Dr. Stephanie Carter CISM, CISSP, CISA
Learning Objectives (LO) LO1 Will learn the theological and practitioner definition of cybersecurity LO2 Will learn the dependency between physical and cyber security domains LO3 Will learn the constraints to physical and cyber security convergence LO4 Will learn pros and cons of physical and cyber security convergence
What is Cybersecurity?
Cybersecurity Cybersecurity The ability to protect or defend the use of cyberspace from cyber attacks (CNSSI 4009) Cyberspace A global domain within the information environment consisting of the interdependent network of information systems infrastructures including the Internet, telecommunications networks, computer systems, and embedded processors and controllers. (CNSSI 4009) Cyber Attack An attack, via cyberspace, targeting an enterprise s use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information. (CNSSI 4009)
CYBERSECURITY DEFENDERS Legal Human Resource IT Accounting Acquisition Financial Marketing Sales & Services Research & Development Operations Auditor Analyst (Security, Forensic) Engineers (Network, Security) Architects (Enterprise, Network, Security) Forensics (Analysts) Intelligence (Analyst, Officers) Information Security Officer Security Officer/Security Guard ENFORCERS
When you think of cybersecurity, is physical security a part of that thought?
Security Objectives Confidentiality Ensuring no unauthorized access to data Integrity Ensuring no unauthorized modification of data Availability Ensuring data is always available to authorized subjects
Security Safeguards Operating Procedures Management Procedures Hardware and Software Physical Security Security measures used to meet security objectives (i.e., confidentiality, integrity, and availability) to protect the organization s most valuable asset data/information. These measures are translated in the form of security controls and countermeasures created for each area.
Controls Logical (Technical) -Preventive -Detective -Corrective Administrative -Preventive -Detective -Corrective Physical -Preventive -Detective -Corrective
Cybersecurity Deter Potential Threat Detect Threats Monitor/Record Threats Physical Security Deter Potential Threat Detect Threats Monitor/Record Threats Trigger Incident Response Assess Threat Contain Threat Report Threat Remediate Threat Assess Controls Update polices, procedures, security documentation Trigger Incident Response Assess Threat Contain Threat Report Threat Remediate Threat Assess Controls Update policies, procedures, security documentation
Security Interdependencies Physical threats have an impact on cyber operations Stealing, leaking, compromising information Cyber threats have an impact on physical operations Automated systems controlling physical access
Threats Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service. (NIST SP 800-53; SP 800-53A; SP 800-27; SP 800-60; SP 800-37; CNSSI-4009) The potential source of an adverse event. (NIST SP 800-61) Threat Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, or individuals through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service. Also, the potential for a threat-source to successfully exploit a particular information system vulnerability. (FIPS 200)
Bridging the Gap PROS Effective risk management Increased security Alignment of security processes/goals with business processes/goals Increased organization-wide information sharing Tips the scale of importance More thorough investigations Creates an organizational culture of diversity and appreciation CONS Inhibits identity of vulnerabilities Hinders proper risk management Increases useless investments in IT, security controls & countermeasures Difficult to identify physical intruders Poor detecting of cyber infiltration efforts Impedes information sharing Prevents transparency across the organization
Where do we go from here?
Security Safeguards Operating Procedures Management Procedures Hardware and Software Physical Security Security measures used to meet security objectives (i.e., confidentiality, integrity, and availability) to protect the organization s most valuable asset data/information. These measures are translated in the form of security controls and countermeasures created for each area.
CYBERSECURITY DEFENDERS Legal Human Resource IT Accounting Acquisition Financial Marketing Sales & Services Research & Development Operations Auditor Analyst (Security, Forensic) Engineers (Network, Security) Architects (Enterprise, Network, Security) Forensics (Analysts) Intelligence (Analyst, Officers) Information Security Officer Security Officer/Security Guard ENFORCERS
How is cybersecurity the real threat?
Cybersecurity Cybersecurity The ability to protect or defend the use of cyberspace from cyber attacks (CNSSI 4009) Cyberspace A global domain within the information environment consisting of the interdependent network of information systems infrastructures including the Internet, telecommunications networks, computer systems, and embedded processors and controllers. (CNSSI 4009) Cyber Attack An attack, via cyberspace, targeting an enterprise s use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information. (CNSSI 4009)
Security Safeguards Operating Procedures Management Procedures Hardware and Software Physical Security Security measures used to meet security objectives (i.e., confidentiality, integrity, and availability) to protect the organization s most valuable asset data/information. These measures are translated in the form of security controls and countermeasures created for each area.
Questions?