Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mr. Mario Beccia – Cyber Defence Project Officer November 2018

Published bySamuel Carroll Modified over 6 years ago

Similar presentations

Presentation on theme: "Mr. Mario Beccia – Cyber Defence Project Officer November 2018"— Presentation transcript:

1 Mr. Mario Beccia – Cyber Defence Project Officer November 2018
Cyberspace threats Mr. Mario Beccia – Cyber Defence Project Officer November 2018

2 Cyberspace For the purpose of this session, cyberspace can be described with the following properties: Bilateral Human and network engagement Hyper connectivity and networking No geographical boundaries Owned by commercial entities (not owned or controlled by governments)

3 Cyber weapon A cyber weapon:
Is sponsored or employed by a state or non-state actor Meets an objective which would otherwise require espionage or the use of force Is employed against specific targets Its effects vary greatly with usage and time Unlike for instance CBR agents, cyber ‘weapons’ are neither banned nor controlled internationally.

4 Who do we defend from? Counter measures (incremental) Resources Actor
Diplomatic / Political measures Commercial Cybersecurity measures Cyber Hygiene Tier I Inject new vulnerabilities, create game-changing tools Resources (infinite) 100000s of EUR 100s of EUR Actor State Actors Cybercriminals Hacktivists, casual hackers Tier II Find new vulnerabilities, exploit them with new tools Tier III Use existing tools & vulnerabilities

5 Our mission in cyberspace
Achieve Better Cybersecurity Resilience Cyber Resilience = Cybersecurity + Business Resilience* Risk Management, as opposed to Risk Avoidance Manage the “unknown” (known and unknown unknowns), as opposed to manage the “known” People, Process, Technology Source: adapted from the ISO27001 definition of Cyber Resilience

6 Cyber Resilience: Goals
Anticipate  Maintain a state of informed preparedness in order to forestall compromises of mission/business functions from adversary attacks Withstand  Continue essential mission/business functions despite successful execution of an attack by an adversary Recover  Restore mission/business functions to the maximum extent possible subsequent to successful execution of an attack by an adversary Evolve  To change missions/business functions, so as to minimize adverse impacts from actual or predicted adversary attacks

7 Achieve better Cybersecurity Resilience
Better cybersecurity resilience implies: Better preparedness (people) Better organization of assets (process) Better assets (technology) A mixture of cybersecurity capabilities (in the DOTMLPFI sense, including materiel, personnel, organization, etc…) Once in place, appropriate capabilities ensure the ability to execute processes across the entire scope of cybersecurity, such as: Preparedness Incident analysis and response Deterrence Information sharing

8 EDA Cyber defence projects
Anticipate People Process Technology Withstand Recover Evolve CDTEX-P (training course management) Senior Decision Makers Seminar (training&education) Cyber Ranges Federation (training&education) CySAP (cyber situational awareness) MASFAD II (APT detection) DCEC2 (forensics)

9 Thank you For More information Follow us on Twitter www.eda.europa.eu
@EUDefenceAgency

Download ppt "Mr. Mario Beccia – Cyber Defence Project Officer November 2018"

Similar presentations

Being Proactive and Less Reactive in Security Operations and Cyber Attack Response Christina Raftery, MCSE, CISSP FBI Los Angeles Field Office.

Being Proactive and Less Reactive in Security Operations and Cyber Attack Response Christina Raftery, MCSE, CISSP FBI Los Angeles Field Office.
Threat Intelligence Use in Information Security: History, Theory and Practice Tim Gallo Cyber Security Field Engineering 1.

Threat Intelligence Use in Information Security: History, Theory and Practice Tim Gallo Cyber Security Field Engineering 1.
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Cyber Metrics in the DoD or How Do We Know What We Don’t Know? John S. Bay, Ph.D. Executive Director.

Cyber Metrics in the DoD or How Do We Know What We Don’t Know? John S. Bay, Ph.D. Executive Director.
National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Cybersecurity Brief [Date of presentation]

National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Cybersecurity Brief [Date of presentation]
Adopt & Adapt Tips on Enterprise Data Management Annette Pence September 10, 2009 MITRE.

Adopt & Adapt Tips on Enterprise Data Management Annette Pence September 10, 2009 MITRE.
Cyber Resilience Simon Onyons Financial Stability – Resilience Team.

Cyber Resilience Simon Onyons Financial Stability – Resilience Team.
Application Threat Modeling Workshop

Application Threat Modeling Workshop
Technician Module 2 Unit 8 Slide 1 MODULE 2 UNIT 8 Prevention, Intelligence & Deterrence.

Technician Module 2 Unit 8 Slide 1 MODULE 2 UNIT 8 Prevention, Intelligence & Deterrence.
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
11 Canal Center Plaza, Alexandria, VA 22314 T 800.663.7138 F 703.684.5189 www.robbinsgioia.com Enterprise Computing Conference (ECC) Workshop Alma R. Cole,

11 Canal Center Plaza, Alexandria, VA T F Enterprise Computing Conference (ECC) Workshop Alma R. Cole,
Operations Security (OPSEC) 301-371-1050. Introduction  Standard  Application  Objectives  Regulations and Guidance  OPSEC Definition  Indicators.

Operations Security (OPSEC) Introduction  Standard  Application  Objectives  Regulations and Guidance  OPSEC Definition  Indicators.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.

Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Cyber Warfare Situational Awareness & Best Defense Practices Presented by Hasan Yasar 19.11.2013.

Cyber Warfare Situational Awareness & Best Defense Practices Presented by Hasan Yasar
Threat context TLP WHITE Cyber security panel

Threat context TLP WHITE Cyber security panel
The Internet of Things, WTF? Rik Ferguson Vice President, Security Research Trend #CLOUDSEC.

The Internet of Things, WTF? Rik Ferguson Vice President, Security Research Trend #CLOUDSEC.
Incident Response… Be prepared for “not if” but “when” it happens.

Incident Response… Be prepared for “not if” but “when” it happens.
1 2012 USACE Flood Risk Management and Silver Jackets Workshop Sandra K. Knight, PhD, PE, D.WRE Deputy Associate Administrator for Mitigation, FEMA August.

USACE Flood Risk Management and Silver Jackets Workshop Sandra K. Knight, PhD, PE, D.WRE Deputy Associate Administrator for Mitigation, FEMA August.
Latest Strategies for IT Security Margaret Myers Principal Director, Deputy CIO United States Department of Defense North American Day 2006.

Latest Strategies for IT Security Margaret Myers Principal Director, Deputy CIO United States Department of Defense North American Day 2006.
1 Simulation Needs for Cyber Analytics 28-30 October PNNL-SA-63095.

1 Simulation Needs for Cyber Analytics October PNNL-SA

Similar presentations

Ads by Google