Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

SBA Live Academy: Cyber Resilience - Failure is not an option by Simon Tjoa

78 views

Published on

Target Group: Anyone interested in resilience and cyber security
Focus: organizational
Talk language: English

Abstract
*********
"Cyber Resilience – Failure is not an option"

This lecture is dedicated to the topic of cyber-resilience and presents the basics and the differentiation from cyber-security as well as current standards and best practices.

About the Speaker:
*********************
Simon Tjoa is professor at St. Pölten University of Applied Sciences and has worked for 15 years in the information security domain. He is the academic director of the master programs Information Security and Applied Research and Innovation in Computer Science. Before joining St. Pölten University of Applied Sciences, he worked as security consultant and research at various organizations.
He received his doctoral degree in informatics from University of Vienna. His research interests include critical infrastructure protection, digital forensics, cyber resilience and business process security. He is program committee and organizing committee member of several security related international workshops and conferences.
Furthermore, he currently serves as secretary of IEEE SMC Austria Chapter and holds professional security certifications such as AMBCI, CISA or CISM.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

SBA Live Academy: Cyber Resilience - Failure is not an option by Simon Tjoa

  1. 1. ▪ FAILURE IS NOT AN OPTION
  2. 2. ▪ Cyber Resilience is essential to tackle upcoming challenges and requires a shift in the mindset
  3. 3. WHY
  4. 4. MOTIVATION
  5. 5. MOTIVATION
  6. 6. ▪ MOTIVATION
  7. 7. ▪ MOTIVATION
  8. 8. MOTIVATION Time to identify and contain a breach 279 days* * IBM – Cost of data breach 2019
  9. 9. ▪ CYBER SECURITY vs. CYBER RESILIENCE
  10. 10. JUST SELLING OLD WINE IN NEW SKINS
  11. 11. BUZZWORD?
  12. 12. ▪ MINDSET ASSUME BREACH
  13. 13. ▪ MINDSET
  14. 14. RESILIENCE IS NOT ISO 27001 Wikimedia:Ploetz+ZellerISO27001Zertifikat2019StandortDortmund
  15. 15. RESILIENCE IS NOT CIA Wikimedia: John Manuel
  16. 16. RESILIENCE IS MORE
  17. 17. IS IT COMPLETELY NEW?
  18. 18. HOW
  19. 19. ANTICIPATE WITHSTAND RECOVER ADAPT NIST SP 800 - 160 Vol. 2
  20. 20. ▪ OBJECTIVES
  21. 21. ▪ OBJECTIVES AVOID & PREVENT
  22. 22. ▪ OBJECTIVES AVOID & PREVENT PREPARE
  23. 23. ▪ OBJECTIVES AVOID & PREVENT PREPARE CONTINUE
  24. 24. ▪ OBJECTIVES AVOID & PREVENT PREPARE CONTINUE CONSTRAIN
  25. 25. ▪ OBJECTIVES RECONSTITUTE AVOID & PREVENT PREPARE CONTINUE CONSTRAIN
  26. 26. ▪ OBJECTIVES RECONSTITUTE UNDERSTAND AVOID & PREVENT PREPARE CONTINUE CONSTRAIN
  27. 27. ▪ OBJECTIVES RECONSTITUTE UNDERSTAND TRANSFORM AVOID & PREVENT PREPARE CONTINUE CONSTRAIN
  28. 28. ▪ OBJECTIVES RECONSTITUTE UNDERSTAND TRANSFORM RE-ARCHITECT AVOID & PREVENT PREPARE CONTINUE CONSTRAIN
  29. 29. ▪ OBJECTIVES RECONSTITUTE UNDERSTAND TRANSFORM RE-ARCHITECT AVOID & PREVENT PREPARE CONTINUE CONSTRAIN
  30. 30. TECHNIQUES
  31. 31. ▪ TECHNIQUES
  32. 32. ▪ TECHNIQUES ADAPTIVE RESPONSE
  33. 33. Dynamic Reconfiguration Dynamic Resource Allocation Adaptive Management
  34. 34. ▪ TECHNIQUES ADAPTIVE RESPONSE ANALYTIC MONITORING
  35. 35. Monitoring and Damage Assessment Sensor Fusion and Analysis Forensic and Behavioral Analysis
  36. 36. ▪ TECHNIQUES ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION
  37. 37. Consistency Analysis Orchestration Self-Challenge Calibrated Defense-in-Depth
  38. 38. ▪ TECHNIQUES ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS
  39. 39. Dynamic Resource Awareness Dynamic Threat Awareness Mission Dependency & Status Visualization
  40. 40. ▪ TECHNIQUES DECEPTION ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS
  41. 41. Obfuscation Disinformation Misdirection
  42. 42. ▪ TECHNIQUES DECEPTION DIVERSITY ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS
  43. 43. Synthetic Diversity Information Diversity Supply Chain Diversity Architectural Diversity Design Diversity
  44. 44. ▪ TECHNIQUES DECEPTION DIVERSITY DYNAMIC POSITIONING ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS
  45. 45. Asset Mobility Fragmentation Distributed Functionality Functional Relocation of Sensor Functional Relocation of Cyber Resources
  46. 46. ▪ TECHNIQUES DECEPTION DIVERSITY DYNAMIC POSITIONING NON- PERSISTENCE ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS
  47. 47. Non-Persistent Information Non-Persistent Services Non-Persistent Connectivity
  48. 48. ▪ TECHNIQUES DECEPTION DIVERSITY DYNAMIC POSITIONING NON- PERSISTENCE PRIVILEGE RESTRICTION ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS
  49. 49. Trust-Based Privilege Management Attribute-Based Usage Restriction Dynamic Privileges
  50. 50. ▪ TECHNIQUES DECEPTION DIVERSITY DYNAMIC POSITIONING NON- PERSISTENCE PRIVILEGE RESTRICTION REALIGNMENT ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS
  51. 51. Restriction Replacement Specialization Purposing Offloading
  52. 52. ▪ TECHNIQUES DECEPTION DIVERSITY DYNAMIC POSITIONING NON- PERSISTENCE PRIVILEGE RESTRICTION REALIGNMENT REDUNDANCY ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS
  53. 53. Protected Backup and Restore Surplus Capacity
  54. 54. ▪ TECHNIQUES DECEPTION DIVERSITY DYNAMIC POSITIONING NON- PERSISTENCE PRIVILEGE RESTRICTION REALIGNMENT REDUNDANCY SEGMENTATION ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS
  55. 55. Predefined Segmentation Dynamic Segmentation and Isolation
  56. 56. ▪ TECHNIQUES SUBSTANTIATED INTEGRITY DECEPTION DIVERSITY DYNAMIC POSITIONING NON- PERSISTENCE PRIVILEGE RESTRICTION REALIGNMENT REDUNDANCY SEGMENTATION ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS
  57. 57. Integrity Checks Provenance Tracking Behavior Validation
  58. 58. ▪ TECHNIQUES SUBSTANTIATED INTEGRITY UNPREDICT- ABILITY DECEPTION DIVERSITY DYNAMIC POSITIONING NON- PERSISTENCE PRIVILEGE RESTRICTION REALIGNMENT REDUNDANCY SEGMENTATION ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS
  59. 59. Temporal Unpredictability Contextual Unpredictability
  60. 60. ▪ TECHNIQUES SUBSTANTIATED INTEGRITY UNPREDICT- ABILITY DECEPTION DIVERSITY DYNAMIC POSITIONING NON- PERSISTENCE PRIVILEGE RESTRICTION REALIGNMENT REDUNDANCY SEGMENTATION ADAPTIVE RESPONSE ANALYTIC MONITORING COORDINATED PROTECTION CONTEXTUAL AWARENESS
  61. 61. ▪ EXAMPLES
  62. 62. ▪ EXAMPLES ▪ NETFLIX CHAOS MONKEY https://github.com/Netflix/SimianArmy https://github.com/Netflix/chaosmonkey
  63. 63. ▪ EXAMPLES ▪ BEYOND CORP
  64. 64. ▪ EXAMPLES ▪ HONEYPOTS / HONEYTOKEN
  65. 65. ▪ CHALLENGES
  66. 66. ARTIFICAL INTELLIGENCE
  67. 67. Interested to learn more … http://fhstp.ac.at/mcr
  68. 68. THANK YOU FOR YOUR ATTENTION Cyber Resilience is essential to tackle upcoming challenges and requires a shift in the mindset FH-Prof. Mag. Dr. Simon Tjoa simon.tjoa@fhstp.ac.at

×