Cyber Security Maturity Model

Similar documents
How Advanced Persistent Threats Successfully Breach Large Organizations AND, What To Do About It

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

Rocky Mountain Cyberspace Symposium 2018 DoD Cyber Resiliency

Cyber Resilience. Think18. Felicity March IBM Corporation

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

A New Cyber Defense Management Regulation. Ophir Zilbiger, CRISC, CISSP SECOZ CEO

Supporting the Cloud Transformation of Agencies across the Public Sector

LESSONS LEARNED IN SMART GRID CYBER SECURITY

Advanced Technology Academic Research Council Federal CISO Summit. Ms. Thérèse Firmin

Defense in Depth. Constructing Your Walls for Your Enterprise. Mike D Arezzo Director of Security April 21, 2016

Cyber Threat Intelligence Debbie Janeczek May 24, 2017

Building a Resilient Security Posture for Effective Breach Prevention

How to Optimize Cyber Defenses through Risk-Based Governance. Steven Minsky CEO of LogicManager & Author of the RIMS Risk Maturity Model

Think Oslo 2018 Where Technology Meets Humanity. Oslo. Felicity March Cyber Resilience - Europe

The Perfect Storm Cyber RDT&E

align security instill confidence

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

THE POWER OF TECH-SAVVY BOARDS:

Building Resilience in a Digital Enterprise

Securing a Dynamic Infrastructure. IT Virtualization new challenges

HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS

Cybersecurity, Trade, and Economic Development

Automating the Top 20 CIS Critical Security Controls

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

RSA NetWitness Suite Respond in Minutes, Not Months

An Operational Cyber Security Perspective on Emerging Challenges. Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL)

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

NEXT GENERATION SECURITY OPERATIONS CENTER

IoT & SCADA Cyber Security Services

Managed Endpoint Defense

End-to-End Trust, Segmentation and Segregation in the IIoT

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

Establishing a Framework for Effective Testing and Validation of Critical Infrastructure Cyber-Security

Security by Default: Enabling Transformation Through Cyber Resilience

How Breaches Really Happen

Securing Digital Transformation

Cybersecurity is a Journey and Not a Destination: Developing a risk management culture in your business. Thursday, May 21, 2015

ALIGNING CYBERSECURITY AND MISSION PLANNING WITH ADVANCED ANALYTICS AND HUMAN INSIGHT

Software & Supply Chain Assurance: Enabling Enterprise Resilience through Security Automation, Software Assurance and Supply Chain Risk Management

State Governments at Risk: State CIOs and Cybersecurity. CSG Cybersecurity and Privacy Policy Academy November 2, 2017

ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Sage Data Security Services Directory

Risk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23

Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security

Cyber Security Update. Bennett L. Gaines Senior Vice President, Corporate Services, CIO, FirstEnergy 2012 Summer Seminar August 5-7, 2012

CYBER SOLUTIONS & THREAT INTELLIGENCE

Incident Response Services to Help You Prepare for and Quickly Respond to Security Incidents

CYBER RESILIENCE & INCIDENT RESPONSE

UNCLASSIFIED FY 2016 OCO. FY 2016 Base

Implementing ITIL v3 Service Lifecycle

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

CROWDSTRIKE FALCON FOR THE PUBLIC SECTOR

Security-as-a-Service: The Future of Security Management

Role of NATO and Energy Security Centre of Excellence in Supporting Protection of Critical Energy Infrastructure and Enhancing its Resiliency

Incident Response Services

Cybersecurity and the Board of Directors

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

McAfee Embedded Control

Cyber Prep 2.0: Motivating Organizational Cyber Strategies in Terms of Threat Preparedness Deb Bodeau

Transforming Security from Defense in Depth to Comprehensive Security Assurance

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Cyber Hygiene: Uncool but necessary. Automate Endpoint Patching to Mitigate Security Risks

Understanding Cyber Insurance & Regulatory Drivers for Business Continuity

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Continuous protection to reduce risk and maintain production availability

Designing and Building a Cybersecurity Program

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

Protect Your Organization from Cyber Attacks

IBM Security Network Protection Solutions

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

French-American Foundation Conference on cyber issues. Opening remarks. 25 October 2017

CloudSOC and Security.cloud for Microsoft Office 365

Industry role moving forward

Cybersecurity Protecting your crown jewels

Beyond Firewalls: The Future Of Network Security

NCSF Foundation Certification

Achieving Java Application Security With Parasoft Jtest

WHITE PAPER. Vericlave The Kemuri Water Company Hack

Why you should adopt the NIST Cybersecurity Framework

Cyber Intelligence Professional Certificate Program Booz Allen Hamilton 2-Day Seminar Agenda September 2016

Cybersecurity Fundamentals

Clarity on Cyber Security. Media conference 29 May 2018

Proofpoint, Inc.

ISAO SO Product Outline

DHS Cybersecurity: Services for State and Local Officials. February 2017

Cyber Security Issues and Responses. Andrew Rogoyski Head of Cyber Security Services CGI UK

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

CyberUSA Government Cyber Opportunities for your Region: The Federal Agenda - Federal, Grants & Resources Available to Support Community Cyber

Transcription:

Cyber Security Maturity Model Robert Lentz Former DoD CISO / Deputy Assistant Secretary Cyber Facts Facts About About Intrusions Intrusions 2 Verizon 2010 Data Breach Investigation Report WHO IS BEHIND DATA BREACHES? 48% were caused by insiders 11% implicated business partners WHAT COMMONALITIES EXIST? 85% of attacks were not considered highly difficult 61% were discovered by a third party 86% of victims had evidence of the breach in their log files 96% of breaches were avoidable through simple or intermediate controls

2008-2011 Is The Cyber Tipping Point 3 ESTONIA GEORGIA KOREAN DDOS ATTACK DOD THUMB DRIVE BAN DEFENSE INDUSTRY (DIB) WIKILEAKS OPERATION AURORA STUXNET NASDAQ SONY IMF RSA.DIGITAL TERRORIST Characterizing Advanced Persistent Threats 4 Characterizing Malware Stealth level From openly known to highly covert using cloaking tactics Known vs. Unknown Targets known, unpatched vulnerabilities to true zero-day, unknown vulnerabilities Broad vs. Targeted Broad attacks trigger for all victims that falls into trap while targeted attacks single out particular victims of interest 1-time vs. Persistent One-hit wonders vs. sustained, self-updating code meant to establish long-term hold of system

Lessons Learned From APTs 5 Persistent, pervasive, aggressive, and purpose driven Ø There is no single silver bullet Ø Effective response is not trivial, so stop acting like it is APT rely on multiple attack vectors Ø Requires comprehensive security controls framework Persistence with long-term campaigns Ø Lengthy campaigns are easier to detect in the long run, but the trick is detecting early in the campaign lifecycle Ø Requires end-to-end situational awareness Increasingly rely on zero-day attacks Ø Attackers will sometimes be successful at least initially Ø Must monitor for outbound connections and illegitimate cross-platform activity Regularly exploit weak identity controls Ø Must deploy strong internal and external identity layers, including mandatory enterprise identity services They know a lot about us Ø But, they don t know everything Ø Dynamic Defense is best chance to break attack chain The CIO / CISO Nightmare 6 UNPROTECTED TECHNOLOGIES Virtualization Cloud Computing Mobile Web 2.0 SECURITY ARCHITECTURE Extensive point products Limited APT Defenses Silo ed security design LACK OF COLLABORATION Inconsistent security management, policies and control POOR SECURITY VISIBILITY Gaps in security monitoring Lack of real-time awareness

Top DoD Issues 7 1.Insider Threat 2.Advanced Persistent Threat 3.Supply Chain Risk Management 4.Scada Vulnerabilities 5.Mobility 6.Identity Management 7.Cloud Security 8.Resiliency Cyber Security Maturity Model* Cyber Warfare Strategy A NATION STATE Resilience Threat E Most Organizations D C DB ADVANCED PERSISTANT THREAT CONVENTIONAL THREAT Agility / Speed of Action AE BD C DB EA Reactive & Tools-Based Integrated Picture Dynamic Defense Resilient Enterprise Manual People based following doctrine and doing their best to put out fires Applying tools and technologies piecemeal to assist people in reacting faster Loosely integrated with focus on interoperability and standards based data exchange for IA situational awareness *Cyber Security Strategies, LLC Sypris Electronics, LLC and Sypris Europe ApS -Proprietary Predictive & mission Predictive and agile, the focused, isolates and enterprise instantiates contains damage, secure policy, illuminates events supply chains and protect and helps the operators key critical infrastructures to find, fix, and target for operate through cyber attack response

9 Security Reference Architecture Key Design Principles to Increase Maturity Industry Standards (NIST, Federal Enterprise Architecture, SANS) TRM Technical Reference Model Defense-in-Depth - Multiple Layered Security Approach System-Wide Intelligence and Collaboration Interoperability Modularity Resource Constraints Business vs. Security Trade-off Regulatory Controls Cyber Economics and Cyber Maturity 1011 $$$$ E D Most Organizations C COST B Resilience $$ A LOW AGILITY / SPEED OF ACTION HIGH Policies and Best Practices Single interoperable management infrastructure Cloud Computing Security into hardware (memory and power savings with hardened security) *Cyber Security Strategies, LLC

12 Cyber Economics and Cyber Maturity: Best Practices 1. IT Consolidation 2. Virtualization 3. Cloud Computing and Mobility 4. Interoperable Net Defense 5. Enterprise Procurements 6. Security into Hardware 7. Unified/trusted Supply Chains 8. Coordinated Research 9. Smarter Users and Highly Skilled Operators 10. Automation of Manual Processes (inspections/training/exercise) *Cyber Security Strategies, LLC Governance: the CIO vs Cyber Czar 13 Cyber Czar 21

Are We Ready? 14 Who is in charge? What is the plan? Clear Roles and Responsibilities? Is Government Shifting Resources to Face the Threat? Is Industry Shifting Resources? (do they have the business case) Does Public And Private Sectors agree on the Strategy, the Technical Architecture, Compliance Requirements, and Commitment from Users to Safeguard the Internet? Summary 15 1. Cyberspace is fundamentally a civilian space, one where we must all share responsibility within a participatory framework and where rules of behavior are clear, practical, and enforceable 2. Attacks manifest as lengthy campaigns vice single events 3. Security isn t trivial, and we must stop acting like it is! 4. In addition to technology controls, we must also ensure effective controls for people, facilities, management, operations, etc. 5. Assume attackers will be successful at least some of the time 6. Cyber Security Maturity with clear attainable investment goals critical 7. Simply put, the top 20% of threats, the APT, pose all the risk 8. Risk Management Framework must be exercised and requires comprehensive security architecture and accountability at all levels

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback