• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Cyber Security: The Strategic View
 

Cyber Security: The Strategic View

on

  • 2,624 views

Cyber Security: The Strategic View ...

Cyber Security: The Strategic View

By: Kah-Kin Ho, Head of Cyber Security Business Development Threat Response, Intelligence and Development (TRIAD)

This session begins by giving an overview of how Cisco sees the challenges and opportunities of cyber security for the Government which include areas such as recent development on applicability of International Law to Cyber conflict, the evolving role of the Government as the legitimate security provider, Public-Private Partnership issues, and the evolving technical, social and political threat landscape. Cisco recognizes that cyber security begins at the policy level and translates through to the operational and system level. We will discuss why an intelligence-led network-centric approach that focuses on enforcing policy, enhancing situational awareness, and providing the insight necessary to tackle threats before they impact information and infrastructure assets is key to Cyber Security.

Statistics

Views

Total Views
2,624
Views on SlideShare
2,624
Embed Views
0

Actions

Likes
2
Downloads
104
Comments
2

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel

12 of 2 previous next

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
  • Download Here Free Setup 2014
    http://www.mediafire.com/download/m0ko1gjttp8e8az
    Are you sure you want to
    Your message goes here
    Processing…
  • Download Here
    https://www.mediafire.com/download/86pfpnrzl3fbux1
    ====================================
    download this amazing full version 100% working and virus proof file without any survey
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Cyber Security: The Strategic View Cyber Security: The Strategic View Presentation Transcript

    • © 2011 Cisco and/or its affiliates. All rights reserved. 1 Cyber Security: The Strategic View Kah-Kin Ho Head of Cyber Security Business Development Threat Response, Intelligence and Development (TRIAD) 9th October 2013
    • 222222222222 Agenda   Threat Landscape   Cisco’s Overall Approach   Intelligence-led Cyber Defense   Summary
    • Associated Press Twitter Account Attack   AP Twitter account hacked   Perpetrated by the Syrian Electronic Army.   Same group also successfully attacked: 60 Minutes BBC CBS NPR
    • AP Twitter Account
    • Dow Jones took a dip …. briefly
    • 20 million compromised end-users X 250 bps upstream bandwidth = 5 Gbps DDOS is back ..
    • 1000 compromised datacenter servers X 5Mbps upstream bandwidth = 5 Gbps
    • 1000 compromised datacenter servers + 20M open DNS resolvers @25Kbps = 500 Gbps
    • DDoS Attacks on Banks •  Can mask wire fraud before, during, or after •  Overwhelm bank personnel •  Prevent transfer notification to customer •  Prevent customer from reporting fraud Costly disruption of service, or…?
    • The Facebook Vector
    • 111111111111111111111111 Unique Malware Content
    • 121212121212121212121212 Detection is key to Respond and Recover Source: Verizon Data Breach Investigation Report 2012
    • Secure Security Interdependency Source: WEF Global Risk 2013
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 14 Critical Infrastructures in Private Hands
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 15 - security incidents can have crippling effect Security Incidents can have crippling effect
    • Security Incident: Private Cost + Social Cost (negative security externality) Divergent Interest Global Threats, Targets, Adversaries, GDP Corporate Profits Private Sector: Corporate Efficiency Government: National Security & Economic Prosperity
    • Regulate Facilitate Collaborate Evolving Role of the Government “Do As I Say” “How Can I Help You Do Better” “Do As I Say” “What Can We Do Better Together”
    • Can Cyber Operation amount to an Armed Attack?   NATO Article 5 of Washington Treaty The Parties agree that an armed attack against one or more of them in Europe or North America shall be considered an attack against them all and consequently they agree that, if such an armed attack occurs, each of them, in exercise of the right of individual or collective self-defence recognised by Article 51 of the Charter of the United Nations will assist the Party or Parties so attacked by taking forthwith, individually and in concert with the other Parties, such action as it deems necessary, including the use of armed force, to restore and maintain the security of the North Atlantic area. Any such armed attack and all measures taken as a result thereof shall immediately be reported to the Security Council. Such measures shall be terminated when the Security Council has taken the measures necessary to restore and maintain international peace and security.
    • 191919191919191919191919 International Law on Conflict (Cyber)   Two distinct bodies of law – jus ad bellum, jus in bello   Interest started more than a decade ago, lost momentum after 9/11 event, picked up after Estonia (2007) and Georgia (2008)
    • 1010101001010101010101101011101110101101010110101110100101111011 1010101001010101010101101011101110101101010110101110100101111011 101010100101010110101110111010111010111010
    • "Use the network as the platform to deliver intelligence, visibility and control that enable organizations to defend critical assets."
    • CYBER 'KILL CHAIN' MODEL RECON PACKAGE DELIVER EXPLOIT INSTALL CONTROL “CYBER KILL CHAIN” is a Lockheed Martin Trademark
    • DISCOVER REMEDIATE DEFEND
    • Normality Capacity Resource surge capacity Degraded organization capacity Incident Likelihood of Attack and Vulnerability Reduction Prevent Prepare Impact Reduction Respond Recover Intelligence-led approach Cisco Security Intelligence Operation Detection Intelligence-led Cyber Defense
    • Threat Operations CenterSensorBase Dynamic Updates
    • Security Support Operations Current SSO Presence in the Following Regions: •  California •  Texas •  Ohio •  Idaho •  China •  Ukraine •  UK •  Canada •  India •  Australia Languages: Arabic, Farsi/Persian, Hebrew, Syriac, Urdu, Bengali, Gujarati, Gurmukhi, Hindi, Marathi, Sinhala, Tamil, Thai, Chinese, Japanese, Korean, Belarusian, Bulgarian, Kazakh, Macedonian, Russian, Ukrainian, Greek, Armenian, Georgian, Basque, Catalan, Croatian, Czech, Danish, Dutch, English, Estonian, Filipino, Finnish, French, German, Hungarian, Icelandic, Indonesian, Italian, Malay, Norwegian, Polish, Portuguese, Romanian, Slovak, Slovene, Spanish, Swedish, Turkish, Vietnamese
    • Context Inspection Aunt Jenny 234 Any St. Anytown, CA From: Aunt Jenny 234 Any St. Anytown, CA From: •  Where’s it coming from? •  How many others have seen it? •  How new is it? •  Who owns the package? •  What else have they sent us? •  Is the sender even a real person?
    • Deny 13. Allow Everything Else.
    • Should-i-go-here.com Feeds Endpoint Telemetry Human Intel Cloud Web IPS Firewall Email Corpora
    • Concluding Remarks