SBA Live Academy: Cyber Resilience - Failure is not an option by Simon Tjoa

1. ▪ FAILURE IS NOT AN OPTION

2. ▪ Cyber Resilience is essential to tackle upcoming challenges and requires a shift in the mindset

3. WHY

4. MOTIVATION

5. MOTIVATION

6. ▪ MOTIVATION

7. ▪ MOTIVATION

8. MOTIVATION Time to identify and contain a breach 279 days* * IBM – Cost of data breach 2019

9. ▪ CYBER SECURITY vs. CYBER RESILIENCE

10. JUST SELLING OLD WINE IN NEW SKINS

11. BUZZWORD?

12. ▪ MINDSET ASSUME BREACH

13. ▪ MINDSET

14. RESILIENCE IS NOT ISO 27001 Wikimedia:Ploetz+ZellerISO27001Zertifikat2019StandortDortmund

15. RESILIENCE IS NOT CIA Wikimedia: John Manuel

16. RESILIENCE IS MORE

17. IS IT COMPLETELY NEW?

18. HOW

19. ANTICIPATE WITHSTAND RECOVER ADAPT NIST SP 800 - 160 Vol. 2

20. ▪ OBJECTIVES

21. ▪ OBJECTIVES AVOID & PREVENT

22. ▪ OBJECTIVES AVOID & PREVENT PREPARE

23. ▪ OBJECTIVES AVOID & PREVENT PREPARE CONTINUE

24. ▪ OBJECTIVES AVOID & PREVENT PREPARE CONTINUE CONSTRAIN

25. ▪ OBJECTIVES RECONSTITUTE AVOID & PREVENT PREPARE CONTINUE CONSTRAIN

26. ▪ OBJECTIVES RECONSTITUTE UNDERSTAND AVOID & PREVENT PREPARE CONTINUE CONSTRAIN

27. ▪ OBJECTIVES RECONSTITUTE UNDERSTAND TRANSFORM AVOID & PREVENT PREPARE CONTINUE CONSTRAIN

28. ▪ OBJECTIVES RECONSTITUTE UNDERSTAND TRANSFORM RE-ARCHITECT AVOID & PREVENT PREPARE CONTINUE CONSTRAIN

29. ▪ OBJECTIVES RECONSTITUTE UNDERSTAND TRANSFORM RE-ARCHITECT AVOID & PREVENT PREPARE CONTINUE CONSTRAIN

30. TECHNIQUES

31. ▪ TECHNIQUES

32. ▪ TECHNIQUES ADAPTIVE RESPONSE

33. Dynamic Reconfiguration Dynamic Resource Allocation Adaptive Management

34. ▪ TECHNIQUES ADAPTIVE RESPONSE ANALYTIC MONITORING

35. Monitoring and Damage Assessment Sensor Fusion and Analysis Forensic and Behavioral Analysis

36. ▪ TECHNIQUES ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION

37. Consistency Analysis Orchestration Self-Challenge Calibrated Defense-in-Depth

38. ▪ TECHNIQUES ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS

39. Dynamic Resource Awareness Dynamic Threat Awareness Mission Dependency & Status Visualization

40. ▪ TECHNIQUES DECEPTION ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS

41. Obfuscation Disinformation Misdirection

42. ▪ TECHNIQUES DECEPTION DIVERSITY ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS

43. Synthetic Diversity Information Diversity Supply Chain Diversity Architectural Diversity Design Diversity

44. ▪ TECHNIQUES DECEPTION DIVERSITY DYNAMIC POSITIONING ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS

45. Asset Mobility Fragmentation Distributed Functionality Functional Relocation of Sensor Functional Relocation of Cyber Resources

46. ▪ TECHNIQUES DECEPTION DIVERSITY DYNAMIC POSITIONING NON- PERSISTENCE ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS

47. Non-Persistent Information Non-Persistent Services Non-Persistent Connectivity

48. ▪ TECHNIQUES DECEPTION DIVERSITY DYNAMIC POSITIONING NON- PERSISTENCE PRIVILEGE RESTRICTION ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS

49. Trust-Based Privilege Management Attribute-Based Usage Restriction Dynamic Privileges

50. ▪ TECHNIQUES DECEPTION DIVERSITY DYNAMIC POSITIONING NON- PERSISTENCE PRIVILEGE RESTRICTION REALIGNMENT ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS

51. Restriction Replacement Specialization Purposing Offloading

52. ▪ TECHNIQUES DECEPTION DIVERSITY DYNAMIC POSITIONING NON- PERSISTENCE PRIVILEGE RESTRICTION REALIGNMENT REDUNDANCY ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS

53. Protected Backup and Restore Surplus Capacity

54. ▪ TECHNIQUES DECEPTION DIVERSITY DYNAMIC POSITIONING NON- PERSISTENCE PRIVILEGE RESTRICTION REALIGNMENT REDUNDANCY SEGMENTATION ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS

55. Predefined Segmentation Dynamic Segmentation and Isolation

56. ▪ TECHNIQUES SUBSTANTIATED INTEGRITY DECEPTION DIVERSITY DYNAMIC POSITIONING NON- PERSISTENCE PRIVILEGE RESTRICTION REALIGNMENT REDUNDANCY SEGMENTATION ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS

57. Integrity Checks Provenance Tracking Behavior Validation

58. ▪ TECHNIQUES SUBSTANTIATED INTEGRITY UNPREDICT- ABILITY DECEPTION DIVERSITY DYNAMIC POSITIONING NON- PERSISTENCE PRIVILEGE RESTRICTION REALIGNMENT REDUNDANCY SEGMENTATION ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS

59. Temporal Unpredictability Contextual Unpredictability

60. ▪ TECHNIQUES SUBSTANTIATED INTEGRITY UNPREDICT- ABILITY DECEPTION DIVERSITY DYNAMIC POSITIONING NON- PERSISTENCE PRIVILEGE RESTRICTION REALIGNMENT REDUNDANCY SEGMENTATION ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS

61. ▪ EXAMPLES

62. ▪ EXAMPLES ▪ NETFLIX CHAOS MONKEY https://github.com/Netflix/SimianArmy https://github.com/Netflix/chaosmonkey

63. ▪ EXAMPLES ▪ BEYOND CORP

64. ▪ EXAMPLES ▪ HONEYPOTS / HONEYTOKEN

65. ▪ CHALLENGES

66. ARTIFICAL INTELLIGENCE

67. Interested to learn more … http://fhstp.ac.at/mcr

68. THANK YOU FOR YOUR ATTENTION Cyber Resilience is essential to tackle upcoming challenges and requires a shift in the mindset FH-Prof. Mag. Dr. Simon Tjoa simon.tjoa@fhstp.ac.at

SBA Live Academy: Cyber Resilience - Failure is not an option by Simon Tjoa

SBA Live Academy: Cyber Resilience - Failure is not an option by Simon Tjoa

Recommended

More Related Content

More from SBA Research

More from SBA Research(18)

Recently uploaded

Recently uploaded(20)

SBA Live Academy: Cyber Resilience - Failure is not an option by Simon Tjoa