Framework for Improving Critical Infrastructure Cybersecurity

Similar documents
Improving Critical Infrastructure Cybersecurity Executive Order Preliminary Cybersecurity Framework

Function Category Subcategory Implemented? Responsible Metric Value Assesed Audit Comments

Using Metrics to Gain Management Support for Cyber Security Initiatives

Framework for Improving Critical Infrastructure Cybersecurity

Framework for Improving Critical Infrastructure Cybersecurity

The NIST Cybersecurity Framework

NCSF Foundation Certification

Securing an IT. Governance, Risk. Management, and Audit

Framework for Improving Critical Infrastructure Cybersecurity

NIST (NCF) & GDPR to Microsoft Technologies MAP

NCSF Foundation Certification

Updates to the NIST Cybersecurity Framework

Information Technology Security Plan Policy, Control, and Procedures Manual Detect: Anomalies and Events

Framework for Improving Critical Infrastructure Cybersecurity

Cyber Security Standards Developments

Overview of the Cybersecurity Framework

The Road Ahead for Healthcare Sector: What to Expect in Cybersecurity Session CS6, February 19, 2017 Donna F. Dodson, Chief Cybersecurity Advisor,

Choosing the Right Cybersecurity Assessment Tool Michelle Misko, TraceSecurity Product Specialist

Cybersecurity & Privacy Enhancements

Les joies et les peines de la transformation numérique

Framework for Improving Critical Infrastructure Cybersecurity. and Risk Approach

NIST Cybersecurity Testbed for Transportation Systems. CheeYee Tang Electronics Engineer National Institute of Standards and Technology

Cybersecurity Framework Manufacturing Profile

Bonnie A. Goins Adjunct Industry Professor Illinois Institute of Technology

Cybersecurity Framework

CYBERSECURITY FOR STARTUPS AND SMALL BUSINESSES OVERVIEW OF CYBERSECURITY FRAMEWORKS

Protecting Controlled Unclassified Information(CUI) in Nonfederal Information Systems and Organizations

Discussion Draft of the Preliminary Cybersecurity Framework August 28, 2013

Why you should adopt the NIST Cybersecurity Framework

Designing & Building a Cybersecurity Program. Based on the NIST Cybersecurity Framework (CSF)

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

Information Technology Security Plan Policies, Controls, and Procedures Identify Risk Assessment ID.RA

COMPLIANCE BRIEF: NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY S FRAMEWORK FOR IMPROVING CRITICAL INFRASTRUCTURE CYBERSECURITY

Executive Order & Presidential Policy Directive 21. Ed Goff, Duke Energy Melanie Seader, EEI

Altius IT Policy Collection Compliance and Standards Matrix

How to Align with the NIST Cybersecurity Framework

Assurance through the ISO27002 Standard and the US NIST Cybersecurity Framework. Keith Price Principal Consultant

Altius IT Policy Collection Compliance and Standards Matrix

Cyber Information Sharing

ACR 2 Solutions Compliance Tools

SAC PA Security Frameworks - FISMA and NIST

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

2016 Nationwide Cyber Security Review: Summary Report. Nationwide Cyber Security Review: Summary Report

Using the NIST Cybersecurity Framework to Guide your Security Program August 31, 2017

Effectively Measuring Cybersecurity Improvement: A CSF Use Case

NW NATURAL CYBER SECURITY 2016.JUNE.16

standards and frameworks and controls oh my! Mike Garcia Senior Advisor for Elections Best Practices

Using the NIST Framework for Metrics 5/14/2015

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

From the Trenches: Lessons learned from using the NIST Cybersecurity Framework

DHS Cybersecurity: Services for State and Local Officials. February 2017

Information Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV

Acalvio Deception and the NIST Cybersecurity Framework 1.1

MANAGING THE EFFECTIVENESS OF A CYBER SECURITY PROGRAM THROUGH A NIST CYBER SECURITY FRAMEWORK EVALUATION

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

Cybersecurity Overview

Implementing the Administration's Critical Infrastructure and Cybersecurity Policy

American Association of Port Authorities Port Security Seminar & Expo Cyber Security Preparedness and Resiliency in the Marine Environment

How to implement NIST Cybersecurity Framework using ISO WHITE PAPER. Copyright 2017 Advisera Expert Solutions Ltd. All rights reserved.

STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE

Responsible Care Security Code

NIST SP , Revision 1 CNSS Instruction 1253

Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt

Four Deadly Traps of Using Frameworks NIST Examples

Implementing Executive Order and Presidential Policy Directive 21

Statement for the Record

Cyber Security & Homeland Security:

The Office of Infrastructure Protection

Re: McAfee s comments in response to NIST s Solicitation for Comments on Draft 2 of Cybersecurity Framework Version 1.1

A Controls Factory Approach To Operationalizing a Cyber Security Program Based on the NIST Cybersecurity Framework

Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure

ISAO SO Product Outline

Designing and Building a Cybersecurity Program

Knowledge Set of Attack Surface and Cybersecurity Rating for Firms in a Supply Chain Dr. Shaun Wang, FCAS, CERA

INTERNATIONAL CIVIL AVIATION ORGANIZATION ASIA and PACIFIC OFFICE ASIA/PAC RECOMMENDED SECURITY CHECKLIST

Track 4A: NIST Workshop

IASM Support for FISMA

INFORMATION ASSURANCE DIRECTORATE

Evolving Cybersecurity Strategies

Building Secure Systems

Technical Conference on Critical Infrastructure Protection Supply Chain Risk Management

CyberUSA Government Cyber Opportunities for your Region: The Federal Agenda - Federal, Grants & Resources Available to Support Community Cyber

Top 10 ICS Cybersecurity Problems Observed in Critical Infrastructure

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

Cybersecurity for Health Care Providers

Dear Mr. Games: Please see our submission attached. With kind regards, Aaron

MINIMUM SECURITY CONTROLS SUMMARY

Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS

National Initiative for Cybersecurity Education

DEFINITIONS AND REFERENCES

Plenary Session: Branch Cybersecurity Controls Thursday, February 22 1:15 p.m. 2:15 p.m.

PIPELINE SECURITY An Overview of TSA Programs

Security and Privacy Governance Program Guidelines

Executive Order on Coordinating National Resilience to Electromagnetic Pulses

SYSTEMS ASSET MANAGEMENT POLICY

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

ICS-CERT Year in Review. Industrial Control Systems Cyber Emergency Response Team

FISMA Cybersecurity Performance Metrics and Scoring

Department of Homeland Security Updates

ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION

Transcription:

1 Framework for Improving Critical Infrastructure Cybersecurity Standards Certification Education & Training Publishing Conferences & Exhibits Dean Bickerton ISA New Orleans April 5, 2016

A Brief Commercial Interruption Industrial Control System Cybersecurity Seminar Wednesday, April 27, 2016 8:00 AM to 4:30 PM MS Benbow and Associates $325 Members / $450 Non-Members 8 PDHs Until recently, the reasons for securing Supervisory Control and Data Acquisition (SCADA) or Industrial Control Systems (ICS) weren t always that compelling to the end user. But cyber-attacks on are on the rise with the increased convergence of plant operations with IT infrastructure. The risks are certainly greater with critical infrastructure facilities such as Power, Oil & Gas, or Water/Wastewater plants. But smaller less critical processes are also exposed to cyber-attacks which can pose significant risks to human health and safety, the environment, and business operations. 2

Origin of the Framework EO 13636 Recognizing that the national and economic security of the United States depends on the reliable functioning of critical infrastructure, the President issued Executive Order (EO) 13636, Improving Critical Infrastructure Cybersecurity, on February 12, 2013. The Order directed the National Institute of Standards and Technology (NIST) to work with stakeholders to develop a voluntary framework based on existing standards, guidelines, and practices - for reducing cyber risks to critical infrastructure. It is the policy of the United States to enhance the security and resilience of the Nation s critical infrastructure and to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties. 3

Background on the Framework Created through collaboration between industry, academia, and government, the Framework consists of standards, guidelines, and practices to promote the protection of critical infrastructure. The prioritized, flexible, repeatable, and cost-effective approach of the Framework helps owners and operators of critical infrastructure to manage cybersecurity-related risk. Version 1.0 of the Framework for Improving Critical Infrastructure was issued by on February 12, 2014 NIST continues to facilitate the awareness, use, and growth of the Framework across the country and around the world. 4

Framework Components Framework Core - a set of cybersecurity activities, desired outcomes, and applicable references that are common across critical infrastructure sectors. Framework Profiles - represents the cybersecurity outcomes based on business needs that an organization has selected from the Framework Core Categories and Subcategories. Framework Implementation Tiers - provide context on how an organization views cybersecurity risk and the processes in place to manage that risk. 5

What is the Framework Core? The Framework Core is a set of cybersecurity activities, desired outcomes, and applicable references that are common across critical infrastructure sectors. Example language of a desired outcome - physical devices and systems within the organization are inventoried. Language is intended to allow communication across the organization from executive level to operations and implementation levels. Consists of five concurrent and continuous functions with subcategories for each function and informative references Identify, Protect, Detect, Respond, Recover 6

Framework Core Structure 7

Framework Core Functions, Categories, and Subcategories 8

Framework Core - Identify Develop the organizational understanding to manage cybersecurity risk to systems, assets, data, and capabilities. The activities in the Identify Function are foundational for effective use of the Framework. Understanding the business context, the resources that support critical functions, and the related cybersecurity risks enables an organization to focus and prioritize its efforts, consistent with its risk management strategy and business needs. Examples of outcome Categories within this Function include: Asset Management; Business Environment; Governance; Risk Assessment; and Risk Management Strategy 9

Example - Identify Risk Assessment (ID.RA): The organization understands the cybersecurity risk to organizational operations (including mission, functions, image, or reputation), organizational assets, and individuals. ID.RA-1: Asset vulnerabilities are identified and documented ID.RA-2: Threat and vulnerability information is received from information sharing forums and sources ID.RA-3: Threats, both internal and external, are identified and documented ID.RA-4: Potential business impacts and likelihoods are identified ID.RA-5: Threats, vulnerabilities, likelihoods, and impacts are used to determine risk ID.RA-6: Risk responses are identified and prioritized CCS CSC 4 COBIT 5 APO12.01, APO12.02, APO12.03, APO12.04 ISA 62443-2-1:2009 4.2.3, 4.2.3.7, 4.2.3.9, 4.2.3.12 ISO/IEC 27001:2013 A.12.6.1, A.18.2.3 NIST SP 800-53 Rev. 4 CA-2, CA-7, CA-8, RA-3, RA-5, SA-5, SA-11, SI-2, SI-4, SI-5 ISA 62443-2-1:2009 4.2.3, 4.2.3.9, 4.2.3.12 ISO/IEC 27001:2013 A.6.1.4 NIST SP 800-53 Rev. 4 PM-15, PM-16, SI-5 COBIT 5 APO12.01, APO12.02, APO12.03, APO12.04 ISA 62443-2-1:2009 4.2.3, 4.2.3.9, 4.2.3.12 NIST SP 800-53 Rev. 4 RA-3, SI-5, PM-12, PM-16 COBIT 5 DSS04.02 ISA 62443-2-1:2009 4.2.3, 4.2.3.9, 4.2.3.12 NIST SP 800-53 Rev. 4 RA-2, RA-3, PM-9, PM-11, SA-14 COBIT 5 APO12.02 ISO/IEC 27001:2013 A.12.6.1 NIST SP 800-53 Rev. 4 RA-2, RA-3, PM-16 COBIT 5 APO12.05, APO13.02 NIST SP 800-53 Rev. 4 PM-4, PM-9 10

Another Commercial Interruption Since 1949 Over 150 standards Over 140 committees Over 4,000 committee members Including: Symbols Instruments Controls Safety and alarm systems Batch recipes Integration Cybersecurity 11

Framework Core - Protect Develop and implement the appropriate safeguards to ensure delivery of critical infrastructure services. The Protect Function supports the ability to limit or contain the impact of a potential cybersecurity event. Examples of outcome Categories within this Function include: Access Control; Awareness and Training; Data Security; Information Protection Processes and Procedures; Maintenance; and Protective Technology. 12

Example - Protect PR.AC-1: Identities and credentials are managed for authorized devices and users CCS CSC 16 COBIT 5 DSS05.04, DSS06.03 ISA 62443-2-1:2009 4.3.3.5.1 ISA 62443-3-3:2013 SR 1.1, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.7, SR 1.8, SR 1.9 Access Control (PR.AC): Access to assets and associated facilities is limited to authorized users, processes, or devices, and to authorized activities and transactions. PR.AC-2: Physical access to assets is managed and protected PR.AC-3: Remote access is managed PR.AC-4: Access permissions are managed, incorporating the principles of least privilege and separation of duties PR.AC-5: Network integrity is protected, incorporating network segregation where appropriate ISO/IEC 27001:2013 A.9.2.1, A.9.2.2, A.9.2.4, A.9.3.1, A.9.4.2, A.9.4.3 NIST SP 800-53 Rev. 4 AC-2, IA Family COBIT 5 DSS01.04, DSS05.05 ISA 62443-2-1:2009 4.3.3.3.2, 4.3.3.3.8 ISO/IEC 27001:2013 A.11.1.1, A.11.1.2, A.11.1.4, A.11.1.6, A.11.2.3 NIST SP 800-53 Rev. 4 PE-2, PE-3, PE-4, PE-5, PE-6, PE-9 COBIT 5 APO13.01, DSS01.04, DSS05.03 ISA 62443-2-1:2009 4.3.3.6.6 ISA 62443-3-3:2013 SR 1.13, SR 2.6 ISO/IEC 27001:2013 A.6.2.2, A.13.1.1, A.13.2.1 NIST SP 800-53 Rev. 4 AC 17, AC-19, AC-20 CCS CSC 12, 15 ISA 62443-2-1:2009 4.3.3.7.3 ISA 62443-3-3:2013 SR 2.1 ISO/IEC 27001:2013 A.6.1.2, A.9.1.2, A.9.2.3, A.9.4.1, A.9.4.4 NIST SP 800-53 Rev. 4 AC-2, AC-3, AC-5, AC-6, AC-16 ISA 62443-2-1:2009 4.3.3.4 ISA 62443-3-3:2013 SR 3.1, SR 3.8 ISO/IEC 27001:2013 A.13.1.1, A.13.1.3, A.13.2.1 NIST SP 800-53 Rev. 4 AC-4, SC-7 13

Framework Core - Detect Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event. The Detect Function enables timely discovery of cybersecurity events. Examples of outcome Categories within this Function include: Anomalies and Events; Security Continuous Monitoring; and Detection Processes. 14

Example - Detect nomalies and Events (DE.AE): Anomalous activity is detected in a timely manner and the potential impact of events is understood. DE.AE-1: A baseline of network operations and expected data flows for users and systems is established and managed DE.AE-2: Detected events are analyzed to understand attack targets and methods DE.AE-3: Event data are aggregated and correlated from multiple sources and sensors DE.AE-4: Impact of events is determined DE.AE-5: Incident alert thresholds are established COBIT 5 DSS03.01 ISA 62443-2-1:2009 4.4.3.3 NIST SP 800-53 Rev. 4 AC-4, CA-3, CM-2, SI-4 ISA 62443-2-1:2009 4.3.4.5.6, 4.3.4.5.7, 4.3.4.5.8 ISA 62443-3-3:2013 SR 2.8, SR 2.9, SR 2.10, SR 2.11, SR 2.12, SR 3.9, SR 6.1, SR 6.2 ISO/IEC 27001:2013 A.16.1.1, A.16.1.4 NIST SP 800-53 Rev. 4 AU-6, CA-7, IR-4, SI-4 ISA 62443-3-3:2013 SR 6.1 NIST SP 800-53 Rev. 4 AU-6, CA-7, IR-4, IR-5, IR-8, SI-4 COBIT 5 APO12.06 NIST SP 800-53 Rev. 4 CP-2, IR-4, RA-3, SI -4 COBIT 5 APO12.06 ISA 62443-2-1:2009 4.2.3.10 NIST SP 800-53 Rev. 4 IR-4, IR-5, IR-8 15

Framework Core - Respond Develop and implement the appropriate activities to take action regarding a detected cybersecurity event. The Respond Function supports the ability to contain the impact of a potential cybersecurity event. Examples of outcome Categories within this Function include: Response Planning; Communications; Analysis; Mitigation; and Improvements. 16

Example - Respond Communications (RS.CO): Response activities are coordinated with internal and external stakeholders, as appropriate, to include external support from law enforcement agencies. RS.CO-1: Personnel know their roles and order of operations when a response is needed RS.CO-2: Events are reported consistent with established criteria RS.CO-3: Information is shared consistent with response plans RS.CO-4: Coordination with stakeholders occurs consistent with response plans RS.CO-5: Voluntary information sharing occurs with external stakeholders to achieve broader cybersecurity situational awareness ISA 62443-2-1:2009 4.3.4.5.2, 4.3.4.5.3, 4.3.4.5.4 ISO/IEC 27001:2013 A.6.1.1, A.16.1.1 NIST SP 800-53 Rev. 4 CP-2, CP-3, IR-3, IR-8 ISA 62443-2-1:2009 4.3.4.5.5 ISO/IEC 27001:2013 A.6.1.3, A.16.1.2 NIST SP 800-53 Rev. 4 AU-6, IR-6, IR-8 ISA 62443-2-1:2009 4.3.4.5.2 ISO/IEC 27001:2013 A.16.1.2 NIST SP 800-53 Rev. 4 CA-2, CA-7, CP-2, IR-4, IR-8, PE-6, RA-5, SI-4 ISA 62443-2-1:2009 4.3.4.5.5 NIST SP 800-53 Rev. 4 CP-2, IR-4, IR-8 NIST SP 800-53 Rev. 4 PM-15, SI-5 17

Framework Core - Recover Develop and implement the appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event. The Recover Function supports timely recovery to normal operations to reduce the impact from a cybersecurity event. Examples of outcome Categories within this Function include: Recovery Planning; Improvements; and Communications. 18

Example - Recover Improvements (RC.IM): Recovery planning and processes are improved by incorporating lessons learned into future activities. RC.IM-1: Recovery plans incorporate lessons learned RC.IM-2: Recovery strategies are updated COBIT 5 BAI05.07 ISA 62443-2-1 4.4.3.4 NIST SP 800-53 Rev. 4 CP-2, IR-4, IR-8 COBIT 5 BAI07.08 NIST SP 800-53 Rev. 4 CP-2, IR-4, IR-8 19

Framework Profiles - Definition A Framework Profile ( Profile ) represents the cybersecurity outcomes based on business needs that an organization has selected from the Framework Categories and Subcategories. The Profile can be characterized as the alignment of standards, guidelines, and practices to the Framework Core in a particular implementation scenario. Profiles can be used to identify opportunities for improving cybersecurity posture by comparing a Current Profile (the as is state) with a Target Profile (the to be state). 20

Framework Profiles - Development To develop a Profile, an organization can review all of the Categories and Subcategories and, based on business drivers and a risk assessment, determine which are most important. They can also add Categories and Subcategories as needed to address the organization s risks. 21

Framework Profiles - Use The Current Profile can then be used to support prioritization and measurement of progress toward the Target Profile, while factoring in other business needs including cost-effectiveness and innovation. Profiles can be used to conduct self-assessments and communicate within an organization or between organizations. 22

Implementation Tiers - Definition Framework Implementation Tiers ( Tiers ) provide context on how an organization views cybersecurity risk and the processes in place to manage that risk. Tiers describe the degree to which an organization s cybersecurity risk management practices exhibit the characteristics defined in the Framework (e.g., risk and threat aware, repeatable, and adaptive). The Tiers characterize an organization s practices over a range, from Partial (Tier 1) to Adaptive (Tier 4). These Tiers reflect a progression from informal, reactive responses to approaches that are agile and riskinformed. 23

Implementation Tiers - Selection During the Tier selection process, an organization should consider its current risk management practices, threat environment, legal and regulatory requirements, business/mission objectives, and organizational constraints. The Framework Implementation Tiers are not intended to be maturity levels. 24

Implementation Tiers - Use The Tiers are intended to provide guidance to organizations on the interactions and coordination between cybersecurity risk management and operational risk management. The key tenet of the Tiers is to allow organizations to take stock of their current activities from an organization wide point of view and determine if the current integration of cybersecurity risk management practices is sufficient given their mission, regulatory requirements, and risk appetite. Progression to higher Tiers is encouraged when such a change would reduce cybersecurity risk and would be cost-effective. 25

Tools The Framework Core and Informative Requirements are available as separate downloads in three formats: spreadsheet (Excel) alternate view (PDF) database (FileMaker Pro). A companion Roadmap discusses future steps and identifies key areas of cybersecurity development, alignment, and collaboration. The Department of Homeland Security's Critical Infrastructure Cyber Community C³ Voluntary Program helps critical infrastructure owners and operators align with existing resources to assist them in using the Cybersecurity Framework and managing their cyber risks. 26

Informative References Control Objectives for Information and Related Technology (COBIT): http://www.isaca.org/cobit/pages/default.aspx Council on CyberSecurity (CCS) Top 20 Critical Security Controls (CSC): http://www.counciloncybersecurity.org ANSI/ISA-62443-2-1 (99.02.01)-2009, Security for Industrial Automation and Control Systems: Establishing an Industrial Automation and Control Systems Security Program: http://www.isa.org/template.cfm?section=standards8&template=/ecommerce/productdisplay.cfm&pr oductid=10243 ANSI/ISA-62443-3-3 (99.03.03)-2013, Security for Industrial Automation and Control Systems: System Security Requirements and Security Levels: http://www.isa.org/template.cfm?section=standards2&template=/ecommerce/productdisplay.cfm&pr oductid=13420 ISO/IEC 27001, Information technology -- Security techniques -- Information security management systems -- Requirements: http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=54534 NIST SP 800-53 Rev. 4: NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, April 2013 (including updates as of January 15, 2014). http://dx.doi.org/10.6028/nist.sp.800 27

Roadmap Moving Forward On December 11, 2015, NIST issued its third request for information (RFI), Views on the Framework for Improving Critical Infrastructure Cybersecurity, to receive feedback. That RFI response period has closed, and NIST recently published an initial, high-level evaluation of the RFI responses.the RFI analysis will serve as a starting point for discussions at Cybersecurity Framework Workshop 2016. 28

The Final Commercial Interruption Seminar Agenda 27 April 2016 8:00 8:15 Welcome and Introductions 8:15 9:00 NIST Cybersecurity Framework Overview 9:00 10:30 Indentify: Identifying the Threats to the ICS 10:30 12:00 Protect: How to Protect and Defend Against Cyber Threats 1:00 2:30 Detect: Detection of Undesired Activities in Real-time 2:30 4:00 Response & Recovery: Response Planning and Recovery from an ICS Attack 4:00 4:30 Wrap-up, Panelist Q&A 29

Our Speakers IDENTIFY Identifying the Threats to the ICS by David Bacque Senior Manager Accenture Asset and Operations Services (AAOS), North America David Bacque is a Senior Manager with Accenture s Asset and Operations Services division. He formerly held positions of increasing responsibility with Cimation as Industrial IT Consultant, Supervisor, Program Manager, and Director of Operations. Dave received his BS in Information Systems and Decision Sciences Management Information Systems from Louisiana State University in 2001. Prior to his involvement with Cimation, Dave was involved in IT and Systems Administration at Albert Garaudy and Associates, TOTAL Petrochemicals, and Audubon Engineering. PROTECT How to Protect and Defend Against Cyber Threats by Mitch Williams IT Operations Supervisor Chevron Oronite Company Mitch Williams currently works in Belle Chasse, LA for Chevron Oronite Company. He is the IT Operations Supervisor and is responsible for the security and information protection governance for the entire IT system. He also supports global efforts to increase protection from cyber-attacks. Prior to joining Chevron, Mitch was appointed as the Network Security Officer (NSO) for the Coast Guard Finance Center. He and his team of IT Professionals have successfully passed several IT audits with the government and while working for Chevron. Mitch earned a bachelor s degree in Internetworking Technology from Strayer University and a master s degree in Organizational Leadership from Ashford University. His experience in cyber security extends into network traffic analyzing, intrusion protection, next generation firewall as well as monitoring and alerting on suspicious behavior. DETECT Detection of Undesired Activities in Real-time by Robert Albach Senior Product Line Manager IoT Security Cisco Systems Robert Albach joined Cisco in 2010. As a product manager, he has defined and delivered three network security solutions. His most recent solution is Cisco s first Industrial Security Appliance. Prior to his Cisco tenure, he guided the IPS Management solutions and low end IPS solutions for Intrusion Prevention pioneer TippingPoint. Outside of network security, Robert has lead product management efforts in the application management space at IBM/Tivoli; BMC; and Quest Software. 30

Thank you! 31

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback