How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity

Similar documents
Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales

Best Practices in Securing a Multicloud World

Security in India: Enabling a New Connected Era

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager

Cisco Security. Advanced Malware Protection. Guillermo González Security Systems Engineer Octubre 2017

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

Emerging Issues: Cybersecurity. Directors College 2015

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

Aby se z toho bezpečnostní správci nezbláznili Cisco security integrace. Milan Habrcetl Cisco CyberSecurity Specialist Mikulov, 5. 9.

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

HOSTED SECURITY SERVICES

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Managed Endpoint Defense

Intelligent Cyber Security for Real World

Securing Digital Transformation

What It Takes to be a CISO in 2017

Advanced Malware Protection. Dan Gavojdea, Security Sales, Account Manager, Cisco South East Europe

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

Cyber Resilience. Think18. Felicity March IBM Corporation

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

Cisco Firepower NGFW. Anticipate, block, and respond to threats

10 Cybersecurity Questions for Bank CEOs and the Board of Directors

Continuous protection to reduce risk and maintain production availability

The Internet of Everything is changing Everything

Detecting breach. There are only two types of organisations in the world... Terry Greer-King Director, Cyber security, UK & Africa May 2017

Cisco Cyber Range. Paul Qiu Senior Solutions Architect June 2016

Cisco Advanced Malware Protection. May 2016

ForeScout Extended Module for Splunk

CYBER SOLUTIONS & THREAT INTELLIGENCE

Designing and Building a Cybersecurity Program

Industrial Defender ASM. for Automation Systems Management

Agenda: Insurance Academy Event

Testimony. Christopher Krebs Director Cybersecurity and Infrastructure Security Agency U.S. Department of Homeland Security FOR A HEARING ON

Cisco Cyber Range. Paul Qiu Senior Solutions Architect

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE

An Investment Checklist

CYBER RESILIENCE & INCIDENT RESPONSE

National Policy and Guiding Principles

Transforming Security from Defense in Depth to Comprehensive Security Assurance

Automating the Top 20 CIS Critical Security Controls

Federal Continuous Monitoring Working Group. March 21, DOJ Cybersecurity Conference 2/8/2011

RSA NetWitness Suite Respond in Minutes, Not Months

Background FAST FACTS

STOPS CYBER ATTACKS BEFORE THEY STOP YOU. Prepare, recognize, and respond to today s attacks earlier with Verizon Security Solutions.

THE EVOLUTION OF SIEM

Cybersecurity Auditing in an Unsecure World

The New Normal. Unique Challenges When Monitoring Hybrid Cloud Environments

ISAO SO Product Outline

Why you should adopt the NIST Cybersecurity Framework

End-to-End Trust, Segmentation and Segregation in the IIoT

December 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development

STAY ONE STEP AHEAD OF THE CRIMINAL MIND. F-Secure Rapid Detection & Response

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

Segment Your Network for Stronger Security

ForeScout ControlFabric TM Architecture

RSA Advanced Security Operations Richard Nichols, Director EMEA. Copyright 2015 EMC Corporation. All rights reserved. 1

The Modern SOC and NOC

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

Cybersecurity for the SMB. CrowdStrike s Murphy on Steps to Improve Defenses on a Smaller Scale

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

External Supplier Control Obligations. Cyber Security

Digital Wind Cyber Security from GE Renewable Energy

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

SECURITY SERVICES SECURITY

Cyber Security Maturity Model

Threat Detection and Mitigation for IoT Systems using Self Learning Networks (SLN)

Dell EMC Isolated Recovery

WHITE PAPER. Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale

Achieving a Secure and Resilient Cyber Ecosystem: A Way Ahead

BREACHES HAPPEN: BE PREPARED. Endpoint Detection & Response

Protecting your next investment: The importance of cybersecurity due diligence

Modern attacks and malware

Manufacturing security: Bridging the gap between IT and OT

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

MITIGATE CYBER ATTACK RISK

Improving Cybersecurity through the use of the Cybersecurity Framework

Cyber Defense Operations Center

May the (IBM) X-Force Be With You

American Association of Port Authorities Port Security Seminar & Expo Cyber Security Preparedness and Resiliency in the Marine Environment

Heavy Vehicle Cyber Security Bulletin

DHS Cybersecurity: Services for State and Local Officials. February 2017

Supply Chain Integrity and Security Assurance for ICT. Mats Nilsson

Best Practices in Healthcare Risk Management. Balancing Frameworks/Compliance and Practical Security

Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018

with Advanced Protection

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

Protecting organisations from the ever evolving Cyber Threat

FAA Cybersecurity Test Facility (CyTF) By: Enterprise Information Security Team ANG-B31 Patrick Hyle, William J Hughes Technical Center

Abstract. The Challenges. ESG Lab Review Lumeta Spectre: Cyber Situational Awareness

Sage Data Security Services Directory

2017 Annual Meeting of Members and Board of Directors Meeting

Transcription:

How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity Why is the NIST framework important? GOH Seow Hiong Executive Director, Global Policy & Government Affairs, Asia Pacific Cisco Systems December 2017

As board members Does your company s management report to the Board on cybersecurity? Regularly? Do you know when was the latest breach in the company? Do you know the damage from the last breach? Do you know the extent of the breach?

THE EVOLVING THREAT LANDSCAPE What threats do I face?

Evolving business needs Dynamic threat landscape Complexity and fragmentation Security Challenges Shortage of cyber security experts Changing regulations and business models Widening IT/Board communication gap Attack surface Threat actors Attack sophistication Fragmented security Not interoperable Not open Talent crunch Niche security skills Increased costs

THE BIGGEST PROBLEM Do I know if I ve been compromised?

Cyber Attack No If but When Source: Verizon 2012 Data Breach Investigation Report

Whack-a-mole Approach

Recognizing Malware is Difficult and Not Enough

How easy is it to breach?

MY IT GUYS ARE ON IT! How are they managing security?

Management Nightmare

Complexity is a Significant Obstacle to Security Business Constraints Complexity 35% Budget (-4%) 28% Compatibility Issues (-4%) 1-5 (45%) 6-10 (29%) 11-20 (18%) 21-50 (7%) Over 50 (3%) Vendor 55% of organizations use 6 to >50 security vendors 2016 (n=2,850) 25% Lack of Trained Personnel (+3%) 25% Certification Requirements (+/-0%) 1-5 (35%) 6-10 (29%) Products 65% of organizations use 6 to >50 security products (Change from 2015) 11-20 (21%) 21-50 (11%) Over 50 (6%) 2016 (n=2,860)

Device enrollment challenges await. 374 new devices per second 10 min to connect and define policy 7.8 person-days of effort per second 245.8M person-days of effort per year

How do deal with the challenges? Holistic not piecemeal approach

Evolution of defensive tactics Medieval defense Modern defense

Analogy with Airport security Identity Check AnyConnect No Entry for Unauthorized OpenDNS Boarding pass ISE Security Inspection Firepower/AMP Immigration Check ASA Luggage Check ESA/WSA Luggage Check In Talos Isolates Electronic Device ThreatGrid Boarding on plane TrustSec Security Check StealthWatch

Effective security requires integrated threat defense Integrated threat defense Firewall and security infrastructure Leverage the network Advanced threat intelligence Governance processes Before During After

NIST Cybersecurity Framework Voluntary, open, transparent drafting process Voluntary, consensus-based standards leveraged Voluntary use of Framework by private sector Input to regulation & government procurement

NIST Cybersecurity Framework Recovery planning; Improvements; Communications Recover Identify Asset management; Business environment; Governance; Risk assessment; Risk Management strategy Protect Access control; Awareness training; Data security; Information protection processes & procedures; Protective technology Response planning; Communications; Analysis; Mitigation; Improvements Respond Detect Anomalies and events; Security continuous monitoring; Detection processes

How do I measure? Metrics

Metrics Mean time to detect Mean time to contain Mean time to recovery Does your management measure these?

Detection is key Current average time-to-detect: 100-200 days Cisco in 2015: time-to-detect at 2 days Today: Cisco Time-to-detect at 6 hours Cisco in independent tests (NSS) 70% of breaches detected < 1 min 90% of breaches in 3 minutes 99% detection within 6 hours 100% in 24 hours

Looking forward

Collaborating with Partners Governments International bodies Private sectors and customers

Cisco THREAT INTEL Per Day INTEL SHARING 250+ Full Time Threat Intel Researchers Internet-Wide Scanning Product Telemetry 1.5 MILLION Daily Malware Samples Vulnerability Discovery (Internal) 20 BILLION Threats Blocked *Google : 3.5B searches/day 600 BILLION Daily Email Messages, 86% SPAM Open Source Communities 16 BILLION Daily Web Requests Honeypots Customer Data Sharing Programs Industry Sharing Partnerships (ISACs) 500+ Participants 3 rd Party Programs (MAPP) Service Provider Coordination Program Open Source Intel Sharing MILLIONS Of Telemetry Agents 4 Global Data Centers 100+ Threat Intelligence Partners 1100+ Threat Traps

Address the Entire Attack Continuum Before Discover Enforce Harden During Detect Block Defend After Scope Contain Remediate Network Endpoint Mobile Virtual Cloud Network as a Sensor Network as an Enforcer Total visibility + Minimum time to detect + Fast containment.

Security is a Journey, Not a Destination Risk-based Decisions People + Processes + Technology Ongoing self-examination Continuous Improvement Dynamic Threats Complexity is the Enemy

Email: shgoh@cisco.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback