SlideShare a Scribd company logo

9 September 2014: automating cyber defence responses CDE themed competition

Defence and Security Accelerator
Defence and Security Accelerator

automating cyber defence responses CDE themed competition presentation from 9 September 2014 Innovation Network event in London

Technology
1 of 37
Download to read offline
Automating Cyber Defence Responses © Crown copyright 2013 Dstl 10 September 2014
Defence Cyber S&T © Crown Copyright Dstl 2011
Strategic context ‘Cyber Security has been assessed as one of the highest priority national security risks to the UK’ ‘a transformative programme for cyber security which addresses threats from states, criminals & terrorists’ ‘to derive huge economic and social value from a vibrant, resilient and secure cyber space’
Cyber in MoD • Falls under Joint Forces Command “work toward making military operations successful by making sure joint capabilities, like …cyber-operations, are efficiently managed and supported” • 2 Key S&T programmes in Dstl: – Assured Information Infrastructure – Cyber • £40 million S&T budget and growing © Crown copyright 2013 Dstl
Cyber in Dstl Assured Information Infrastructure A continuously evolving single logical, reconfigurable, resilient information infrastructure across UK and deployed, fixed and mobile elements Cyber Delivering digital resilience and projecting power and influence to meet UK military, diplomatic and economic objectives The design, management and normal use of cyberspace The abuse of cyberspace
Cyber Foundation Capabilities Information Assurance Architecture - network management - convergence - resilience - IA - spectrum Coalition / Interoperability Management - network - spectrum - IA Experimentation, simulation & modelling Disruptive technology Technology Watch Fundamental Science Comms & Networks Assurance Information Level Assurance Enterprise Services IA Crypto Foundations of Trust IA Human Factors Competition focus Decision Support Situational Awareness Cyber Defence Human component Cyber Offence
The Technical Cooperation Programme • TTCP is a collaborative research programme between Australia, Canada, New Zealand, the United Kingdom and the United States of America, originally started in 1957 • TTCP has recently set up a strategic Cyber Challenge group • Adopting Canadian Automated Computer Network Defence (ARMOUR) framework for collaborative cyber defence work – Google GD Canada ARMOUR © Crown copyright 2013 Dstl 10 September 2014
The Defence Context © Crown Copyright Dstl 2011
Complexity • Large and varied – 70+ countries – 1200 UK Sites – 225,000 Users • Deployed elements • Dynamic • Outsourced services © Crown copyright 2013 Dstl 10 September 2014
The threat, the risk • Increasing in complexity and scale – CND + social engineering + insider threat + ………… • “Non-traditional” cyber threats – Electromagnetic attack • Arms race © Crown copyright 2013 Dstl 10 September 2014
Types of System • Office-like • Radio Frequency • Constrained bandwidth • High latency • Platforms © Crown copyright 2013 Dstl 10 September 2014
Platforms • Cyber Physical Systems • Tight coupling with Industry • Complex © Crown copyright 2013 Dstl 10 September 2014
Coalition Working • Mission Networks • Allies – NATO – 5 eyes • Partners © Crown copyright 2013 Dstl 10 September 2014
Nirvana • Respond to the problem before it propagates through the network, causing wider damage • Improved understanding of what is going on • Allows for human decision making when required • Works across the fixed and deployed spaces • Enables better defence in a coalition © Crown copyright 2013 Dstl 10 September 2014
Technical Context © Crown Copyright Dstl 2011
Cyber Defence • Cyberspace is essential to our operations • Adversaries will disrupt our systems • Our defensive response requires – elements of automation – human intervention © Crown copyright 2013 Dstl 10 September 2014
The Problem • Concerning MOD systems – Reliance on cyberspace – Disruption from cyber attack – Speed, frequency, targeting, motivation – Sophisticated, distributed, stealthy – Unique threats (actors and environment) – Complex and dynamic © Crown copyright 2013 Dstl 10 September 2014
Complexity & Connectivity © Crown copyright 2013 Dstl 10 September 2014
The Context © Crown copyright 2013 Dstl 10 September 2014 • Research proposals • Proof-of-concept • Tools and techniques for: Planning automated responses to threats and attacks on our systems N.B. not the defensive tools themselves An automated or semi-automated capability to change systems in response to cyber events The Need
Elements of the defence response © Crown copyright 2013 Dstl 10 September 2014 Collecting information Identifying the attack Analysing potential courses of action Responding
The Solution scope – Permanent infrastructure and deployed systems – Different responses – Human intervention – Identify defensive actions, processes, contexts – Significant capability improvement © Crown copyright 2013 Dstl 10 September 2014
Scope - Courses of Action © Crown copyright 2013 Dstl 10 September 2014 Observe - collecting situational awareness data Orient - analysis to determine actual and possible attacks Decide – determining/selecting courses of action Act - taking the appropriate action Collecting information Identifying the attack Analysing potential courses of action Responding
Solution architecture constraints • Other elements already exist • Function and interfaces not well defined • Input / Output requirements on other elements © Crown copyright 2013 Dstl 10 September 2014 Collecting Identifying Courses of Action Responding
Course of Action – input events • Predicted / Detected attacks • Attack sources • Early indicators • Attack patterns • Vulnerabilities • System configuration and management data • Data sources © Crown copyright 2013 Dstl 10 September 2014 Collecting Identifying Courses of Action Responding
Course of Action - responses • Compartmentalisation and connectivity • Configuration changes i.e. firewalls • Routing • Access controls and lockdown status • Service availability • Attack signatures and patch levels • Alerts and warnings, staffing levels • Security operating procedures and controls © Crown copyright 2013 Dstl 10 September 2014 Collecting Identifying Courses of Action Responding
Solution Architecture assumptions • Courses of Action element: – Define functions / operations / interfaces – Identify data required / provided – Identify data sources • Identify your assumptions • Identify metrics • Document test data & tests – data will not be provided by MOD © Crown copyright 2013 Dstl 10 September 2014 Collecting Identifying Courses of Action Responding
Course of Action - metrics • For each response action we need metrics – Effective prioritisation – Response actions vs threat/attack – Automatic response vs manual intervention – Impact and risk assessment • Metrics themselves – Detailed definition and meaning – Value ranges – Use © Crown copyright 2013 Dstl 10 September 2014
What we want • Novel and innovative approaches to developing courses of action • Final report • Proof of concept demonstration • A development plan beyond the initial proof-of- concept phase • Solutions that consider the breadth of MOD systems, end points, hosts etc © Crown copyright 2013 Dstl 10 September 2014
What we don’t want • Technology watch or horizon scanning • Existing technology products and tools • Demonstrations of the same • Marginal improvements in capability • Paper based studies • Focus / emphasis on presentation layer • Fully formed User Interface © Crown copyright 2013 Dstl 10 September 2014
Exploitation – towards phase 2 • Tool or toolset – component of a wider system • Open source, service oriented architecture • Specific implementation not decided • Comms, messaging, data flow through Enterprise Service Bus • Potential for collaboration with overseas partners © Crown copyright 2013 Dstl 10 September 2014
Solution Architecture – phase 2 © Crown copyright 2013 Dstl 10 September 2014 Enterprise Service Bus Data Analysis and Action Course of Action Analyser Data Storage Data Presentation Attack / Incident Analysers Response Coordinator Data Source Connectors Course of Action View Course of Action Library and response status Effector Connectors Infrastructure Management Systems Infrastructure
Conclusion © Crown Copyright Dstl 2011
In conclusion • Opportunity! • Innovation • Demonstration • Focus – Automation – Course of action – Decision, not action © Crown copyright 2013 Dstl 10 September 2014
Don’t Forget! • Your bid must be made via the CDE Portal – Emailed proposals will not be accepted – Don’t leave it until the last minute – the portal can only handle a limited number of concurrent sessions © Crown copyright 2013 Dstl 10 September 2014
… and finally … • Dstl have committed up to £1 million of funding for the initial proof-of-concept demonstrators • No cap on the value of proposals – However more likely that a larger number of lower value proposals (e.g. up to £100,000) will be funded at this stage • Anticipated delivery within 6 months of being on contract (latest – March 2016) © Crown copyright 2013 Dstl 10 September 2014 Submissions via the CDE Portal by 1700 Thursday 23rd October 2014
• Technical questions – cybersecuritycde@dstl.gov.uk • CDE questions – cde@dstl.gov.uk © Crown copyright 2013 Dstl 10 September 2014
© Crown copyright 2013 Dstl 10 September 2014

Recommended

22 May 2014 CDE competition: Information processing and sensemaking presentation
22 May 2014 CDE competition: Information processing and sensemaking presentation22 May 2014 CDE competition: Information processing and sensemaking presentation
22 May 2014 CDE competition: Information processing and sensemaking presentationDefence and Security Accelerator
 
30 September 2014: Synthetic biology applications in defence CDE themed compe...
30 September 2014: Synthetic biology applications in defence CDE themed compe...30 September 2014: Synthetic biology applications in defence CDE themed compe...
30 September 2014: Synthetic biology applications in defence CDE themed compe...Defence and Security Accelerator
 
18 November 2014: affordable space-based capability CDE themed competition
18 November 2014: affordable space-based capability CDE themed competition18 November 2014: affordable space-based capability CDE themed competition
18 November 2014: affordable space-based capability CDE themed competitionDefence and Security Accelerator
 
22 July 2014: detection of airborne chemical hazards CDE themed competition
22 July 2014: detection of airborne chemical hazards CDE themed competition22 July 2014: detection of airborne chemical hazards CDE themed competition
22 July 2014: detection of airborne chemical hazards CDE themed competitionDefence and Security Accelerator
 
autonomy for hazardous scene assessment themed competition 22 September 2016
autonomy for hazardous scene assessment themed competition 22 September 2016autonomy for hazardous scene assessment themed competition 22 September 2016
autonomy for hazardous scene assessment themed competition 22 September 2016Defence and Security Accelerator
 
13 January 2015: Highly robust ground platforms CDE themed competition
13 January 2015: Highly robust ground platforms CDE themed competition13 January 2015: Highly robust ground platforms CDE themed competition
13 January 2015: Highly robust ground platforms CDE themed competitionDefence and Security Accelerator
 
many drones make light work themed competition 22 September 2016
many drones make light work themed competition 22 September 2016many drones make light work themed competition 22 September 2016
many drones make light work themed competition 22 September 2016Defence and Security Accelerator
 
Accelerator Enduring Challenge Competition Launch Opening Session
Accelerator Enduring Challenge Competition Launch Opening SessionAccelerator Enduring Challenge Competition Launch Opening Session
Accelerator Enduring Challenge Competition Launch Opening SessionHeather-Fiona Egan
 

Recommended

22 May 2014 CDE competition: Information processing and sensemaking presentation
22 May 2014 CDE competition: Information processing and sensemaking presentation22 May 2014 CDE competition: Information processing and sensemaking presentation
22 May 2014 CDE competition: Information processing and sensemaking presentationDefence and Security Accelerator
 
30 September 2014: Synthetic biology applications in defence CDE themed compe...
30 September 2014: Synthetic biology applications in defence CDE themed compe...30 September 2014: Synthetic biology applications in defence CDE themed compe...
30 September 2014: Synthetic biology applications in defence CDE themed compe...Defence and Security Accelerator
 
18 November 2014: affordable space-based capability CDE themed competition
18 November 2014: affordable space-based capability CDE themed competition18 November 2014: affordable space-based capability CDE themed competition
18 November 2014: affordable space-based capability CDE themed competitionDefence and Security Accelerator
 
22 July 2014: detection of airborne chemical hazards CDE themed competition
22 July 2014: detection of airborne chemical hazards CDE themed competition22 July 2014: detection of airborne chemical hazards CDE themed competition
22 July 2014: detection of airborne chemical hazards CDE themed competitionDefence and Security Accelerator
 
autonomy for hazardous scene assessment themed competition 22 September 2016
autonomy for hazardous scene assessment themed competition 22 September 2016autonomy for hazardous scene assessment themed competition 22 September 2016
autonomy for hazardous scene assessment themed competition 22 September 2016Defence and Security Accelerator
 
13 January 2015: Highly robust ground platforms CDE themed competition
13 January 2015: Highly robust ground platforms CDE themed competition13 January 2015: Highly robust ground platforms CDE themed competition
13 January 2015: Highly robust ground platforms CDE themed competitionDefence and Security Accelerator
 
many drones make light work themed competition 22 September 2016
many drones make light work themed competition 22 September 2016many drones make light work themed competition 22 September 2016
many drones make light work themed competition 22 September 2016Defence and Security Accelerator
 
Accelerator Enduring Challenge Competition Launch Opening Session
Accelerator Enduring Challenge Competition Launch Opening SessionAccelerator Enduring Challenge Competition Launch Opening Session
Accelerator Enduring Challenge Competition Launch Opening SessionHeather-Fiona Egan
 
Accelerator First Innovation Fund network event Session 1
Accelerator First Innovation Fund network event Session 1Accelerator First Innovation Fund network event Session 1
Accelerator First Innovation Fund network event Session 1Defence and Security Accelerator
 
Innovation fund themed competition webinar - session 1
Innovation fund themed competition webinar - session 1Innovation fund themed competition webinar - session 1
Innovation fund themed competition webinar - session 1Heather-Fiona Egan
 
Accelerator Enduring Competition Challenge - Session 2
Accelerator Enduring Competition Challenge - Session 2Accelerator Enduring Competition Challenge - Session 2
Accelerator Enduring Competition Challenge - Session 2Heather-Fiona Egan
 
9 July 2015: CDE enduring challenge competition
9 July 2015: CDE enduring challenge competition9 July 2015: CDE enduring challenge competition
9 July 2015: CDE enduring challenge competitionDefence and Security Accelerator
 
Accelerator Autonomous last mile resupply strategic context - 23 may 2017
Accelerator Autonomous last mile resupply strategic context - 23 may 2017Accelerator Autonomous last mile resupply strategic context - 23 may 2017
Accelerator Autonomous last mile resupply strategic context - 23 may 2017Heather-Fiona Egan
 
Accelerator Enduring Challenge briefing: Cambridge Enterprise
Accelerator Enduring Challenge briefing: Cambridge Enterprise Accelerator Enduring Challenge briefing: Cambridge Enterprise
Accelerator Enduring Challenge briefing: Cambridge Enterprise Heather-Fiona Egan
 
Accelerator Autonomous Last Mile Resupply - DASA overview
Accelerator Autonomous Last Mile Resupply - DASA overviewAccelerator Autonomous Last Mile Resupply - DASA overview
Accelerator Autonomous Last Mile Resupply - DASA overviewHeather-Fiona Egan
 
22 May 2014 :CDE Enduring challenge competition presentations
22 May 2014 :CDE Enduring challenge competition presentations22 May 2014 :CDE Enduring challenge competition presentations
22 May 2014 :CDE Enduring challenge competition presentationsDefence and Security Accelerator
 
3 Dec 2013 Integrated computational materials CDE themed competition presenta...
3 Dec 2013 Integrated computational materials CDE themed competition presenta...3 Dec 2013 Integrated computational materials CDE themed competition presenta...
3 Dec 2013 Integrated computational materials CDE themed competition presenta...Defence and Security Accelerator
 
CDE competition: Future Aviation Security Solutions challenge
CDE competition: Future Aviation Security Solutions challengeCDE competition: Future Aviation Security Solutions challenge
CDE competition: Future Aviation Security Solutions challengeDefence and Security Accelerator
 
Accelerator autonomous last mile resupply - how to work with the Accelerator
Accelerator autonomous last mile resupply - how to work with the AcceleratorAccelerator autonomous last mile resupply - how to work with the Accelerator
Accelerator autonomous last mile resupply - how to work with the AcceleratorHeather-Fiona Egan
 
DASA Security Showcase - Department for International Trade Presentation
DASA Security Showcase - Department for International Trade PresentationDASA Security Showcase - Department for International Trade Presentation
DASA Security Showcase - Department for International Trade PresentationDefence and Security Accelerator
 
PM Briefing: Autonomy and big data for defence
PM Briefing: Autonomy and big data for defencePM Briefing: Autonomy and big data for defence
PM Briefing: Autonomy and big data for defenceDefence and Security Accelerator
 
Accelerator Autonomous last mile resupply: competiton management process - 23...
Accelerator Autonomous last mile resupply: competiton management process - 23...Accelerator Autonomous last mile resupply: competiton management process - 23...
Accelerator Autonomous last mile resupply: competiton management process - 23...Heather-Fiona Egan
 
AGS Members' Day 2015 - Loss Prevention Working Group Presentation
AGS Members' Day 2015 - Loss Prevention Working Group PresentationAGS Members' Day 2015 - Loss Prevention Working Group Presentation
AGS Members' Day 2015 - Loss Prevention Working Group PresentationForumCourt
 
IAC 2013 - ADR Policy Project resentation
IAC 2013 - ADR Policy Project resentationIAC 2013 - ADR Policy Project resentation
IAC 2013 - ADR Policy Project resentationSpace Generation Advisory Council - Space Safety and Sustainability Project Group
 
The University of Sheffield AMRC
The University of Sheffield AMRCThe University of Sheffield AMRC
The University of Sheffield AMRCDuncan Purves
 
IDRC14-ppp-Cybereye
IDRC14-ppp-CybereyeIDRC14-ppp-Cybereye
IDRC14-ppp-CybereyeGlobal Risk Forum GRFDavos
 
Attolico
AttolicoAttolico
AttolicoGlobal Risk Forum GRFDavos
 
CardiAQ - An IP Success Story
CardiAQ - An IP Success StoryCardiAQ - An IP Success Story
CardiAQ - An IP Success StoryKnobbe Martens - Intellectual Property Law
 
27 Nov 2013 Cyber defence CDE themed competition presentations
27 Nov 2013 Cyber defence CDE themed competition presentations27 Nov 2013 Cyber defence CDE themed competition presentations
27 Nov 2013 Cyber defence CDE themed competition presentationsDefence and Security Accelerator
 
The National Archives cloud storage and digital preservation
The National Archives cloud storage and digital preservationThe National Archives cloud storage and digital preservation
The National Archives cloud storage and digital preservationThe-National-Archives
 

More Related Content

What's hot

Innovation fund themed competition webinar - session 1
Innovation fund themed competition webinar - session 1Innovation fund themed competition webinar - session 1
Innovation fund themed competition webinar - session 1Heather-Fiona Egan
 
Accelerator Enduring Competition Challenge - Session 2
Accelerator Enduring Competition Challenge - Session 2Accelerator Enduring Competition Challenge - Session 2
Accelerator Enduring Competition Challenge - Session 2Heather-Fiona Egan
 
Accelerator Autonomous last mile resupply strategic context - 23 may 2017
Accelerator Autonomous last mile resupply strategic context - 23 may 2017Accelerator Autonomous last mile resupply strategic context - 23 may 2017
Accelerator Autonomous last mile resupply strategic context - 23 may 2017Heather-Fiona Egan
 
Accelerator Enduring Challenge briefing: Cambridge Enterprise
Accelerator Enduring Challenge briefing: Cambridge Enterprise Accelerator Enduring Challenge briefing: Cambridge Enterprise
Accelerator Enduring Challenge briefing: Cambridge Enterprise Heather-Fiona Egan
 
Accelerator Autonomous Last Mile Resupply - DASA overview
Accelerator Autonomous Last Mile Resupply - DASA overviewAccelerator Autonomous Last Mile Resupply - DASA overview
Accelerator Autonomous Last Mile Resupply - DASA overviewHeather-Fiona Egan
 
22 May 2014 :CDE Enduring challenge competition presentations
22 May 2014 :CDE Enduring challenge competition presentations22 May 2014 :CDE Enduring challenge competition presentations
22 May 2014 :CDE Enduring challenge competition presentationsDefence and Security Accelerator
 
3 Dec 2013 Integrated computational materials CDE themed competition presenta...
3 Dec 2013 Integrated computational materials CDE themed competition presenta...3 Dec 2013 Integrated computational materials CDE themed competition presenta...
3 Dec 2013 Integrated computational materials CDE themed competition presenta...Defence and Security Accelerator
 
CDE competition: Future Aviation Security Solutions challenge
CDE competition: Future Aviation Security Solutions challengeCDE competition: Future Aviation Security Solutions challenge
CDE competition: Future Aviation Security Solutions challengeDefence and Security Accelerator
 
Accelerator autonomous last mile resupply - how to work with the Accelerator
Accelerator autonomous last mile resupply - how to work with the AcceleratorAccelerator autonomous last mile resupply - how to work with the Accelerator
Accelerator autonomous last mile resupply - how to work with the AcceleratorHeather-Fiona Egan
 
DASA Security Showcase - Department for International Trade Presentation
DASA Security Showcase - Department for International Trade PresentationDASA Security Showcase - Department for International Trade Presentation
DASA Security Showcase - Department for International Trade PresentationDefence and Security Accelerator
 
Accelerator Autonomous last mile resupply: competiton management process - 23...
Accelerator Autonomous last mile resupply: competiton management process - 23...Accelerator Autonomous last mile resupply: competiton management process - 23...
Accelerator Autonomous last mile resupply: competiton management process - 23...Heather-Fiona Egan
 
AGS Members' Day 2015 - Loss Prevention Working Group Presentation
AGS Members' Day 2015 - Loss Prevention Working Group PresentationAGS Members' Day 2015 - Loss Prevention Working Group Presentation
AGS Members' Day 2015 - Loss Prevention Working Group PresentationForumCourt
 
The University of Sheffield AMRC
The University of Sheffield AMRCThe University of Sheffield AMRC
The University of Sheffield AMRCDuncan Purves
 

What's hot (20)

Accelerator First Innovation Fund network event Session 1
Accelerator First Innovation Fund network event Session 1Accelerator First Innovation Fund network event Session 1
Accelerator First Innovation Fund network event Session 1
 
Innovation fund themed competition webinar - session 1
Innovation fund themed competition webinar - session 1Innovation fund themed competition webinar - session 1
Innovation fund themed competition webinar - session 1
 
Accelerator Enduring Competition Challenge - Session 2
Accelerator Enduring Competition Challenge - Session 2Accelerator Enduring Competition Challenge - Session 2
Accelerator Enduring Competition Challenge - Session 2
 
9 July 2015: CDE enduring challenge competition
9 July 2015: CDE enduring challenge competition9 July 2015: CDE enduring challenge competition
9 July 2015: CDE enduring challenge competition
 
Accelerator Autonomous last mile resupply strategic context - 23 may 2017
Accelerator Autonomous last mile resupply strategic context - 23 may 2017Accelerator Autonomous last mile resupply strategic context - 23 may 2017
Accelerator Autonomous last mile resupply strategic context - 23 may 2017
 
Accelerator Enduring Challenge briefing: Cambridge Enterprise
Accelerator Enduring Challenge briefing: Cambridge Enterprise Accelerator Enduring Challenge briefing: Cambridge Enterprise
Accelerator Enduring Challenge briefing: Cambridge Enterprise
 
Accelerator Autonomous Last Mile Resupply - DASA overview
Accelerator Autonomous Last Mile Resupply - DASA overviewAccelerator Autonomous Last Mile Resupply - DASA overview
Accelerator Autonomous Last Mile Resupply - DASA overview
 
22 May 2014 :CDE Enduring challenge competition presentations
22 May 2014 :CDE Enduring challenge competition presentations22 May 2014 :CDE Enduring challenge competition presentations
22 May 2014 :CDE Enduring challenge competition presentations
 
3 Dec 2013 Integrated computational materials CDE themed competition presenta...
3 Dec 2013 Integrated computational materials CDE themed competition presenta...3 Dec 2013 Integrated computational materials CDE themed competition presenta...
3 Dec 2013 Integrated computational materials CDE themed competition presenta...
 
CDE competition: Future Aviation Security Solutions challenge
CDE competition: Future Aviation Security Solutions challengeCDE competition: Future Aviation Security Solutions challenge
CDE competition: Future Aviation Security Solutions challenge
 
Accelerator autonomous last mile resupply - how to work with the Accelerator
Accelerator autonomous last mile resupply - how to work with the AcceleratorAccelerator autonomous last mile resupply - how to work with the Accelerator
Accelerator autonomous last mile resupply - how to work with the Accelerator
 
DASA Security Showcase - Department for International Trade Presentation
DASA Security Showcase - Department for International Trade PresentationDASA Security Showcase - Department for International Trade Presentation
DASA Security Showcase - Department for International Trade Presentation
 
PM Briefing: Autonomy and big data for defence
PM Briefing: Autonomy and big data for defencePM Briefing: Autonomy and big data for defence
PM Briefing: Autonomy and big data for defence
 
Accelerator Autonomous last mile resupply: competiton management process - 23...
Accelerator Autonomous last mile resupply: competiton management process - 23...Accelerator Autonomous last mile resupply: competiton management process - 23...
Accelerator Autonomous last mile resupply: competiton management process - 23...
 
AGS Members' Day 2015 - Loss Prevention Working Group Presentation
AGS Members' Day 2015 - Loss Prevention Working Group PresentationAGS Members' Day 2015 - Loss Prevention Working Group Presentation
AGS Members' Day 2015 - Loss Prevention Working Group Presentation
 
IAC 2013 - ADR Policy Project resentation
IAC 2013 - ADR Policy Project resentationIAC 2013 - ADR Policy Project resentation
IAC 2013 - ADR Policy Project resentation
 
The University of Sheffield AMRC
The University of Sheffield AMRCThe University of Sheffield AMRC
The University of Sheffield AMRC
 
IDRC14-ppp-Cybereye
IDRC14-ppp-CybereyeIDRC14-ppp-Cybereye
IDRC14-ppp-Cybereye
 
Attolico
AttolicoAttolico
Attolico
 
CardiAQ - An IP Success Story
CardiAQ - An IP Success StoryCardiAQ - An IP Success Story
CardiAQ - An IP Success Story
 

Similar to 9 September 2014: automating cyber defence responses CDE themed competition

27 Nov 2013 Cyber defence CDE themed competition presentations
27 Nov 2013 Cyber defence CDE themed competition presentations27 Nov 2013 Cyber defence CDE themed competition presentations
27 Nov 2013 Cyber defence CDE themed competition presentationsDefence and Security Accelerator
 
The National Archives cloud storage and digital preservation
The National Archives cloud storage and digital preservationThe National Archives cloud storage and digital preservation
The National Archives cloud storage and digital preservationThe-National-Archives
 
Cloud and challenges isacakenya
Cloud and challenges isacakenyaCloud and challenges isacakenya
Cloud and challenges isacakenyaTonny Omwansa
 
Afac device-security-july-7-2014v7-2
Afac device-security-july-7-2014v7-2Afac device-security-july-7-2014v7-2
Afac device-security-july-7-2014v7-2KBIZEAU
 
Cloud Elasticity and the CELAR Project
Cloud Elasticity and the CELAR ProjectCloud Elasticity and the CELAR Project
Cloud Elasticity and the CELAR ProjectDemetris Trihinas
 
ASEAN-JAPAN Cyber Security Seminar: How to fill your team gaps with training
ASEAN-JAPAN Cyber Security Seminar: How to fill your team gaps with trainingASEAN-JAPAN Cyber Security Seminar: How to fill your team gaps with training
ASEAN-JAPAN Cyber Security Seminar: How to fill your team gaps with trainingAPNIC
 
Securing Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeSecuring Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeAhmad Abdalla
 
An Integrated Cloud Computing Architectural Stack
An Integrated Cloud Computing Architectural Stack An Integrated Cloud Computing Architectural Stack
An Integrated Cloud Computing Architectural Stack Zara Tariq
 
Solving ICS Cybersecurity Challenges in the Electric Industry
Solving ICS Cybersecurity Challenges in the Electric IndustrySolving ICS Cybersecurity Challenges in the Electric Industry
Solving ICS Cybersecurity Challenges in the Electric IndustryDragos, Inc.
 
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeSecuring Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeLisa Abe-Oldenburg, B.Comm., JD.
 
IRJET- Nebula and Cloud Computing – Analyzing all Aspects of Both Entities
IRJET- Nebula and Cloud Computing – Analyzing all Aspects of Both EntitiesIRJET- Nebula and Cloud Computing – Analyzing all Aspects of Both Entities
IRJET- Nebula and Cloud Computing – Analyzing all Aspects of Both EntitiesIRJET Journal
 
AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014KBIZEAU
 
Using Network Recording and Search to Improve IT Service Delivery
Using Network Recording and Search to Improve IT Service DeliveryUsing Network Recording and Search to Improve IT Service Delivery
Using Network Recording and Search to Improve IT Service DeliveryEmulex Corporation
 
Outsourcing small cell deployment - How process automation tools can enable ...
Outsourcing small cell deployment - How process automation tools can enable ...Outsourcing small cell deployment - How process automation tools can enable ...
Outsourcing small cell deployment - How process automation tools can enable ...David Chambers
 
Smartie - Project overview
Smartie - Project overview Smartie - Project overview
Smartie - Project overview DunavNET
 
ISCA Slides - Barun Kumar v1.0
ISCA Slides - Barun Kumar v1.0ISCA Slides - Barun Kumar v1.0
ISCA Slides - Barun Kumar v1.0Barun Kumar
 
Microsegmentation for enterprise data centers
Microsegmentation for enterprise data centersMicrosegmentation for enterprise data centers
Microsegmentation for enterprise data centersNarendran Vaideeswaran
 
Cloud Computing (Lecture 1 & 2).pptx
Cloud Computing (Lecture 1 & 2).pptxCloud Computing (Lecture 1 & 2).pptx
Cloud Computing (Lecture 1 & 2).pptxMuhammadArslan799356
 

Similar to 9 September 2014: automating cyber defence responses CDE themed competition (20)

27 Nov 2013 Cyber defence CDE themed competition presentations
27 Nov 2013 Cyber defence CDE themed competition presentations27 Nov 2013 Cyber defence CDE themed competition presentations
27 Nov 2013 Cyber defence CDE themed competition presentations
 
The National Archives cloud storage and digital preservation
The National Archives cloud storage and digital preservationThe National Archives cloud storage and digital preservation
The National Archives cloud storage and digital preservation
 
Cloud and challenges isacakenya
Cloud and challenges isacakenyaCloud and challenges isacakenya
Cloud and challenges isacakenya
 
Afac device-security-july-7-2014v7-2
Afac device-security-july-7-2014v7-2Afac device-security-july-7-2014v7-2
Afac device-security-july-7-2014v7-2
 
Cloud Elasticity and the CELAR Project
Cloud Elasticity and the CELAR ProjectCloud Elasticity and the CELAR Project
Cloud Elasticity and the CELAR Project
 
ASEAN-JAPAN Cyber Security Seminar: How to fill your team gaps with training
ASEAN-JAPAN Cyber Security Seminar: How to fill your team gaps with trainingASEAN-JAPAN Cyber Security Seminar: How to fill your team gaps with training
ASEAN-JAPAN Cyber Security Seminar: How to fill your team gaps with training
 
Securing Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeSecuring Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & Netskope
 
An Integrated Cloud Computing Architectural Stack
An Integrated Cloud Computing Architectural Stack An Integrated Cloud Computing Architectural Stack
An Integrated Cloud Computing Architectural Stack
 
Solving ICS Cybersecurity Challenges in the Electric Industry
Solving ICS Cybersecurity Challenges in the Electric IndustrySolving ICS Cybersecurity Challenges in the Electric Industry
Solving ICS Cybersecurity Challenges in the Electric Industry
 
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeSecuring Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
 
IRJET- Nebula and Cloud Computing – Analyzing all Aspects of Both Entities
IRJET- Nebula and Cloud Computing – Analyzing all Aspects of Both EntitiesIRJET- Nebula and Cloud Computing – Analyzing all Aspects of Both Entities
IRJET- Nebula and Cloud Computing – Analyzing all Aspects of Both Entities
 
AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014
 
18 Dec 2013 - CDE enduring challenge competition webinar
18 Dec 2013 - CDE enduring challenge competition webinar18 Dec 2013 - CDE enduring challenge competition webinar
18 Dec 2013 - CDE enduring challenge competition webinar
 
Using Network Recording and Search to Improve IT Service Delivery
Using Network Recording and Search to Improve IT Service DeliveryUsing Network Recording and Search to Improve IT Service Delivery
Using Network Recording and Search to Improve IT Service Delivery
 
Outsourcing small cell deployment - How process automation tools can enable ...
Outsourcing small cell deployment - How process automation tools can enable ...Outsourcing small cell deployment - How process automation tools can enable ...
Outsourcing small cell deployment - How process automation tools can enable ...
 
Smartie - Project overview
Smartie - Project overview Smartie - Project overview
Smartie - Project overview
 
ISCA Slides - Barun Kumar v1.0
ISCA Slides - Barun Kumar v1.0ISCA Slides - Barun Kumar v1.0
ISCA Slides - Barun Kumar v1.0
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Microsegmentation for enterprise data centers
Microsegmentation for enterprise data centersMicrosegmentation for enterprise data centers
Microsegmentation for enterprise data centers
 
Cloud Computing (Lecture 1 & 2).pptx
Cloud Computing (Lecture 1 & 2).pptxCloud Computing (Lecture 1 & 2).pptx
Cloud Computing (Lecture 1 & 2).pptx
 

More from Defence and Security Accelerator

DASA Security Showcase - Department for Transport and Home Office Presentation
DASA Security Showcase - Department for Transport and Home Office PresentationDASA Security Showcase - Department for Transport and Home Office Presentation
DASA Security Showcase - Department for Transport and Home Office PresentationDefence and Security Accelerator
 
Finding, funding and exploiting innovation for the benefit of UK Defence and ...
Finding, funding and exploiting innovation for the benefit of UK Defence and ...Finding, funding and exploiting innovation for the benefit of UK Defence and ...
Finding, funding and exploiting innovation for the benefit of UK Defence and ...Defence and Security Accelerator
 
DASA Jim Pennycook - challenge and opportunity - DSEI 2017
DASA Jim Pennycook - challenge and opportunity - DSEI 2017DASA Jim Pennycook - challenge and opportunity - DSEI 2017
DASA Jim Pennycook - challenge and opportunity - DSEI 2017Defence and Security Accelerator
 
27 July 2017 Innovation nework event: how to create a great proposal
27 July 2017 Innovation nework event: how to create a great proposal27 July 2017 Innovation nework event: how to create a great proposal
27 July 2017 Innovation nework event: how to create a great proposalDefence and Security Accelerator
 
27 July 2017 Innovation nework event: Working with the Accelerator
27 July 2017 Innovation nework event: Working with the Accelerator 27 July 2017 Innovation nework event: Working with the Accelerator
27 July 2017 Innovation nework event: Working with the Accelerator Defence and Security Accelerator
 
CDE themed challenge - Beyond battery power: the technical challenge and futu...
CDE themed challenge - Beyond battery power: the technical challenge and futu...CDE themed challenge - Beyond battery power: the technical challenge and futu...
CDE themed challenge - Beyond battery power: the technical challenge and futu...Defence and Security Accelerator
 
Introduction to the Centre for Defence Enterprise and introducing the Defence...
Introduction to the Centre for Defence Enterprise and introducing the Defence...Introduction to the Centre for Defence Enterprise and introducing the Defence...
Introduction to the Centre for Defence Enterprise and introducing the Defence...Defence and Security Accelerator
 
Tips on how to submit a great proposal to the Centre for Defence Enterprise
Tips on how to submit a great proposal to the Centre for Defence EnterpriseTips on how to submit a great proposal to the Centre for Defence Enterprise
Tips on how to submit a great proposal to the Centre for Defence EnterpriseDefence and Security Accelerator
 

More from Defence and Security Accelerator (20)

DASA Security Showcase - UK Fire Service Presentation
DASA Security Showcase - UK Fire Service Presentation DASA Security Showcase - UK Fire Service Presentation
DASA Security Showcase - UK Fire Service Presentation
 
DASA Security Showcase - Department for Transport and Home Office Presentation
DASA Security Showcase - Department for Transport and Home Office PresentationDASA Security Showcase - Department for Transport and Home Office Presentation
DASA Security Showcase - Department for Transport and Home Office Presentation
 
DASA Security Showcase - DASA Presentation
DASA Security Showcase - DASA PresentationDASA Security Showcase - DASA Presentation
DASA Security Showcase - DASA Presentation
 
DASA Security Showcase - Bank of England Presentation
DASA Security Showcase - Bank of England PresentationDASA Security Showcase - Bank of England Presentation
DASA Security Showcase - Bank of England Presentation
 
Finding, funding and exploiting innovation for the benefit of UK Defence and ...
Finding, funding and exploiting innovation for the benefit of UK Defence and ...Finding, funding and exploiting innovation for the benefit of UK Defence and ...
Finding, funding and exploiting innovation for the benefit of UK Defence and ...
 
DASA Jim Pennycook - challenge and opportunity - DSEI 2017
DASA Jim Pennycook - challenge and opportunity - DSEI 2017DASA Jim Pennycook - challenge and opportunity - DSEI 2017
DASA Jim Pennycook - challenge and opportunity - DSEI 2017
 
27 July 2017 Innovation nework event: how to create a great proposal
27 July 2017 Innovation nework event: how to create a great proposal27 July 2017 Innovation nework event: how to create a great proposal
27 July 2017 Innovation nework event: how to create a great proposal
 
27 July 2017 Innovation nework event: Working with the Accelerator
27 July 2017 Innovation nework event: Working with the Accelerator 27 July 2017 Innovation nework event: Working with the Accelerator
27 July 2017 Innovation nework event: Working with the Accelerator
 
Improving crowd resilience themed competition slides
Improving crowd resilience themed competition slidesImproving crowd resilience themed competition slides
Improving crowd resilience themed competition slides
 
CDE themed comp -syn-bio part 2
CDE themed comp -syn-bio part 2CDE themed comp -syn-bio part 2
CDE themed comp -syn-bio part 2
 
CDE themed comp - synbio part 1
CDE themed comp - synbio part 1CDE themed comp - synbio part 1
CDE themed comp - synbio part 1
 
Beyond battery power: future autonomy
Beyond battery power: future autonomy Beyond battery power: future autonomy
Beyond battery power: future autonomy
 
CDE themed challenge - Beyond battery power: the technical challenge and futu...
CDE themed challenge - Beyond battery power: the technical challenge and futu...CDE themed challenge - Beyond battery power: the technical challenge and futu...
CDE themed challenge - Beyond battery power: the technical challenge and futu...
 
Beyond battery power - CDE themed competition part 2
Beyond battery power - CDE themed competition part 2Beyond battery power - CDE themed competition part 2
Beyond battery power - CDE themed competition part 2
 
Beyond battery power - CDE themed competition part 1
Beyond battery power - CDE themed competition part 1Beyond battery power - CDE themed competition part 1
Beyond battery power - CDE themed competition part 1
 
Beyond battery power - how the competition will work
Beyond battery power - how the competition will workBeyond battery power - how the competition will work
Beyond battery power - how the competition will work
 
Introduction to the Centre for Defence Enterprise and introducing the Defence...
Introduction to the Centre for Defence Enterprise and introducing the Defence...Introduction to the Centre for Defence Enterprise and introducing the Defence...
Introduction to the Centre for Defence Enterprise and introducing the Defence...
 
CDE Competition on FASS - technology challenge 1
CDE Competition on FASS - technology challenge 1CDE Competition on FASS - technology challenge 1
CDE Competition on FASS - technology challenge 1
 
CDE competition briefing - FASS technology challenge 2
CDE competition briefing - FASS technology challenge 2CDE competition briefing - FASS technology challenge 2
CDE competition briefing - FASS technology challenge 2
 
Tips on how to submit a great proposal to the Centre for Defence Enterprise
Tips on how to submit a great proposal to the Centre for Defence EnterpriseTips on how to submit a great proposal to the Centre for Defence Enterprise
Tips on how to submit a great proposal to the Centre for Defence Enterprise
 

Recently uploaded

H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 

Recently uploaded (20)

H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 

9 September 2014: automating cyber defence responses CDE themed competition

  • 1. Automating Cyber Defence Responses © Crown copyright 2013 Dstl 10 September 2014
  • 2. Defence Cyber S&T © Crown Copyright Dstl 2011
  • 3. Strategic context ‘Cyber Security has been assessed as one of the highest priority national security risks to the UK’ ‘a transformative programme for cyber security which addresses threats from states, criminals & terrorists’ ‘to derive huge economic and social value from a vibrant, resilient and secure cyber space’
  • 4. Cyber in MoD • Falls under Joint Forces Command “work toward making military operations successful by making sure joint capabilities, like …cyber-operations, are efficiently managed and supported” • 2 Key S&T programmes in Dstl: – Assured Information Infrastructure – Cyber • £40 million S&T budget and growing © Crown copyright 2013 Dstl
  • 5. Cyber in Dstl Assured Information Infrastructure A continuously evolving single logical, reconfigurable, resilient information infrastructure across UK and deployed, fixed and mobile elements Cyber Delivering digital resilience and projecting power and influence to meet UK military, diplomatic and economic objectives The design, management and normal use of cyberspace The abuse of cyberspace
  • 6. Cyber Foundation Capabilities Information Assurance Architecture - network management - convergence - resilience - IA - spectrum Coalition / Interoperability Management - network - spectrum - IA Experimentation, simulation & modelling Disruptive technology Technology Watch Fundamental Science Comms & Networks Assurance Information Level Assurance Enterprise Services IA Crypto Foundations of Trust IA Human Factors Competition focus Decision Support Situational Awareness Cyber Defence Human component Cyber Offence
  • 7. The Technical Cooperation Programme • TTCP is a collaborative research programme between Australia, Canada, New Zealand, the United Kingdom and the United States of America, originally started in 1957 • TTCP has recently set up a strategic Cyber Challenge group • Adopting Canadian Automated Computer Network Defence (ARMOUR) framework for collaborative cyber defence work – Google GD Canada ARMOUR © Crown copyright 2013 Dstl 10 September 2014
  • 8. The Defence Context © Crown Copyright Dstl 2011
  • 9. Complexity • Large and varied – 70+ countries – 1200 UK Sites – 225,000 Users • Deployed elements • Dynamic • Outsourced services © Crown copyright 2013 Dstl 10 September 2014
  • 10. The threat, the risk • Increasing in complexity and scale – CND + social engineering + insider threat + ………… • “Non-traditional” cyber threats – Electromagnetic attack • Arms race © Crown copyright 2013 Dstl 10 September 2014
  • 11. Types of System • Office-like • Radio Frequency • Constrained bandwidth • High latency • Platforms © Crown copyright 2013 Dstl 10 September 2014
  • 12. Platforms • Cyber Physical Systems • Tight coupling with Industry • Complex © Crown copyright 2013 Dstl 10 September 2014
  • 13. Coalition Working • Mission Networks • Allies – NATO – 5 eyes • Partners © Crown copyright 2013 Dstl 10 September 2014
  • 14. Nirvana • Respond to the problem before it propagates through the network, causing wider damage • Improved understanding of what is going on • Allows for human decision making when required • Works across the fixed and deployed spaces • Enables better defence in a coalition © Crown copyright 2013 Dstl 10 September 2014
  • 15. Technical Context © Crown Copyright Dstl 2011
  • 16. Cyber Defence • Cyberspace is essential to our operations • Adversaries will disrupt our systems • Our defensive response requires – elements of automation – human intervention © Crown copyright 2013 Dstl 10 September 2014
  • 17. The Problem • Concerning MOD systems – Reliance on cyberspace – Disruption from cyber attack – Speed, frequency, targeting, motivation – Sophisticated, distributed, stealthy – Unique threats (actors and environment) – Complex and dynamic © Crown copyright 2013 Dstl 10 September 2014
  • 18. Complexity & Connectivity © Crown copyright 2013 Dstl 10 September 2014
  • 19. The Context © Crown copyright 2013 Dstl 10 September 2014 • Research proposals • Proof-of-concept • Tools and techniques for: Planning automated responses to threats and attacks on our systems N.B. not the defensive tools themselves An automated or semi-automated capability to change systems in response to cyber events The Need
  • 20. Elements of the defence response © Crown copyright 2013 Dstl 10 September 2014 Collecting information Identifying the attack Analysing potential courses of action Responding
  • 21. The Solution scope – Permanent infrastructure and deployed systems – Different responses – Human intervention – Identify defensive actions, processes, contexts – Significant capability improvement © Crown copyright 2013 Dstl 10 September 2014
  • 22. Scope - Courses of Action © Crown copyright 2013 Dstl 10 September 2014 Observe - collecting situational awareness data Orient - analysis to determine actual and possible attacks Decide – determining/selecting courses of action Act - taking the appropriate action Collecting information Identifying the attack Analysing potential courses of action Responding
  • 23. Solution architecture constraints • Other elements already exist • Function and interfaces not well defined • Input / Output requirements on other elements © Crown copyright 2013 Dstl 10 September 2014 Collecting Identifying Courses of Action Responding
  • 24. Course of Action – input events • Predicted / Detected attacks • Attack sources • Early indicators • Attack patterns • Vulnerabilities • System configuration and management data • Data sources © Crown copyright 2013 Dstl 10 September 2014 Collecting Identifying Courses of Action Responding
  • 25. Course of Action - responses • Compartmentalisation and connectivity • Configuration changes i.e. firewalls • Routing • Access controls and lockdown status • Service availability • Attack signatures and patch levels • Alerts and warnings, staffing levels • Security operating procedures and controls © Crown copyright 2013 Dstl 10 September 2014 Collecting Identifying Courses of Action Responding
  • 26. Solution Architecture assumptions • Courses of Action element: – Define functions / operations / interfaces – Identify data required / provided – Identify data sources • Identify your assumptions • Identify metrics • Document test data & tests – data will not be provided by MOD © Crown copyright 2013 Dstl 10 September 2014 Collecting Identifying Courses of Action Responding
  • 27. Course of Action - metrics • For each response action we need metrics – Effective prioritisation – Response actions vs threat/attack – Automatic response vs manual intervention – Impact and risk assessment • Metrics themselves – Detailed definition and meaning – Value ranges – Use © Crown copyright 2013 Dstl 10 September 2014
  • 28. What we want • Novel and innovative approaches to developing courses of action • Final report • Proof of concept demonstration • A development plan beyond the initial proof-of- concept phase • Solutions that consider the breadth of MOD systems, end points, hosts etc © Crown copyright 2013 Dstl 10 September 2014
  • 29. What we don’t want • Technology watch or horizon scanning • Existing technology products and tools • Demonstrations of the same • Marginal improvements in capability • Paper based studies • Focus / emphasis on presentation layer • Fully formed User Interface © Crown copyright 2013 Dstl 10 September 2014
  • 30. Exploitation – towards phase 2 • Tool or toolset – component of a wider system • Open source, service oriented architecture • Specific implementation not decided • Comms, messaging, data flow through Enterprise Service Bus • Potential for collaboration with overseas partners © Crown copyright 2013 Dstl 10 September 2014
  • 31. Solution Architecture – phase 2 © Crown copyright 2013 Dstl 10 September 2014 Enterprise Service Bus Data Analysis and Action Course of Action Analyser Data Storage Data Presentation Attack / Incident Analysers Response Coordinator Data Source Connectors Course of Action View Course of Action Library and response status Effector Connectors Infrastructure Management Systems Infrastructure
  • 32. Conclusion © Crown Copyright Dstl 2011
  • 33. In conclusion • Opportunity! • Innovation • Demonstration • Focus – Automation – Course of action – Decision, not action © Crown copyright 2013 Dstl 10 September 2014
  • 34. Don’t Forget! • Your bid must be made via the CDE Portal – Emailed proposals will not be accepted – Don’t leave it until the last minute – the portal can only handle a limited number of concurrent sessions © Crown copyright 2013 Dstl 10 September 2014
  • 35. … and finally … • Dstl have committed up to £1 million of funding for the initial proof-of-concept demonstrators • No cap on the value of proposals – However more likely that a larger number of lower value proposals (e.g. up to £100,000) will be funded at this stage • Anticipated delivery within 6 months of being on contract (latest – March 2016) © Crown copyright 2013 Dstl 10 September 2014 Submissions via the CDE Portal by 1700 Thursday 23rd October 2014
  • 36. • Technical questions – cybersecuritycde@dstl.gov.uk • CDE questions – cde@dstl.gov.uk © Crown copyright 2013 Dstl 10 September 2014
  • 37. © Crown copyright 2013 Dstl 10 September 2014