STANDARD INFORMATION SHARING FORMATS. Will Semple Head of Threat and Vulnerability Management New York Stock Exchange

Similar documents
Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

What is ISO ISMS? Business Beam

Medical Device Cybersecurity: FDA Perspective

Manchester Metropolitan University Information Security Strategy

FDA & Medical Device Cybersecurity

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

Supply Chain Information Exchange: Non-conforming & Authentic Components

Cyber Security: Threat and Prevention

How to Prepare a Response to Cyber Attack for a Multinational Company.

Bradford J. Willke. 19 September 2007

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

TAN Jenny Partner PwC Singapore

Position Description. Computer Network Defence (CND) Analyst. GCSB mission and values. Our mission. Our values UNCLASSIFIED

Infosec Europe 2009 Business Strategy Theatre. Giving Executives the Security Management Information that they Really Need

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

Supply Chain Integrity and Security Assurance for ICT. Mats Nilsson

Implementing the Administration's Critical Infrastructure and Cybersecurity Policy

RISING CYBER SECURITY CAPABILITY WITH A UNIQUE NETWORK OF TRUSTED PARTNERS. Jan De Blauwe Chairman Cyber Security Coalition Belgium

Are we breached? Deloitte's Cyber Threat Hunting

ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

NIS Standardisation ENISA view

Modelling Cyber Security Risk Across the Organization Hierarchy

Governance Ideas Exchange

A Practical Approach to Implement a Risk Based ISMS

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

NYDFS Cybersecurity Regulations: What do they mean? What is their impact?

Safeguarding company from cyber-crimes and other technology scams ASSOCHAM

ENISA EU Threat Landscape

Preempting Cyber Fraud: SWIFT Threat Indicator Sharing Tool. Cyber Security 3.0 Better Together August 18, 2017

Cyber Intelligence Professional Certificate Program Booz Allen Hamilton 2-Day Seminar Agenda September 2016

External Supplier Control Obligations. Cyber Security

BHConsulting. Your trusted cybersecurity partner

TECHLAW AUSTRALIA. Update on cyber security and data protection. Thursday, 22 June Thursday, 22 June

Information Technology Branch Organization of Cyber Security Technical Standard

Security Awareness Training Courses

Software & Supply Chain Assurance: Enabling Enterprise Resilience through Security Automation, Software Assurance and Supply Chain Risk Management

Cybersecurity Risk Oversight: the NIST Framework and EU approaches

ISO/IEC INTERNATIONAL STANDARD. Information technology Security techniques Code of practice for information security management

Cyber Threat Intelligence Standards - A high-level overview

Cyber Threat Intelligence Sharing Standards

Bringing Cybersecurity to the Boardroom Bret Arsenault

Introduction Privacy, Security and Risk Management. What Healthcare Organizations Need to Know

CESG:10 Steps to Cyber Security WORKING WITH GOVERNMENT, INDUSTRY AND ACADEMIA TO MANAGE INFORMATION RISK

Cyber Security Incident Response Fighting Fire with Fire

ISO/IEC Information technology Security techniques Code of practice for information security management

Fintech District. The First Testing Cyber Security Platform. In collaboration with CISCO. Cloud or On Premise Platform

ISO / IEC 27001:2005. A brief introduction. Dimitris Petropoulos Managing Director ENCODE Middle East September 2006

Cyber Security For Utilities Risks, Trends & Standards. IEEE Toronto March 22, Doug Westlund Senior VP, AESI Inc.

2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager

CERT Symposium: Cyber Security Incident Management for Health Information Exchanges

Cyber Security Issues

New Zealand National Cyber Security Centre Incident Summary

How Secure is Blockchain? June 6 th, 2017

Cyber Threat Landscape April 2013

HCPC's Risk Assurance Part 1

CYBER SECURITY AIR TRANSPORT IT SUMMIT

Controlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes:

The Honest Advantage

NY State s Cybersecurity Legislation Requirements for Risk Management, Security of Applications, and the Appointed CISO

Incident Response Services

Security and resilience in Information Society: the European approach

Cyber Criminal Methods & Prevention Techniques. By

align security instill confidence

Medical Device Vulnerability Management

Cyber Resilience. Think18. Felicity March IBM Corporation

CYBER SECURITY OPERATION CENTER (CSOC)

M&A Cyber Security Due Diligence

Cloud Security Standards Supplier Survey. Version 1

Cybersecurity, safety and resilience - Airline perspective

The NIS Directive and Cybersecurity in

Building a Resilient Security Posture for Effective Breach Prevention

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0

Our Comments. February 12, VIA

Featured Articles II Security Research and Development Research and Development of Advanced Security Technology

SOC for cybersecurity

COPE-ing with Cyber Risk Exposures

Annual Report on the Status of the Information Security Program

DoD Software Assurance Initiative. Mitchell Komaroff, OASD (NII)/DCIO Kristen Baldwin, OUSD(AT&L)/DS

NATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -

Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018

Critical Information Infrastructure Protection Law

NIS Directive : Call for Proposals

Cyber Risks in the Boardroom Conference

TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS

RIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015

Information sharing in the EU policy on NIS & CIIP. Andrea Servida European Commission DG INFSO-A3

Digital Health Cyber Security Centre

European Union Agency for Network and Information Security

Cloud Customer Architecture for Securing Workloads on Cloud Services

POSTMARKET MANAGEMENT OF CYBERSECURITY IN MEDICAL DEVICES FINAL GUIDANCE MARCH 29, TH ANNUAL MEDICAL DEVICE QUALITY CONGRESS

The UK s National Cyber Security Strategy

The University of Queensland

DHS Cybersecurity: Services for State and Local Officials. February 2017

Cyberspace : Privacy and Security Issues

May 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations

Business Risk Management

Advent IM Ltd ISO/IEC 27001:2013 vs

Cybersecurity & Digital Privacy in the Energy sector

RESOLUTION 130 (REV. BUSAN, 2014)

Transcription:

STANDARD INFORMATION SHARING FORMATS Will Semple Head of Threat and Vulnerability Management New York Stock Exchange

AGENDA Information Sharing from the Practitioner s view Changing the focus from Risk to Threat Why Share? Lead with Intelligence Threat vs Privacy

June 20, 2013 3 exchange Threat Information Sharing Intelligence Threat Actor Campaign motivation intent behavior data cybox stix takii maec cve Indicator Structure Expression Common patterns enumeration public relations regulator audit Target attack oval Security implementation vulnerabilities context adversary operations legal Privacy response language specific effort Cyber incident collaboration weaknesses Community communication appropriate standardised malware source potential audit confirmed management observable consumable

THE CHALLANGE How to Effectively utilize Cyber Threat Intelligence Information to identify Threat or the intent to compromise an organisation and communicate the Threat to the organisation and community. Consume Cyber Security Intelligence Information Information in which Cyber Threat teams have access to as part of Cyber Threat Operations Standardize & Normalize Cyber Threat Intelligence Information which can be used in a repeatable, reliable and weighted fashion Community & Partner Information Exchange Ability to share and communicate Cyber Threat Information in a standardized and efficient manner Apply Integrity & Fidelity Rating Verify & Validate Cyber Threat Intelligence Information Understand Motivation and Intent of Threat Actors Apply situational context to campaign of attack June 20, 2013 4

MAKING USE OF THE INFORMATION Information Exchange Ability to share threat information with the community via the STIX framework & associated TAXII protocols. Greater Threat Awareness Enable Cyber Threat Operations to determine the threat landscape more efficiently and effectively Use of Threat Information Intelligence led Cyber Threat Operations that can effectively detect and mitigate malicious actors and/or campaigns. Threat Summery or Brief to assist with identification, mitigation and remediation of malicious acts Metrics Ability to evaluate effectiveness of intelligence sources. Threat Visualizations Threat Summary Making Cyber Threat Measurable Threat Actor Motivation Ability to determine the How? And Why? motivation indicators relating to specific malicious activity. Understand Intent of the Threat Actor June 20, 2013 5

CHANGING FOCUS FROM RISK TO THREAT

ITS ABOUT PERSPECTIVE This conversation is not about Risk, its about Threat Risk Assessments are the hidden weapon of the Attacker Threats are operational Risks can be easy to mitigate, Threats not so much audit June 20, 2013 7

ITS ABOUT CHOICE With Risk you have a choice to accept it. With Threat it is thrust upon you regardless if you want it or not! Risk is the potential that a chosen action or activity (including the choice of inaction) will lead to a loss (an undesirable outcome). The notion implies that a choice having an influence on the outcome sometimes exists ISO27005: Threat is a potential cause of an incident, that may result in harm of systems and organization A threat is an act of coercion wherein an act is proposed to elicit a negative response. audit June 20, 2013 8

WHY SHARE?

LEAD WITH INTELLIGENCE An Intelligence led response to Cyber Threat will provide a mechanism to allow both the public and private sectors to formulate predictive and pro-active plans to mitigate the intent of groups that wish to undermine our Critical National Infrastructure and damage our economy. June 20, 2013 10

REDUCE CAPABILITY Sharing cyber threat information within a community will reduce the ability of a bad actor to successfully execute a campaign June 20, 2013 11

PREVENTION THE OPPORTUNITY One members Threat detection becomes a communities Threat prevention June 20, 2013 12

THREAT VS PRIVACY

CONSIDERING PRIVACY Privacy Concern Barriers for Private Sector Disclosure Transparency Competitive Advantage Trust Brand Damage Intellectual Property Service Privacy Assurance Privacy protection measures Data confidentiality markings No regulator recourse Potential Consequence Selective Sharing Delayed Adoption Increased Threat Reduced Effectiveness Financial Impact June 20, 2013 14

THREAT INFORMATION SHARING Privacy is a valid concern The opportunity is to create policy controls to allow privacy Make it attractive to join the community, not an overhead Enabling organizations to collaborate and communicate Cyber Threat Information in a standard format with appreciation for the wider implications of what the data can mean to their business if it is misused will open the door for a successful service June 20, 2013 15

Thank You wsemple@nyx.com Linkedin/willsemple @willsemple

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback