Presentation is loading. Please wait.

Presentation is loading. Please wait.

NoVA ARMA February 2015 Tony Sager The Future of Cyberdefense is… Information Management.

Published byDorothy Bradford Modified over 9 years ago

Similar presentations

Presentation on theme: "NoVA ARMA February 2015 Tony Sager The Future of Cyberdefense is… Information Management."— Presentation transcript:

1 NoVA ARMA February 2015 Tony Sager The Future of Cyberdefense is… Information Management

2 The optimal place to solve a security problem is … …never where you found it. --Corollary: and the information for the solution is never in the right form.

3 If it is happening to you today, then... …it happened to someone else yesterday, and it will happen to someone else tomorrow. --Corollary: and you probably don’t know them

4 After you figured out what happened, there were... …plenty of signs that could have told you it was coming. --Corollary: but not all the signs are in “cyberspace”, or available to “cyber defenders”

5 So the future of cyberdefense is... …an information management problem.

6 Information Plumbing

7 The Security “Fog of More” standards SDL supply-chain security security bulletins user awareness training browser isolation two-factor authentication encryption incident response security controls threat intelligence whitelisting need-to-know SIEM virtualization sandbox compliance maturity model anti-malware penetration testing audit logs baseline configuration risk management framework continuous monitoring DLP threat feed certification assessment best practice governance

8 Some Unfortunate Facts The vast majority of compromises are based on known problems that have known solutions 85% of the incidents managed by the US-CERT come down to the same 5 basic defenses Most attacks should have been blocked at the perimeter Very few attackers use “stealth” techniques Very few defenders have automated workflow

9 The Defender’s Challenges How can I extend my information ‘reach’ to get a more complete picture of what’s going on? Who can I trust to help me cut through the fog? How can the data be translated into prioritized action? How will I know if something relevant changes? How can I do the right thing – and then prove it?!?

10 The management of cyber information… from many sources “inside my borders” – and of many types (not just security) must be findable from “over the horizon” in forms that are actionable “passively collected” and “actively generated” in a churn of constant new information where each bit of information has a trust value

11 The Critical Security Controls

12 The Center for Internet Security “making best practice common practice” http://www.cisecurty.org

Download ppt "NoVA ARMA February 2015 Tony Sager The Future of Cyberdefense is… Information Management."

Similar presentations

Threat Intelligence Use in Information Security: History, Theory and Practice Tim Gallo Cyber Security Field Engineering 1.

Threat Intelligence Use in Information Security: History, Theory and Practice Tim Gallo Cyber Security Field Engineering 1.
Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.

Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
The twenty-four/seven database Oracle Database Security David Yahalom Senior database consultant

The twenty-four/seven database Oracle Database Security David Yahalom Senior database consultant
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
 Controls that provide security against internal and external threats  2 Types of access controls: › Physical controls › Logical controls.

 Controls that provide security against internal and external threats  2 Types of access controls: › Physical controls › Logical controls.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Didzis Balodis, CISSP, Head of IT Security and Infrastructure at SQUALIO Using the Cloud - practical security implications.

Didzis Balodis, CISSP, Head of IT Security and Infrastructure at SQUALIO Using the Cloud - practical security implications.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Oklahoma Chapter Information Systems Security Association Oklahoma Chapter, Tulsa Oklahoma City Chapter, OKC Student Chapter, Okmulgee Oklahoma Chapter,

Oklahoma Chapter Information Systems Security Association Oklahoma Chapter, Tulsa Oklahoma City Chapter, OKC Student Chapter, Okmulgee Oklahoma Chapter,
Intranet, Extranet, Firewall. Intranet and Extranet.

Intranet, Extranet, Firewall. Intranet and Extranet.
What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.

What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.
1©2012 Check Point Software Technologies Ltd. Squashing Politics with Policy.

1©2012 Check Point Software Technologies Ltd. Squashing Politics with Policy.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Virtual techdays INDIA │ 9-11 February 2011 Security Discussion: Ask the Experts M.S.Anand │ MTC Technology Specialist │ Microsoft Corporation Anirudh.

Virtual techdays INDIA │ 9-11 February 2011 Security Discussion: Ask the Experts M.S.Anand │ MTC Technology Specialist │ Microsoft Corporation Anirudh.
Assessment Presentation Philip Robbins - July 14, 2012 University of Phoenix Hawaii Campus Fundamentals of Information Systems Security.

Assessment Presentation Philip Robbins - July 14, 2012 University of Phoenix Hawaii Campus Fundamentals of Information Systems Security.
® Copyright 2008 Adobe Systems Incorporated. All rights reserved. Bobby Caudill Solution Architect, Global Government August 2008 Adobe Solutions for Government.

® Copyright 2008 Adobe Systems Incorporated. All rights reserved. Bobby Caudill Solution Architect, Global Government August 2008 Adobe Solutions for Government.

Similar presentations

Ads by Google