Ali Alhamdan, PhD National Information Center Ministry of Interior Secure C2 Systems Ali Alhamdan, PhD National Information Center Ministry of Interior April 28th, 2015
Command and Control Systems Collection of technology, people, information and business All military functions and operations War is a complex phenomenon and interact with enemy’s complex system in a competitive way A process of continuous adaptation Technology People Information Business Alhamdan
Command and Control Systems Trusted and secure C2 systems High availability C2 systems Right access from right people or systems Consider security methodology, standard and technology Vulnerabilities can be exploited anywhere and anytime Threats and APT C2 is targeted Alhamdan
Commanders rely HEAVILY on trusted and available systems C2 and Security Commanders rely HEAVILY on trusted and available systems Alhamdan
Security Statistics Estimated annual cost globally around 100 Billion and expected to be 120.1 Billion by 20171 556 Million victims per year1 10% of social network users are fallen victim1 59% of ex-employees admitted to steal company data after leaving job1 92% of 100,000 security incidents are covered by 9 attack patterns2 Sources: 1) Go-Gulf (http://www.go-gulf.com/blog/cyber-crime/) 2) Verizon - 2014 Data breach investigations report 3) Symantec, 2014 Internet Security Threat Report, Volume 19 Alhamdan
Motivations of Cyber Attacks Percentage (%) Cyber Crime 40% Hacktivism 50% Cyber Warfare 3% Cyber Espionage 7% Source: Go-Gulf (http://www.go-gulf.com/blog/cyber-crime/) Alhamdan
Characteristics of New Threats Open Hidden Known & Patchable Unknown & Zero Day TRADITIONAL THREATS ADVANCED THREATS Broad Targeted One Time Persistent Alhamdan
Security Statistics 10 years of threat actions leading to data breaches Number of breaches per threat action category over time Source: Verizon - 2014 Data breach investigations report Alhamdan
Widening Security Gap Sources: IDC Alhamdan
Security and C2 Implementation attacks Insecure channels Use cryptograph: Confidentiality: preventing unauthorized disclosure of information Integrity: maintaining and assuring the accuracy and consistency of data over its entire life-cycle and ensuring the information originality Availability: ensuring resources are accessible when required by an authorized user Access control Identification Authentication (multi factors) Authorization (level privileges) Alhamdan
Security Defense Security culture (awareness) Security operation center (SOC) Analytic methods Investigation and forensics Defines of depth Challenge: most tools discover around 90% of the total attacks, APT!! Alhamdan
Security Baseline Apply and comply with the international standards e.g. ISO 27001 and 27002 NIST (e.g. 800-53, 800-37, 800-14,... etc.) Business Continuity Management Alhamdan Ali
To be Should build required capabilities (Human & Tech) Enhance security culture Adapt automated and sophisticated tools and methods of cyber security Share knowledge and information about attacks with others Adopt intelligent systems (monitoring, analyzing, detecting and preventing) Alhamdan
Should Be Predictive Proactive Reactive Privileged access management Multi factor authentication VA/PT & DLP Real time policy enforcement Analytics based on live feeds from multiple sources integrated with management consoles Reactive Proactive Predictive Single sign on Encryption Mobile device management Logging and monitoring Network management SIEM solutions Access control One factor authentication Device password Acceptable use policy Alhamdan
Alhamdan