1 James Houghton Michael Siegel Advancing Cybersecurity Using System Dynamics Simulation Modeling For Analyzing & Disrupting Cybercrime Ecosystem & Vulnerability.

Slides:



Advertisements
Similar presentations
Armour and Protection Science and Technology Centre June 2013
Advertisements

SET Plan conference 2013 Session 4: Support the market roll-out of innovative solutions Access to risk finance under Horizon May 2013 Martin KOCH.
When you have completed your study of this chapter, you will be able to C H A P T E R C H E C K L I S T Explain how banks create money by making loans.
SSE14 – Students will explain the Characteristics of Pure Competition You have to --- –Know what pure competition is. –Understand How it works. Buyers.
AFCEA DC Cyber Security Symposium Military Joint Cyber Command Panel Harry Raduege Lieutenant General, USAF (Ret) Chairman, Center for Network Innovation.
James D. Brown Chief Engineer and Senior Fellow Information Resource Management L-3 Communications.
Trade Promotion Management Study Summary Charts
Crops Choice Info sheets. Peas Cost of seed: £500 Expected selling price: £ Selling price will increase by 20% if product is farmed organically.
1 NEST New and emerging science and technology EUROPEAN COMMISSION - 6th Framework programme : Anticipating Scientific and Technological Needs.
©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Mary Ann Fitzsimmons Regional.
Energy and Foreign Policy
Strategy Review Meeting Strategy Review Meeting
Finding vulnerabilities in your software before attackers do Supported by Her Majesty’s Government and U.S. Department of Homeland Security, Science &
1 Michael Siegel James Houghton Advancing Cybersecurity Using System Dynamics Simulation Modeling For System Resilience, Patching, and Software Development.
Classification The Threat Environment Joyce Corell, NCSC Assistant Director for Supply Chain National Defense Industrial Association Global Supply Chain.
USING EMET TO DEFEND AGAINST TARGETED ATTACKS PRESENTED BY ROBERT HENSING – SENIOR CONSULTANT – MICROSOFT CORPORATION MICHAEL MATTES – SENIOR CONSULTANT.
Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.
David Flournoy Bit9 Mid-Atlantic Regional Manager
Cyber Resilience Simon Onyons Financial Stability – Resilience Team.
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Providing Practical Solutions Winning the Talent Wars for Recruiting and Retaining 21 st Century Cyber Engineers Jeff Kubik, PMP, CISSP Sr PM, Praxis Engineering.
IT:Network:Microsoft Applications
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
Critical Emerging Network-Centric Applications Tele-control/tele-presence Defense Tele-medicine Remote plane/vehicle/robot control Distance learning Real-time.
By: Jeff Siglin BADM 559 Professor Michael Shaw. SaaS Introduction  What is it?  Technically Speaking: It’s software that’s developed and hosted by.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Can your team outwit, outplay and outlast your opponents to be the ultimate CyberSurvivor?
Cyber Security Nevada Businesses Overview June, 2014.
Linux vs. Windows: A Comparison of Application and Platform Innovation Incentives for Open Source and Proprietary Software Platforms Submitted By: Kishan.
Cyber vulnerabilities and the threat of attack: Making things better:
Legitimate Vulnerability Markets By: Jeff Wheeler.
What political and regulatory forces will influence the market?
MA “International Relations, Global Economy and Strategic Analysis” COURSE OUTLINE.
1 Browser Compatibility Assessment June 2 nd, 2015.
High Assurance Products in IT Security Rayford B. Vaughn, Mississippi State University Presented by: Nithin Premachandran.
Security Mindset Lesson Introduction Why is cyber security important?
TÜBİTAK – BİLGEM – SGE Cyber Security Institute Asım Gençer Gökce TÜBİTAK BİLGEM Cyber Security Institute (SGE) Role: Cyber.
Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.
1  Carnegie Mellon University Overview of the CERT/CC and the Survivable Systems Initiative Andrew P. Moore CERT Coordination Center.
Welcome Information Security Office Services Available to Counties Security Operations Center Questions.
2016 ECOMMERCE PREDICTIONS: INNOVATE OR DIE BY HARIHARAN KOLAM.
© 2016 Global Market Insights, Inc. USA. All Rights Reserved Fuel Cell Market size worth $25.5bn by 2024 Industrial Control Systems.
The Need of CSIRT in Enterprise Keyur Desai – Vice President - IT
General information Targeted topics
Cybersecurity as a Business Differentiator
Increasing Information and Data Security in Today’s Cybersecurity World 2017 Conference Review 6/6/2017.
General information Targeted topics
Shadow Brokers – Details on Leaked Cyberintelligence Tools and Vulnerabilities A brief research note for Info-Tech’s members.
Careers in Cyber Security
Cisco 2017 Security Annual Report
THR2099 What to do BEFORE all hell breaks loose: Building a modern cybersecurity strategy.
General information Organisation logo Targeted topics
The National Initiative for Cybersecurity Education (NICE)  AFCEA International Cyber Education, Research, and Training Symposium January 17, 2018 Bill.
Phase 4: Compelling Case for Change
بهترین راهکار را انتخاب کنید...
BCC 403 Education for Service-- tutorialrank.com
SEC 210 Become Exceptional/ newtonhelp.com. SEC 210 Assignment Emergency Planning And Risk Assessments For more course tutorials visit
How to approach a top-down call topic in Horizon 2020?
2018 Autonomous Vehicle Summit
National Cyber Security
PGE Chris Nolke, Director of Cybersecurity
CRITICAL INFRASTRUCTURE CYBERSECURITY
Opportunities in Horizon2020 in Cybersecurity call for proposals
I UNDERSTAND CONCEPTS OF CYBERSECURITY
Dominic DeSoto, Jay Jackson IA 455 Oct. 23, 2017
The State of Cybersecurity in State Government NAST March 26, 2019
Best Practices in Cyber Security Maggy Powell Senior Manager Real-Time Systems Security Exelon 26 September 2018.
© 2016 Global Market Insights, Inc. USA. All Rights Reserved Fuel Cell Market size worth $25.5bn by 2024 Low Power Wide Area Network.
CYBER RISKS IN SECURITIES SERVICES
Security of Department of Defense Acquisition Ecosystem
Presentation transcript:

1 James Houghton Michael Siegel Advancing Cybersecurity Using System Dynamics Simulation Modeling For Analyzing & Disrupting Cybercrime Ecosystem & Vulnerability Markets Interdisciplinary Consortium for Improving Critical Infrastructure Cybersecurity (IC) 3 3 Sept 2014

Resolving Emergent Issues In Cyber Security: Vulnerability Markets

How do white markets influence black market pricing? An exploit’s price factors in both how widely the target software is used as well as the difficulty of cracking it. Greenberg - Forbes Black Market (Forbes 2012) White Market (2014) IOS$100k-$250k$0k Android$30k-$60k$0.5k – $3.1k MS Windows$60k-$120k$50-$100k Internet Explorer$80k-$200k11k

What is the lifecycle of cybercrime? ‘Selling a bug to the Russian mafia guarantees it will be dead in no time, and they pay very little money … They monetize exploits in the most brutal and mediocre way possible…’ -Grugq, third party broker Greenberg, Forbes ‘We are setting aside a $100K budget to purchase browser and browser plug-in vulnerabilities, which are going to be used exclusively by us, without being released to public’ -Paunch, Author of Blackhole, Jan ‘13 Krebs on Security Data from Microsoft Security Bulletins, Krebs on Security Vulnerability Budget

How do bug bounty programs influence vulnerability supply? Bounty Evolution: $100,000 for New Mitigation Bypass Techniques Wanted Dead or Alive “Microsoft is announcing the first evolution of its bounty programs, first announced in June of We are expanding the pool of talent who can participate and submit novel mitigation bypass techniques and defensive ideas to include responders and forensic experts who find active attacks in the wild.” - Katie Moussouris, BlueHat Blog

How does State investment in cyber capability influence foreign behavior? “The Chinese are conducting espionage on a massive scale. [If we] ban sales of … exploits to the U.S. and European allies … the only possible outcome is that the Chinese will increase their internal production and skills and the…West will fall behind.” -Grugq, third party broker Greenberg, Forbes

Cyber Security Challenge: Resolving Problems As Part Of A Larger System White/Black Market Competition State Actor Market Influence Cyber Crime Lifecyle Bug Bounty Vulnerability Supply

Summary Cybersecurity solutions require a holistic approach Systems modeling considers, behavior, management, policy and technology The case of patching and software quality provide insights into timing and approaches Bug bounty programs and vulnerability markets have significant effect on security and the cyber ecosystem 9

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.