Dynamic Risk Management for Cyber Defence
|
|
- Grace Nicholson
- 5 years ago
- Views:
Transcription
1 Dynamic Risk Management for Cyber Defence Douglas Wiemer Director, Cyber Security Solutions FP7 Project number RHEA Group
2 Consortium Participants
3 The User agency: Acea Group Founded in 1909 as the municipality of Rome s Electric Company 1 st water services operator in Italy supplying more than 8.5 Million inhabitants One of the major italian operators in electricity distribution supplying 11 billion kwh of electricity
4 The PANOPTESEC approach Operational use of Dynamic Risk Approaches (DRA) for Automated Cyber Defence Address constantly evolving state of the operations, systems and threats Accurately assess the risk (impact, likelihood) Provide continuous monitoring Proactive Response System (Strategic Response) Focus on potential attack paths to high priority systems Response optimization to minimize operational impact and financial costs Reactive Response System (Tactical Response) Focus on blocking or preventing spread of ongoing attacks Rapid response through automation State-of-the-art weaknesses addressed by PANOPTESEC: Complex, multi-source correlations Operational/financial impact evaluation Automated decision support / Closed loop process to deployment
5 MAPE-K cycle for continuous cyber security management 2016 PANOPTESEC Consortium Decision support for cyber vulnerability, incident detection and response management MONITOR for cyber vulnerabilities and incidents ANALYZE cyber risks and operational impacts PLAN and prioritize mitigation actions through response modeling EXECUTE mitigation actions through policy-based deployment Knowledge-base contains raw and processed information MAPE-K based on An architectural blueprint for autonomic computing, IBM, Monitor sensors Autonomic Manager Analyze Plan Knowledge Execute Effectors Managed Elements State-of-the-art weaknesses addressed by PANOPTESEC: Complex multi-source correlations (Monitor) Operational/financial impact evaluation (Analyze) Automated decision support (Planning) Closed loop process to deployment (Execute)
6 MAPE-K cycle for continuous cyber security management 2016 PANOPTESEC Consortium MAPE-K - Degrees of Autonomicity Level 1 (Basic): System elements are managed by highly skilled staff who utilize monitoring tools and then make the require changes manually. Level 2 (Managed): System s monitoring tools collage information in an intelligent way to reduce the systems administration burden. Level 3 (Predictive): More intelligent monitoring to recognize system behavior patterns and suggest actions approved and carried out by IT staff. Level 4 (Adaptive) System uses the types of tools available to Level 3 but the system is more able to take action. Human interaction is minimized. Level 5 (Fully autonomic): Systems and components are dynamically managed by business rules and policies Monitor sensors Autonomic Manager Analyze Plan Knowledge Managed Elements For CIP, level 3. For other domains, push outcomes into Level 5 Execute Effectors
7 Functional concept (continuous proactive chain) Monitor: Collect network and security relevant information from diverse data sources and build the following information Network/Vulnerability topology Mission Graph (identifies critical supporting assets) Network and system dependency model (from realtime flow data) Reachability matrix Analyze: Perform security analysis of collected information to: Generate the Attack Graph from hypothetical source to critical supporting assets Quantify risk to critical supporting assets Monitor sensors Autonomic Manager Analyze Plan Knowledge Execute Managed Elements Effectors Knowledge Base: Contains raw data collected by the system Contains current and historical results of analytic processes Plan: Conduct automated decision support analysis to: Identify potential response plans to reduce risk Evaluate response plans against business/mission and financial impact Propose prioritized response plans Execute: Prepare and issue selected response plans: Response plans may consist of several mitigation actions Defined according to acceptable policies Sensors, Effectors & Scanners: Out of scope. The System can adapt to many different topology/inventory/vulnerability scanners or different data sources
8 Functional concept (continuous reactive chain) Monitor: Augment proactive data with real-time (reactive) incident data: Network events Intrusion events Analyze: Perform security analysis of collected information to: Localize incidents on Attack Graphs Quantify risk to critical supporting assets Monitor sensors Autonomic Manager Analyze Plan Knowledge Execute Effectors Managed Elements Knowledge Base: Contains raw data collected by the system Contains current and historical results of analytic processes Sensors & Effectors: Out of scope. The System can adapt to many different sensors and firewalls Plan: Conduct automated decision support analysis to: Identify potential response plans to reduce risk Evaluate response plans against business/mission and financial impact Propose prioritized response plans Execute: Prepare and issue selected response plans: Response plans may consist of several mitigation actions Defined according to acceptable policies
9 Monitored System: Emulated Environment The Emuation Environment (Emu-Env) has been created by RHEA, starting from ACEA Distribution Energy environment (Rome), using the resources of the Disaster Recovery site. Among the data sources for the PANOPTESEC System: - GFI Languard Asset Management System - Whatsup Gold Network Management System - OpenVas Vulnerability Scanner - IDS/IPS/Firewall logs collected by Stonesoft SMC/SIEM and sent to LowLevelCorrelator as Syslogs, Built-in NMAP base Scanner M O N I T O R E D S Y S T E M
10 Architecture of PANOPTESEC System Automated support for cyber vulnerability and incident detection and response management MONITOR: Data collection and correlation system ANALYZE: Attack and risk modeling PLAN: Response modeling EXECUTE: Policy deployment Visualization System KNOWLEDGE PROACTIVE REACTIVE Data Collection System M O N I T O R E D S Y S T E M sensors MONITOR sensors EXECUTE Effectors (Policy Deployer) Integration Framework ANALYZE PLAN Response Modeling Risk Modeling Proactive Reactive Dynamic Risk Management System Attack Modeling QBE Engine ABE Engine PAI Engine
11 Mission Impact and Dependency Model Device dependent Business/Mission Functions, Processes and Companies illustrated with weighted dependency links Provides capability for prioritized security response plans based on business impact Analysis of mission impact due to shock events Shock events include: Impact of known vulnerabilities Impact of incidents Impact of proposed response plans
12 Mission impact analysis Threat-risk quantification Geographic display of risk by affected region Vulnerability view Attacks View (proactive/reactive) Prioritized course of action tables Operator options for course of action selection Tailored views through versatile layering Advanced visual interface
13 Geographic display of risk by affected region
14 Vulnerability views as overlay
15 Network analysis view
16 Vulnerability view
17 Vulnerability views Node level detail
18 Simulation Environment The Simulation Environment (Sim-Env) has been created by RHEA within Work Package 7 starting from ACEA Distribution Energy environment (Rome), using the resources of the Disaster Recovery site. The Disaster Recovery systems used are real operational systems in 'cold standby' mode. These are then augmented by real (standby and test) equipment with virtual clones in order to 'emulate' the scale of the operational environment. The Sim-Env for PANOPTESEC Project is composed of several logical blocks: Emulation Environment Developing Environment Partners Portal for PANOPTESEC Project Development and Testing Among the data sources for the PANOPTESEC System: GFI Languard Asset Management System, Whatsup Gold Network Management System, OpenVas Vulnerability Scanner, IDS/Firewall logs collected by an SMC and sent to LowLevelCorrelator as Syslogs, Built-in Topology Scanner based on Nmap, Mirrored network traffic.
19 Real control systems in cold standby mode (Disaster Recovery site) Real high/medium voltage substations in test mode Cloned SCADA systems for scalability emulation Simulated ICT domain for diversity of application experiments (e.g., non-scada environments) Installed network and security monitoring systems support data collection Emulation Environment
20 Project Status and Ongoing Activity On the Proactive Chain, first tests with up-to 1000 nodes on a mixed topology network nodes (Linux/Windows devices, from 1 to 10 known vulnerabilities) have been performed: PANOPTESEC System computation times of the actual alpha version from data collection and topology/attack paths reconstruction to response plans computation stays under 15 minutes (for 1000 nodes) Given the capability of the sensors, PANOPTESEC System is able to perceive updates in the monitored system within 5 minutes On the Reactive Chain, firsts tests with up to raw alerts/second (collected from IDS and firewalls) have been performed: On a single raw alert collector and correlator component installation, this rate seems absolutely feasible. The System is able to use multiple raw alerts collectors and correlators, in order to scale furthermore: new test will be conducted in the following months.
21 Project Status and Ongoing Activity Version 2 component prototypes delivered October 2015 Ongoing experimentation and test over the Emulation Environment and over the Production Environment Pre-integration complete for both Proactive and Reactive response chains Integration prototypes development ongoing Target delivery planned June 2016 Start formal System Integration and Test activities Planned operational workshop end of October 2016 Hosted by ACEA, Rome, Italy Demonstration on PANOPTESEC Cyber Emulation Environment Wide and open attendance desired Not limited to Critical Infrastructure markets
22 Additional information The PANOPTESEC project is sponsored in part by the European Commission, Seventh Framework Programme, DG Connect, Project number Various PANOPTESEC documents, presentations, scientific papers and videos are publically available at Please follow the project on: Linked in: Twitter: #PANOPTESEC For additional information please contact: (Member of Steering Committee)
23 One last word Thank you!
Symantec Security Monitoring Services
24x7 real-time security monitoring and protection Protect corporate assets from malicious global threat activity before it impacts your network. Partnering with Symantec skilled and experienced analysts
More informationPreemptive PREventivE Methodology and Tools to protect utilities
Preemptive PREventivE Methodology and Tools to protect utilities 2014 2017 With the financial support of FP7 Seventh Framework Programme Grant agreement no: 607093 1 Preemptive description Project objectives
More informationImproving SCADA System Security
Improving SCADA System Security NPCC 2004 General Meeting Robert W. Hoffman Manager, Cyber Security Research Department Infrastructure Assurance and Defense Systems National Security Division, INEEL September
More informationChapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS
Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS The Saskatchewan Power Corporation (SaskPower) is the principal supplier of power in Saskatchewan with its mission to deliver power
More informationContinuous protection to reduce risk and maintain production availability
Industry Services Continuous protection to reduce risk and maintain production availability Managed Security Service Answers for industry. Managing your industrial cyber security risk requires world-leading
More informationalign security instill confidence
align security instill confidence cyber security Securing data has become a top priority across all industries. High-profile data breaches and the proliferation of advanced persistent threats have changed
More informationManagement s Response to the Auditor General s Review of Management and Oversight of the Integrated Business Management System (IBMS)
APPENDI 2 ommendation () () 1. The City Manager in consultation with the Chief Information Officer give consideration to the establishment of an IBMS governance model which provides for senior management
More informationSOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT
RSA ARCHER IT & SECURITY RISK MANAGEMENT INTRODUCTION Organizations battle growing security challenges by building layer upon layer of defenses: firewalls, antivirus, intrusion prevention systems, intrusion
More informationCybersecurity for Health Care Providers
Cybersecurity for Health Care Providers Montgomery County Medical Society Provider Meeting February 28, 2017 T h e MARYLAND HEALTH CARE COMMISSION Overview Cybersecurity defined Cyber-Threats Today Impact
More informationCurrent skills gap for capable CTI analysts: Training for forensics & analysis
Current skills gap for capable CTI analysts: Training for forensics & analysis WORKSHOP CTI EU Bonding EU Cyber Threat Intelligence 30-31 October, Link Campus University, Rome, Italy Ing. Selene Giupponi
More informationWITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:
SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE Protecting your business assets and sensitive data requires regular vulnerability assessment,
More informationCTI Capability Maturity Model Marco Lourenco
1 CTI Capability Maturity Model Cyber Threat Intelligence Course NIS Summer School 2018, Crete October 2018 MARCO LOURENCO - ENISA Cyber Security Analyst Lead European Union Agency for Network and Information
More informationReinvent Your 2013 Security Management Strategy
Reinvent Your 2013 Security Management Strategy Laurent Boutet 18 septembre 2013 Phone:+33 6 25 34 12 01 Email:laurent.boutet@skyboxsecurity.com www.skyboxsecurity.com What are Your Key Objectives for
More informationNCSF Foundation Certification
NCSF Foundation Certification Overview This ACQUIROS accredited training program is targeted at IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity
More informationArbor White Paper Keeping the Lights On
Arbor White Paper Keeping the Lights On The Importance of DDoS Defense in Business Continuity Planning About Arbor Networks Arbor Networks Inc., the cyber security division of NETSCOUT, helps secure the
More informationIBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.
IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats. Enhancing cost to serve and pricing maturity Keeping up with quickly evolving ` Internet threats
More informationSANS Top 20 CIS. Critical Security Control Solution Brief Version 6. SANS Top 20 CIS. EventTracker 8815 Centre Park Drive, Columbia MD 21045
Critical Security Control Solution Brief Version 6 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable,
More informationSecurity Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:
Position: Reports to: Location: Security Monitoring Engineer / (NY or NC) Director, Information Security New York, NY or Winston-Salem, NC Position Summary: The Clearing House (TCH) Information Security
More informationPresentation to the ITU on the Q-CERT Incident Management Team. Ian M Dowdeswell Incident Manager, Q-CERT
Presentation to the ITU on the Q-CERT Incident Management Team Ian M Dowdeswell Incident Manager, Q-CERT 2 Q-CERT Mission The Mission of Q-CERT is to be a world-class center of excellence providing expert
More informationSIEM: Five Requirements that Solve the Bigger Business Issues
SIEM: Five Requirements that Solve the Bigger Business Issues After more than a decade functioning in production environments, security information and event management (SIEM) solutions are now considered
More informationOrganizational Readiness for Digital Transformation
IVI Community Event Organizational Readiness for Digital Transformation Dr. Marian Carcary June 22nd 2017 Introduction Digital business transformation goes beyond traditional process optimization, to leveraging
More informationFintech District. The First Testing Cyber Security Platform. In collaboration with CISCO. Cloud or On Premise Platform
Fintech District The First Testing Cyber Security Platform In collaboration with CISCO Cloud or On Premise Platform WHAT IS SWASCAN? SWASCAN SERVICES Cloud On premise Web Application Vulnerability Scan
More informationcybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationNational Cyber Security Operations Center (N-CSOC) Stakeholders' Conference
National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference Benefits to the Stakeholders A Collaborative and Win-Win Strategy Lal Dias Chief Executive Officer Sri Lanka CERT CC Cyber attacks
More informationFramework for Improving Critical Infrastructure Cybersecurity
Framework for Improving Critical Infrastructure Cybersecurity November 2017 cyberframework@nist.gov Supporting Risk Management with Framework 2 Core: A Common Language Foundational for Integrated Teams
More informationIBM Internet Security Systems Proventia Management SiteProtector
Supporting compliance and mitigating risk through centralized management of enterprise security devices IBM Internet Security Systems Proventia Management SiteProtector Highlights Reduces the costs and
More informationCYBER RESILIENCE & INCIDENT RESPONSE
CYBER RESILIENCE & INCIDENT RESPONSE www.nccgroup.trust Introduction The threat landscape has changed dramatically over the last decade. Once the biggest threats came from opportunist attacks and preventable
More informationSecurity and resilience in Information Society: the European approach
Security and resilience in Information Society: the European approach Andrea Servida Deputy Head of Unit European Commission DG INFSO-A3 Andrea.servida@ec.europa.eu What s s ahead: mobile ubiquitous environments
More informationCyber Defence Situational Awareness
Cyber Defence Situational Awareness HQ SACT, ACT Office of Security NC3A, CAT-2 1 Objectives of the Workshop Communicate and clarify the context of Cyber Defence within NATO Present ACT s Cyber Defence
More informationThe Perfect Storm Cyber RDT&E
The Perfect Storm Cyber RDT&E NAVAIR Public Release 2015-87 Approved for public release; distribution unlimited Presented to: ITEA Cyber Workshop 25 February 2015 Presented by: John Ross NAVAIR 5.4H Cyberwarfare
More informationThe NIST Cybersecurity Framework
The NIST Cybersecurity Framework U.S. German Standards Panel 2018 April 10, 2018 Adam.Sedgewick@nist.gov National Institute of Standards and Technology About NIST Agency of U.S. Department of Commerce
More informationA Government Health Agency Trusts Tenable to Protect Patient Data and Manage Expanding Attack Surface
A Government Health Agency Trusts Tenable to Protect Patient Data and Manage Expanding Attack Surface ORGANIZATION SNAPSHOT The level of visibility Tenable.io provides is phenomenal, something we just
More informationBradford J. Willke. 19 September 2007
A Critical Information Infrastructure Protection Approach to Multinational Cyber Security Events Bradford J. Willke 19 September 2007 Overview A framework for national Critical Information Infrastructure
More informationImplementation Strategy for Cybersecurity Workshop ITU 2016
Implementation Strategy for Cybersecurity Workshop ITU 2016 Council for Scientific and Industrial Research Joey Jansen van Vuuren Intricacies and interdependencies cyber policies must address potential
More informationDEVELOP YOUR TAILORED CYBERSECURITY ROADMAP
ARINC cybersecurity solutions DEVELOP YOUR TAILORED CYBERSECURITY ROADMAP Getting started is as simple as assessing your baseline THE RIGHT CYBERSECURITY SOLUTIONS FOR YOUR UNIQUE NEEDS Comprehensive threat
More informationDigital Wind Cyber Security from GE Renewable Energy
Digital Wind Cyber Security from GE Renewable Energy BUSINESS CHALLENGES The impact of a cyber attack to power generation operations has the potential to be catastrophic to the renewables industry as well
More informationSecuring Industrial Control Systems
L OCKHEED MARTIN Whitepaper Securing Industrial Control Systems The Basics Abstract Critical infrastructure industries such as electrical power, oil and gas, chemical, and transportation face a daunting
More informationCybersecurity-Related Information Sharing Guidelines Draft Document Request For Comment
Cybersecurity-Related Information Sharing Guidelines Draft Document Request For Comment SWG G 3 2016 v0.2 ISAO Standards Organization Standards Working Group 3: Information Sharing Kent Landfield, Chair
More informationREVIEW OF MANAGEMENT AND OVERSIGHT OF THE INTEGRATED BUSINESS MANAGEMENT SYSTEM (IBMS) January 16, 2009
APPENDIX 1 REVIEW OF MANAGEMENT AND OVERSIGHT OF THE INTEGRATED BUSINESS MANAGEMENT SYSTEM (IBMS) January 16, 2009 Auditor General s Office Jeffrey Griffiths, C.A., C.F.E. Auditor General City of Toronto
More informationFramework for Improving Critical Infrastructure Cybersecurity. and Risk Approach
Framework for Improving Critical Infrastructure Cybersecurity Implementation of Executive Order 13636 and Risk Approach June 9, 2016 cyberframework@nist.gov Executive Order: Improving Critical Infrastructure
More informationSIEMLESS THREAT DETECTION FOR AWS
SOLUTION OVERVIEW: ALERT LOGIC FOR AMAZON WEB SERVICES (AWS) SIEMLESS THREAT DETECTION FOR AWS Few things are as important to your business as maintaining the security of your sensitive data. Protecting
More informationHow AlienVault ICS SIEM Supports Compliance with CFATS
How AlienVault ICS SIEM Supports Compliance with CFATS (Chemical Facility Anti-Terrorism Standards) The U.S. Department of Homeland Security has released an interim rule that imposes comprehensive federal
More informationREPORT 2015/010 INTERNAL AUDIT DIVISION
INTERNAL AUDIT DIVISION REPORT 2015/010 Audit of information and communications technology strategic planning, governance and management in the Investment Management Division of the United Nations Joint
More informationALIENVAULT USM FOR AWS SOLUTION GUIDE
ALIENVAULT USM FOR AWS SOLUTION GUIDE Summary AlienVault Unified Security Management (USM) for AWS is a unified security platform providing threat detection, incident response, and compliance management
More informationCyber Security Technologies
1 / Cyber Security Technologies International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center Lisbon, 12 th September 2013 23 / Key highlights - Thales Group Thales
More informationAdvanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018
Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018 The Homeland Security Systems Engineering and Development Institute (HSSEDI ) is a trademark of the U.S. Department of Homeland
More informationNCSF Foundation Certification
NCSF Foundation Certification Overview This ACQUIROS accredited training program is targeted at IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity
More informationSecurity by Default: Enabling Transformation Through Cyber Resilience
Security by Default: Enabling Transformation Through Cyber Resilience FIVE Steps TO Better Security Hygiene Solution Guide Introduction Government is undergoing a transformation. The global economic condition,
More informationitsmf ITIL V3: Accelerate Success with Tools Maria A Medvedeva, PMP, ITIL Regional Director CA, Inc. itsmf Middle East Board of Directors
itsmf ITIL V3: Accelerate Success with Tools Maria A Medvedeva, PMP, ITIL Regional Director CA, Inc. itsmf Middle East Board of Directors Dubai, June 11, 2007 Challenging Questions > Should we slow down
More informationRFD. for ICERT ( ) RESULTS-FRAMEWORK DOCUMENT. Department of Information Technology. Results-Framework Document (RFD) for CERT-In ( )
Results-Framework Document (RFD) for CERT-In (-) RFD RESULTS-FRAMEWORK DOCUMENT for ICERT Department of Information Technology (-) Page 1 of 13 Results-Framework Document (RFD) for CERT-In (-) SECTION
More informationHow security intelligence can be used for incident management. Volker Rath, Techn. Lead Consulting Services
How security intelligence can be used for incident management Volker Rath, Techn. Lead Consulting Services Safety and protection matters Lots of news about threats and diseases. Which immunizations? Spreading
More informationCyber Security Solutions Mitigating risk and enhancing plant reliability
P OW E R G E N E R AT I O N Cyber Security Solutions Mitigating risk and enhancing plant reliability 2 CYBER SECURITY SOLUTIONS MITIGATING RISK AND ENHANCING PLANT RELIABILITY Providing a roadmap to achieve
More informationChapter X Security Performance Metrics
Chapter X Security Performance Metrics Page 1 of 10 Chapter X Security Performance Metrics Background For many years now, NERC and the electricity industry have taken actions to address cyber and physical
More informationArcGIS in the Cloud. Andrew Sakowicz & Alec Walker
ArcGIS in the Cloud Andrew Sakowicz & Alec Walker Key Takeaways How to Identify Organizational Strategy & Priorities Esri s Cloud Offerings A Broad Spectrum Successfully Executing Your Strategy The Cloud
More informationResilient Smart Grids
Resilient Smart Grids André Teixeira Kaveh Paridari, Henrik Sandberg KTH Royal Institute of Technology, Sweden SPARKS 2nd Stakeholder Workshop Cork, Ireland March 25th, 2015 Legacy Distribution Grids Main
More informationObjectives of the Security Policy Project for the University of Cyprus
Objectives of the Security Policy Project for the University of Cyprus 1. Introduction 1.1. Objective The University of Cyprus intends to upgrade its Internet/Intranet security architecture. The University
More informationNERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS
NERC CIP VERSION 6 COMPLIANCE BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements
More informationDATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI
DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI EXECUTIVE SUMMARY The shortage of cybersecurity skills Organizations continue to face a shortage of IT skill
More informationUNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2013 Office of Secretary Of Defense DATE: February 2012 0400: Research,, Test & Evaluation, Defense-Wide BA 3: Advanced Technology (ATD) COST ($ in Millions)
More informationExternal Supplier Control Obligations. Cyber Security
External Supplier Control Obligations Cyber Security Control Title Control Description Why this is important 1. Cyber Security Governance The Supplier must have cyber risk governance processes in place
More informationChapter X Security Performance Metrics
Chapter X Security Performance Metrics Page 1 of 9 Chapter X Security Performance Metrics Background For the past two years, the State of Reliability report has included a chapter for security performance
More informationBUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE
BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE 1 WHAT IS YOUR SITUATION? Excel spreadsheets Manually intensive Too many competing priorities Lack of effective reporting Too many consultants Not
More informationTexas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13
Texas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13 I. Vision A highly reliable and secure bulk power system in the Electric Reliability Council of Texas
More informationCyber Partnership Blueprint: An Outline
Approved for Public Release; Distribution Unlimited. 13-3851 The MITRE Corporation Cyber Partnership Blueprint: An Outline October 26, 2013 Copyright 1997-2013, The MITRE Corporation. All rights reserved.
More informationAUDIT UNITED NATIONS VOLUNTEERS PROGRAMME INFORMATION AND COMMUNICATION TECHNOLOGY. Report No Issue Date: 8 January 2014
UNITED NATIONS DEVELOPMENT PROGRAMME AUDIT OF UNITED NATIONS VOLUNTEERS PROGRAMME INFORMATION AND COMMUNICATION TECHNOLOGY Report No. 1173 Issue Date: 8 January 2014 Table of Contents Executive Summary
More informationAbout us: Finmeccanica
About us: Finmeccanica CP EXPO Workshop - «Risks and Security Management in Logistics and Transports» Cyber Security in Railways Systems, Ansaldo STS experience Part 2: Cyber Security Strategy and Design
More informationPREEMPTIVE PREventivE Methodology and Tools to protect utilities
PREEMPTIVE PREventivE Methodology and Tools to protect utilities 2014 2017 1 With the financial support of FP7 Seventh Framework Programme Grant agreement no: 607093 Preemptive goal The main goal of PREEMPTIVE
More informationPrinciples of Information Security, Fourth Edition. Chapter 1 Introduction to Information Security
Principles of Information Security, Fourth Edition Chapter 1 Introduction to Information Security Introduction Information security: a well-informed sense of assurance that the information risks and controls
More informationNetworks
Networks +617 3222 2555 info@citec.com.au Queensland Government Network (QGN) Our Queensland Government Network (QGN) is central to the ICT services we provide. It is a government owned and managed network,
More informationBusiness Continuity Planning Keeping Pace with New Technology
Business Continuity Planning Keeping Pace with New Technology Old issues, new threats Force Majeure Increasing severe weather incidents, terrorist attacks Legacy modernization Cutover issues, system crashes,
More informationInformation Technology General Control Review
Information Technology General Control Review David L. Shissler, Senior IT Auditor, CPA, CISA, CISSP Office of Internal Audit and Risk Assessment September 15, 2016 Background Presenter Senior IT Auditor
More informationCyber Security Strategy
Cyber Security Strategy Committee for Home Affairs Introduction Cyber security describes the technology, processes and safeguards that are used to protect our networks, computers, programs and data from
More informationCYBER THREAT INTEL: A STATE OF MIND. Internal Audit, Risk, Business & Technology Consulting
CYBER THREAT INTEL: A STATE OF MIND Internal Audit, Risk, Business & Technology Consulting WHO ARE WE? Randy Armknecht, CISSP, EnCE Protiviti Director - IT Consulting randy.armknecht@protiviti.com Albin
More informationMike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS
Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS Can You Answer These Questions? 1 What s my company s exposure to the latest industrial cyber threat? Are my plants
More informationContinuous Monitoring and Incident Response
Continuous Monitoring and Incident Response Developing robust cyber continuous monitoring and incident response capabilities is mission critical to energy-related operations in today s digital age. As
More informationMember of the County or municipal emergency management organization
EMERGENCY OPERATIONS PLAN SUUPPORT ANNEX B PRIVATE-SECTOR COORDINATION Coordinating Agency: Cooperating Agencies: Chatham Emergency Management Agency All Introduction Purpose This annex describes the policies,
More informationFFIEC Cyber Security Assessment Tool. Overview and Key Considerations
FFIEC Cyber Security Assessment Tool Overview and Key Considerations Overview of FFIEC Cybersecurity Assessment Tool Agenda Overview of assessment tool Review inherent risk profile categories Review domain
More informationSymantec Business Continuity Solutions for Operational Risk Management
Symantec Business Continuity Solutions for Operational Risk Management Manage key elements of operational risk across your enterprise to keep critical processes running and your business moving forward.
More informationCyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.
Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK. In today s escalating cyber risk environment, you need to make sure you re focused on the right priorities by
More informationDeveloping a Model for Cyber Security Maturity Assessment
Developing a Model for Cyber Security Maturity Assessment Tariq Al-idrissi, Associate Vice President IT, Trent University Ian Thomson, Information Security Officer, Trent University June 20 th, 2018 (8:45am
More informationIT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18
Pierce County Classification Description IT SECURITY OFFICER Department: Information Technology Job Class #: 634900 Pay Range: Professional 18 FLSA: Exempt Represented: No Classification descriptions are
More informationSeventh Framework Programme Security Research. Health Security Committee CBRN Section. 30 September by Clément Williamson
Seventh Framework Programme 2007-2013 Security Research Health Security Committee CBRN Section 30 September 2009 by Clément Williamson clement.williamson@ec.europa.eu Work programme 2009 Info Day European
More informationCyber Threat Prioritization
Cyber Threat Prioritization FSSCC Threat and Vulnerability Assessment Committee Jay McAllister Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden for the collection of information
More informationThe Importance of Cybersecurity Threat Detection for Utilities
The Importance of Cybersecurity Threat Detection for Utilities www.n-dimension.com Cybersecurity threats against energy companies, including utilities, have been increasing at an alarming rate. A comprehensive
More informationPanelists. Moderator: Dr. John H. Saunders, MITRE Corporation
SCADA/IOT Panel This panel will focus on innovative & emerging solutions and remaining challenges in the cybersecurity of industrial control systems ICS/SCADA. Representatives from government and infrastructure
More informationGujarat Forensic Sciences University
Gujarat Forensic Sciences University Knowledge Wisdom Fulfilment Cyber Security Consulting Services Secure Software Engineering Infrastructure Security Digital Forensics SDLC Assurance Review & Threat
More informationSTAY ONE STEP AHEAD OF THE CRIMINAL MIND. F-Secure Rapid Detection & Response
STAY ONE STEP AHEAD OF THE CRIMINAL MIND F-Secure Rapid Detection & Response INTRO PROTECT YOUR BUSINESS AND ITS DATA AGAINST ADVANCED ATTACKS Effective pre-compromise threat prevention is the cornerstone
More informationWhite Paper. View cyber and mission-critical data in one dashboard
View cyber and mission-critical data in one dashboard Table of contents Rising cyber events 2 Mitigating threats 2 Heighten awareness 3 Evolving the solution 5 One of the direct benefits of the Homeland
More informationGIS in Situational and Operational Awareness: Supporting Public Safety from the Operations Center to the Field
GIS in Situational and Operational Awareness: Supporting Public Safety from the Operations Center to the Field Glasgow Bombings- June 2007 Law Enforcement, Public Safety and Homeland Security Organizations
More informationAutomated Firewall Change Management Securing change management workflow to ensure continuous compliance and reduce risk
Automated Firewall Change Management Securing change management workflow to ensure continuous compliance and reduce risk Skybox Security Whitepaper January 2015 Executive Summary Firewall management has
More informationThink Like an Attacker
Think Like an Attacker The Core Security Attack Intelligence Platform Core Security Presenter: Jackie Kalter Core Security Jackie Kalter has been in the Network Security industry for over 15 years. An
More informationDelivering Complex Enterprise Applications via Hybrid Clouds
Whitepaper Delivering Complex Enterprise Applications via Hybrid Clouds As enterprises and industries shake off the effects of the last recession, the focus of IT organizations has shifted from one marked
More informationThe NIS Directive and Cybersecurity in
The NIS Directive and Cybersecurity in ehealth Dr. Athanasios Drougkas Officer in NIS Belgian Hospitals Meeting on Security Brussels 13 th October European Union Agency For Network And Information Security
More informationInformation Security Controls Policy
Information Security Controls Policy Classification: Policy Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January
More informationENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE
ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE INTRODUCTION In line with commercial industry standards, the data center used by EndNote employs a dedicated security team to protect our
More informationAccelerate Your Enterprise Private Cloud Initiative
Cisco Cloud Comprehensive, enterprise cloud enablement services help you realize a secure, agile, and highly automated infrastructure-as-a-service (IaaS) environment for cost-effective, rapid IT service
More informationTRUE SECURITY-AS-A-SERVICE
TRUE SECURITY-AS-A-SERVICE To effectively defend against today s cybercriminals, organizations must look at ways to expand their ability to secure and maintain compliance across their evolving IT infrastructure.
More informationBusiness continuity management and cyber resiliency
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Business continuity management and cyber resiliency Introductions Eric Wunderlich,
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Unauthorized Access
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationHybrid Cyber Warfare, dual risks?
Hybrid Cyber Warfare, dual risks? Cologne - 26/04/2017 ing. Giuseppe G. Zorzino ERMCP, CISA, CISM, CGEIT, CRISC, LA ISO27001 Bio Giuseppe Giovanni Zorzino Teacher and consultant of information security,
More information