MIMOSA. PMA-209 Industry Day and FACE Exhibition/TIM Event. October 17, Mr. Matthew Baxter
|
|
- Marilynn Warner
- 5 years ago
- Views:
Transcription
1 MIMOSA PMA-209 Industry Day and FACE Exhibition/TIM Event October 17, 2017 Mr. Matthew Baxter Research Engineer I Georgia Tech Research Institute ELSYS ESID OSSB WARNING - This document contains technical data whose export is restricted by the Arms Export Control Act (Title 22, U.S.C., Sec et seq.) or Executive Order Violations of these export laws are subject to severe criminal penalties. Disseminate in accordance with provisions of DOD Directive Copyright by Georgia Tech Applied Research Corporation, 2017 ELSYS-ESID-OSSB / PMA-209 Industry Day / PAGE 1
2 Overview BLUF: FACE enables the development of portable cybersecurity solutions for avionics ELSYS-ESID-OSSB / PMA-209 Industry Day / PAGE 2
3 Cybersecurity for Avionics Two ways to address cybersecurity requirements: - Access controls and boundary defenses controlling the flow of data between components; e.g. Multi-Level Security paradigms - Run-time detection and recovery the assumption is that the system is actively being exploited and the goal is to respond autonomously and effectively Open Architectures present additional challenges Objective: Develop an Intrusion Prevention System (IPS) framework that leverages features of FACE ELSYS-ESID-OSSB / PMA-209 Industry Day / PAGE 3
4 Motivation Example scenario: UAV on mission is under a cyber-attack Malicious intruder has gained access to the flight system and is attempting to take control of the UAV An Intrusion Prevention System (IPS) must be put in place to stop the attack Detection vs. Prevention ELSYS-ESID-OSSB / PMA-209 Industry Day / PAGE 4
5 Approach Requirements - Address attack vectors beyond traditional TCP/IP-based Intrusion Prevention Systems - Easy for integrators to tailor to their systems - Scalable Implement mock-system - Incorporates the IPS framework - Explore and demonstrate the feasibility of mitigating a cyberattack ELSYS-ESID-OSSB / PMA-209 Industry Day / PAGE 5
6 Malicious Intrusion Monitor for Open Software Architectures (MIMOSA) Diagnosis rules defined in terms of a FACE Data Model Utilizes Transport Services (TS) interfaces between software components to forward messages to the Intrusion Monitor Leverages interfaces for Health Monitoring and Fault Management (HMFM) for recovery actions ELSYS-ESID-OSSB / PMA-209 Industry Day / PAGE 6
7 MIMOSA Architecture ELSYS-ESID-OSSB / PMA-209 Industry Day / PAGE 7
8 MIMOSA Architecture ELSYS-ESID-OSSB / PMA-209 Industry Day / PAGE 8
9 MIMOSA Intrusion Model Artifact for configuring system-specific intrusion prevention behavior Specifies which data to monitor or ignore Specifies diagnosis rules and which recovery action to invoke for a particular diagnosis Enables flexibility and portability of the Intrusion Monitor software component ELSYS-ESID-OSSB / PMA-209 Industry Day / PAGE 9
10 MIMOSA Checkpoints ELSYS-ESID-OSSB / PMA-209 Industry Day / PAGE 10
11 MIMOSA Intrusion Monitor Isolated from the rest of the system except through the reporting and recovery interfaces Database - Manage large volumes of data - Only query data necessary for the evaluation of specific diagnosis rules Expert System - Emulates the decision-making ability of a human expert by applying predefined rules to incoming information - C-Language Integrated Production System (CLIPS) - Open source, originally developed by NASA ELSYS-ESID-OSSB / PMA-209 Industry Day / PAGE 11
12 MIMOSA Intrusion Monitor ELSYS-ESID-OSSB / PMA-209 Industry Day / PAGE 12
13 Extending MIMOSA Intrusion Model Tool - Simplified interface to create diagnosis rules - Code generation for MIMOSA Checkpoints - Code generation for MIMOSA Recovery Actions ELSYS-ESID-OSSB / PMA-209 Industry Day / PAGE 13
14 Demonstration Mock UAV system and simulation - Software components aligned with FACE Architecture - One component has a vulnerability that can be hacked to take control of the UAV - MIMOSA responds by Detecting the deviation from the specified flight path, Terminating the offending component, and Replacing it with a failsafe component that flies the UAV back to base out of harm s way ELSYS-ESID-OSSB / PMA-209 Industry Day / PAGE 14
15 Conclusion FACE features can be leveraged for an IPS: - Standardized interfaces provide location to implement intrusion detection and prevention mechanisms - FACE Data Models provide a semantic interpretation of data for defining diagnostic rules Using FACE, systems can decrease future development effort to integrate security solutions such as MIMOSA FACE enables the development of portable cybersecurity solutions for avionics ELSYS-ESID-OSSB / PMA-209 Industry Day / PAGE 15
16 POC Information Matt Baxter ELSYS-ESID-OSSB / PMA-209 Industry Day / PAGE 16
17 Backup Slides ELSYS-ESID-OSSB / PMA-209 Industry Day / PAGE 17
18 Demonstration ELSYS-ESID-OSSB / PMA-209 Industry Day / PAGE 18
19 MIMOSA Checkpoints ELSYS-ESID-OSSB / PMA-209 Industry Day / PAGE 19
20 CLIPS Example ELSYS-ESID-OSSB / PMA-209 Industry Day / PAGE 20
NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS
NERC CIP VERSION 6 COMPLIANCE BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements
More informationSecuring Industrial Control Systems
L OCKHEED MARTIN Whitepaper Securing Industrial Control Systems The Basics Abstract Critical infrastructure industries such as electrical power, oil and gas, chemical, and transportation face a daunting
More informationStephanie Zierten Associate Counsel Federal Reserve Bank of Boston
Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston Cybersecurity Landscape Major Data Breaches (e.g., OPM, IRS) Data Breach Notification Laws Directors Derivative Suits Federal Legislation
More informationDigital Forensic Science: Ideas, Gaps and the Future. Dr. Joshua I. James
Digital Forensic Science: Ideas, Gaps and the Future Dr. Joshua I. James Joshua@cybercrimetech.com 2015-08-09 Overview Digital Forensic Science where are we now? Past Present Where are we going? Future
More informationCyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships. from the most trusted name in information security
CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships About SANS The SANS (SysAdmin, Audit, Network, Security) Institute Established in 1989 Cooperative research
More informationFAA Cybersecurity Test Facility (CyTF) By: Enterprise Information Security Team ANG-B31 Patrick Hyle, William J Hughes Technical Center
FAA Cybersecurity Test Facility (CyTF) By: Enterprise Information Security Team ANG-B31 Patrick Hyle, William J Hughes Technical Center Date: 08 August, 2016 1 2 3 4 5 6 7 8 2 FAA Provides Aviation Portion
More informationCybersecurity vs. Cyber Survivability: A Paradigm Shift
U.S. ARMY EVALUATION CENTER Cybersecurity vs. Cyber Survivability: A Paradigm Shift March 8, 2018 BLUF The T&E community should stop using the term cybersecurity when what we mean is cyber survivability
More informationCyber Security For Utilities Risks, Trends & Standards. IEEE Toronto March 22, Doug Westlund Senior VP, AESI Inc.
Cyber Security For Utilities Risks, Trends & Standards IEEE Toronto March 22, 2017 Doug Westlund Senior VP, AESI Inc. Agenda Cyber Security Risks for Utilities Trends & Recent Incidents in the Utility
More informationTECHNICAL MANUAL COCKPIT VOICE / FLIGHT DATA RECORDER DOWNLOAD PROCEDURES FOR INTEGRATED VEHICLE HEALTH MANAGEMENT SYSTEM (IVHMS) U.S.
PD 2006-034FDR REV-1 15 April 2008 TECHNICAL MANUAL COCKPIT VOICE / FLIGHT DATA RECORDER DOWNLOAD PROCEDURES FOR INTEGRATED VEHICLE HEALTH MANAGEMENT SYSTEM (IVHMS) U.S. ARMY UH-60A/L P/N K277-0101 (IVHMS
More informationSymantec Security Monitoring Services
24x7 real-time security monitoring and protection Protect corporate assets from malicious global threat activity before it impacts your network. Partnering with Symantec skilled and experienced analysts
More information2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager
2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager NIST Cybersecurity Framework (CSF) Executive Order 13636 Improving Critical Infrastructure Cybersecurity tasked the National
More informationFailure Diagnosis and Cyber Intrusion Detection in Transmission Protection System Assets Using Synchrophasor Data
Failure Diagnosis and Cyber Intrusion Detection in Transmission Protection System Assets Using Synchrophasor Data Anurag Srivastava, Bo Cui, P. Banerjee Washington State University NASPI March 2017 Outline
More informationHacking and Cyber Espionage
Hacking and Cyber Espionage September 19, 2013 Prophylactic and Post-Breach Concerns for In-House Counsel Raymond O. Aghaian, McKenna Long & Aldridge LLP Elizabeth (Beth) Ferrell, McKenna Long & Aldridge
More informationMedical Device Cybersecurity: FDA Perspective
Medical Device Cybersecurity: FDA Perspective Suzanne B. Schwartz MD, MBA Associate Director for Science and Strategic Partnerships Office of the Center Director (OCD) Center for Devices and Radiological
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Host Intrusion The Host Intrusion employs a response to a perceived incident of interference on a host-based system
More informationCybersecurity Auditing in an Unsecure World
About This Course Cybersecurity Auditing in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that cybersecurity
More informationAn Operational Cyber Security Perspective on Emerging Challenges. Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL)
An Operational Cyber Security Perspective on Emerging Challenges Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL) Johns Hopkins University Applied Physics Lab (JHU/APL) University
More informationBe Secure! Computer Security Incident Response Team (CSIRT) Guide. Plan Establish Connect. Maliha Alam Mehreen Shahid
Computer Security Incident Response Team (CSIRT) Guide Maliha Alam Mehreen Shahid Plan Establish Connect Be Secure! CSIRT Coordination Center Pakistan 2014 i Contents 1. What is CSIRT?... 1 2. Policy,
More informationThe GenCyber Program. By Chris Ralph
The GenCyber Program By Chris Ralph The Mission of GenCyber Provide a cybersecurity camp experience for students and teachers at the K-12 level. The primary goal of the program is to increase interest
More informationHIPAA COMPLIANCE WHAT YOU NEED TO DO TO ENSURE YOU HAVE CYBERSECURITY COVERED
HIPAA COMPLIANCE WHAT YOU NEED TO DO TO ENSURE YOU HAVE CYBERSECURITY COVERED HEALTHCARE ORGANIZATIONS ARE UNDER INTENSE SCRUTINY BY THE US FEDERAL GOVERNMENT TO ENSURE PATIENT DATA IS PROTECTED Within
More informationImproving SCADA System Security
Improving SCADA System Security NPCC 2004 General Meeting Robert W. Hoffman Manager, Cyber Security Research Department Infrastructure Assurance and Defense Systems National Security Division, INEEL September
More informationALIGNING CYBERSECURITY AND MISSION PLANNING WITH ADVANCED ANALYTICS AND HUMAN INSIGHT
THOUGHT PIECE ALIGNING CYBERSECURITY AND MISSION PLANNING WITH ADVANCED ANALYTICS AND HUMAN INSIGHT Brad Stone Vice President Stone_Brad@bah.com Brian Hogbin Distinguished Technologist Hogbin_Brian@bah.com
More informationCYBER ASSISTANCE TEAM OVERVIEW BRIEFING
CYBER ASSISTANCE TEAM OVERVIEW BRIEFING By Mr. Derek Fleischmann Cyber Assistance Team Missile Defense Agency May 16, 2018 Agenda Introduction MDA CAT Operations MDA CAT Deployment Expectations Administrative
More informationArchitectural Support for Mode-Driven Fault Tolerance in Distributed Applications
Architectural Support for in Distributed Applications Deepti Srivastava and Priya Narasimhan Department of Electrical and Computer Engineering University Pittsburgh, PA, USA Motivation Fault tolerance
More informationThe Cyber Threat. Bob Gourley, Partner, Cognitio June 22, How we think. 1
The Cyber Threat Bob Gourley, Partner, Cognitio June 22, 2016 How we think. 1 About This Presentation Based on decades of experience in cyber conflict Including cyber defense, cyber intelligence, cyber
More informationTool-Supported Cyber-Risk Assessment
Tool-Supported Cyber-Risk Assessment Security Assessment for Systems, Services and Infrastructures (SASSI'15) Bjørnar Solhaug (SINTEF ICT) Berlin, September 15, 2015 1 Me Bjørnar Solhaug Bjornar.Solhaug@sintef.no
More informationHeavy Vehicle Cyber Security Bulletin
Heavy Vehicle Cyber Security Update National Motor Freight Traffic Association, Inc. 1001 North Fairfax Street, Suite 600 Alexandria, VA 22314 (703) 838-1810 Heavy Vehicle Cyber Security Bulletin Bulletin
More informationData to Decisions Terminate, Tolerate, Transfer, or Treat
I N S T I T U T E F O R D E F E N S E A N A L Y S E S Data to Decisions Terminate, Tolerate, Transfer, or Treat Laura A. Odell 25 July 2016 Approved for public release; distribution is unlimited. IDA Non-Standard
More informationDecember 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development
December 10, 2014 Statement of the Securities Industry and Financial Markets Association Senate Committee on Banking, Housing, and Urban Development Hearing Entitled Cybersecurity: Enhancing Coordination
More informationSymantec Ransomware Protection
Symantec Ransomware Protection Protection Against Ransomware Defense in depth across all control points is required to stop ransomware @ Email Symantec Email Security.cloud, Symantec Messaging Gateway
More informationCybersecurity and Data Privacy
DECEMBER 2015 NO. 2 Cybersecurity and Data Privacy Landmark Cybersecurity Legislation Included in Omnibus Package Action Item: Congress included the Cybersecurity Act of 2015 (the Act ) in the Consolidated
More informationEC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led
EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led Certification: Certified Network Defender Exam: 312-38 Course Description This course is a vendor-neutral, hands-on,
More informationBoston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018
Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security BRANDEIS UNIVERSITY PROFESSOR ERICH SCHUMANN MAY 2018 1 Chinese military strategist Sun Tzu: Benchmark If you know your
More informationBringing the Fight to Them: Exploring Aggressive Countermeasures to Phishing and other Social Engineering Scams
Bringing the Fight to Them: Exploring Aggressive Countermeasures to Phishing and other Social Engineering Scams Allen Zhou Comp116 Final Presentation What is Phishing? Social Engineering Steal credentials,
More informationSystems Engineering and System Security Engineering Requirements Analysis and Trade-Off Roles and Responsibilities
Systems Engineering and System Security Engineering Requirements Analysis and Trade-Off Roles and Responsibilities Melinda Reed Office of the Deputy Assistant Secretary of Defense for Systems Engineering
More informationDEVELOP YOUR TAILORED CYBERSECURITY ROADMAP
ARINC cybersecurity solutions DEVELOP YOUR TAILORED CYBERSECURITY ROADMAP Getting started is as simple as assessing your baseline THE RIGHT CYBERSECURITY SOLUTIONS FOR YOUR UNIQUE NEEDS Comprehensive threat
More informationDevelopment and Debugging of FPGA-Based Hardware-in-the-Loop Simulation Systems
Development and Debugging of FPGA-Based Hardware-in-the-Loop Simulation Systems Dr. Martin Panevsky Embedded System Applications Manager Zeve Akerling Advanced Degree Fellow Xingui Zhao Engineering Specialist
More informationStrategies for Maritime Cyber Security Leveraging the Other Modes
Strategies for Maritime Cyber Security Leveraging the Other Modes Michael Dinning Innovative Technologies for a Resilient Marine Transportation System June 24, 2014 The National Transportation Systems
More informationIMEC Cybersecurity for Manufacturers Penetration Testing and Top 10
IMEC Cybersecurity for Manufacturers Penetration Testing and Top 10 Christian Espinosa, Alpine Security www.alpinesecurity.com 1 Objectives Learn about penetration testing Learn what to consider when selecting
More informationResilience Design Patterns: A Structured Approach to Resilience at Extreme Scale
Resilience Design Patterns: A Structured Approach to Resilience at Extreme Scale Saurabh Hukerikar Christian Engelmann Computer Science Research Group Computer Science & Mathematics Division Oak Ridge
More informationDigital Wind Cyber Security from GE Renewable Energy
Digital Wind Cyber Security from GE Renewable Energy BUSINESS CHALLENGES The impact of a cyber attack to power generation operations has the potential to be catastrophic to the renewables industry as well
More informationThe modern car has 100 million lines of code and over half of new vehicles will be connected by 2020.
Automotive The modern car has 100 million lines of code and over half of new vehicles will be connected by 2020. Cars are becoming increasingly connected through a range of wireless networks The increased
More informationCybersecurity of Space Missions
Cybersecurity of Space Missions Jean Muylaert and Luca Del Monte Presentation at the Workshop of the European Interparliamentary Space Conference 14 May 2018 Space missions Examples of hacking, spoofing,
More informationA Path Planning Algorithm to Enable Well-Clear Low Altitude UAS Operation Beyond Visual Line of Sight
A Path Planning Algorithm to Enable Well-Clear Low Altitude UAS Operation Beyond Visual Line of Sight Swee Balachandran National Institute of Aerospace, Hampton, VA Anthony Narkawicz, César Muñoz, María
More informationSecurity Audit What Why
What A systematic, measurable technical assessment of how the organization's security policy is employed at a specific site Physical configuration, environment, software, information handling processes,
More informationCCNA Cybersecurity Operations 1.1 Scope and Sequence
CCNA Cybersecurity Operations 1.1 Scope and Sequence Last updated June 18, 2018 Introduction Today's organizations are challenged with rapidly detecting cybersecurity breaches and effectively responding
More informationTECHNICAL NOTES. Player Security Statement. BrightSign, LLC Lark Ave., Suite 200 Los Gatos, CA
TECHNICAL NOTES Player Security Statement BrightSign, LLC. 16795 Lark Ave., Suite 200 Los Gatos, CA 95032 408-852-9263 www.brightsign.biz INTRODUCTION The network settings of a BrightSign player are highly
More informationUNCLASSIFIED. FY 2016 Base FY 2016 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense Date: February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: COST ($ in Millions) Prior
More informationHIPAA Privacy & Security Training. Privacy and Security of Protected Health Information
HIPAA Privacy & Security Training Privacy and Security of Protected Health Information Course Competencies: This training module addresses the essential elements of maintaining the HIPAA Privacy and Security
More informationFDA & Medical Device Cybersecurity
FDA & Medical Device Cybersecurity Closing Keynote, February 19, 2017 Suzanne B. Schwartz, M.D., MBA Associate Director for Science & Strategic Partnerships Center for Devices and Radiological Health US
More informationLecture 4: Threats CS /5/2018
Lecture 4: Threats CS 5430 2/5/2018 The Big Picture Attacks are perpetrated by threats that inflict harm by exploiting vulnerabilities which are controlled by countermeasures. Once Upon a Time Bugs "bug":
More informationCCNA Cybersecurity Operations. Program Overview
Table of Contents 1. Introduction 2. Target Audience 3. Prerequisites 4. Target Certification 5. Curriculum Description 6. Curriculum Objectives 7. Virtual Machine Requirements 8. Course Outline 9. System
More informationINTRODUCTION TO DFARS
INTRODUCTION TO DFARS 800-171 CTI VS. CUI VS. CDI OVERVIEW COPYRIGHT 2017 FLANK. ALL RIGHTS RESERVED. INTRODUCTION TO DFARS 800-171 CTI VS. CUI VS. CDI OVERVIEW Defense contractors having to comply with
More informationCyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS
Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Continual disclosed and reported
More informationCyber Security Stress Test SUMMARY REPORT
Cyber Security Stress Test SUMMARY REPORT predict prevent respond detect FINAL SCORE PREDICT: PREVENT: Final score: RESPOND: DETECT: BRILLIANT! You got a 100/100. That's as good as it gets. So take a second
More informationDouble Guard: Detecting intrusions in Multitier web applications with Security
ISSN 2395-1621 Double Guard: Detecting intrusions in Multitier web applications with Security #1 Amit Patil, #2 Vishal Thorat, #3 Amit Mane 1 amitpatil1810@gmail.com 2 vishalthorat5233@gmail.com 3 amitmane9975@gmail.com
More informationInformation Security Controls Policy
Information Security Controls Policy Classification: Policy Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January
More informationIntroducing Cyber Resiliency Concerns Into Engineering Education
Introducing Cyber Resiliency Concerns Into Engineering Education Mr. Tom McDermott Georgia Tech Research Institute Mr. Barry Horowitz University of Virginia NDIA 20 th Annual Systems Engineering Conference
More informationPresentation's title
3 rd April 2017 B03 -In-vehicle technology enabler Presentation's title Dominique Bolignano CEO Prove & Run dominique.bolignano@provenrun.com Introducing myself and Prove & Run Dominique Bolignano, previously
More informationAvionics Cyber T&E Examples Testing Cyber Security Resilience to support Operations in the 3rd Offset Environment
Avionics Cyber T&E Examples Testing Cyber Security Resilience to support Operations in the 3rd Offset Environment 26 January 2017 Presented by: Mr. Chad Miller NAVAIR Cyber T&E What: Replicate Cyber Battlespace
More informationCOUNTERING CYBER CHAOS WITH HIPAA COMPLIANCE. Presented by Paul R. Hales, J.D. May 8, 2017
COUNTERING CYBER CHAOS WITH HIPAA COMPLIANCE Presented by Paul R. Hales, J.D. May 8, 2017 1 HIPAA Rules Combat Cyber Crime HIPAA Rules A Blueprint to Combat Cyber Crime 2 HIPAA Rules Combat Cyber Crime
More informationCyber Security Summit 2014 USCENTCOM Cybersecurity Cooperation
Cyber Security Summit 2014 USCENTCOM Cybersecurity Cooperation COL Michael R. Corpening Deputy Chief, Operations Division (CCJ6-O) 1 December 2014 The overall classification of this brief is UNCLASSIFIED
More informationCybersecurity for Health Care Providers
Cybersecurity for Health Care Providers Montgomery County Medical Society Provider Meeting February 28, 2017 T h e MARYLAND HEALTH CARE COMMISSION Overview Cybersecurity defined Cyber-Threats Today Impact
More informationManaging complexity and rapid change in 2019
2019 Predictions Managing complexity and rapid change in 2019 No-one has a crystal ball, but here at NTT Security we ve worked with our security experts around the world to identify trends that affect
More informationA Survival Guide to Continuity of Operations. David B. Little Senior Principal Product Specialist
A Survival Guide to Continuity of Operations David B. Little Senior Principal Product Specialist Customer Perspective: Recovery Time & Objective Asynchronous Replication Synchronous Replication WAN Clustering
More informationDHS Cybersecurity: Services for State and Local Officials. February 2017
DHS Cybersecurity: Services for State and Local Officials February 2017 Department of Established in March of 2003 and combined 22 different Federal departments and agencies into a unified, integrated
More informationCyber Threat Assessment and Mitigation for Power Grids Lloyd Wihl Director, Application Engineering Scalable Network Technologies
Cyber Threat Assessment and Mitigation for Power Grids Lloyd Wihl Director, Application Engineering Scalable Network Technologies lwihl@scalable-networks.com 2 The Need OT security particularly in the
More informationCybersecurity and Hospitals: A Board Perspective
Cybersecurity and Hospitals: A Board Perspective Cybersecurity is an important issue for both the public and private sector. At a time when so many of our activities depend on information systems and technology,
More informationDetecting breach. There are only two types of organisations in the world... Terry Greer-King Director, Cyber security, UK & Africa May 2017
Feeling lucky? Detecting breach There are only two types of organisations in the world... Terry Greer-King Director, Cyber security, UK & Africa May 2017 Industry average is 100 days to detect a breach,
More informationMission Aware Cybersecurity
Mission Aware Cybersecurity Cody Fleming (UVA) Scott Lucero (OSD) Peter Beling, Barry Horowitz (UVA), Calk Elks (VCU) October 2016 1 Systems Engineering Research Center (SERC) Overview DoD and the Intelligence
More informationDISA Cybersecurity Service Provider (CSSP)
UNCLASSIFIED DISA Cybersecurity Service Provider (CSSP) Mission Partner Brief UNCLASSIFIED UNITED IN SERVICE TO OUR NATION Mr. Darrell Fountain Chief, DISA CSSP Services Branch November 2018 UNCLASSIFIED
More informationWHY SIEMS WITH ADVANCED NETWORK- TRAFFIC ANALYTICS IS A POWERFUL COMBINATION. A Novetta Cyber Analytics Brief
WHY SIEMS WITH ADVANCED NETWORK- TRAFFIC ANALYTICS IS A POWERFUL COMBINATION A Novetta Cyber Analytics Brief Why SIEMs with advanced network-traffic analytics is a powerful combination. INTRODUCTION Novetta
More informationCybersecurity Survey Results
Cybersecurity Survey Results 4 November 2015 DISCLAIMER: The views and opinions expressed in this presentation are those of the author and do not necessarily represent official policy or position of HIMSS.
More informationPresentation to the ITU on the Q-CERT Incident Management Team. Ian M Dowdeswell Incident Manager, Q-CERT
Presentation to the ITU on the Q-CERT Incident Management Team Ian M Dowdeswell Incident Manager, Q-CERT 2 Q-CERT Mission The Mission of Q-CERT is to be a world-class center of excellence providing expert
More informationKeys to a more secure data environment
Keys to a more secure data environment A holistic approach to data infrastructure security The current fraud and regulatory landscape makes it clear that every firm needs a comprehensive strategy for protecting
More informationThe Perfect Storm Cyber RDT&E
The Perfect Storm Cyber RDT&E NAVAIR Public Release 2015-87 Approved for public release; distribution unlimited Presented to: ITEA Cyber Workshop 25 February 2015 Presented by: John Ross NAVAIR 5.4H Cyberwarfare
More informationBeyond Firewalls: The Future Of Network Security
Beyond Firewalls: The Future Of Network Security XChange University: IT Security Jennifer Blatnik 20 August 2016 Security Trends Today Network security landscape has expanded CISOs Treading Water Pouring
More informationSecuring Your Campus
Securing Your Campus Copyright CheckVideo LLC. All Rights Reserved. Introduction Security and Safety Officers are committed to providing a safe and welcoming learning environment that prepares students
More informationCIS 5373 Systems Security
CIS 5373 Systems Security Topic 3.1: OS Security Basics of secure design Endadul Hoque Slide Acknowledgment Contents are based on slides from Ninghui Li (Purdue), John Mitchell (Stanford), Dan Boneh (Stanford)
More informationMark Littlejohn June 23, 2016 DON T GO IT ALONE. Achieving Cyber Security using Managed Services
Mark Littlejohn June 23, 2016 DON T GO IT ALONE Achieving Cyber Security using Managed Services Speaker: Mark Littlejohn 1 Mark is an industrial technology professional with over 30 years of experience
More informationHoney Pot Be afraid Be very afraid
Honey Pot Be afraid Be very afraid Presented By Shubha Joshi M.Tech(CS) Problems with internet Why? Problems The Internet security is hard New attacks every day Our computers are static targets What should
More informationSECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry
SECURITY ON AWS By Max Ellsberry AWS Security Standards The IT infrastructure that AWS provides has been designed and managed in alignment with the best practices and meets a variety of standards. Below
More informationIntrusion Detection Systems (IDS)
Intrusion Detection Systems (IDS) Presented by Erland Jonsson Department of Computer Science and Engineering Intruders & Attacks Cyber criminals Activists State-sponsored organizations Advanced Persistent
More informationTop 10 most important IT priorities over the next 12 months. (Percent of respondents, N=633, ten responses accepted)
ESG Lab Review Sophos Security Heartbeat Date: January 2016 Author: Tony Palmer, Sr. ESG Lab Analyst; and Jack Poller, ESG Lab Analyst Abstract: This report examines the key attributes of Sophos synchronized
More informationAbout Cronus Cyber Technologies
CyBot Pro About Cronus Cyber Technologies Cronus Cyber is a software product company that develops software solutions for the Automated Penetration Testing market place. Cronus Cyber is a leading provider
More informationWeb Security Vulnerabilities: Challenges and Solutions
Web Security Vulnerabilities: Challenges and Solutions A Tutorial Proposal for ACM SAC 2018 by Dr. Hossain Shahriar Department of Information Technology Kennesaw State University Kennesaw, GA 30144, USA
More informationCybersecurity in the Age of Government Regulation
Cybersecurity in the Age of Government Regulation Compliance versus Security October 28, 2015 Harry D. Fox EVP, Technical and Operational Support Services CareFirst BlueCross BlueShield CareFirst BlueCross
More informationCourse 832 EC-Council Computer Hacking Forensic Investigator (CHFI)
Course 832 EC-Council Computer Hacking Forensic Investigator (CHFI) Duration: 5 days You Will Learn How To Understand how perimeter defenses work Scan and attack you own networks, without actually harming
More informationDefining Computer Security Incident Response Teams
Defining Computer Security Incident Response Teams Robin Ruefle January 2007 ABSTRACT: A computer security incident response team (CSIRT) is a concrete organizational entity (i.e., one or more staff) that
More informationU.S. FLEET CYBER COMMAND U.S. TENTH FLEET Managing Cybersecurity Risk
U.S. FLEET CYBER COMMAND U.S. TENTH FLEET Managing Cybersecurity Risk Neal Miller, Navy Authorizing Official December 13, 2016 UNCLASSIFIED 1 Some Inconvenient Truths The bad guys and gals still only work
More informationCyber Risk in the Marine Transportation System
Cyber Risk in the Marine Transportation System Cubic Global Defense MAR'01 1 Cubic.com/Global-Defense/National-Security 1 Cubic Global Defense Global Security Team Capabilities Program Management Integration
More informationCyber Security Experts Association of Nigeria (CSEAN) CYBER SECURE NIGERIA 2016 Conference
Cyber Security Experts Association of Nigeria (CSEAN) CYBER SECURE NIGERIA 2016 Conference Threat of Cyber- Terrorism to Critical Infrastructures Presented by Iyke Ezeugo Cyber-warfare Strategist Definitions
More informationIntrusion Detection. Overview. Intrusion vs. Extrusion Detection. Concepts. Raj Jain. Washington University in St. Louis
Intrusion Detection Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: 22-1 1. Intruders 2. Intrusion
More informationChapter 10: Security and Ethical Challenges of E-Business
Chapter 10: Security and Ethical Challenges of E-Business Learning Objectives Identify several ethical issues in IT that affect employment, individuality, working condition, privacy, crime health etc.
More information- Cyber threat information: information directly pertaining to,
WHAT INFORMATION MAY BE SHARED H.R. 3674, the PRECISE Act of 2011, as reported from HHSC Subcmte on Cybersecurity (Lungren) law, H.R. 3523, the Cyber Intelligence sharing and Protection Act of 2011, as
More informationCYBERSECURITY IN THE INDUSTRIAL INTERNET OF THINGS
CYBERSECURITY IN THE INDUSTRIAL INTERNET OF THINGS Susanne Bieller, EUnited Robotics EC Workshop in the area of autonomous systems / robots / IoT Brussels, 13 July 2017 Different needs according to classification
More informationUAS Operation in National Air Space (NAS) Secure UAS Command and Control
UAS Operation in National Air Space (NAS) Secure UAS Command and Control Dr. Randal Sylvester Division Chief Technologist L3 CSW 26 October 2015 This information consists of L-3 Communications Corporation,
More informationIntroduction to Information Security Management
Introduction to Information Security Management CIS 8080 Security and Privacy of Information and Information Systems Richard Baskerville Principles Information Security Management Assumptions First Principle:
More informationCS Review. Prof. Clarkson Spring 2017
CS 5430 Review Prof. Clarkson Spring 2017 Recall: Audit logs Recording: what to log what not to log how to log locally remotely how to protect the log Reviewing: manual exploration automated analysis MANUAL
More informationDefending Our Digital Density.
New Jersey Cybersecurity & Communications Integration Cell Defending Our Digital Density. @NJCybersecurity www.cyber.nj.gov NJCCIC@cyber.nj.gov The New Jersey Cybersecurity & Communications Integration
More information