScripts and CTO of WebMD. 2014 Sensato launches its Risk Assessment Workshop program
More informationCybersecurity in Government
Cybersecurity in Government Executive Development Course: Digital Government Ng Lup Houh, Principal Cybersecurity Specialist Cybersecurity Group 03 April 2018 Agenda Cyber Threats & Vulnerabilities Cyber
More informationSimplify, Streamline and Empower Security with ISecOps
Simplify, Streamline and Empower Security with ISecOps Matthew O Brien Senior Global Product Manager Cybersecurity DXC.technology 1 What is Integrated Security Operations (ISecOps)? Intelligence Driven,
More informationWater Information Sharing and Analysis Center
SUPERCHARGE YOUR SECURITY Water Information Sharing and Analysis Center DHS Hunt and Incident Response Team September 12, 2018 SUPERCHARGE YOUR SECURITY Presenter Brian Draper, DHS NCCIC HIRT Slides and
More information