Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Security: Past and Future John M. Gilligan CERT’s 20 th Anniversary Technical Symposium Pittsburgh, PA www.gilligangroupinc.com March 10, 2009.

Published byJacob Jeffrey Booth Modified over 9 years ago

Similar presentations

Presentation on theme: "Cyber Security: Past and Future John M. Gilligan CERT’s 20 th Anniversary Technical Symposium Pittsburgh, PA www.gilligangroupinc.com March 10, 2009."— Presentation transcript:

1 Cyber Security: Past and Future John M. Gilligan CERT’s 20 th Anniversary Technical Symposium Pittsburgh, PA www.gilligangroupinc.com March 10, 2009

2 Topics Historical Perspectives Cyber Security Today--A National Crisis Cyber Security Commission Recommendations Near Term Opportunities Longer-Term Game Changing Initiatives Closing Thoughts 2

3 Historical Perspectives Computer Security in the Cold War Era Security “Gurus”—Keepers of the Kingdom The Internet changes the security landscape-- forever The Age of Information Sharing Omissions of the past are now our “Achilles Heel” Our Approaches To Providing Mission Enabling IT Are Stuck In The Past 3

4 Cyber Security Today—A New “Ball Game” Our way of life depends on a reliable cyberspace Intellectual property is being downloaded at an alarming rate Cyberspace is now a warfare domain Attacks increasing at an exponential rate Fundamental network and system vulnerabilities cannot be fixed quickly Entire industries exist to “Band Aid” over engineering and operational weaknesses Cyber Security is a National Security Crisis! 4

5 Commission Cyber Security for the 44 th Presidency: Key Recommendations Create a comprehensive national security strategy for cyberspace Lead from the White House Reinvent public-private partnerships Regulate cyberspace Modernize authorities Leverage government procurement Build on recent progress with CNCI 5

6 Near-Term Opportunities Use government IT acquisitions to change IT business model Enhance public-private partnerships Adopt the Consensus Audit Guidelines (CAG) Update FISMA Implement more secure Internet protocols Implement comprehensive, federated authentication strategy Leverage Stimulus Package to improve cyber security 6

7 Use Government IT Procurement Cyber security needs to be reflected in our contractual requirements Many “locked down” configuration defined Use government-industry partnership to accelerate implementation of secure configurations Get started now, improve configuration guidelines over time and leverage SCAP! Build on FDCC Successes and Lessons Learned 7

8 Security Content Automation Protocol (SCAP) What is it: A set of open standards that allows for the monitoring, positive control, and reporting of security posture of every device in a network. How is it implemented: Commercial products implement SCAP protocols to exchange and enforce configuration, security policy, and vulnerability information. Where is it going: Extensions in development to address software design weaknesses, attack patterns, and malware attributes. SCAP Enables Automated Tools To Implement And Enforce Secure Operations 8

9 Enhance Public-Private Partnerships Most of our nation’s critical infrastructure is owned by the private sector Much of our government-sponsored research intellectual property is “protected” by industry Regulators need to guide/govern private sector efforts Private and public sectors must act in cooperation – Defense Industrial Base (DIB): an excellent model Protecting Government and Military Systems Is Not Sufficient 9

10 Implement Consensus Audit Guidelines (CAG) Underlying Rationale – Let “Offense drive Defense” – Focus on most critical areas CAG: Twenty security controls based on attack patterns Emphasis on auditable controls and automated implementation/enforcement Public comment period through March 25 th Pilots and standards for tools later this year 10

11 Update FISMA Emphasize evaluating effectiveness of controls vs. paper reviews Enhance authority and accountability of CISO Foster government leadership – Independent, expert reviews – Procurement standards – Dynamic sharing of lessons learned 11

12 Near-Term Opportunities Use government IT acquisitions to change IT business model Enhance public-private partnerships Adopt Consensus Audit Guidelines (CAG) Update FISMA Implement more secure Internet protocols Implement comprehensive, federated authentication strategy Leverage Stimulus Package to improve cyber security 12

13 Longer-Term: IT Reliably Enabling Economy Change the dialogue: Reliable, resilient IT is fundamental to future economic growth New business model for software industry Redesign the Internet Get the “man out of the loop”—use automated tools (e.g., SCAP) Develop professional cyberspace workforce Foster new IT services models Need to Fundamentally “Change the Game” to Make Progress 13

14 Closing Thoughts Government and Industry need to treat cyber security as an urgent priority Near-term actions important but need to fundamentally change the game to get ahead of threat IT community needs to reorient the dialogue on cyber security—the objective is reliable and resilient information Cyber Security is Fundamentally a Leadership Issue! 14

15 Contact Information jgilligan@gilligangroupinc.com www.gilligangroupinc.com John M. Gilligan 15

16 16 Security Standards Efforts: Security Content Automation Protocol (SCAP) CPE (Platforms) What IT systems do I have in my enterprise? CVE (Vulnerabilities) What vulnerabilities do I need to worry about? CVSS (Scoring System) What vulnerabilities do I need to worry about RIGHT NOW? CCE (Configurations) How can I configure my systems more securely? XCCDF (Configuration Checklists) How do I define a policy of secure configurations? OVAL (Assessment Language) How can I be sure my systems conform to policy?

17 Security Standards Efforts: Next Steps* 17 CPE (Platforms) What IT systems do I have in my enterprise? CVE (Vulnerabilities) What vulnerabilities do I need to worry about? CVSS (Scoring System) What vulnerabilities do I need to worry about RIGHT NOW? CCE (Configurations) How can I configure my systems more securely? XCCDF (Configuration Checklists) How do I define a policy of secure configurations? OVAL (Assessment Language) In Progress How can I be sure my systems conform to policy? CWE (Weaknesses) What weaknesses in my software could be exploited? CAPEC (Attack Patterns) What attacks can exploit which weaknesses? CEE (Events) What should be logged, and how? CRF (Results) How can I aggregate assessment results? MAEC (Malware Attributes) How can we recognize malware? * Making Security Measurable – The MITRE Corporation

Download ppt "Cyber Security: Past and Future John M. Gilligan CERT’s 20 th Anniversary Technical Symposium Pittsburgh, PA www.gilligangroupinc.com March 10, 2009."

Similar presentations

ICANN Plan for Enhancing Internet Security, Stability and Resiliency.

ICANN Plan for Enhancing Internet Security, Stability and Resiliency.
Steps towards E-Government in Syria

Steps towards E-Government in Syria
AFCEA DC Cyber Security Symposium Military Joint Cyber Command Panel Harry Raduege Lieutenant General, USAF (Ret) Chairman, Center for Network Innovation.

AFCEA DC Cyber Security Symposium Military Joint Cyber Command Panel Harry Raduege Lieutenant General, USAF (Ret) Chairman, Center for Network Innovation.
Tony Rutkowski Yaana Technologies Georgia Tech Q.4/17 Rapporteur

Tony Rutkowski Yaana Technologies Georgia Tech Q.4/17 Rapporteur
Homeland Security at the FCC July 10, 2003. FCCs Homeland Security Focus Interagency Partnerships Industry Partnerships Infrastructure Protection Communications.

Homeland Security at the FCC July 10, FCCs Homeland Security Focus Interagency Partnerships Industry Partnerships Infrastructure Protection Communications.
The Military Challenge of Cyber AOC Talk on Cyber, EW and IO Dr Gary Waters, 17 April 2012.

The Military Challenge of Cyber AOC Talk on Cyber, EW and IO Dr Gary Waters, 17 April 2012.
1 SANS Technology Institute - Candidate for Master of Science Degree 1 Automating Crosswalk between SP 800, 20 Critical Controls, and Australian Government.

1 SANS Technology Institute - Candidate for Master of Science Degree 1 Automating Crosswalk between SP 800, 20 Critical Controls, and Australian Government.
Overview of Priorities and Activities: Shared Services Canada Presentation to the Information Technology Infrastructure Roundtable June 17, 2013 Liseanne.

Overview of Priorities and Activities: Shared Services Canada Presentation to the Information Technology Infrastructure Roundtable June 17, 2013 Liseanne.
THE STRATEGIC COUNCIL LEADERSHIP TRUST AND ENGAGEMENT NEW FUNDING SOURCES AND NEW DELIVERY VEHICLES Appendix 1 NEW FUNDING SERVOURCES AND NEW DELIVERY.

THE STRATEGIC COUNCIL LEADERSHIP TRUST AND ENGAGEMENT NEW FUNDING SOURCES AND NEW DELIVERY VEHICLES Appendix 1 NEW FUNDING SERVOURCES AND NEW DELIVERY.
Federal Desktop Core Configuration and the Security Content Automation Protocol Peter Mell, National Vulnerability Database National Institute of Standards.

Federal Desktop Core Configuration and the Security Content Automation Protocol Peter Mell, National Vulnerability Database National Institute of Standards.
Private Sector Perspectives on Federal Financial Systems Modernization and Shared Services.

Private Sector Perspectives on Federal Financial Systems Modernization and Shared Services.
Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.

Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.
SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.

SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
The U.S. Coast Guard’s Role in Cybersecurity

The U.S. Coast Guard’s Role in Cybersecurity
Cyber Security R&D Challenges: A Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D 202-254-5802.

Cyber Security R&D Challenges: A Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
Distribution Statement A: Approved for Public Release; Distribution is unlimited. 1 Electronic Warfare Information Operations 29 MAR 2011 Val O’Brien.

Distribution Statement A: Approved for Public Release; Distribution is unlimited. 1 Electronic Warfare Information Operations 29 MAR 2011 Val O’Brien.
National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Cybersecurity Brief [Date of presentation]

National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Cybersecurity Brief [Date of presentation]
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Similar presentations

Ads by Google