CSIAC is a DoD Information Analysis Center (IAC) sponsored by the Defense Technical Information Center (DTIC) Presentation to: Insider Threat SOAR Workshop.

Slides:



Advertisements
Similar presentations
Selected Previous Studies Leif E Peterson. Outline Air Force S&E Future Study – 2002 National Defense University – 2008 NRC STEM Study for Air Force –
Advertisements

CUBIC DEFENSE APPLICATIONS Security Summit Discussions Jeff Snyder Vice President, Cyber Programs Cubic Defense Applications.
1 Moderated by Gordon Gillerman National Institute of Standards & Technology November 10, 2010 Ninth Annual ANSI-HSSP Plenary: U.S. European Collaboration.
1 Grid Modernization – A Strategic Imperative for 2050 Advanced Energy Conference May 1, 2013 By Carl Imhoff Electric Infrastructure Sector Manager Pacific.
South Carolina Cyber.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
1 CISR-consultancy Challenges “Customer ask us what to do next” Keywords: “Customer ask us what to do next” From Policy to Practise The world is going.
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
Remarks: Roadmapping and Hard Problems Sally E. Howe, Ph.D. Associate Director National Coordination Office for Networking and Information Technology Research.
Lecture 11 Reliability and Security in IT infrastructure.
Advanced Metering Infrastructure
© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Join Our Research Efforts in CCAA to Improve Cybersecurity Robustness, Resiliency and Management in Enterprises Information Slides to Encourage Your Organization.
“Cutting Costs or Cutting Our Throats?” Mark D. Troutman, Ph.D. Associate Director Center for Infrastructure Protection/Homeland Security George Mason.
Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.
Don Von Dollen Senior Program Manager, Data Integration & Communications Grid Interop December 4, 2012 A Utility Standards and Technology Adoption Framework.
Presentation title SUB TITLE HERE Intelligent 21st Century Strategies for Broadband and Cyber Infrastructures Security By Dr. Emmanuel Hooper, PhD, PhD,
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
© 2013 The MITRE Corporation. All rights reserved. Systems Engineering: MITRE & SERC Dr. J. Providakes Director, SE Tech Center “The SERC-MITRE Doctoral.
1 As a public interest company, MITRE works in partnership with the government to address issues of critical national
NSF Critical Infrastructures Workshop Nov , 2006 Kannan Ramchandran University of California at Berkeley Current research interests related to workshop.
Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.
Dependability in FP 6 Brian Randell Pisa Workshop, November 2002.
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
INTERACTIVE ANALYSIS OF COMPUTER CRIMES PRESENTED FOR CS-689 ON 10/12/2000 BY NAGAKALYANA ESKALA.
Responding to the Unexpected Yigal Arens Paul Rosenbloom Information Sciences Institute University of Southern California.
Mapping New Strategies: National Science Foundation J. HicksNew York Academy of Sciences4 April 2006 Examples from our daily life at NSF Vision Opportunities.
The Challenging Landscape of Critical Information Infrastructure: Are We Ready? Leonard Bailey Senior Counsel Computer Crime & Intellectual Property Section.
Cloud Market Readiness Report Finance, Media, and Legal Sectors March 2014 Trend Consulting 2013.
IARPA Overview Jason Matheny Director, IARPA October, 2015.
Economic Research and Policy Analysis Branch May 6, 2010 Access to Business Micro-Data to Support Economic Research and Policy Analysis: Where Do We Go.
Dr. Paul Losiewicz Senior Scientific Advisor Cyber Security and Information Systems Information Analysis Center (CSIAC)
© 2014 IBM Corporation Does your Cloud have a Silver Lining ? The adoption of Cloud in Grid Operations of Electric Distribution Utilities Kieran McLoughlin.
UNCLASSIFIED 1 National Security in Cyberspace: It Takes a Nation Sandra Stanar-Johnson NSA/CSS Representative to the Department of Homeland Security February.
Joint Concept Development and Experimentation (JCD&E)
1 The ILC Control Work Packages. ILC Control System Work Packages GDE Oct Who We Are Collaboration loosely formed at Snowmass which included SLAC,
Chapter 3 : Designing a Consolidation Strategy MCITP Administrator: Microsoft SQL Server 2005 Database Server Infrastructure Design Study Guide (70-443)
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
Security and Resilience Pat Looney Brookhaven National Laboratory April 2016.
Cyber security: Lithuanian National Regulatory Authority expertise in monitoring national networks resilience Dr. Rytis Rainys | rrt.lt at TAIEX Multi-beneficiary.
Program Overview and 2015 Outlook Finance & Administration Committee Meeting February 10, 2015 Sheri Le, Manager of Cybersecurity RTD.
A Layered Solution to Cybersecurity Dr. Erfan Ibrahim Cyber-Physical Systems Security & Resilience Center National Renewable Energy Laboratory.
© 2013 TM Forum | 1 V Catalysts and Innovation Projects Rapid Technology Innovation Projects The Hub at Management World 2013.
Advancing National Wireless Capability Date: March 22, 2016 Wireless Test Bed & Wireless National User Facility Paul Titus Department Manager, Communications.
Dr. Ir. Yeffry Handoko Putra
Eric Peirano, Ph.D., TECHNOFI, COO
EPA and Homeland Security
Eric Peirano, Ph.D., TECHNOFI, COO
Crisis management related research at
RDA US Science workshop Arlington VA, Aug 2014 Cees de Laat with many slides from Ed Seidel/Rob Pennington.
RDA WG on-farm data sharing IGAD / Barcelona
Information Technology Sector
DISA Global Operations
Cyber Resilient Energy Delivery Consortium
MetaOS Concept MetaOS developed by Ambient Computing to coordinate the function of smart, networked devices Smart networked devices include processing.
The ILC Control Work Packages
Detection and Analysis of Threats to the Energy Sector (DATES)
Algorithms for Big Data Delivery over the Internet of Things
Wenjing Lou Complex Networks and Security Research (CNSR) Lab
RESEARCH, EDUCATION, AND TRAINING FOR THE SMART GRID
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
David Sayago EU Research Funding Team Valorisation Centre.
Security and business continuity in ICT : a case study by Orange
IS4680 Security Auditing for Compliance
Matteo Merialdo RHEA Group Innovative aspects in cyber range solutions.
Computer Science and Engineering
Data and Applications Security
Data and Applications Security
Data and Applications Security
Presentation transcript:

CSIAC is a DoD Information Analysis Center (IAC) sponsored by the Defense Technical Information Center (DTIC) Presentation to: Insider Threat SOAR Workshop Dr. Paul B. Paul Losiewicz Senior Scientific Advisor Cyber Security and Information Systems Information Analysis Center 15 August 2013 Insider Threat Research and Development

Overview 2 Technology Increases Risk from Insider Threat Recent high level R&D Topics Recent R&D initiatives Implications and Policy Responses

Technology Increases Risk from Insider Threat 3 Computing capacity continues to increase while embedded systems proliferate. Operating systems gain efficiency and capability with more sensors and distributed controls linked to other operating systems. Infrastructure is capital intensive and expensive to operate. Efficient and cost minimizing approaches have great emphasis. SCADA systems have evolved to meet this need. Combination of greater computing power and reach afforded by linked information systems affords greater span of influence; asymmetric threats increase. Greater span of control allows fewer personnel to monitor a greater range of control systems – with lower personnel cost. Personnel costs are the highest business costs. Similar dynamic holds in intellectual property and knowledge management systems. Less expensive cloud storage allows for more information to be available to more collaborative processes by small to mid-size businesses

Recent High Level R&D topics Critical Infrastructure Security and Resilience (CISR) CSIAC input to Department of Homeland Security (DHS) EO13636/PPD-21 R&D WG Problems of complex system interdependencies must be adequately researched at the basic research level Cross-domain interfaces and influences must be thoroughly understood, represented and modeled at the applied research level Well-defined metrics must be appropriated from, and shared across, multiple domains and CI Sectors, to include Human Systems Interactions 8 Aug - NSA plans to eliminate 90% of Sys Admins using smart networks “Using technology to automate much of the work now done by employees and contractors would make the NSA's networks "more defensible and more secure," as well as faster” “These efforts pre-date Snowden's leaks, the agency has said, but have since been accelerated.” 4

Recent R&D initiatives Insider Threat Identification (Network Anomaly Detection) Chief Information Officer/Defense Information Systems Agency (CIO/DISA) CIO_DISA-13-BAA-RIF-0001 Demonstrate the ability to analyze trends, patterns and other relevant data to identify insider threats that exist on DoD networks. SBIR N : Cognitive Modeling for Cyber Defense Develop and validate a computational model of the cognitive processes from cues to actions of the attackers, defenders, and users to create a synthetic experimentation capability to examine, explore, and assess effectiveness of cyber operations. But has NOT yet been extended to Insider Threat profiles 5

Implications and Policy Responses? Technologically riskier environments require new solutions – New system monitoring, data mining, and anomaly detection methods are being pursued Risk to Privacy by Big Data Mining and Cognitive Modeling? – Congressional and public opinion divided post-Snowden, regardless of recent Administration defense of bulk data collection under Section 215 of the USA Patriot Act – Greater transparency vs. improving threat detection a challenge Cognitive (Smart) Networks development accelerated – will require corresponding advances in Secure Hardware and Protocols – may require advances in distributed High Performance Computing and Modeling and Simulation for Test and Evaluation before fielding New anomaly detection and cognitive approaches in Personnel Reliability need investigation – E.g. “Is Steganography and Steganalysis useful as a deterrent?” 6

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.