Michael Oehler. This is Hard We are an equal opportunity intrusion detector. –Alerts occur irrespective of the mission impact. We are still incident focused.

Slides:



Advertisements
Similar presentations
© Ravi Sandhu Introduction to Information Security Ravi Sandhu.
Advertisements

Systems Security Engineering An Updated Paradigm INCOSE Enchantment Chapter November 8, 2006 John W. Wirsbinski.
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Chapter 1 We’ve Got Problems…. Four Horsemen  … of the electronic apocalypse  Spam --- unsolicited bulk o Over 70% of traffic  Bugs ---
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
Ethics, Privacy and Information Security
Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.
1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.
Ch.5 It Security, Crime, Compliance, and Continuity
1 Telstra in Confidence Managing Security for our Mobile Technology.
© BT PLC 2005 ‘Risk-based’ Approach to Managing Infrastructure a ‘Commercial Prospective’ Malcolm Page BT UK AFCEA Lisbon 2005.
University of Guelph IT Security Policy Doug Blain Manager, IT Security ISC, April 27th.
April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.
Computer Security: Principles and Practice
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Stephen S. Yau CSE , Fall Security Strategies.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Bluehat 2014 Looking back and driving forward Chris Betz Senior Director Microsoft Security Response Center.
Introduction to Network Defense
Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.
SEC835 Database and Web application security Information Security Architecture.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Thursday, January 23, :00 am – 11:30 am. Agenda  Cyber Security Center of Excellence  Project Phase  Implementation  Next Steps 2.
“Assuring Reliable and Secure IT Services”. IT Redundancy: Its Value How much reliability to buy? Customer Service impacted as a result of 15 minutes.
1 Figure 1-17: Security Management Security is a Primarily a Management Issue, not a Technology Issue Top-to-Bottom Commitment  Top-management commitment.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 1 – Overview.
Computer Security: Principles and Practice
Honeypot and Intrusion Detection System
Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.
Assessment Presentation Philip Robbins - July 14, 2012 University of Phoenix Hawaii Campus Fundamentals of Information Systems Security.
VoIP Security in Service Provider Environment Bogdan Materna Chief Technology Officer Yariba Systems.
Security Mark A. Magumba. Definitions Security implies the minimization of threats and vulnerabilities A security threat is a harmful event or object.
Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.
Computer Science and Engineering 1 Information Assurance Research Department of Computer Science and Engineering University of South Carolina, Columbia.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Basic Security Networking for Home and Small Businesses – Chapter 8.
Cyber Terrorism Shawn Carpenter Computer Security Analyst
Federal Cybersecurity Research Agenda June 2010 Dawn Meyerriecks
Information Systems, Security, and e-Commerce* ACCT7320, Controllership C. Bailey *Ch in Controllership : The Work of the Managerial Accountant,
HO © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil.
E NGINEERING STUDIES IN T ELECOMMUNICATIONS S ECURITY School of Communication Engineering.
Assuring Reliable and Secure IT Services Chapter 6.
Yan Chen Dept. of Electrical Engineering and Computer Science Northwestern University Spring Review 2008 Award # : FA Intrusion Detection.
©Ian Sommerville 2000Dependability Slide 1 Chapter 16 Dependability.
Coast Guard Cyber Command
Palindrome Technologies all rights reserved © 2016 – PG: Palindrome Technologies all rights reserved © 2016 – PG: 1 Peter Thermos President & CTO Tel:
Welcome Information Security Office Services Available to Counties Security Operations Center Questions.
Cyber Security – Client View Peter Gibbons | Head of Cyber Security, Group Business Services Suppliers’ Summer Conference 15/07/2015.
Contingency Management Indiana University of Pennsylvania John P. Draganosky.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.
Cybersecurity: Risk Management
On-Line Meeting 2 October 25, 2016.
Team 1 – Incident Response
Design for Security Pepper.
and Security Management: ISO 28000
Managing Secure Network Systems
Capabilities Matrix Access and Authentication
UNIT I INTRODUCTION Growing IT Security Importance and New Career Opportunities – Becoming an Information Security Specialist – Conceptualizing.
Intrusion Tolerant Systems Workshop: Anomaly Detection Group
Best Practices in Cyber Security Maggy Powell Senior Manager Real-Time Systems Security Exelon 21 March 2018.
Threat Trends and Protection Strategies Barbara Laswell, Ph. D
Networking for Home and Small Businesses – Chapter 8
Best Practices in Cyber Security Maggy Powell Senior Manager Real-Time Systems Security Exelon 26 September 2018.
Networking for Home and Small Businesses – Chapter 8
Networking for Home and Small Businesses – Chapter 8
Albeado - Enabling Smart Energy
What is Cybersecurity Office of Information Technology
Presentation transcript:

Michael Oehler

This is Hard We are an equal opportunity intrusion detector. –Alerts occur irrespective of the mission impact. We are still incident focused –We respond to today’s worm, virus, botNet And not on the (big) structured threat.

This is Easy (Well, these are hard too) Extrapolate security into Real Time Systems –Absolutely necessary but not sufficient for the criticality of these systems. Security Services (CIA, APAIN, ICAA, …) –and the Classical/corresponding security matrix –Availability and Integrity Defense in Depth Protect, Detect, Respond, & Restore People, Processes, & Technology 8 Disciplines of Information Assurance Continued…

Security Domains for RT Sys System Evaluation, accreditation, and certification Vulnerability Assessments: –Risk = Threat  Vulnerability  Value - Counter Measures Battle Damage Assessments Recovery, restoration, Continuity Operations Code Validation, Security Engineering, formal methods, security fault analysis Physical Security for PCS and SCADA Emanation and caustic resilience Communications Security and secure management Attack sensing and warning, IDS, IPS Fault tolerance and graceful failures Interconnectivity policies & Interdependency models

The end Classical Security Quotations “There is no security through obscurity.” Myth: ostriches do not bury their heads in the sand! If I own your machine and you patch it, I still own your machine. –Corollary: A popped box patched is popped Hard and crunchy on the outside soft and chewy on the inside. –Don’t let this be the design philosophy driving your design. – Defense in Depth! “Security is a process, not a product.” –Bruce Schneier

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.