SlideShare a Scribd company logo

Resiliency-Part Two -11-3-2015 copy

Dr Robert D. Childs
Dr Robert D. Childs
1 of 8
Download to read offline
‹#› CYBER RESILIENCY: from Prevention to Recovery (Part 2) 10 Dec 2015 Dr. Robert D. Childs President & CEO, iCLEAR LLC Former Chancellor, National Defense University (NDU) iCollege and Deputy to NDU President for Cyber and Information
‹#› Cyber Defense Goals • Protect (policies/governance/rules/tools/educate) • Detect (monitor/incident response/shift site/network • Correct (continue ops/recover/lessons learned) 2
‹#› Analyzing an Attack • Compliance/audit • Response (recover, correct, inform) • Forensics (determine cause, sequence of events, entry points, type, motivation) • CONTINUE OPERATIONS !!! 3
‹#› 4 Cyber Defense Challenges • Unawareness of the threats • Poor computer hygiene practices • Lack of policies/governance/rules/procedures • Varying network protocols/monitoring • Late identification of attacks • No continuity of operations plan
‹#› • Have a COOP • Identify mission critical activities • Know your partners and supply chain • Validate software/apps • Monitor networks • Establish policies/rules regarding BYOD • Share information (cooperation) • Test (exercises) • Be proactive/agile/adaptive Required Actions 5
‹#› The ART of Cyber Strategy Attribution - tracing the network of origin (vice the routing networks) of attack vectors, as well as determining the identity of the attacker Rules of engagement - metrics for mission risk exposure for a particular cyber event, and how to determine the appropriate level (e.g., time, magnitude & duration) of the response action [retaliation] Trust Relationships - dynamic assessment and assignment of trust levels for domestic and international collaborative & sharing offer the greatest fidelity for determining current and future actions Dr. Gil Duval, CEO Data Security Storage, LLC 6
‹#› Continuity of Operations Plan • Build strong relationships (trust) • Encourage information sharing/collaboration) • Innovate & leverage technology • Integrate end-to-end strategy (across enterprise) • Introduce national cyber legislation • Establish defensible architecture (suite of technologies) • Explore Cyber Assurance-as-a-Service 7
‹#› Contact Dr. Robert D. Childs President & CEO, iCLEAR LLC Former Chancellor, National Defense University(NDU) iCollege and Deputy to the NDU President for Cyber and Information e-mail: Childs@iclearllc.com iCLEAR LLC website: http://iclearllc.com

Recommended

Semantic and Sensitivity Aware Location-Privacy Protection for the Internet o...
Semantic and Sensitivity Aware Location-Privacy Protection for the Internet o...Semantic and Sensitivity Aware Location-Privacy Protection for the Internet o...
Semantic and Sensitivity Aware Location-Privacy Protection for the Internet o...berkeragir
 
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!Kevin Fisher
 
Cracking the mobile application code
Cracking the mobile application codeCracking the mobile application code
Cracking the mobile application codeSreenarayan A
 
Ian Powers Resume
Ian Powers ResumeIan Powers Resume
Ian Powers ResumeIan Powers
 
Blackhat USA Mobile Security Panel 2011
Blackhat USA Mobile Security Panel 2011Blackhat USA Mobile Security Panel 2011
Blackhat USA Mobile Security Panel 2011Tyler Shields
 
VCU INFO 644 Critical Thinking 1
VCU INFO 644 Critical Thinking 1VCU INFO 644 Critical Thinking 1
VCU INFO 644 Critical Thinking 1tgbrunet
 
DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015T. J. Saotome
 
Detecting Ransomware/Bot Infections in Elasticsearch
Detecting Ransomware/Bot Infections in ElasticsearchDetecting Ransomware/Bot Infections in Elasticsearch
Detecting Ransomware/Bot Infections in ElasticsearchAditya K Sood
 

Recommended

Semantic and Sensitivity Aware Location-Privacy Protection for the Internet o...
Semantic and Sensitivity Aware Location-Privacy Protection for the Internet o...Semantic and Sensitivity Aware Location-Privacy Protection for the Internet o...
Semantic and Sensitivity Aware Location-Privacy Protection for the Internet o...berkeragir
 
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!Kevin Fisher
 
Cracking the mobile application code
Cracking the mobile application codeCracking the mobile application code
Cracking the mobile application codeSreenarayan A
 
Ian Powers Resume
Ian Powers ResumeIan Powers Resume
Ian Powers ResumeIan Powers
 
Blackhat USA Mobile Security Panel 2011
Blackhat USA Mobile Security Panel 2011Blackhat USA Mobile Security Panel 2011
Blackhat USA Mobile Security Panel 2011Tyler Shields
 
VCU INFO 644 Critical Thinking 1
VCU INFO 644 Critical Thinking 1VCU INFO 644 Critical Thinking 1
VCU INFO 644 Critical Thinking 1tgbrunet
 
DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015T. J. Saotome
 
Detecting Ransomware/Bot Infections in Elasticsearch
Detecting Ransomware/Bot Infections in ElasticsearchDetecting Ransomware/Bot Infections in Elasticsearch
Detecting Ransomware/Bot Infections in ElasticsearchAditya K Sood
 
Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015Dr Robert D. Childs
 
Cybercrime - Attack of the Cyber Spies
Cybercrime - Attack of the Cyber SpiesCybercrime - Attack of the Cyber Spies
Cybercrime - Attack of the Cyber SpiesSymantec Website Security
 
The anatomy of russian information warfare
The anatomy of russian information warfareThe anatomy of russian information warfare
The anatomy of russian information warfareMousselmal Tarik
 
Cyber Security for the Military and Defence Sector 2013
Cyber Security for the Military and Defence Sector 2013Cyber Security for the Military and Defence Sector 2013
Cyber Security for the Military and Defence Sector 2013Dale Butler
 
Build a Cyber Resilient Network with Symantec
Build a Cyber Resilient Network with SymantecBuild a Cyber Resilient Network with Symantec
Build a Cyber Resilient Network with SymantecArrow ECS UK
 
VIMRO Cyber Security Methodology
VIMRO Cyber Security MethodologyVIMRO Cyber Security Methodology
VIMRO Cyber Security MethodologyFitCEO, Inc. (FCI)
 
Corporate Espionage
Corporate EspionageCorporate Espionage
Corporate Espionageearl675
 
LEC 11 - Superpower Espionage
LEC 11 - Superpower EspionageLEC 11 - Superpower Espionage
LEC 11 - Superpower EspionageCory Scurr
 
Managing IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing VulnerabilityManaging IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing VulnerabilityAIS Network
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...APNIC
 
1 info sec+risk-mgmt
1 info sec+risk-mgmt1 info sec+risk-mgmt
1 info sec+risk-mgmtmadunix
 
Intro.ppt
Intro.pptIntro.ppt
Intro.pptRamaNingaiah
 
Assessing System Risk the Smart Way
Assessing System Risk the Smart WayAssessing System Risk the Smart Way
Assessing System Risk the Smart WaySecurity Innovation
 
Cyber Risk in e-Discovery: What You Need to Know
Cyber Risk in e-Discovery: What You Need to KnowCyber Risk in e-Discovery: What You Need to Know
Cyber Risk in e-Discovery: What You Need to KnowkCura_Relativity
 
ACEDS Dallas - Back to School Lessons on the EDRM
ACEDS Dallas - Back to School Lessons on the EDRMACEDS Dallas - Back to School Lessons on the EDRM
ACEDS Dallas - Back to School Lessons on the EDRMPatrickBilgere
 
Community IT Webinar - IT Security for Nonprofits
Community IT Webinar - IT Security for NonprofitsCommunity IT Webinar - IT Security for Nonprofits
Community IT Webinar - IT Security for NonprofitsCommunity IT Innovators
 
Tsc2021 cyber-issues
Tsc2021 cyber-issuesTsc2021 cyber-issues
Tsc2021 cyber-issuesErnest Staats
 
ICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceCharles Lim
 
SplunkLive! Customer Presentation – UMCP
SplunkLive! Customer Presentation – UMCPSplunkLive! Customer Presentation – UMCP
SplunkLive! Customer Presentation – UMCPSplunk
 
Cybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchCybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchMcKonly & Asbury, LLP
 
International Conference on Cyber Security, Hide and Go Seek
International Conference on Cyber Security, Hide and Go SeekInternational Conference on Cyber Security, Hide and Go Seek
International Conference on Cyber Security, Hide and Go SeekDavid Knox
 
Protecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthProtecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthPECB
 

More Related Content

Viewers also liked

The anatomy of russian information warfare
The anatomy of russian information warfareThe anatomy of russian information warfare
The anatomy of russian information warfareMousselmal Tarik
 
Cyber Security for the Military and Defence Sector 2013
Cyber Security for the Military and Defence Sector 2013Cyber Security for the Military and Defence Sector 2013
Cyber Security for the Military and Defence Sector 2013Dale Butler
 
Build a Cyber Resilient Network with Symantec
Build a Cyber Resilient Network with SymantecBuild a Cyber Resilient Network with Symantec
Build a Cyber Resilient Network with SymantecArrow ECS UK
 
VIMRO Cyber Security Methodology
VIMRO Cyber Security MethodologyVIMRO Cyber Security Methodology
VIMRO Cyber Security MethodologyFitCEO, Inc. (FCI)
 
Corporate Espionage
Corporate EspionageCorporate Espionage
Corporate Espionageearl675
 
LEC 11 - Superpower Espionage
LEC 11 - Superpower EspionageLEC 11 - Superpower Espionage
LEC 11 - Superpower EspionageCory Scurr
 

Viewers also liked (8)

Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015
 
Cybercrime - Attack of the Cyber Spies
Cybercrime - Attack of the Cyber SpiesCybercrime - Attack of the Cyber Spies
Cybercrime - Attack of the Cyber Spies
 
The anatomy of russian information warfare
The anatomy of russian information warfareThe anatomy of russian information warfare
The anatomy of russian information warfare
 
Cyber Security for the Military and Defence Sector 2013
Cyber Security for the Military and Defence Sector 2013Cyber Security for the Military and Defence Sector 2013
Cyber Security for the Military and Defence Sector 2013
 
Build a Cyber Resilient Network with Symantec
Build a Cyber Resilient Network with SymantecBuild a Cyber Resilient Network with Symantec
Build a Cyber Resilient Network with Symantec
 
VIMRO Cyber Security Methodology
VIMRO Cyber Security MethodologyVIMRO Cyber Security Methodology
VIMRO Cyber Security Methodology
 
Corporate Espionage
Corporate EspionageCorporate Espionage
Corporate Espionage
 
LEC 11 - Superpower Espionage
LEC 11 - Superpower EspionageLEC 11 - Superpower Espionage
LEC 11 - Superpower Espionage
 

Similar to Resiliency-Part Two -11-3-2015 copy

Managing IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing VulnerabilityManaging IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing VulnerabilityAIS Network
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...APNIC
 
1 info sec+risk-mgmt
1 info sec+risk-mgmt1 info sec+risk-mgmt
1 info sec+risk-mgmtmadunix
 
Assessing System Risk the Smart Way
Assessing System Risk the Smart WayAssessing System Risk the Smart Way
Assessing System Risk the Smart WaySecurity Innovation
 
Cyber Risk in e-Discovery: What You Need to Know
Cyber Risk in e-Discovery: What You Need to KnowCyber Risk in e-Discovery: What You Need to Know
Cyber Risk in e-Discovery: What You Need to KnowkCura_Relativity
 
ACEDS Dallas - Back to School Lessons on the EDRM
ACEDS Dallas - Back to School Lessons on the EDRMACEDS Dallas - Back to School Lessons on the EDRM
ACEDS Dallas - Back to School Lessons on the EDRMPatrickBilgere
 
Community IT Webinar - IT Security for Nonprofits
Community IT Webinar - IT Security for NonprofitsCommunity IT Webinar - IT Security for Nonprofits
Community IT Webinar - IT Security for NonprofitsCommunity IT Innovators
 
Tsc2021 cyber-issues
Tsc2021 cyber-issuesTsc2021 cyber-issues
Tsc2021 cyber-issuesErnest Staats
 
ICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceCharles Lim
 
SplunkLive! Customer Presentation – UMCP
SplunkLive! Customer Presentation – UMCPSplunkLive! Customer Presentation – UMCP
SplunkLive! Customer Presentation – UMCPSplunk
 
Cybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchCybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchMcKonly & Asbury, LLP
 
International Conference on Cyber Security, Hide and Go Seek
International Conference on Cyber Security, Hide and Go SeekInternational Conference on Cyber Security, Hide and Go Seek
International Conference on Cyber Security, Hide and Go SeekDavid Knox
 
Protecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthProtecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthPECB
 
IAC22 Safe Tech Audit Presentation Noreen Whysel.pptx
IAC22 Safe Tech Audit Presentation Noreen Whysel.pptxIAC22 Safe Tech Audit Presentation Noreen Whysel.pptx
IAC22 Safe Tech Audit Presentation Noreen Whysel.pptxNoreen Whysel
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Sqrrl
 
Network Security for Computer science and Engineering.ppt
Network Security for Computer science and Engineering.pptNetwork Security for Computer science and Engineering.ppt
Network Security for Computer science and Engineering.pptAkfeteAssefa
 
Incident Response: How To Prepare
Incident Response: How To PrepareIncident Response: How To Prepare
Incident Response: How To PrepareResilient Systems
 

Similar to Resiliency-Part Two -11-3-2015 copy (20)

Managing IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing VulnerabilityManaging IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing Vulnerability
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
 
1 info sec+risk-mgmt
1 info sec+risk-mgmt1 info sec+risk-mgmt
1 info sec+risk-mgmt
 
Intro.ppt
Intro.pptIntro.ppt
Intro.ppt
 
Assessing System Risk the Smart Way
Assessing System Risk the Smart WayAssessing System Risk the Smart Way
Assessing System Risk the Smart Way
 
Cyber Risk in e-Discovery: What You Need to Know
Cyber Risk in e-Discovery: What You Need to KnowCyber Risk in e-Discovery: What You Need to Know
Cyber Risk in e-Discovery: What You Need to Know
 
ACEDS Dallas - Back to School Lessons on the EDRM
ACEDS Dallas - Back to School Lessons on the EDRMACEDS Dallas - Back to School Lessons on the EDRM
ACEDS Dallas - Back to School Lessons on the EDRM
 
Community IT Webinar - IT Security for Nonprofits
Community IT Webinar - IT Security for NonprofitsCommunity IT Webinar - IT Security for Nonprofits
Community IT Webinar - IT Security for Nonprofits
 
Tsc2021 cyber-issues
Tsc2021 cyber-issuesTsc2021 cyber-issues
Tsc2021 cyber-issues
 
ICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security Governance
 
SplunkLive! Customer Presentation – UMCP
SplunkLive! Customer Presentation – UMCPSplunkLive! Customer Presentation – UMCP
SplunkLive! Customer Presentation – UMCP
 
Cybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchCybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect Match
 
International Conference on Cyber Security, Hide and Go Seek
International Conference on Cyber Security, Hide and Go SeekInternational Conference on Cyber Security, Hide and Go Seek
International Conference on Cyber Security, Hide and Go Seek
 
Protecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthProtecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in Depth
 
IAC22 Safe Tech Audit Presentation Noreen Whysel.pptx
IAC22 Safe Tech Audit Presentation Noreen Whysel.pptxIAC22 Safe Tech Audit Presentation Noreen Whysel.pptx
IAC22 Safe Tech Audit Presentation Noreen Whysel.pptx
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)
 
Goans-Helms-IT Security at Georgia Tech Library
Goans-Helms-IT Security at Georgia Tech LibraryGoans-Helms-IT Security at Georgia Tech Library
Goans-Helms-IT Security at Georgia Tech Library
 
Security.ppt
Security.pptSecurity.ppt
Security.ppt
 
Network Security for Computer science and Engineering.ppt
Network Security for Computer science and Engineering.pptNetwork Security for Computer science and Engineering.ppt
Network Security for Computer science and Engineering.ppt
 
Incident Response: How To Prepare
Incident Response: How To PrepareIncident Response: How To Prepare
Incident Response: How To Prepare
 

More from Dr Robert D. Childs

IRMC_Crains_CIO_Awards_Detroit_Sep2012_ver2
IRMC_Crains_CIO_Awards_Detroit_Sep2012_ver2IRMC_Crains_CIO_Awards_Detroit_Sep2012_ver2
IRMC_Crains_CIO_Awards_Detroit_Sep2012_ver2Dr Robert D. Childs
 
Government Computer news Hall of Fame-1
Government Computer news Hall of Fame-1Government Computer news Hall of Fame-1
Government Computer news Hall of Fame-1Dr Robert D. Childs
 

More from Dr Robert D. Childs (8)

Long Bio+pix
Long Bio+pixLong Bio+pix
Long Bio+pix
 
IRMC_Crains_CIO_Awards_Detroit_Sep2012_ver2
IRMC_Crains_CIO_Awards_Detroit_Sep2012_ver2IRMC_Crains_CIO_Awards_Detroit_Sep2012_ver2
IRMC_Crains_CIO_Awards_Detroit_Sep2012_ver2
 
Articles and Presentations-2
Articles and Presentations-2Articles and Presentations-2
Articles and Presentations-2
 
Homeland Security Article-1-1
Homeland Security Article-1-1Homeland Security Article-1-1
Homeland Security Article-1-1
 
DITEC JAN 31 2015 (PDF)
DITEC JAN 31 2015 (PDF)DITEC JAN 31 2015 (PDF)
DITEC JAN 31 2015 (PDF)
 
BobProgram
BobProgramBobProgram
BobProgram
 
Federal 100 Award Article
Federal 100 Award ArticleFederal 100 Award Article
Federal 100 Award Article
 
Government Computer news Hall of Fame-1
Government Computer news Hall of Fame-1Government Computer news Hall of Fame-1
Government Computer news Hall of Fame-1
 

Resiliency-Part Two -11-3-2015 copy

  • 1. ‹#› CYBER RESILIENCY: from Prevention to Recovery (Part 2) 10 Dec 2015 Dr. Robert D. Childs President & CEO, iCLEAR LLC Former Chancellor, National Defense University (NDU) iCollege and Deputy to NDU President for Cyber and Information
  • 2. ‹#› Cyber Defense Goals • Protect (policies/governance/rules/tools/educate) • Detect (monitor/incident response/shift site/network • Correct (continue ops/recover/lessons learned) 2
  • 3. ‹#› Analyzing an Attack • Compliance/audit • Response (recover, correct, inform) • Forensics (determine cause, sequence of events, entry points, type, motivation) • CONTINUE OPERATIONS !!! 3
  • 4. ‹#› 4 Cyber Defense Challenges • Unawareness of the threats • Poor computer hygiene practices • Lack of policies/governance/rules/procedures • Varying network protocols/monitoring • Late identification of attacks • No continuity of operations plan
  • 5. ‹#› • Have a COOP • Identify mission critical activities • Know your partners and supply chain • Validate software/apps • Monitor networks • Establish policies/rules regarding BYOD • Share information (cooperation) • Test (exercises) • Be proactive/agile/adaptive Required Actions 5
  • 6. ‹#› The ART of Cyber Strategy Attribution - tracing the network of origin (vice the routing networks) of attack vectors, as well as determining the identity of the attacker Rules of engagement - metrics for mission risk exposure for a particular cyber event, and how to determine the appropriate level (e.g., time, magnitude & duration) of the response action [retaliation] Trust Relationships - dynamic assessment and assignment of trust levels for domestic and international collaborative & sharing offer the greatest fidelity for determining current and future actions Dr. Gil Duval, CEO Data Security Storage, LLC 6
  • 7. ‹#› Continuity of Operations Plan • Build strong relationships (trust) • Encourage information sharing/collaboration) • Innovate & leverage technology • Integrate end-to-end strategy (across enterprise) • Introduce national cyber legislation • Establish defensible architecture (suite of technologies) • Explore Cyber Assurance-as-a-Service 7
  • 8. ‹#› Contact Dr. Robert D. Childs President & CEO, iCLEAR LLC Former Chancellor, National Defense University(NDU) iCollege and Deputy to the NDU President for Cyber and Information e-mail: Childs@iclearllc.com iCLEAR LLC website: http://iclearllc.com