Presentation is loading. Please wait.

Presentation is loading. Please wait.

Michael Oehler. This is Hard We are an equal opportunity intrusion detector. –Alerts occur irrespective of the mission impact. We are still incident focused.

Published byJuniper Ramsey Modified over 9 years ago

Similar presentations

Presentation on theme: "Michael Oehler. This is Hard We are an equal opportunity intrusion detector. –Alerts occur irrespective of the mission impact. We are still incident focused."— Presentation transcript:

1 Michael Oehler

2 This is Hard We are an equal opportunity intrusion detector. –Alerts occur irrespective of the mission impact. We are still incident focused –We respond to today’s worm, virus, botNet And not on the (big) structured threat.

3 This is Easy (Well, these are hard too) Extrapolate security into Real Time Systems –Absolutely necessary but not sufficient for the criticality of these systems. Security Services (CIA, APAIN, ICAA, …) –and the Classical/corresponding security matrix –Availability and Integrity Defense in Depth Protect, Detect, Respond, & Restore People, Processes, & Technology 8 Disciplines of Information Assurance Continued…

4 Security Domains for RT Sys System Evaluation, accreditation, and certification Vulnerability Assessments: –Risk = Threat  Vulnerability  Value - Counter Measures Battle Damage Assessments Recovery, restoration, Continuity Operations Code Validation, Security Engineering, formal methods, security fault analysis Physical Security for PCS and SCADA Emanation and caustic resilience Communications Security and secure management Attack sensing and warning, IDS, IPS Fault tolerance and graceful failures Interconnectivity policies & Interdependency models

5 The end Classical Security Quotations “There is no security through obscurity.” Myth: ostriches do not bury their heads in the sand! If I own your machine and you patch it, I still own your machine. –Corollary: A popped box patched is popped Hard and crunchy on the outside soft and chewy on the inside. –Don’t let this be the design philosophy driving your design. – Defense in Depth! “Security is a process, not a product.” –Bruce Schneier

Download ppt "Michael Oehler. This is Hard We are an equal opportunity intrusion detector. –Alerts occur irrespective of the mission impact. We are still incident focused."

Similar presentations

© Ravi Sandhu www.list.gmu.edu Introduction to Information Security Ravi Sandhu.

© Ravi Sandhu Introduction to Information Security Ravi Sandhu.
Systems Security Engineering An Updated Paradigm INCOSE Enchantment Chapter November 8, 2006 John W. Wirsbinski.

Systems Security Engineering An Updated Paradigm INCOSE Enchantment Chapter November 8, 2006 John W. Wirsbinski.
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Chapter 1 We’ve Got Problems…. Four Horsemen  … of the electronic apocalypse  Spam --- unsolicited bulk email o Over 70% of email traffic  Bugs ---

Chapter 1 We’ve Got Problems…. Four Horsemen  … of the electronic apocalypse  Spam --- unsolicited bulk o Over 70% of traffic  Bugs ---
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
Ethics, Privacy and Information Security

Ethics, Privacy and Information Security
Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.

Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.
1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.

1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.
Ch.5 It Security, Crime, Compliance, and Continuity

Ch.5 It Security, Crime, Compliance, and Continuity
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
© BT PLC 2005 ‘Risk-based’ Approach to Managing Infrastructure a ‘Commercial Prospective’ Malcolm Page BT UK AFCEA Lisbon 2005.

© BT PLC 2005 ‘Risk-based’ Approach to Managing Infrastructure a ‘Commercial Prospective’ Malcolm Page BT UK AFCEA Lisbon 2005.
University of Guelph IT Security Policy Doug Blain Manager, IT Security ISC, April 27th.

University of Guelph IT Security Policy Doug Blain Manager, IT Security ISC, April 27th.
April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.

April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Bluehat 2014 Looking back and driving forward Chris Betz Senior Director Microsoft Security Response Center.

Bluehat 2014 Looking back and driving forward Chris Betz Senior Director Microsoft Security Response Center.
Introduction to Network Defense

Introduction to Network Defense
Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.

Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.

Similar presentations

Ads by Google