Cybersecurity Outlook for 2011

Slides:

Advertisements

Similar presentations

ETHICAL HACKING A LICENCE TO HACK

Advertisements

Philippine Cybercrime Efforts

AFCEA DC Cyber Security Symposium Military Joint Cyber Command Panel Harry Raduege Lieutenant General, USAF (Ret) Chairman, Center for Network Innovation.

ALAN PALLER THE SANS INSTITUTE Beyond Security Awareness!

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Alan Paller The SANS Institute

National CIRT - Montenegro “Regional Development Forum” Bucharest, April 2015 Ministry for Information Society and Telecommunications.

Providing Practical Solutions Winning the Talent Wars for Recruiting and Retaining 21 st Century Cyber Engineers Jeff Kubik, PMP, CISSP Sr PM, Praxis Engineering.

Public Sector Responses to the IT Worker Shortage Danielle Germain Senior Program Manager Information Technology Association of America (ITAA) November.

Performance Institute - July 20, 2001 Dagne Fulcher, IT Workforce Improvement U.S. Department of the Treasury Recruiting & Retaining Top IT Talent for.

Bill Newhouse Program Lead National Initiative for Cybersecurity Education Cybersecurity R&D Coordination National Institute of Standards and Technology.

Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.

Cybersecurity nexus (CSX)

Paul Dordal Executive Director BRAC RTF Transformation Game Plan Executive Committee May 21, 2009.

Resources to Support Training Programs for CSIRTs.

Employer Partnerships North Tyneside Commission of Enquiry Jan 2008 Clare Riley Microsoft Education.

Can your team outwit, outplay and outlast your opponents to be the ultimate CyberSurvivor?

Assessment Presentation Philip Robbins - July 14, 2012 University of Phoenix Hawaii Campus Fundamentals of Information Systems Security.

Copyright © 2009 Pearson Education, Inc. Publishing as Longman. The Federal Bureaucracy Chapter 15.

Information Technology Programs. Why major in IT? “...Total US IT employment is predicted to double in this decade. Similarly, the security of computer.

About ITCND Founded in 2000 by N.D. business, education and government leaders Membership includes IT businesses, educational institutions and state agencies.

Wrap-up. Goals Have fun! Teach you about Cyber Defense so that you can: –Interest your students in Cyber Defense –Teach your students about Cyber Defense.

STRATEGIC INTELLIGENCE MANAGEMENT Chapter by Andrew Staniforth Chapter 17 - Securing Cyberspace: Strategic Responses for a Digital Age, Pg. 213.

Emergency Management Training and Education System Protection and National Preparedness National Preparedness Directorate National Training and Education.

Center for Cybersecurity Research and Education (CCRE)

A Global Approach to Protecting the Global Critical Infrastructure Dr. Stephen D. Bryen.

AUB Department of Electrical and Computer Engineering Imad H. Elhajj American University of Beirut Electrical and Computer Engineering

E NGINEERING STUDIES IN T ELECOMMUNICATIONS S ECURITY School of Communication Engineering.

Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.

CyberPatriot Workshop New Coach Training. Intros - name, school, job title + why interested in CP. Also, any other contests? CyberPatriot Overview - who,

Law Seminars International Spectrum Management Conference NTIA: SPECTRUM POLICY FOR THE 21 st CENTURY The Federal Government Spectrum Management Perspective.

We build a „Virtual Dome"

GLOBAL LEADERSHIP FORUM OVERVIEW PRESENTATION. AGENDA  A Nation At Risk  The Challenge  About the Global Leadership Forum (GLF)  The Global Leadership.

Program Overview and 2015 Outlook Finance & Administration Committee Meeting February 10, 2015 Sheri Le, Manager of Cybersecurity RTD.

SPECIAL PROGRAMS  ACADEMY OF FINANCE Be a Hillman Entrepreneur Be a Hillman Entrepreneur  Cooperative Career Education (CCE)

An Innovative Internship Model ( version 3 1/3/2012 )

° Role 1st Role 2nd Role What are we looking for?

Increasing Information and Data Security in Today’s Cybersecurity World 2017 Conference Review 6/6/2017.

COMPUTER SCIENCE FOR NEW HAMPSHIRE

Women In Technology: More Than Just Code….

Commonwealth of Massachusetts STEM Advisory Council

Department of Computer and Information Sciences

SoCal Cybersecurity Community College Consortium

Virginia’s CyberCamps

Huntsville City Schools Cyber Security Program Update

Cyber Security Policy Analysts

CEH vs CISSP Course, Advantage, Career, Salary, Demand!

Cybersecurity Education & Awareness Overview

CYBER NB – A CALL TO ACTION

Associate Degree in Cyber security

The National Initiative for Cybersecurity Education (NICE) AFCEA International Cyber Education, Research, and Training Symposium January 17, 2018 Bill.

5G Security Training

8 Building Blocks of National Cyber Strategies

IT Technician Pathway - Cybersecurity

AFRICAN UNION- 23RD-27TH July 2018 PRESENTER: Mr. Nawa J.T Samatebele

Virginia Union University

What do Cyber Careers look like and where do I start?

COMPUTER SCIENCE Mercer University College of Liberal Arts

Best Practices in Cyber Security Maggy Powell Senior Manager Real-Time Systems Security Exelon 21 March 2018.

Network Security Best Practices

Cybersecurity Workforce Preparedness

Best Practices in Cyber Security Maggy Powell Senior Manager Real-Time Systems Security Exelon 26 September 2018.

Cloud-based Resources for Cybersecurity Education and Training

A Focus on Strategic vs. Tactical Action for Boards

Cyber Up! Digital Forensics & Incident Response Tobi West

Darrell W. Andrews & Samantha Brill Lord Fairfax Community College

ICT ASSOCIATE PROFESSIONAL

What’s New at SHRM Q Leading People. Leading Organizations.

OU BATTLECARD: Oracle Linux Training and Certification

Discussion Government Private Business Tools for prevention Congress

Presentation transcript:

Cybersecurity Outlook for 2011 EDUCAUSE 2011 Security Professionals Conference Karen S. Evans National Director April 5, 2011

Agenda National Landscape Workforce Issues Can Competitions Find Talent The U.S. Cyber Challenge

National Cybersecurity Landscape Comprehensive National Cybersecurity Initiative (CNCI) Threats Initiatives Trusted Internet Connections Homeland Security Presidential Directive – 12 Secure Configurations The Cyberspace Policy Review Leading from the Top Building Capacity for a Digital Nation Sharing Responsibility for Cybersecurity Creating Effective Information Sharing and Incident Response Encouraging Innovation

National Cybersecurity Landscape National Strategy for Trusted Identities in Cyberspace Legislative Opportunities for the 112th Congress Federal Information Security Management Act of 2002 Independent Agencies: SEC; FCC; FTC; FERC; NERC

Which Skills Matter Most?

Setting the Stage Subcommittee on Emerging Threats, Cybersecurity, and Science & Technology April 17, 2007 ~Chairman: Jim Langevin “We don’t know who’s inside our networks. We don’t know what information has been stolen. We need to get serious about this threat to our national security.” State Dept witness: Don Reid, Senior Coordinator for Security Infrastructure Commerce Department witness: Dave Jarrell, Manager, Critical Infrastructure Protection Program

Starkly Contrasting Responses Commerce No idea when it got in, how it got in, or where it spread Took 8 days to filter (ineffective) Unable to clean the systems; forced to replace them Do not know whether they have found or gotten rid of the infections State Detected it immediately Put effective filter in place within 24 hours; shared filter with other agencies Found two zero-days Helped Microsoft and AV companies create patches and signatures Cleaned infected systems, confident all had been found

What was the Difference? Was it tools? No Almost same commercial tools – Commerce had more commercial IPS/IDS Was it skills? Yes Commerce – only experience was firewall operations not even firewall engineering. No training other than prep for Security + and later for CISSP State – experience and training in forensics, vulnerabilities and exploits, deep packet inspection, log analysis, script development, secure coding, reverse engineering. Plus counter intelligence. And managers with strong technical security skills

Which Skills Matter Most? Security skills: System forensics; network forensics and deep packet inspection; Windows, UNIX, and PDA defensive configuration; log analysis; script development; exploits and penetration testing; secure coding; reverse engineering. Plus counter intelligence Foundations: Networking and network administration; computer operations and system administration; Java and C/C+ programming including the 25 most dangerous programming errors

CSIS Commission on Cybersecurity A Human Capital Crisis in Cybersecurity: Technical Proficiency Matters, published November 15, 2010 “The cyber threat to the United States affects all aspects of society, business, and government, but there is neither a broad cadre of cyber experts nor an established cyber career field to build upon, particularly within the Federal government.”

Prepare for Fast Growing Jobs Network, systems, and data communications analysts (53%) Computer software engineers: applications (34%) Computer software engineers: systems software (30%)

Great job opportunities: #2, 15 and 24 on the “30 Fastest Growing Occupations”

The U.S. Cyber Challenge Identifying and Nurturing Very Talented People

Q&A to Prove the Value Q. You’re in your senior year in high school – had you already taken computer courses at school? A. I enrolled to take Introduction to Programming this year, but they cancelled it; they couldn’t find a suitable teacher. Q. How do people demonstrate and test their skills if they do not have the opportunity to play in the NetWars rounds? A. There aren’t many options for kids with lots of cyber skill to be able to exercise and further develop those skills. Most would just simply target random servers and hack illegally, so it was great that I found NetWars.

Coalition Members

Who is supporting the U.S. Cyber Challenge Activities?

Proposed U.S. Cyber Challenge Framework Competitions Camps Weekend Programs Pathway to: Scholarships Internships Jobs Talent Bank Public Sector Private Sector Critical Infrastructure Tech Industry K-12 Communities Colleges Universities Virtual Community “Future Cyber Professionals” Skills Needed

Activities Digital Forensics Challenge (DoD Cyber Crime Center) CyberPatriot Defense Competition (AFA) NetWars Challenge (SANS) Cyber Quests (CIS and SANS) National Cyber Defense Competition (NCCDC.org) Cyber Foundations (CIS, SANS and CKSF.org) Cyber Camps Courses and Exercises Tournaments Internships Scholarships Connect with Employers Talented Cyber Security People STEP 1 STEP 2 STEP 3 STEP 4

Building the Highway: Action Plan Encourage talented kids to compete Become a mentor Support a high school program Serve as a teacher/aid at the summer camps Build a competition Sponsor a scholarship Support a college team Sponsor a summer camp Sponsor a college Sponsor the U.S. Cyber Challenge

TAKE THE CHALLENGE http://www.uscyberchallenge.org