Cybersecurity Capabilities Overview

Similar documents
Forecast to Industry 2016

The U.S. Coast Guard s Role in Cybersecurity

The Challenge of Cyberspace Defense and CSSP Services

Providing Cybersecurity Inventory, Compliance Tracking, and C2 in a Heterogeneous Tool Environment

DISA Cybersecurity Service Provider (CSSP)

to protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large

Cyber Security Technologies

Eirene Sceptre Cyber Defense Services

Fidelis Overview. 15 August 2016 ISC2 Cyber Defense Forum

UNCLASSIFIED UNCLASSIFIED

Security+ SY0-501 Study Guide Table of Contents

Department of Defense Fiscal Year (FY) 2015 IT President's Budget Request Defense Contract Audit Agency Overview

DoD CIO s Areas of Focus. David A. Cotton Deputy CIO for Information Enterprise May 20, 2015

IC32E - Pre-Instructional Survey

Forecast to Industry Program Executive Office Mission Assurance/NetOps

Information Warfare Industry Day

Cloud Overview. Mr. John Hale Chief, DISA Cloud Portfolio February, 2018 UNITED IN SERVICE TO OUR NATION UNCLASSIFIED 1

Developing a Sensing Strategy

Enterprise Network Modernization. Getting to JRSS. Joint Regional Security Stacks

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Department of Homeland Security

White Paper. View cyber and mission-critical data in one dashboard

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

Headquarters U.S. Air Force

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

Cyber, Command, Control, Communications, and Computers Assessments Division (C5AD)

SANS SCADA and Process Control Europe Rome 2011

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

I n t e g r i t y - S e r v i c e - E x c e l l e n c e

Secure Cloud Computing Architecture (SCCA)

HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS

CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Vol. 1 Technical RFP No. QTA0015THA

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

Zero Trust in Healthcare Centrify Corporations. All Rights Reserved.

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Cybersecurity Overview

Verizon Software Defined Perimeter (SDP).

INFORMATION ASSURANCE DIRECTORATE

CND Exam Blueprint v2.0

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Course overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107)

Security by Default: Enabling Transformation Through Cyber Resilience

Best Practices in Healthcare Risk Management. Balancing Frameworks/Compliance and Practical Security

DEVELOP YOUR TAILORED CYBERSECURITY ROADMAP

American Association of Port Authorities Port Security Seminar & Expo Cyber Security Preparedness and Resiliency in the Marine Environment

NIST Cybersecurity Framework Based Written Information Security Program (WISP)

Detect Fraud & Financial Crime

Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security

INFORMATION ASSURANCE DIRECTORATE

Bringing Core-Level Data Protection Solutions to the Tactical Field. January 2018

WHO AM I? Been working in IT Security since 1992

Defense in Depth Security in the Enterprise

SHARKSEER Zero Day Net Defense. Ronald Nielson Technical Director

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

the SWIFT Customer Security

Department of Defense Fiscal Year (FY) 2014 IT President's Budget Request Defense Media Activity Overview

SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS

EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS

COUNTERING IMPROVISED EXPLOSIVE DEVICES

Defense in Depth. Constructing Your Walls for Your Enterprise. Mike D Arezzo Director of Security April 21, 2016

Securing the Smart Grid. Understanding the BIG Picture 11/1/2011. Proprietary Information of Corporate Risk Solutions, Inc. 1.

BeOn Security Cybersecurity for Critical Communications Systems

INFORMATION ASSURANCE DIRECTORATE

Cyber Defense Operations Center

Presenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.

CYBERSECURITY RISK LOWERING CHECKLIST

BUILDING AND MAINTAINING SOC

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

Defense Information Services Agency (DISA) Training Pre-Approved for CompTIA CEUs

Top 10 ICS Cybersecurity Problems Observed in Critical Infrastructure

Rethinking Security: The Need For A Security Delivery Platform

Digital Health Cyber Security Centre

Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales

INFORMATION ASSURANCE DIRECTORATE

DoD Identity & Access Management (IdAM) Portfolio Overview

Awareness as a Cyber Security Vulnerability. Jack Whitsitt Team Lead, Cyber Security Awareness and Outreach TSA Office of Information Technology

Understanding Holistic Effects of Cyber Events on Critical Infrastructure

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

An Operational Cyber Security Perspective on Emerging Challenges. Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL)

Cyber Defense Overview Defense in Depth

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Unauthorized Access

INFORMATION ASSURANCE DIRECTORATE

Cyber Attacks & Breaches It s not if, it s When

Secure Cloud Computing Architecture (SCCA)

Sneak Peak at CIS Critical Security Controls V 7 Release Date: March Presented by Kelli Tarala Principal Consultant Enclave Security

NIST Special Publication

Critical Infrastructure Protection for the Energy Industries. Building Identity Into the Network

Integrated C4isr and Cyber Solutions

INSIGHTS FROM NSA S CYBERSECURITY THREAT OPERATIONS CENTER

Defensive Cyber Operations Industry Overview 3 APR 18

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege

Layer Security White Paper

Transcription:

Cybersecurity Capabilities Overview Jack Wilmer Infrastructure Development Executive March 2016

Day in the Life of DISA INTERNET DoDIN DISN Operate DISA Provides, Operates and Assures the DODIN - $30 B network, 11 Core Data Centers hosting >1000 Enterprise apps, worldwide transport Command >10K personnel in 18 States, 8 Countries DoD s Cyber Forward Edge of the Battle Area - 102 CDSP customers defended Defend Events/day >10 Million Alarms 2400 Trouble Calls Incidents / Day >2,000 Tickets >22,000 Changes Events requiring Orders Exercises Operations CPT Employment Compliance Monitoring DCO Events / day Sensor feeds >798 Million Security Incident Events DCO Incidents / day 45 Orders Tracked >36 Cybersecurity Incidents >14 Phishing Attacks INCIDENTS EVENTS Critical Issues Orders 10 Worked 7 Published 3 Recieved Tippers / Counter Measures Day 39 / 85 ACTIONS 30+ Named Operations, 1.9 Mil DEE Users, all DoD members supported OUR GOAL = 100% Mission Assurance 20160216 (v6.0) 2

Layered Defense PHYSICAL Initial screening of non-us citizens entering the US Fingerprints, terrorist watch lists, security clearance info, checkpoint screenings, etc. Screening of all personnel entering a DoD installation. Perimeter gates and sensors. Control traffic, restrict base access, and respond to base incidents Robust access controls (e.g., SCIF, cypher locks, alarms) Common access controls (e.g., locks, access lists, credentials) Border Control & Enforcement Global threat and criminal database Installation Gates & boundaries Regional & Local Police Sensitive Facility Protection Common Facility Protection NATIONAL DEFENSE DOD INSTALLATION DEFENSE FACILITY DEFENSE Internet Access Points Mission Partner Gateways Cyber Situational Awareness & Analytic Capability (CSAAC) Joint Regional Security Stacks Cyber Protection Forces & Computer Net Defense Service Providers (CNDSP) Sensitive Data Protection Base Network/ Workstation Protection 3 CYBER Initial screening of non-dod traffic (WWW, e-mail, etc.) entering DoD Cyber threat signatures, incident & event monitoring, mission impact analytics Screening all DoD network traffic, control traffic flows, identify & block unauthorized traffic & isolate net intrusions. Control network traffic, restrict cyber access and respond to attacks Robust data center access controls to protect applications/data (data security stacks) Common access and configuration controls (e.g., PKI, HBSS, identity/access mgt, and endpoint security) 3

JIE Cybersecurity Architecture 4

DISA Cybersecurity Capabilities Overview Cyber SA Big Data Platform Cyber Analytics Security Information/Event Manager Defense Industrial Base Net CMRS Perimeter Security Content Filtering Email Security Gateway Sensors Net Flow, Full Packet Capture Demilitarized Zones (DMZ) Distributed Denial of Service Mitigations Cross Domain Enterprise Services Joint Regional Security Stacks Intrusion Detection/Prevention Systems Protocol, File and Forensic Sensing/Analysis Full Packet Capture Data Loss Prevention Endpoint Security Host Based Security System Public Key Infrastructure Vulnerability Scanning Continuous Monitoring Security Technical Implementation Guides 5

Analytics Defensive Cyber Ops Audit Management Mission Mapping / Continuous Monitoring DODIN Ops / Situational Awareness Fight by Indicator (FbI) Insider Threat Detection Service Enterprise Services Monitoring Roadmap Capability Analytics User Base Metrics DISA Command Center, OPS, CONUS, EUR, PAC, EIS, STRATCOM, JSSC, EE, Ent Ops NORTHCOM, SOUTCHCOM DECCs: OKC, MECH, ESD-NA CYBERCOM ACOIC, 561 st NOS DOK Joint Staff, NSA, IAD, OSD, NTOC, HQDA/ITA, NCDOC HQ Air Force, NCWDG NETCOM, ARCYBER, USCG, TRANSCOM, Army CIO/G6 USTRANSCOM, AFCYBER USSOUTHCOM, JFHQ DoDIN AFCYBER, DES Community 24 ingested data sources 138+ deployed widgets 1237+ users 6

DoD Mobility Objective State USER Office package with content management; variety of apps, device/carrier agnostic; limited BYOD APPs Federated apps stores, common SDKs, easy access to PUMA, GOTS and COTS apps, monitoring tools INFRASTRUCTURE COMPONENTS MDM/MAS/MCM services in the cloud, modular components, automated access to gateways & VPNs BUSINESS SYSTEM & PROCESS One stop shopping and telephony management SECURITY & IDENTITY MANAGEMENT Dynamic security tools; automated IDAM; use of biometrics NETWORK & SERVICE PROVIDERS Carrier agnostic; network detection tools and monitoring; WiFi access points worldwide POLICY & STANDARDS Used across DoD and Federal Government to enable reuse and interoperability 7

8

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback