11 Canal Center Plaza, Alexandria, VA 22314 T 800.663.7138 F 703.684.5189 www.robbinsgioia.com Enterprise Computing Conference (ECC) Workshop Alma R. Cole,

Slides:



Advertisements
Similar presentations
Network Security Chapter 1 - Introduction.
Advertisements

Security intelligence: solving the puzzle for actionable insight Fran Howarth Senior analyst, security Bloor Research.
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
© QinetiQ North America, Inc QinetiQ North America, Inc. 1 Implementing an Enterprise Security Framework – Safeguarding Your Most.
Prepared for: DISA September 17, 2003 Establishing a Government Information Security System Presented to the IT AND COMMUNICATIONS SYSTEMS SECURITY CONFERENCE.
Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.
A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information Security) Certified COBIT 5 Assessor /Certified.
© BT PLC 2005 ‘Risk-based’ Approach to Managing Infrastructure a ‘Commercial Prospective’ Malcolm Page BT UK AFCEA Lisbon 2005.
OPM Cybersecurity Competencies by Occupation (Technical Competencies) Information Technology Management Series Electronics Engineering.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Network Vulnerability Scanning Xiaozhen Xue Dept. of Computer Science Texas Tech University, USA Akbar Siami Namin Dept. of Computer.
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Capabilities Briefing
Cyber Security Finance Forum 2012 Michael DuBose Managing Director & Practice Leader Cyber Investigations.
1 Security Risk Analysis of Computer Networks: Techniques and Challenges Anoop Singhal Computer Security Division National Institute of Standards and Technology.
Cyber Security of Smart Grid Systems
SEC835 Database and Web application security Information Security Architecture.
Lessons Learned in Smart Grid Cyber Security
Presented by: Cyber Operations Division 1 Navigating the Compliance, Risk and Engineering Cyber Security Challenges Impacting Navy Programs 2015 ASNE Intelligent.
Presentation title SUB TITLE HERE Intelligent 21st Century Strategies for Broadband and Cyber Infrastructures Security By Dr. Emmanuel Hooper, PhD, PhD,
Cybersecurity nexus (CSX)
Key System Engineering Processes for (Cost) Effective Cyber Security in a Dynamic Threat Environment. Kevin Stoffell September 11, 2015.
Why build a strategy? 7/15/2015 University of Wisconsin–Madison2 Options: Detection or Prevention Last strategic plan was five years old and never formally.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,
International Cyber Warfare and Security Conference Cyber Defence Germany's Analysis of Global Threats 19th November 2013, Ankara.
Enterprise Visibility & Security Analytics Rocky DeStefano, VP of Strategy & Technology.
Communications-Electronics Security Group. Excellence in Infosec.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
Training of Information Security for Common Users Dr. Francisco Eduardo Rivera FAA SALT Conference, February 18, 2004.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.
Enterprise Cybersecurity Strategy
E NGINEERING STUDIES IN T ELECOMMUNICATIONS S ECURITY School of Communication Engineering.
Connected Security Your best defense against advanced threats Anne Aarness – Intel Security.
Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.
The Digital Crime Scene: A Software Perspective Written By: David Aucsmith Presented By: Maria Baron.
Computer Security By Duncan Hall.
SMUHACNet 2005 Information Infrastructure for Border and Transportation Security Suku Nair.
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.
Cognitive & Organizational Challenges of Big Data in Cyber Defence. YALAVARTHI ANUSHA 1.
2© Copyright 2013 EMC Corporation. All rights reserved. Cyber Intelligence Fighting Cyber Crime Insert Event Date LEADERS EDGE.
Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.
How to Make Cyber Threat Intelligence Actionable
Information Security Principles and Practices by Mark Merkow and Jim Breithaupt Chapter 1: Why Study Information Security?
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
Financial Sector Cybersecurity R&D Priorities The Members of the FSSCC R&D Committee November 2014.
Despite of spending high on digital information security, organizations still remain exposed to external threats. However, data center providers are helping.
CS457 Introduction to Information Security Systems
Increasing Information and Data Security in Today’s Cybersecurity World 2017 Conference Review 6/6/2017.
UNIT I INTRODUCTION Growing IT Security Importance and New Career Opportunities – Becoming an Information Security Specialist – Conceptualizing.
Advanced Threat Protection
Today’s Risk. Today’s Solutions. Cyber security and
I have many checklists: how do I get started with cyber security?
CRITICAL INFRASTRUCTURE CYBERSECURITY
Panda Adaptive Defense Platform and Services
I UNDERSTAND CONCEPTS OF CYBERSECURITY
Network Traffic and Cybersecurity
Strategic threat assessment
WELCOME AOI Tech Solutions Get Instant Tech Help & Support.
Managing IT Risk in a digital Transformation AGE
WELCOME AOI Tech Solutions - Network Security.
DSC Contract Management Committee Meeting
Counter APT Counter APT HUNT operations combine best of breed endpoint detection response technology with an experienced cadre of cybersecurity experts.
Security intelligence: solving the puzzle for actionable insight
Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham
Presentation transcript:

11 Canal Center Plaza, Alexandria, VA T F Enterprise Computing Conference (ECC) Workshop Alma R. Cole, CISSP, EACOE VP Cybersecurity Robbins Gioia 6/15/2015

Confidential and Proprietary ©2013 Robbins-Gioia, LLC Current Cybersecurity Challenges Increasing dependence on Information Technology Increasingly greater complexity in systems and interconnections Shortage of qualified cyber security personnel Wide spread in security requirements, system architectures, and risk tolerance One size does not fit all

Confidential and Proprietary ©2013 Robbins-Gioia, LLC Increase in cyber threat actor skills, organization, and motivation Increasing frequency and intensity of attacks Ineffectiveness of traditional security tools due to constantly changing attacker Tactics, Techniques, and Procedures Attacks Constantly Evolving 3 Increases in data breaches and intrusions

Confidential and Proprietary ©2013 Robbins-Gioia, LLC Needs for turning the tide against cyber intrusions 1.Grow and develop technical cybersecurity practitioners “Cyber ninjas wanted” Understand hacker methods and how to use security technologies to detect and prevent them Developing skilled analysts capable of finding the new attacks through use of network traffic analysis, malicious code reverse engineering, intrusion forensics, and etc. Understand cyber vulnerabilities and how to remediate them

Confidential and Proprietary ©2013 Robbins-Gioia, LLC 2. Develop cyber-savvy business professionals “To defend the organization you need to understand the organization” Develop Security Enterprise Architecture experts and methods to assure understanding, alignment, and context Ensure that cyber risk and security requirements to support business objectives can be prioritized and effectively communicated to business leadership Needs for turning the tide against cyber intrusions (cont.) 5

Confidential and Proprietary ©2013 Robbins-Gioia, LLC 3. Develop next generation tools and platforms Security programs and tools should be designed to plan for failure Apply organizational context, cyber intelligence, and trends to make sense of the data Develop systems capable of sharing cyber information at machine speed Needs for turning the tide against cyber intrusions (cont.) 6

Confidential and Proprietary ©2013 Robbins-Gioia, LLC Cybersecurity risk is at an all time high due to increasing dependency on IT, complexity of systems, and sophistication of cyber threats The next generation of cyber professionals must not only have the correct technical knowhow but must understand the organization and the language of business to adequately align security programs, optimize security tools, and communicate risk and requirements to business leaders Design security programs to expect failure but learn from it adapt to changing attacks Develop security tools to make sense of the noise and to utilize and share cybersecurity information Summary Thoughts 7