Defence Research and Development Canada. Online cyber surveillance of information systems. Overview of current and next DRDC projects
|
|
- Shon Randall
- 5 years ago
- Views:
Transcription
1 Defence Research and Development Canada Online cyber surveillance of information systems Overview of current and next DRDC projects Mario Couture Defence R&D Canada (DRDC Valcartier) August 30 th, 2011
2 Content 1. Definitions and domain of work 2. Cyber domain Important facts 3. Cyber surveillance of ISs Overview 4. The on-going DRDC project 5. The next DRDC project 6. Concluding remarks (I) and (II) 1 IS: Information system
3 Definitions and domain of work Information system (IS): A computerised system allowing the processing and sharing of data and information With this definition, a cell phone can be considered as an IS Surveillance of ISs: The use of specialised software systems (AV, HIDS, software tracers, etc.) for the online observation and analysis of ISs states and behaviours Detect and report appropriately: any undesired software anomalies, low false positives Domains of work: DRDC Valcartier online host surveillance DRDC Ottawa online network surveillance Complementary work 2 AV: Anti-virus HIDS: Host intrusion detection system US: User space KS: Kernel space
4 Cyber domain Important facts Some important facts [Charpentier & Lefebvre, 2010]: Critical national critical infrastructures involve the use of increasingly complex ISs Fielded ISs will always contain unresolved design flaws & bugs (vulnerabilities) Nowadays malicious hackers are very well organised and they have easy access to advanced hacking technologies (which are often cheap) The ability of current surveillance systems (AV, HIDS, ) to detect undesired software states and behaviours within hosts is dramatically limited: ~30% [Bell, 2010]. Advanced Persistent Threats (APT) remain undetected, they represent a serious threat The development of the next generation of surveillance systems is not an easy to solve problem. Sustained iterative and incremental collaborative R&D efforts are needed 3 AV: Anti-virus HIDS: Host intrusion detection system IS: Information system
5 Cyber surveillance of ISs Overview In the case of cyber warfare: Cyber warfare involves two well organised entities: DND and bad hackers OODA Loop as applied to online host surveillance: -Observe: observation deep within the IS -Orient: fast/advanced detection analysis, reporting -Decide: automatic/manual decision making -Act: automatic/manual reactions and pro-actions Some important technological needs: -Better advanced techniques and models: -for adaptive observation of hosts -for adaptive detection analysis -lower the number of false positives -Better reporting of: -IS s health states -detected undesired anomalies -Suggest the best courses of actions (proactive, reactive) -The smallest overall delta-t for the whole blue OODA Loop DND activities Bad hackers activities -They are well organised -Easy access to advanced hacking technology -( ) 4 IS: Information system OODA: Observe, Orient, Decide, Act DND: Department of national defence
6 The on-going project: Poly-Tracing (Observe) Main R&D threads (Poly-Tracing project) For example: Automatic/manual deep monitoring of ISs Data synchronisation Data abstraction Automated fault identification IS Data (traces) abstraction LTTng tracer (US, KS) Data (traces) synchronisation Feedback-directed Health monitoring and corrective measures Fault identification Trace directed modelling 5 Impacts prediction (of monitoring) Redundancy and diversity for security purposes Observed states, behaviours, faults (UML diagrams) IS s health states & control Documentation, software & demos: ( IS: Information system US: User space KS: Kernel space
7 Next DRDC project (Orient) Title: Online surveillance of critical information systems through advanced host-based anomaly detection Currently under definition The main goals: 1. Improve significantly the efficiency, accuracy and timeliness of online host-based anomaly detection 2. Ensure interoperability with network-level surveillance systems 3. Save the relevant data for offline analysis (forensic analysis, continual improvement of systems) 6
8 Next DRDC project (Orient) Strategies: Make use (and merge) of the available online system data Alerts, software events/states from AV, HIDS, software tracers, profilers, etc. Store this enhanced data into a harmonized Centralized data store, make it available Concurrently run many complementary leading-edge detection techniques (user and kernel spaces) Use a specialized Linux kernel Knowledge Base to support detection analysis Make the Surveillance infrastructure feedback-directed (more adaptable online) Ability to select and control the focus & resolution of the observations Ability to reconfigure detection modules Interoperability with network-level surveillance systems (for national-level cyber operations) The ability to save data online for further offline analysis (forensics, software improvement) 7 KS: kernel space, US: user space
9 The next DRDC project (Orient) Feedback-directed Surveillance infrastructure 8 AV: Anti-virus HIDS: Host intrusion detection system KS: kernel space US: user space
10 The next DRDC project (Orient) Threads 1 & 2 (Polytechnique Montreal) Prof. M. Dagenais (PI) + 2 PhD students 1 RA (*) Thread 3 (Concordia university) Prof. A. Hamou-Lhadj + 2 PhD students 1 PostDoc (**) Thread 4 (Toronto university) Prof. A. Goel + 1 PhD student 9 (*) Research associate (RA): development, integration (Threads 1, 2, 3, and 4) (**) PostDoc: -development, integration (Threads 3 and 4) -feedback-directed aspects of the Surveillance infrastructure KS: kernel space, US: user space PI: Principal investigator
11 The next DRDC project Approaches Adapt and make use of technologies that are already mature and available Develop new technologies to fill technological gaps Scalability is very important Interoperability is very important Use an iterative/incremental approach (for R&D efforts and POC) Sustained active collaboration among involved participants 10 R&D: Research and development POC: Proof of concept
12 Concluding remarks (I) Observe Poly-Tracing project (the on-going DRDC project): Type: 4-year DND-NSERC project (2.6 M$) Currently at the end of year 3 Partners: Ericsson Canada, NSERC, DRDC Valcartier 4 Canadian universities: 5 PhDs, more than 15 grad. students Open source Documentation, software & demos: 11 DND: Department of national defence NSERC: Natural Sciences and Engineering Research Council of Canada
13 Concluding remarks (II) Orient Next project: to be submitted to DRDC/DND October 2011 Type: DND-NSERC project (strong interest: mil. clients) Partners: Ericsson Canada, NSERC, DRDC Valcartier DND: Department of national defence NSERC: Natural Sciences and Engineering Research Council of Canada 3 Canadian universities: 4 PhDs supervising 5 PhD students Size: similar to the Poly-Tracing project Open source has proved to be a very good approach Ultimate goals: Improve host-based online anomaly detection (malicious origin or not) Help operators on duty build and maintain a full HSA of their ISs during operations Provide more relevant data for offline forensic investigations 12 Interoperate with network-level cyber surveillance operations (national level) HSA: Host-based situational awareness IS: Information system
14 Contact: Mario Couture, Defence scientist DRDC Valcartier (418)
Defence Research and Development Canada. Cyber surveillance of information systems
Defence Research and Development Canada Cyber surveillance of information systems Results from the current DRDC project, and way-ahead (Tutorial/workshop) Mario Couture DRDC Valcartier (SoS/SAR) March
More informationTotalADS: Automated Software Anomaly Detection System
2014 14th IEEE International Working Conference on Source Code Analysis and Manipulation TotalADS: Automated Software Anomaly Detection System Syed Shariyar Murtaza 1, Abdelwahab Hamou-Lhadj 1, Wael Khreich
More informationCyber Security Technologies
1 / Cyber Security Technologies International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center Lisbon, 12 th September 2013 23 / Key highlights - Thales Group Thales
More informationDefining cybersecurity.
PREPARING FOR TOMORROW S THREATS 28 September 2016 Andrew Facchini Presales & Product Manager +47 459 07 330 andrew@mnemonic.no Defining cybersecurity. WHO IS MNEMONIC? Founded in 2000 110+ security specialists
More informationCyber Espionage A proactive approach to cyber security
Cyber Espionage A proactive approach to cyber security #DeloitteRA To mitigate the risks of advanced cyber threats, organisations should enhance their capabilities to proactively gather intelligence and
More informationAn Improved Hidden Markov Model for Anomaly Detection Using Frequent Common Patterns
An Improved Hidden Markov Model for Anomaly Detection Using Frequent Common Patterns Afroza Sultana and Abelwahab Hamou-Lhadj Department of Electrical and Computer Engineering Concordia University Montreal,
More informationCollaboration networks and innovation in Canada s ICT Hardware Cluster. Catherine Beaudry and Melik Bouhadra Polytechnique Montréal
Collaboration networks and innovation in Canada s ICT Hardware Cluster Catherine Beaudry and Melik Bouhadra Polytechnique Montréal CDO Third Annual Network Conference April 26 th 2016 2 Agenda Research
More informationHacker Academy UK. Black Suits, White Hats!
Hacker Academy UK Black Suits, White Hats! Cyber Security Training and Services Do your devices Protect you against Cyber-attacks? Chinese hackers have allegedly stolen 50 terabytes of data on F-35 aircraft,
More informationProtecting productivity with Industrial Security Services
Protecting productivity with Industrial Security Services Identify vulnerabilities and threats at an early stage. Take proactive measures. Achieve optimal long-term plant protection. usa.siemens.com/industrialsecurityservices
More informationCritical Information Infrastructure Protection Law
Critical Information Infrastructure Protection Law CCD COE Training 8 September 2009 Tallinn, Estonia Maeve Dion Center for Infrastructure Protection George Mason University School of Law Arlington, Virginia.
More informationModelling Security in UML/OCL for C2IS
Modelling Security in UML/OCL for C2IS Robert Charpentier & Martin Salois R et D pour la défense Canada Defence R&D Canada Canada Plan Motivation & Objectives Software Certification Techniques Modelling
More informationUNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2013 Office of Secretary Of Defense DATE: February 2012 0400: Research,, Test & Evaluation, Defense-Wide BA 3: Advanced Technology (ATD) COST ($ in Millions)
More informationFrench Research in Comp. Virology and Operational Cryptology
French Research in Computer Virology and Operational Cryptology Eric Filiol efiliol@esat.terre.defense.gouv.fr ESAT Rennes - Virology and Cryptology Lab. Canada - France Meeting on Security Vancouver -
More informationNational Cyber Security Operations Center (N-CSOC) Stakeholders' Conference
National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference Benefits to the Stakeholders A Collaborative and Win-Win Strategy Lal Dias Chief Executive Officer Sri Lanka CERT CC Cyber attacks
More informationDesigning and Building a Cybersecurity Program
Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework (CSF) Larry Wilson lwilson@umassp.edu ISACA Breakfast Meeting January, 2016 Designing & Building a Cybersecurity
More informationPanel 1 National CSIRT Experience
Panel 1 National CSIRT Experience 2 nd Meeting of Government Cybersecurity Practitioners Sao Paulo, Brazil September 14-16, 2005 Andrew McAllister Senior Advisor, Cyber Security Public Safety and Emergency
More informationCOMPUTER FORENSICS (CFRS)
Computer Forensics (CFRS) 1 COMPUTER FORENSICS (CFRS) 500 Level Courses CFRS 500: Introduction to Forensic Technology and Analysis. 3 credits. Presents an overview of technologies of interest to forensics
More informationAutomated Response in Cyber Security SOC with Actionable Threat Intelligence
Automated Response in Cyber Security SOC with Actionable Threat Intelligence while its biggest weakness is lack of visibility: SOCs still can t detect previously unknown threats, which is a consistent
More informationCisco Cyber Range. Paul Qiu Senior Solutions Architect June 2016
Cisco Cyber Range Paul Qiu Senior Solutions Architect June 2016 What I hear, I forget What I see, I remember What I do, I understand ~ Confucius Agenda Agenda Cyber Range Highlights Cyber Range Overview
More informationalign security instill confidence
align security instill confidence cyber security Securing data has become a top priority across all industries. High-profile data breaches and the proliferation of advanced persistent threats have changed
More informationTrusted Free and Open Source Software (FOSS) FOSS Hardening
Trusted Free and Open Source Software (FOSS) FOSS Hardening NATO IST 091 # 18 Robert Charpentier DRDC Valcartier Dr Mourad Debbabi Concordia University November 22 nd 23 rd, 2010 FOSS Project History 2003-04
More informationCIRT: Requirements and implementation
CIRT: Requirements and implementation By : Muataz Elsadig Sudan CERT Joint ITU-ATU Workshop on Cyber-security Strategy in African Countries Khartoum, Republic of Sudan, 24 26 July 2016 There is no globally
More informationSymantec Security Monitoring Services
24x7 real-time security monitoring and protection Protect corporate assets from malicious global threat activity before it impacts your network. Partnering with Symantec skilled and experienced analysts
More informationEventpad : a visual analytics approach to network intrusion detection and reverse engineering Cappers, B.C.M.; van Wijk, J.J.; Etalle, S.
Eventpad : a visual analytics approach to network intrusion detection and reverse engineering Cappers, B.C.M.; van Wijk, J.J.; Etalle, S. Published in: European Cyper Security Perspectives 2018 Published:
More informationCyber Analyst Academy. Closing the Cyber Security Skills Gap.
Cyber Analyst Academy Closing the Cyber Security Skills Gap. Why do the Cyber Analyst Academy? Why QA? There is a huge gap in the market for this skills set and QA are excited to deliver a new hands-on
More informationCyber Security and Cyber Fraud
Cyber Security and Cyber Fraud Remarks by Andrew Ross Director, Payments and Cyber Security Canadian Bankers Association for Senate Standing Committee on Banking, Trade, and Commerce October 26, 2017 Ottawa
More informationCYBER RESILIENCE & INCIDENT RESPONSE
CYBER RESILIENCE & INCIDENT RESPONSE www.nccgroup.trust Introduction The threat landscape has changed dramatically over the last decade. Once the biggest threats came from opportunist attacks and preventable
More informationCase Study. Encode helps University of Aberdeen strengthen security and reduce false positives with advanced security intelligence platform
Encode helps University of Aberdeen strengthen security and reduce false positives with advanced security intelligence platform Summary For the University of Aberdeen, protecting IT infrastructure serving
More informationANATOMY OF AN ATTACK!
ANATOMY OF AN ATTACK! Are Your Crown Jewels Safe? Dom Kapac, Security Evangelist WHAT DO WE MEAN BY CROWN JEWELS? Crown jewels for most organizations are critical infrastructure and data Data is a valuable
More informationCYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) Securing Virtual Environments
CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) 2010 October 25 29, 2010 Kuala Lumpur Convention Centre Securing Virtual Environments Raimund Genes CTO Trend Micro The Changing Datacenter
More informationCyber Defence Situational Awareness
Cyber Defence Situational Awareness HQ SACT, ACT Office of Security NC3A, CAT-2 1 Objectives of the Workshop Communicate and clarify the context of Cyber Defence within NATO Present ACT s Cyber Defence
More informationNebraska CERT Conference
Nebraska CERT Conference Security Methodology / Incident Response Patrick Hanrion Security Center of Excellence Sr. Security Consultant Agenda Security Methodology Security Enabled Business Framework methodology
More informationPut an end to cyberthreats
Put an end to cyberthreats Automated and centralized Advanced Security CORPORATE CYBERSECURITY Who is behind cyberthreats?1 73% 28% 12% 50% What is the cost to companies? Global cost: $600,000 M3 Cost
More informationBUILDING AND MAINTAINING SOC
BUILDING AND MAINTAINING SOC Digit Oktavianto KOMINFO 7 December 2016 digit dot oktavianto at gmail dot com 1 Digit Oktavianto Profile in 1 Page Currently working as a Security Architect Professional Certifications:
More informationHSNORT: A Hybrid Intrusion Detection System using Artificial Intelligence with Snort
HSNORT: A Hybrid Intrusion Detection System using Artificial Intelligence with Snort Divya Asst. Prof. in CSE Department Haryana Institute of Technology, India Surender Lakra Asst. Prof. in CSE Department
More informationCyber Security Maturity Model
Cyber Security Maturity Model Robert Lentz Former DoD CISO / Deputy Assistant Secretary Cyber Facts Facts About About Intrusions Intrusions 2 Verizon 2010 Data Breach Investigation Report WHO IS BEHIND
More informationSecurity
Security +617 3222 2555 info@citec.com.au Security With enhanced intruder technologies, increasingly sophisticated attacks and advancing threats, your data has never been more susceptible to breaches from
More informationCyber Intelligence Professional Certificate Program Booz Allen Hamilton 2-Day Seminar Agenda September 2016
Cyber Intelligence Professional Certificate Program Booz Allen Hamilton 2-Day Seminar Agenda 21-22 September 2016 DAY 1: Cyber Intelligence Strategic and Operational Overview 8:30 AM - Coffee Reception
More informationSecurity by Default: Enabling Transformation Through Cyber Resilience
Security by Default: Enabling Transformation Through Cyber Resilience FIVE Steps TO Better Security Hygiene Solution Guide Introduction Government is undergoing a transformation. The global economic condition,
More informationPALANTIR CYBERMESH INTRODUCTION
100 Hamilton Avenue Palo Alto, California 94301 PALANTIR CYBERMESH INTRODUCTION Cyber attacks expose organizations to significant security, regulatory, and reputational risks, including the potential for
More informationE-guide Getting your CISSP Certification
Getting your CISSP Certification Intro to the 10 CISSP domains of the Common Body of Knowledge : The Security Professional (CISSP) is an information security certification that was developed by the International
More informationto Enhance Your Cyber Security Needs
Our Service to Enhance Your Cyber Security Needs Since the business critical systems by its nature are ON all of the time and the increasingly connected world makes you open your organization to everything
More informationITU-IMPACT Capacity Building for Least Developed & Developed Countries
ITU-IMPACT Capacity Building for Least Developed & Developed Countries Marco Obiso Cybersecurity Coordinator International Telecommunication Union (ITU) 30 January 2012 ITU and cybersecurity 2003 2005
More informationWA Govt Changing Cyber Security Landscape
Office of the Government Chief Information Officer GOVERNMERNT OF WESTERN AUSTRALIA WA Govt Changing Cyber Security Landscape Andrew Cann GCIO 16 August 2017 Key Principles to harness and drive cultural
More informationThe Perfect Storm Cyber RDT&E
The Perfect Storm Cyber RDT&E NAVAIR Public Release 2015-87 Approved for public release; distribution unlimited Presented to: ITEA Cyber Workshop 25 February 2015 Presented by: John Ross NAVAIR 5.4H Cyberwarfare
More informationContinuous protection to reduce risk and maintain production availability
Industry Services Continuous protection to reduce risk and maintain production availability Managed Security Service Answers for industry. Managing your industrial cyber security risk requires world-leading
More informationEmerging Threat Intelligence using IDS/IPS. Chris Arman Kiloyan
Emerging Threat Intelligence using IDS/IPS Chris Arman Kiloyan Who Am I? Chris AUA Graduate (CS) Thesis : Cyber Deception Automation and Threat Intelligence Evaluation Using IDS Integration with Next-Gen
More informationPREEMPTIVE PREventivE Methodology and Tools to protect utilities
PREEMPTIVE PREventivE Methodology and Tools to protect utilities 2014 2017 1 With the financial support of FP7 Seventh Framework Programme Grant agreement no: 607093 Preemptive goal The main goal of PREEMPTIVE
More informationWill you be PCI DSS Compliant by September 2010?
Will you be PCI DSS Compliant by September 2010? Michael D Sa, Visa Canada Presentation to OWASP Toronto Chapter Toronto, ON 19 August 2009 Security Environment As PCI DSS compliance rates rise, new compromise
More informationProactive Defense with Automated First Responder (AFR) Anuj Soni Jason Losco
Proactive Defense with Automated First Responder (AFR) Anuj Soni Jason Losco July 18, 2013 Combating increasingly sophisticated attackers requires a proactive cyber program incorporating diverse solution
More informationIntrusion Detection Systems (IDS)
Intrusion Detection Systems (IDS) Presented by Erland Jonsson Department of Computer Science and Engineering Intruders & Attacks Cyber criminals Activists State-sponsored organizations Advanced Persistent
More informationGovernance Ideas Exchange
www.pwc.com.au Anatomy of a Hack Governance Ideas Exchange Robert Di Pietro October 2018 Cyber Security Anatomy of a Hack Cyber Security Introduction Who are the bad guys? Profiling the victim Insights
More informationCyberSecurity Situational Awareness Monitoring & Reporting Platform Pharos. Cyber Security Showcase Wednesday, 29 February 2012 Brussels, Belgium
CyberSecurity Situational Awareness Monitoring & Reporting Platform Pharos Cyber Security Showcase Wednesday, 29 February 2012 Brussels, Belgium The Cyber Security Problem Domain Attack Profiling The Fast
More informationReserve Bank of India Cyber Security Framework
Reserve Bank of India Cyber Security Framework HOW SMOKESCREEN HELPS YOU COMPLY RBI Cyber Security Framework How Smokescreen Helps You Comply Table Of Contents Executive Summary 3 About the Framework 3
More informationCyber Security For Utilities Risks, Trends & Standards. IEEE Toronto March 22, Doug Westlund Senior VP, AESI Inc.
Cyber Security For Utilities Risks, Trends & Standards IEEE Toronto March 22, 2017 Doug Westlund Senior VP, AESI Inc. Agenda Cyber Security Risks for Utilities Trends & Recent Incidents in the Utility
More informationWireless e-business Security. Lothar Vigelandzoon
Wireless e-business Security Lothar Vigelandzoon E-business evolution Increased business drivers for cost efficiency & market penetration Increased Importance of brand reputation Distance between IT and
More informationETSI All rights reserved
ETSI NFV POCS AND PLUGTESTS AS OPPORTUNITIES FOR COLLABORATION WHILE FOSTERING NFV INTEROPERABILITY Presented by Silvia Almagia ETSI (CTI) ETSI (NFV) meets OpenStack, Denver, September 2017 ABOUT CTI ETSI
More informationDifferent attack manifestations Network packets OS calls Audit records Application logs Different types of intrusion detection Host vs network IT
Different attack manifestations Network packets OS calls Audit records Application logs Different types of intrusion detection Host vs network IT environment (e.g., Windows vs Linux) Levels of abstraction
More informationAnalytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS
Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS Overview Cyberattacks are increasingly getting more frequent, more sophisticated and more widespread than ever
More informationImplementation Strategy for Cybersecurity Workshop ITU 2016
Implementation Strategy for Cybersecurity Workshop ITU 2016 Council for Scientific and Industrial Research Joey Jansen van Vuuren Intricacies and interdependencies cyber policies must address potential
More informationDefense in Depth. Constructing Your Walls for Your Enterprise. Mike D Arezzo Director of Security April 21, 2016
Defense in Depth Constructing Your Walls for Your Enterprise Mike D Arezzo Director of Security April 21, 2016 Defense in Depth Defense in Depth Coordinated use of multiple security countermeasures Protect
More informationGlobal Response Centre (GRC) & CIRT Lite. Regional Cyber security Forum 2009, Hyderabad, India 23 rd to 25 th September 2009
Global Response Centre (GRC) & CIRT Lite Regional Cyber security Forum 2009, Hyderabad, India 23 rd to 25 th September 2009 IMPACT Service offerings Global Response Centre CIRT Lite Need for GRC Access
More informationConverged security. Gerben Verstraete, CTO, HP Software Services Colin Henderson, Managing Principal, Enterprise Security Products
Converged security Gerben Verstraete, CTO, HP Software Services Colin Henderson, Managing Principal, Enterprise Security Products Increased risk and wasted resources Gartner estimates more than $1B in
More informationCyber Security. Our part of the journey
Cyber Security Our part of the journey The Journey Evolved Built on the past Will be continued Not always perfect Small Steps moving forward The Privileged How to make enemies quickly Ask before acting
More informationTrend Micro and IBM Security QRadar SIEM
Trend Micro and IBM Security QRadar SIEM Ellen Knickle, PM QRadar Integrations Robert Tavares, VP IBM Strategic Partnership February 19, 2014 1 Agenda 1. Nature of the IBM Relationship with Trend Micro
More informationAN ANALYSIS OF CYBER CRIME AND INTERNET SECURITY
WORLD JOURNAL OF PHARMACY AND PHARMACEUTICAL SCIENCES Shoba. SJIF Impact Factor 6.647 Volume 6, Issue 5, 304-308 Review Article ISSN 2278 4357 AN ANALYSIS OF CYBER CRIME AND INTERNET SECURITY *Prof. V.
More informationLAB2 R12: Optimize Your Supply Chain Cyber Security
LAB2 R12: Optimize Your Supply Chain Cyber Security Post Conference Summary Allan Thomson Jamison M. Day, Ph.D. Table of Contents INTRODUCTION... 3 SUPPLY CHAIN CYBER SECURITY TRENDS... 4 Outsourcing Increases
More informationCyber-Threats and Countermeasures in Financial Sector
Michael Mavroforakis, PhD Group CISO & CDO SEV: Workshop on Digital Enablers (Cloud & Cybersecurity) 27th March 2018 Agenda: CYBERSECURITY Potential Targets Attack Examples Insider vs Outsider Threats
More informationHOSTED SECURITY SERVICES
HOSTED SECURITY SERVICES A PROVEN STRATEGY FOR PROTECTING CRITICAL IT INFRASTRUCTURE AND DEVICES Being always-on, always-connected might be good for business, but it creates an ideal climate for cybercriminal
More informationMaster of Cyber Security, Strategy and Risk Management. CECS PG Information Session April 17, 2018
Master of Cyber Security, Strategy and Risk Management CECS PG Information Session April 17, 2018 2 Program Purpose Provide a working understanding of information, network and software security, across
More informationVenusense UTM Introduction
Venusense UTM Introduction Featuring comprehensive security capabilities, Venusense Unified Threat Management (UTM) products adopt the industry's most advanced multi-core, multi-thread computing architecture,
More informationDetection and Analysis of Threats to the Energy Sector (DATES)
Detection and Analysis of Threats to the Energy Sector (DATES) Sponsored by the Department of Energy National SCADA Test Bed Program Managed by the National Energy Technology Laboratory The views herein
More informationThe threat landscape is constantly
A PLATFORM-INDEPENDENT APPROACH TO SECURE MICRO-SEGMENTATION Use Case Analysis The threat landscape is constantly evolving. Data centers running business-critical workloads need proactive security solutions
More informationThe Evolution of Computer Generated Forces (CGF) Architectures to Support Information Warfare Effects
The Evolution of Computer Generated Forces (CGF) Architectures to Support Information Warfare Effects Presentation to NMSG-143 20-21 October 2016 Bucharest, Romania Mark G Hazen, DRDC Jon P Lloyd, Dstl
More informationCYBER ATTACKS EXPLAINED: PACKET SPOOFING
CYBER ATTACKS EXPLAINED: PACKET SPOOFING Last month, we started this series to cover the important cyber attacks that impact critical IT infrastructure in organisations. The first was the denial-of-service
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationCHIEF INFORMATION OFFICER
OFFICE OF THE CHIEF INFORMATION OFFICER DEPARTMENT OF HEALTH AND HUMAN SERVICES U. S. D E P A R T M E N T O F H E A L T H A N D H U M A N S E R V I C E S Public-Private Collaboration - Bridging the Gap
More informationSECURITY SERVICES SECURITY
SECURITY SERVICES SECURITY SOLUTION SUMMARY Computacenter helps organisations safeguard data, simplify compliance and enable users with holistic security solutions With users, data and devices dispersed
More informationReduce the Breach Detection Gap to Minutes. What is Forensic State Analysis (FSA)?
Reduce the Breach Detection Gap to Minutes Whether cloud-hosted or situated on premise, Cyber Threat Hunting as a Service is an essential and complimentary addition to any organization serious about security.
More informationChapter 1 B: Exploring the Network
Chapter 1 B: Exploring the Network Types of Networks The two most common types of network infrastructures are: Local Area Network (LAN) Wide Area Network (WAN). Other types of networks include: Metropolitan
More informationThreat Hunting and Killing in the Modern Network
Welcome MTUG Security Track Workshop Threat Hunting and Killing in the Modern Network Peter Higgins, CISSP-ISSAP Security Officer Tyler Technologies, Inc. peter.higgins@tylertech.com 800-772-2260x4647
More informationIJSER. Virtualization Intrusion Detection System in Cloud Environment Ku.Rupali D. Wankhade. Department of Computer Science and Technology
ISSN 2229-5518 321 Virtualization Intrusion Detection System in Cloud Environment Ku.Rupali D. Wankhade. Department of Computer Science and Technology Abstract - Nowadays all are working with cloud Environment(cloud
More informationCybersecurity & Risks Analysis
Working Together to Build Confidence Cybersecurity & Risks Analysis Djenana Campara Chief Executive Officer Member, Object Management Group Board of Directors Co-Chair, System Assurance Task Force Cyber
More informationCipherCloud CASB+ Connector for ServiceNow
ServiceNow CASB+ Connector CipherCloud CASB+ Connector for ServiceNow The CipherCloud CASB+ Connector for ServiceNow enables the full suite of CipherCloud CASB+ capabilities, in addition to field-level
More informationTowards checking Stateflow models with mcrl2
Towards checking Stateflow models with mcrl2 Jozef Hooman jozef[dot]hooman[at]esi[dot]nl Embedded Systems Institute (ESI) Radboud University Nijmegen joint work with Remko van Cann & Jan Friso Groote (TU/e)
More informationARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin
ARC VIEW FEBRUARY 1, 2018 Critical Industries Need Continuous ICS Security Monitoring By Sid Snitkin Keywords Anomaly and Breach Detection, Continuous ICS Security Monitoring, Nozomi Networks Summary Most
More informationCybersecurity Overview
Cybersecurity Overview DLA Energy Worldwide Energy Conference April 12, 2017 1 Enterprise Risk Management Risk Based: o Use of a risk-based approach for cyber threats with a focus on critical systems where
More informationDetect Fraud & Financial Crime
IBM i2 Intelligence Analysis Detect Fraud & Financial Crime Acquire Discover Action! Urs Christen Security Sales Government urs.christen@ch.ibm.com 1 IBM Security 2014 IBM Corporation Build an integrated
More informationBuilding a Threat-Based Cyber Team
Building a Threat-Based Cyber Team Anthony Talamantes Manager, Defensive Cyber Operations Todd Kight Lead Cyber Threat Analyst Sep 26, 2017 Washington, DC Forward-Looking Statements During the course of
More informationMASP Chapter on Safety and Security
MASP Chapter on Safety and Security Daniel Watzenig Graz, Austria https://artemis.eu MASP Chapter on Safety & Security Daniel Watzenig daniel.watzenig@v2c2.at Francois Tuot francois.tuot@gemalto.com Antonio
More informationCompliance: How to Manage (Lame) Audit Recommendations
Compliance: How to Manage (Lame) Audit Recommendations Brian V. Cummings Tata Consultancy Services Ltd brian.cummings@tcs.com Tuesday, August 9, 2011 1:30 p.m. Session 9221 Security & Compliance Risk Landscape
More informationCapturing and Formalizing SAF Availability Management Framework Configuration Requirements
Capturing and Formalizing SAF Availability Management Framework Configuration Requirements A. Gherbi, P. Salehi, F. Khendek and A. Hamou-Lhadj Electrical and Computer Engineering, Concordia University,
More informationHow to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis
White paper How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis AhnLab, Inc. Table of Contents Introduction... 1 Multidimensional Analysis... 1 Cloud-based Analysis...
More informationImplementing Executive Order and Presidential Policy Directive 21
March 26, 2013 Implementing Executive Order 13636 and Presidential Policy Directive 21 Mike Smith, Senior Cyber Policy Advisor, Office of Electricity Delivery and Energy Reliability, Department of Energy
More informationChapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS
Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS The Saskatchewan Power Corporation (SaskPower) is the principal supplier of power in Saskatchewan with its mission to deliver power
More informationIndustrial control systems
Industrial control systems Attractive targets for cyber-attacks A five-point strategy for a secure environment The risk of a cyber-attack is real and continues to rise Cyber threats to industrial control
More informationTransforming Security from Defense in Depth to Comprehensive Security Assurance
Transforming Security from Defense in Depth to Comprehensive Security Assurance February 28, 2016 Revision #3 Table of Contents Introduction... 3 The problem: defense in depth is not working... 3 The new
More informationCybersecurity for Health Care Providers
Cybersecurity for Health Care Providers Montgomery County Medical Society Provider Meeting February 28, 2017 T h e MARYLAND HEALTH CARE COMMISSION Overview Cybersecurity defined Cyber-Threats Today Impact
More informationDesignated Cyber Security Protection Solution for Medical Devices
Designated Cyber Security Protection Solution for Medical s The Challenge Types of Cyber Attacks Against In recent years, cyber threats have become Medical s increasingly sophisticated in terms of attack
More informationHacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK
Hacker Academy Ltd COURSES CATALOGUE Hacker Academy Ltd. LONDON UK TABLE OF CONTENTS Basic Level Courses... 3 1. Information Security Awareness for End Users... 3 2. Information Security Awareness for
More information