SlideShare a Scribd company logo

Dynamic Cyber Defense

EnergySec
EnergySec

Presented by: John Fleker, HP Abstract: The cyber threat landscape is continually evolving. More and more, the critical infrastructure of our nation is at risk. Whether by nation-state actors, criminal organizations, hacktivists or any number of hackers looking to prove their skills, our safety and economic prosperity is threatened. There are four things that must be considered in order to address the evolving threats: 1- Becoming more proactive in our cyber defense efforts through intelligence 2- Better user behavior management 3- Assessing risk using meaningful metric 4- Resilience – operating through an intrusion We need to look at the threat picture differently – in a proactive way – to ensure that CEO’s and CIO/CISO’s are on the same page regarding the threat, to allow those leaders to make better resourcing decisions and to be better prepared to mitigate adversaries when they arrive at the security perimeter. We need to integrate a wider set of intelligence into our thinking. This is critical to taking a more proactive stance in defending your networks. Combined with what you know of your own network, cyber intelligence strategically helps make solid resource planning decisions and functionally, helps your network operators better defend, mitigate and operate through cyber intrusions. The Operational Levels of Cyber Intelligence paper by the Intelligence and National Security Alliance details a better way of using intelligence. www.insaonline.org/i/d/a/Resources/CyberIntel_WP.aspx Additionally, we must increase info sharing across the board. Executive Order 13636 - Improving Critical Infrastructure Cybersecurity is leading critical infrastructure that direction.

TechnologyBusiness
1 of 8
Download to read offline
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Confidential. 9thAnnual EnergySec September 19, 2013 Denver John Felker Director, Cyber and Intelligence Strategy Hewlett-Packard Enterprise Services Dynamic Cyber Defense
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.2 Potential industrial control intrusion or error?
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.3 Key cyber consideration points •  Cyber threat landscape is continually evolving •  Critical infrastructure of our nation is at risk •  Nation-state actors, criminal organizations, hacktivists or script-kiddie hackers •  Nations safety and economic prosperity is threatened •  Four things to consider to address the evolving threats: •  Be more proactive in our cyber defense efforts through intelligence •  Better user behavior management •  Assessing risk using meaningful metrics •  Resilience – operating through an intrusion
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.4 •  View the threat picture differently – PROACTIVELY •  Ensure CEO’s and CIO/CISO’s understand threat the same way •  Allow those leaders to make better resourcing decisions •  Better preparation to mitigate adversaries at the security perimeter •  Integrate a wider set of intelligence into our cybersecurity thinking •  Critical to taking a more proactive stance •  Strategically - own network & open source cyber intelligence = better resource planning decisions •  Functionally - network operators can better defend, mitigate and operate through cyber intrusions •  Operational Levels of Cyber Intelligence paper - Intelligence and National Security Alliance – helps define cyber intelligence www.insaonline.org/i/d/a/Resources/CyberIntel_WP.aspx Additional key cyber consideration points
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.5 •  MUST increase info sharing across the board – •  Executive Order 13636 - Improving Critical Infrastructure Cybersecurity is leading critical infrastructure that direction. •  User behavior management policies and training only minimally effective •  User base is one of the most vulnerable portals to intrusions •  poor user behavior can be prevented or at least improved •  regular, effective (“sticky”) interaction with users improves user behavior •  potentially makes your user base part of the security solution Additional key cyber consideration points
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.6 •  A common understanding of risk and appropriate risk metrics is vital •  Must understand/apply risk...it's more than just patches, vulnerability etc. •  Must understand threats outside the network – capability, access & opportunity •  Common metrics measure internal network hygiene efforts but don’t address the value of the mission or intellectual property •  Risk metrics need to make sense to leadership... •  what's the business risk, not just the cost or network risk? •  what are the business operations metrics, in cost and in network exposure? •  how do changes in cybersecurity posture impact? Additional key cyber consideration points
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.7 •  All systems need to be able to operate through an intrusion •  broad-based intelligence can help, but… •  understanding your network •  ensuring that “mission” operators and network operators are on the same page •  exercising both sets of people and systems against intrusions is the best way to be resilient •  Smart grid resilience efforts provide a good model for IT supporting the business to think about Additional key cyber consideration points
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Confidential. Questions? Please contact: John Felker john.felker@hp.com 703.736.4040

Recommended

NESCO Town Hall Workforce Development Presentation
NESCO Town Hall Workforce Development PresentationNESCO Town Hall Workforce Development Presentation
NESCO Town Hall Workforce Development PresentationEnergySec
 
Energy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber ResiliencyEnergy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber ResiliencyEnergySec
 
Cybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceCybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceEnergySec
 
How to Build Your Own Cyber Security Framework using a Balanced Scorecard
How to Build Your Own Cyber Security Framework using a Balanced ScorecardHow to Build Your Own Cyber Security Framework using a Balanced Scorecard
How to Build Your Own Cyber Security Framework using a Balanced ScorecardEnergySec
 
Integrating Cyber Security Alerts into the Operator Display
Integrating Cyber Security Alerts into the Operator DisplayIntegrating Cyber Security Alerts into the Operator Display
Integrating Cyber Security Alerts into the Operator DisplayEnergySec
 
Achieving Compliance Through Security
Achieving Compliance Through SecurityAchieving Compliance Through Security
Achieving Compliance Through SecurityEnergySec
 
Building Human Intelligence – Pun Intended
Building Human Intelligence – Pun IntendedBuilding Human Intelligence – Pun Intended
Building Human Intelligence – Pun IntendedEnergySec
 
ICS Supply Chain Security: Learning from Recent Incidents and Other Sectors
ICS Supply Chain Security: Learning from Recent Incidents and Other SectorsICS Supply Chain Security: Learning from Recent Incidents and Other Sectors
ICS Supply Chain Security: Learning from Recent Incidents and Other SectorsEnergySec
 

Recommended

NESCO Town Hall Workforce Development Presentation
NESCO Town Hall Workforce Development PresentationNESCO Town Hall Workforce Development Presentation
NESCO Town Hall Workforce Development PresentationEnergySec
 
Energy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber ResiliencyEnergy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber ResiliencyEnergySec
 
Cybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceCybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceEnergySec
 
How to Build Your Own Cyber Security Framework using a Balanced Scorecard
How to Build Your Own Cyber Security Framework using a Balanced ScorecardHow to Build Your Own Cyber Security Framework using a Balanced Scorecard
How to Build Your Own Cyber Security Framework using a Balanced ScorecardEnergySec
 
Integrating Cyber Security Alerts into the Operator Display
Integrating Cyber Security Alerts into the Operator DisplayIntegrating Cyber Security Alerts into the Operator Display
Integrating Cyber Security Alerts into the Operator DisplayEnergySec
 
Achieving Compliance Through Security
Achieving Compliance Through SecurityAchieving Compliance Through Security
Achieving Compliance Through SecurityEnergySec
 
Building Human Intelligence – Pun Intended
Building Human Intelligence – Pun IntendedBuilding Human Intelligence – Pun Intended
Building Human Intelligence – Pun IntendedEnergySec
 
ICS Supply Chain Security: Learning from Recent Incidents and Other Sectors
ICS Supply Chain Security: Learning from Recent Incidents and Other SectorsICS Supply Chain Security: Learning from Recent Incidents and Other Sectors
ICS Supply Chain Security: Learning from Recent Incidents and Other SectorsEnergySec
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...PECB
 
Rapid Risk Assessment: A New Approach to Risk Management
Rapid Risk Assessment: A New Approach to Risk ManagementRapid Risk Assessment: A New Approach to Risk Management
Rapid Risk Assessment: A New Approach to Risk ManagementEnergySec
 
Data Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot SeatData Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot SeatResilient Systems
 
New CISO - The First 90 Days
New CISO - The First 90 DaysNew CISO - The First 90 Days
New CISO - The First 90 DaysResilient Systems
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guideAdilsonSuende
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarEmpired
 
"Thinking diffrent" about your information security strategy
"Thinking diffrent" about your information security strategy"Thinking diffrent" about your information security strategy
"Thinking diffrent" about your information security strategyJason Clark
 
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire
 
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseGary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseEnergySec
 
Bob West - Educating the Board of Directors
Bob West - Educating the Board of DirectorsBob West - Educating the Board of Directors
Bob West - Educating the Board of Directorscentralohioissa
 
Vulnerability management - beyond scanning
Vulnerability management - beyond scanningVulnerability management - beyond scanning
Vulnerability management - beyond scanningVladimir Jirasek
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationMcKonly & Asbury, LLP
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDonald Tabone
 
Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approachesvngundi
 
Cybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesCybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesAlex Rudie
 
Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6Phil Agcaoili
 
Setting up CSIRT
Setting up CSIRTSetting up CSIRT
Setting up CSIRTAPNIC
 
What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017Doug Copley
 
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection FrameworkAlex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Frameworkcentralohioissa
 
Come See What’s Cooking in My Lab
Come See What’s Cooking in My LabCome See What’s Cooking in My Lab
Come See What’s Cooking in My LabEnergySec
 
Understanding Hacker Tools and Techniques: A live Demonstration
Understanding Hacker Tools and Techniques: A live Demonstration Understanding Hacker Tools and Techniques: A live Demonstration
Understanding Hacker Tools and Techniques: A live Demonstration EnergySec
 

More Related Content

What's hot

Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...PECB
 
Rapid Risk Assessment: A New Approach to Risk Management
Rapid Risk Assessment: A New Approach to Risk ManagementRapid Risk Assessment: A New Approach to Risk Management
Rapid Risk Assessment: A New Approach to Risk ManagementEnergySec
 
Data Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot SeatData Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot SeatResilient Systems
 
New CISO - The First 90 Days
New CISO - The First 90 DaysNew CISO - The First 90 Days
New CISO - The First 90 DaysResilient Systems
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guideAdilsonSuende
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarEmpired
 
"Thinking diffrent" about your information security strategy
"Thinking diffrent" about your information security strategy"Thinking diffrent" about your information security strategy
"Thinking diffrent" about your information security strategyJason Clark
 
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire
 
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseGary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseEnergySec
 
Bob West - Educating the Board of Directors
Bob West - Educating the Board of DirectorsBob West - Educating the Board of Directors
Bob West - Educating the Board of Directorscentralohioissa
 
Vulnerability management - beyond scanning
Vulnerability management - beyond scanningVulnerability management - beyond scanning
Vulnerability management - beyond scanningVladimir Jirasek
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationMcKonly & Asbury, LLP
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDonald Tabone
 
Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approachesvngundi
 
Cybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesCybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesAlex Rudie
 
Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6Phil Agcaoili
 
Setting up CSIRT
Setting up CSIRTSetting up CSIRT
Setting up CSIRTAPNIC
 
What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017Doug Copley
 
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection FrameworkAlex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Frameworkcentralohioissa
 

What's hot (20)

Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
 
Rapid Risk Assessment: A New Approach to Risk Management
Rapid Risk Assessment: A New Approach to Risk ManagementRapid Risk Assessment: A New Approach to Risk Management
Rapid Risk Assessment: A New Approach to Risk Management
 
Data Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot SeatData Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot Seat
 
New CISO - The First 90 Days
New CISO - The First 90 DaysNew CISO - The First 90 Days
New CISO - The First 90 Days
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guide
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
"Thinking diffrent" about your information security strategy
"Thinking diffrent" about your information security strategy"Thinking diffrent" about your information security strategy
"Thinking diffrent" about your information security strategy
 
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale Peterson
 
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseGary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
 
Bob West - Educating the Board of Directors
Bob West - Educating the Board of DirectorsBob West - Educating the Board of Directors
Bob West - Educating the Board of Directors
 
Vulnerability management - beyond scanning
Vulnerability management - beyond scanningVulnerability management - beyond scanning
Vulnerability management - beyond scanning
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your Organization
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber Resilience
 
Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approaches
 
Cybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesCybersecurity Risks for Businesses
Cybersecurity Risks for Businesses
 
Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6
 
Setting up CSIRT
Setting up CSIRTSetting up CSIRT
Setting up CSIRT
 
What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017
 
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection FrameworkAlex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
 

Viewers also liked

Come See What’s Cooking in My Lab
Come See What’s Cooking in My LabCome See What’s Cooking in My Lab
Come See What’s Cooking in My LabEnergySec
 
Understanding Hacker Tools and Techniques: A live Demonstration
Understanding Hacker Tools and Techniques: A live Demonstration Understanding Hacker Tools and Techniques: A live Demonstration
Understanding Hacker Tools and Techniques: A live Demonstration EnergySec
 
Energy Biographies Final Research report
Energy Biographies Final Research reportEnergy Biographies Final Research report
Energy Biographies Final Research reportenergybiographies
 
6 Tools for Improving IT Operations in ICS Environments
6 Tools for Improving IT Operations in ICS Environments6 Tools for Improving IT Operations in ICS Environments
6 Tools for Improving IT Operations in ICS EnvironmentsEnergySec
 
Energy Challenges for Wales: The Flexible Integrated Energy Systems (FLEXIS) ...
Energy Challenges for Wales: The Flexible Integrated Energy Systems (FLEXIS) ...Energy Challenges for Wales: The Flexible Integrated Energy Systems (FLEXIS) ...
Energy Challenges for Wales: The Flexible Integrated Energy Systems (FLEXIS) ...energybiographies
 
How I learned to Stop Worrying and Start Loving the Smart Meter
How I learned to Stop Worrying and Start Loving the Smart MeterHow I learned to Stop Worrying and Start Loving the Smart Meter
How I learned to Stop Worrying and Start Loving the Smart MeterEnergySec
 
Building an Incident Response Team
Building an Incident Response TeamBuilding an Incident Response Team
Building an Incident Response TeamEnergySec
 
Compromising Industrial Facilities From 40 Miles Away
Compromising Industrial Facilities From 40 Miles AwayCompromising Industrial Facilities From 40 Miles Away
Compromising Industrial Facilities From 40 Miles AwayEnergySec
 
Security Updates Matter: Exploitation for Beginners
Security Updates Matter: Exploitation for BeginnersSecurity Updates Matter: Exploitation for Beginners
Security Updates Matter: Exploitation for BeginnersEnergySec
 
Structured NERC CIP Process Improvement Using Six Sigma
Structured NERC CIP Process Improvement Using Six SigmaStructured NERC CIP Process Improvement Using Six Sigma
Structured NERC CIP Process Improvement Using Six SigmaEnergySec
 
Energy biographies: narrative genres, lifecourse transitions and practice change
Energy biographies: narrative genres, lifecourse transitions and practice changeEnergy biographies: narrative genres, lifecourse transitions and practice change
Energy biographies: narrative genres, lifecourse transitions and practice changeenergybiographies
 
Living the "Good Life"?: energy biographies, identities and competing normati...
Living the "Good Life"?: energy biographies, identities and competing normati...Living the "Good Life"?: energy biographies, identities and competing normati...
Living the "Good Life"?: energy biographies, identities and competing normati...energybiographies
 

Viewers also liked (13)

Come See What’s Cooking in My Lab
Come See What’s Cooking in My LabCome See What’s Cooking in My Lab
Come See What’s Cooking in My Lab
 
Understanding Hacker Tools and Techniques: A live Demonstration
Understanding Hacker Tools and Techniques: A live Demonstration Understanding Hacker Tools and Techniques: A live Demonstration
Understanding Hacker Tools and Techniques: A live Demonstration
 
Energy Biographies Final Research report
Energy Biographies Final Research reportEnergy Biographies Final Research report
Energy Biographies Final Research report
 
6 Tools for Improving IT Operations in ICS Environments
6 Tools for Improving IT Operations in ICS Environments6 Tools for Improving IT Operations in ICS Environments
6 Tools for Improving IT Operations in ICS Environments
 
Energy Challenges for Wales: The Flexible Integrated Energy Systems (FLEXIS) ...
Energy Challenges for Wales: The Flexible Integrated Energy Systems (FLEXIS) ...Energy Challenges for Wales: The Flexible Integrated Energy Systems (FLEXIS) ...
Energy Challenges for Wales: The Flexible Integrated Energy Systems (FLEXIS) ...
 
How I learned to Stop Worrying and Start Loving the Smart Meter
How I learned to Stop Worrying and Start Loving the Smart MeterHow I learned to Stop Worrying and Start Loving the Smart Meter
How I learned to Stop Worrying and Start Loving the Smart Meter
 
Building an Incident Response Team
Building an Incident Response TeamBuilding an Incident Response Team
Building an Incident Response Team
 
Compromising Industrial Facilities From 40 Miles Away
Compromising Industrial Facilities From 40 Miles AwayCompromising Industrial Facilities From 40 Miles Away
Compromising Industrial Facilities From 40 Miles Away
 
Security Updates Matter: Exploitation for Beginners
Security Updates Matter: Exploitation for BeginnersSecurity Updates Matter: Exploitation for Beginners
Security Updates Matter: Exploitation for Beginners
 
Structured NERC CIP Process Improvement Using Six Sigma
Structured NERC CIP Process Improvement Using Six SigmaStructured NERC CIP Process Improvement Using Six Sigma
Structured NERC CIP Process Improvement Using Six Sigma
 
Energy biographies: narrative genres, lifecourse transitions and practice change
Energy biographies: narrative genres, lifecourse transitions and practice changeEnergy biographies: narrative genres, lifecourse transitions and practice change
Energy biographies: narrative genres, lifecourse transitions and practice change
 
The grit in the oyster:
The grit in the oyster: The grit in the oyster:
The grit in the oyster:
 
Living the "Good Life"?: energy biographies, identities and competing normati...
Living the "Good Life"?: energy biographies, identities and competing normati...Living the "Good Life"?: energy biographies, identities and competing normati...
Living the "Good Life"?: energy biographies, identities and competing normati...
 

Similar to Dynamic Cyber Defense

Retail security-services--client-presentation
Retail security-services--client-presentationRetail security-services--client-presentation
Retail security-services--client-presentationJoseph Schorr
 
Identifying Your Agency's Vulnerabilities
Identifying Your Agency's Vulnerabilities Identifying Your Agency's Vulnerabilities
Identifying Your Agency's Vulnerabilities Emily2014
 
Stay out of headlines for non compliance or data breach
Stay out of headlines for non compliance or data breachStay out of headlines for non compliance or data breach
Stay out of headlines for non compliance or data breachSridhar Karnam
 
IT Security Management -- People, Procedures and Tools
IT Security Management -- People, Procedures and ToolsIT Security Management -- People, Procedures and Tools
IT Security Management -- People, Procedures and ToolsAndrew S. Baker (ASB)
 
Cybersecurity Best Practices in Financial Services
Cybersecurity Best Practices in Financial ServicesCybersecurity Best Practices in Financial Services
Cybersecurity Best Practices in Financial ServicesJohn Rapa
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'aFahmi Albaheth
 
Incorporating cloud computing for enhanced communication v2
Incorporating cloud computing for enhanced communication v2Incorporating cloud computing for enhanced communication v2
Incorporating cloud computing for enhanced communication v2Christian Verstraete
 
Protecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud SecurityProtecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud SecurityInnoTech
 
Protecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomwareProtecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomwareCloudera, Inc.
 
Top Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsTop Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsDenim Group
 
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdfWhat Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdfSecureCurve
 
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...EC-Council
 
GDPR | Cyber security process resilience
GDPR | Cyber security process resilienceGDPR | Cyber security process resilience
GDPR | Cyber security process resilienceRishi Kant
 
SECURITY AND CONTROL
SECURITY AND CONTROLSECURITY AND CONTROL
SECURITY AND CONTROLshinydey
 
Managing Information for Impact
Managing Information for ImpactManaging Information for Impact
Managing Information for ImpactDonny Shimamoto
 
Top 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationTop 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationSridhar Karnam
 
3 tips to funding your security program
3 tips to funding your security program3 tips to funding your security program
3 tips to funding your security programCloudBees
 

Similar to Dynamic Cyber Defense (20)

Retail security-services--client-presentation
Retail security-services--client-presentationRetail security-services--client-presentation
Retail security-services--client-presentation
 
Identifying Your Agency's Vulnerabilities
Identifying Your Agency's Vulnerabilities Identifying Your Agency's Vulnerabilities
Identifying Your Agency's Vulnerabilities
 
Stay out of headlines for non compliance or data breach
Stay out of headlines for non compliance or data breachStay out of headlines for non compliance or data breach
Stay out of headlines for non compliance or data breach
 
IT Security Management -- People, Procedures and Tools
IT Security Management -- People, Procedures and ToolsIT Security Management -- People, Procedures and Tools
IT Security Management -- People, Procedures and Tools
 
Cybersecurity Best Practices in Financial Services
Cybersecurity Best Practices in Financial ServicesCybersecurity Best Practices in Financial Services
Cybersecurity Best Practices in Financial Services
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'a
 
Incorporating cloud computing for enhanced communication v2
Incorporating cloud computing for enhanced communication v2Incorporating cloud computing for enhanced communication v2
Incorporating cloud computing for enhanced communication v2
 
Protecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud SecurityProtecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud Security
 
Protecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomwareProtecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomware
 
Top Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsTop Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for Applications
 
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdfWhat Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf
 
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
 
GDPR | Cyber security process resilience
GDPR | Cyber security process resilienceGDPR | Cyber security process resilience
GDPR | Cyber security process resilience
 
SECURITY AND CONTROL
SECURITY AND CONTROLSECURITY AND CONTROL
SECURITY AND CONTROL
 
Managing Information for Impact
Managing Information for ImpactManaging Information for Impact
Managing Information for Impact
 
Top 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationTop 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integration
 
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data Security
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
3 tips to funding your security program
3 tips to funding your security program3 tips to funding your security program
3 tips to funding your security program
 
U nit 4
U nit 4U nit 4
U nit 4
 

More from EnergySec

Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsEnergySec
 
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...EnergySec
 
Jack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyJack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyEnergySec
 
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...EnergySec
 
Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber SecurityDaniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber SecurityEnergySec
 
Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change ManagementLessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change ManagementEnergySec
 
Explore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsExplore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsEnergySec
 
Wireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of ReachWireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of ReachEnergySec
 
Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!EnergySec
 
Unidirectional Network Architectures
Unidirectional Network ArchitecturesUnidirectional Network Architectures
Unidirectional Network ArchitecturesEnergySec
 
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s RoleNERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s RoleEnergySec
 
Industrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With ScissorsIndustrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With ScissorsEnergySec
 
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...EnergySec
 
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...EnergySec
 
Where Cyber Security Meets Operational Value
Where Cyber Security Meets Operational ValueWhere Cyber Security Meets Operational Value
Where Cyber Security Meets Operational ValueEnergySec
 
Where Are All The ICS Attacks?
Where Are All The ICS Attacks?Where Are All The ICS Attacks?
Where Are All The ICS Attacks?EnergySec
 
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...EnergySec
 
Industry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherIndustry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherEnergySec
 
What the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each OtherWhat the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each OtherEnergySec
 
Third Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramThird Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramEnergySec
 

More from EnergySec (20)

Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and Mitigations
 
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
 
Jack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyJack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, Anecdotally
 
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
 
Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber SecurityDaniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security
 
Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change ManagementLessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management
 
Explore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsExplore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWs
 
Wireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of ReachWireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of Reach
 
Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!
 
Unidirectional Network Architectures
Unidirectional Network ArchitecturesUnidirectional Network Architectures
Unidirectional Network Architectures
 
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s RoleNERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
 
Industrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With ScissorsIndustrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With Scissors
 
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
 
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
 
Where Cyber Security Meets Operational Value
Where Cyber Security Meets Operational ValueWhere Cyber Security Meets Operational Value
Where Cyber Security Meets Operational Value
 
Where Are All The ICS Attacks?
Where Are All The ICS Attacks?Where Are All The ICS Attacks?
Where Are All The ICS Attacks?
 
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
 
Industry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherIndustry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working Together
 
What the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each OtherWhat the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each Other
 
Third Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramThird Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure Program
 

Recently uploaded

Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 

Recently uploaded (20)

Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 

Dynamic Cyber Defense

  • 1. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Confidential. 9thAnnual EnergySec September 19, 2013 Denver John Felker Director, Cyber and Intelligence Strategy Hewlett-Packard Enterprise Services Dynamic Cyber Defense
  • 2. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.2 Potential industrial control intrusion or error?
  • 3. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.3 Key cyber consideration points •  Cyber threat landscape is continually evolving •  Critical infrastructure of our nation is at risk •  Nation-state actors, criminal organizations, hacktivists or script-kiddie hackers •  Nations safety and economic prosperity is threatened •  Four things to consider to address the evolving threats: •  Be more proactive in our cyber defense efforts through intelligence •  Better user behavior management •  Assessing risk using meaningful metrics •  Resilience – operating through an intrusion
  • 4. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.4 •  View the threat picture differently – PROACTIVELY •  Ensure CEO’s and CIO/CISO’s understand threat the same way •  Allow those leaders to make better resourcing decisions •  Better preparation to mitigate adversaries at the security perimeter •  Integrate a wider set of intelligence into our cybersecurity thinking •  Critical to taking a more proactive stance •  Strategically - own network & open source cyber intelligence = better resource planning decisions •  Functionally - network operators can better defend, mitigate and operate through cyber intrusions •  Operational Levels of Cyber Intelligence paper - Intelligence and National Security Alliance – helps define cyber intelligence www.insaonline.org/i/d/a/Resources/CyberIntel_WP.aspx Additional key cyber consideration points
  • 5. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.5 •  MUST increase info sharing across the board – •  Executive Order 13636 - Improving Critical Infrastructure Cybersecurity is leading critical infrastructure that direction. •  User behavior management policies and training only minimally effective •  User base is one of the most vulnerable portals to intrusions •  poor user behavior can be prevented or at least improved •  regular, effective (“sticky”) interaction with users improves user behavior •  potentially makes your user base part of the security solution Additional key cyber consideration points
  • 6. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.6 •  A common understanding of risk and appropriate risk metrics is vital •  Must understand/apply risk...it's more than just patches, vulnerability etc. •  Must understand threats outside the network – capability, access & opportunity •  Common metrics measure internal network hygiene efforts but don’t address the value of the mission or intellectual property •  Risk metrics need to make sense to leadership... •  what's the business risk, not just the cost or network risk? •  what are the business operations metrics, in cost and in network exposure? •  how do changes in cybersecurity posture impact? Additional key cyber consideration points
  • 7. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.7 •  All systems need to be able to operate through an intrusion •  broad-based intelligence can help, but… •  understanding your network •  ensuring that “mission” operators and network operators are on the same page •  exercising both sets of people and systems against intrusions is the best way to be resilient •  Smart grid resilience efforts provide a good model for IT supporting the business to think about Additional key cyber consideration points
  • 8. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Confidential. Questions? Please contact: John Felker john.felker@hp.com 703.736.4040