Panel Discussion Can We Handle an Advanced Cyber Threat?

Slides:



Advertisements
Similar presentations
Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.
Advertisements

LA BEOC Built Through Public – Private Collaboration.
DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? "The premeditated, politically motivated attack against information, computer systems,
 Malicious or unsolicited mail sent to a mailbox without the option to unsubscribe  Often used as a catch-all of any undesired or questionable mail.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
E-Commerce Security and Fraud Issues and Protections
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.
SEC835 Database and Web application security Information Security Architecture.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
PREPAREDNESS AND RESPONSE TO CYBER THREATS REQUIRE A CSIRT By Jaco Robertson, Marthie Lessing and Simon Nare*
Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.
Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Basic Security Networking for Home and Small Businesses – Chapter 8.
Strong Security for Your Weak Link: Implementing People-Centric Security Jennifer Cheng, Director of Product Marketing.
Session title: Protection of Smart Utility Grids Group edited strategy.
Computer Security By Duncan Hall.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Protection.
©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Ransomware: How to Avoid Extortion Matthew Walker – VP Northern Europe.
5 different ways to get tricked on the internet. 1. Viruses A virus is a computer malware program that copies it’s files to the computer. This may allow.
MIS323 – Business Telecommunications Chapter 10 Security.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
1 Integrated Site Security Project Denise Heagerty CERN 22 May 2007.
Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.
Cyber Security – The Changing Landscape Erick Weber Department of Public Works Khaled Tawfik Cyber Security.
Botnets A collection of compromised machines
Internal Security Threats
Network Security Fundamentals
Unit 4 IT Security.
Cyber Security: State of the Nation
Security Risk Profiles – Tips and Tricks
RCCU Zephyr South West Regional Cyber Crime Unit.
Network security threats
Trends in Ransomware Distribution
Joe, Larry, Josh, Susan, Mary, & Ken
Cybersecurity EXERCISE (CE) ATD Scenario intro
Wenjing Lou Complex Networks and Security Research (CNSR) Lab
Understand Core Security Principles
Botnets A collection of compromised machines
ATD session 2: compliancy versus mission assurance
Introduction to Security: Modern Network Security Threats
Cyber Security Lesson Quarter 1.
Cyber defense management
SEC 420 StrCompetitive Success/tutorialrank.com
I have many checklists: how do I get started with cyber security?
Risk of the Internet At Home
Strong Security for Your Weak Link:
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Reconnaissance Report Trillium Technologies
Shifting from “Incident” to “Continuous” Response
E-Commerce Security and Fraud Issues and Protections
An Urgent National Imperative
Four Generations of Security Devices Putting IDS in Context
Must cost less than possible Impact
Keeping your data, money & reputation safe
I UNDERSTAND CONCEPTS OF CYBERSECURITY
Faculty of Science IT Department By Raz Dara MA.
Cybersecurity ATD Scenario conclusion
What are the Resilience Mechanisms? Hugo Pereira Evoleo Technologies
Networking for Home and Small Businesses – Chapter 8
Security Overview: Honeypots
Cybersecurity EXERCISE (CE) ATD Scenario questions
Computer Security By: Muhammed Anwar.
Networking for Home and Small Businesses – Chapter 8
Information Protection
Networking for Home and Small Businesses – Chapter 8
Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Introduction to Internet Worm
Information Protection
Presentation transcript:

Panel Discussion Can We Handle an Advanced Cyber Threat? Roy Wilson, CISSP, CEH, SEC+ Professor of Acquisition Cybersecurity Defense Acquisition University Mid-Atlantic Region roy.wilson@dau.mil

Can We Handle an Advanced Cyber Threat? Break the question down “Handle” “Advanced” Handle Systems are designed to prevent, mitigate and recover from cyber-attacks. Adversary Threat Tier (ATT) Advanced – ATT 4, Complex, long-term cyber-attack Moderate – ATT 3, Use customized malware Limited – ATT 2, Attack easily accessible unencrypted networks Nascent – ATT 1, Little-to-no organized cyber Students should be able to understand: the difference between threat, risk, attack and vulnerability how threats materialize into attacks where to find information about threats, vulnerabilities and attacks typical threats, attacks and exploits and the motivations behind them high-level understanding of how example attacks work (e.g. DDOS, phishing and buffer overflow) how users are targeted in an attack and why this must be considered in defending against such attacks the concept of a threat landscape, its dynamic nature and how to create a landscape for an organization how to classify threats and example categories that there are different attacks, which have different patterns and different steps – for example be able to compare a DDOS to an attack designed to copy information how to classify threats and example categories that there are different types of malware – for example viruses, Trojans and spyware – their distribution mechanism and a detailed understanding of how they compromise information and systems that attacks can be combined for greater effect (e.g. phishing email, followed by social engineering phone call) Can We Survive in a Cyber Contested Environment? Source – JCS Cyber Survivability Endorsement Implementation Guide, Rev 1.01a

Can We survive in a cyber contested environment? System Survivability KPP SS KPP = Kinetic, EW & Cyber Cyber Survivability Pillars Prevent – design principles that protect system’s mission functions from most likely cyber threats Mitigate – design principles to detect and respond to cyber- attacks; enable the mission system to survive attacks and complete the mission Recover – design principles to enable recovery from cyber- attacks and prepare mission systems for the next fight Students should be able to understand: the difference between threat, risk, attack and vulnerability how threats materialize into attacks where to find information about threats, vulnerabilities and attacks typical threats, attacks and exploits and the motivations behind them high-level understanding of how example attacks work (e.g. DDOS, phishing and buffer overflow) how users are targeted in an attack and why this must be considered in defending against such attacks the concept of a threat landscape, its dynamic nature and how to create a landscape for an organization how to classify threats and example categories that there are different attacks, which have different patterns and different steps – for example be able to compare a DDOS to an attack designed to copy information how to classify threats and example categories that there are different types of malware – for example viruses, Trojans and spyware – their distribution mechanism and a detailed understanding of how they compromise information and systems that attacks can be combined for greater effect (e.g. phishing email, followed by social engineering phone call) Source – JCS Cyber Survivability Endorsement Implementation Guide, Rev 1.01a

The Panel CAPT Dave Glennister Mr. Bryan Lopez Dr. Marv Langston Students should be able to understand: the difference between threat, risk, attack and vulnerability how threats materialize into attacks where to find information about threats, vulnerabilities and attacks typical threats, attacks and exploits and the motivations behind them high-level understanding of how example attacks work (e.g. DDOS, phishing and buffer overflow) how users are targeted in an attack and why this must be considered in defending against such attacks the concept of a threat landscape, its dynamic nature and how to create a landscape for an organization how to classify threats and example categories that there are different attacks, which have different patterns and different steps – for example be able to compare a DDOS to an attack designed to copy information how to classify threats and example categories that there are different types of malware – for example viruses, Trojans and spyware – their distribution mechanism and a detailed understanding of how they compromise information and systems that attacks can be combined for greater effect (e.g. phishing email, followed by social engineering phone call) Dr. Marv Langston Mr. Peter Bybee

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.