SlideShare a Scribd company logo

Wiki Page  Chapter 10 AwarenessWikis for Learning and Collaborat.docx

Download as DOCX, PDF
H
helzerpatrina

Wiki Page  Chapter 10 Awareness Wikis for Learning and Collaboration A wiki is a collaborative web site that collects and organizes content, created and revised by its users. The most well-known example is Wikipedia. Wikis are a way to grow a knowledge base around a particular content area, be it best practices in a particular field or how to use a specific piece of hardware/software. A hallmark of Web 2.0 is that it improves as more people use it and this approach underlies wiki-based learning. It is based on the idea that within any enterprise, a great deal of knowledge exists among the members. Sharing this knowledge and information can raise the organization’s intelligence level, be it a university, an association, a corporation or club. Describe how situational awareness is a driver for detection and response controls.   Conduct your own research and post a short relevant summary of your findings. ( Post current information, not older than five years ). Use not more than three (3) references. You must provide AT LEAST 2 substantive comments on other student's views. 1 Copyright © 2012, Elsevier Inc. All Rights Reserved Chapter 10 Awareness Cyber Attacks Protecting National Infrastructure, 1st ed. 2 • Situational awareness is the real-time understanding within an organization of its security risk posture • Awareness of security posture requires consideration of the following – Known vulnerabilities – Security infrastructure – Network and computing architecture – Business environment – Global threats – Hardware and software profiles Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s Introduction 3 Fig. 10.1 – Optimal period of system usage for cyber security Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s 4 • Factoring in all elements of situational awareness should create an overview of current security risk • Descriptors such as high, medium, and low are too vague to be helpful • Security risk levels should be linked with actionable items Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s Introduction 5 Fig. 10.2 – Rough dashboard estimate of cyber security posture Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s 6 Fig. 10.3 – Security posture changes based on activity and response Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s 7 Detecting Infrastructure Attacks • No security task is more difficult and complex than the detection of an ongoing attack • Many tools for detecting attack, yet none comprehensive or foolproof • Determination of risk level is a fluid process Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s 8 Fig. 10.4 – Attack confidence changes based on events Copyright © 2012, Elsevi ...

Education
1 of 22
Wiki Page Chapter 10 Awareness Wikis for Learning and Collaboration A wiki is a collaborative web site that collects and organizes content, created and revised by its users. The most well-known example is Wikipedia. Wikis are a way to grow a knowledge base around a particular content area, be it best practices in a particular field or how to use a specific piece of hardware/software. A hallmark of Web 2.0 is that it improves as more people use it and this approach underlies wiki-based learning. It is based on the idea that within any enterprise, a great deal of knowledge exists among the members. Sharing this knowledge and information can raise the organization’s intelligence level, be it a university, an association, a corporation or club. Describe how situational awareness is a driver for detection and response controls. Conduct your own research and post a short relevant summary of your findings. ( Post current information, not older than five years ). Use not more than three (3) references. You must provide AT LEAST 2 substantive comments on other student's views. 1 Copyright © 2012, Elsevier Inc. All Rights Reserved Chapter 10 Awareness
Cyber Attacks Protecting National Infrastructure, 1st ed. 2 • Situational awareness is the real-time understanding within an organization of its security risk posture • Awareness of security posture requires consideration of the following – Known vulnerabilities – Security infrastructure – Network and computing architecture – Business environment – Global threats – Hardware and software profiles Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1
0 – A w a re n e s s Introduction 3 Fig. 10.1 – Optimal period of system usage for cyber security Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 –
A w a re n e s s 4 • Factoring in all elements of situational awareness should create an overview of current security risk • Descriptors such as high, medium, and low are too vague to be helpful • Security risk levels should be linked with actionable items Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1
0 – A w a re n e s s Introduction 5 Fig. 10.2 – Rough dashboard estimate of cyber security posture Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 –
A w a re n e s s 6 Fig. 10.3 – Security posture changes based on activity and response Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w
a re n e s s 7 Detecting Infrastructure Attacks • No security task is more difficult and complex than the detection of an ongoing attack • Many tools for detecting attack, yet none comprehensive or foolproof • Determination of risk level is a fluid process Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 –
A w a re n e s s 8 Fig. 10.4 – Attack confidence changes based on events Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a
re n e s s 9 Managing Vulnerability Information • Situational awareness for national infrastructure protection requires a degree of attention to daily trivia around vulnerability information • Practical heuristics for managing vulnerability information – Structured collection – Worst case assumptions – Nondefinitive conclusions – Connection to all sources Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te
r 1 0 – A w a re n e s s 10 Fig. 10.5 – Vulnerability management structure Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 –
A w a re n e s s 11 Managing Vulnerability Information • Three basic rules for managers – Always assume adversary knows as much or more about your infrastructure – Assume the adversary is always keeping vulnerability- related secrets from you – Never assume you know everything relevant to the security of your infrastructure Copyright © 2012, Elsevier Inc. All rights Reserved C h a
p te r 1 0 – A w a re n e s s 12 Cyber Security Intelligence Reports • Daily cyber security intelligence reports are standard in government agencies • They would be useful in enterprise settings • A cyber security intelligence report would include – Current security posture – Top and new security risks – Automated metrics
– Human interpretation Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s 13 Cyber Security Intelligence Reports • Tasks for creating a cyber security intelligence report – Intelligence gathering
– Interpretation and publication – Dissemination and archiving Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s 14 Fig. 10.6 – Cyber security intelligence report creation and dissemination
Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s 15 Risk Management Process • Security risks must be tracked and prioritized • Generally agreed upon approach to measuring risk associated with specific components begins with two estimations
– Liklihood – Consequences • Actual numeric value of risk less important than overall relative risk • A useful construct compares security risk against cost of recommended action Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s
16 Fig. 10.7 – Risk versus cost decision path structure Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s 17 Risk Management Process
• Increasing risks likely incur increased costs • Summary of management considerations – Maintaining a prioritized list of security risks – Justifying all decisions Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s 18
Security Operations Centers • The security operations center (SOC) is the most visible realization of real-time security situational awareness • Most SOC designs begin with centralized model – a facility tied closely to operation • A global dispersal of SOC resources is an around-the- clock real-time analysis of security threats Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s
s 19 Fig. 10.8 – Security operations center (SOC) high-level design Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s
20 • A national-level view of security posture will require consideration of the following – Commercial versus government information – Information classification – Agency politics – SOC responsibility Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s
National Awareness Program

Recommended

1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docxaulasnilda
 
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data SecurityCareer Communications Group
 
Cs cmaster
Cs cmasterCs cmaster
Cs cmasterHafid CHEBRAOUI
 
Protecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud SecurityProtecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud SecurityInnoTech
 
Retail security-services--client-presentation
Retail security-services--client-presentationRetail security-services--client-presentation
Retail security-services--client-presentationJoseph Schorr
 
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security ChallengesInfosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security ChallengesSkybox Security
 
Unit 3 DiscussionIdentification & Cost Estimation            T.docx
Unit 3 DiscussionIdentification & Cost Estimation            T.docxUnit 3 DiscussionIdentification & Cost Estimation            T.docx
Unit 3 DiscussionIdentification & Cost Estimation            T.docxouldparis
 
Sit in a common area and observe. This may be in your office, a co.docx
Sit in a common area and observe. This may be in your office, a co.docxSit in a common area and observe. This may be in your office, a co.docx
Sit in a common area and observe. This may be in your office, a co.docxjennifer822
 

Recommended

1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docxaulasnilda
 
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data SecurityCareer Communications Group
 
Cs cmaster
Cs cmasterCs cmaster
Cs cmasterHafid CHEBRAOUI
 
Protecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud SecurityProtecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud SecurityInnoTech
 
Retail security-services--client-presentation
Retail security-services--client-presentationRetail security-services--client-presentation
Retail security-services--client-presentationJoseph Schorr
 
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security ChallengesInfosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security ChallengesSkybox Security
 
Unit 3 DiscussionIdentification & Cost Estimation            T.docx
Unit 3 DiscussionIdentification & Cost Estimation            T.docxUnit 3 DiscussionIdentification & Cost Estimation            T.docx
Unit 3 DiscussionIdentification & Cost Estimation            T.docxouldparis
 
Sit in a common area and observe. This may be in your office, a co.docx
Sit in a common area and observe. This may be in your office, a co.docxSit in a common area and observe. This may be in your office, a co.docx
Sit in a common area and observe. This may be in your office, a co.docxjennifer822
 
Cyber Warfare e scenari di mercato
Cyber Warfare e scenari di mercatoCyber Warfare e scenari di mercato
Cyber Warfare e scenari di mercatoHP Enterprise Italia
 
11Copyright © 2012, Elsevier Inc. All Rights Reserved
11Copyright © 2012, Elsevier Inc. All Rights Reserved11Copyright © 2012, Elsevier Inc. All Rights Reserved
11Copyright © 2012, Elsevier Inc. All Rights ReservedMargenePurnell14
 
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docxaulasnilda
 
SuperSec Bank-Cybersecurity Department-t
SuperSec Bank-Cybersecurity Department-tSuperSec Bank-Cybersecurity Department-t
SuperSec Bank-Cybersecurity Department-tittiitti00
 
Application Hackers Have A Handbook. Why Shouldn't You?
Application Hackers Have A Handbook. Why Shouldn't You?Application Hackers Have A Handbook. Why Shouldn't You?
Application Hackers Have A Handbook. Why Shouldn't You?London School of Cyber Security
 
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docxRAJU852744
 
Best practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSBest practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSAmazon Web Services
 
Conduct a research and provide a brief comments to this Wiki pag.docx
Conduct a research and provide a brief comments to this Wiki pag.docxConduct a research and provide a brief comments to this Wiki pag.docx
Conduct a research and provide a brief comments to this Wiki pag.docxpatricke8
 
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docxherminaprocter
 
Yaksas CSC - Vulnerability Assessment & Penetration Testing
Yaksas CSC - Vulnerability Assessment & Penetration Testing Yaksas CSC - Vulnerability Assessment & Penetration Testing
Yaksas CSC - Vulnerability Assessment & Penetration Testing Uday Mittal
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032PECB
 
How to Use the NIST CSF to Recover from a Healthcare Breach
How to Use the NIST CSF to Recover from a Healthcare Breach How to Use the NIST CSF to Recover from a Healthcare Breach
How to Use the NIST CSF to Recover from a Healthcare Breach Symantec
 
Cyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor uploadCyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor uploadsavassociates1
 
Weakest links of an organization's Cybersecurity chain
Weakest links of an organization's Cybersecurity chainWeakest links of an organization's Cybersecurity chain
Weakest links of an organization's Cybersecurity chainSanjay Chadha, CPA, CA
 
The Importance of Consolidating Your Infrastructure Security – by United Secu...
The Importance of Consolidating Your Infrastructure Security – by United Secu...The Importance of Consolidating Your Infrastructure Security – by United Secu...
The Importance of Consolidating Your Infrastructure Security – by United Secu...United Security Providers AG
 
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...robbiesamuel
 
Towards Quantification of Cyber Risk
Towards Quantification of Cyber RiskTowards Quantification of Cyber Risk
Towards Quantification of Cyber RiskKirstjen Nielsen
 
Cyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldCyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldSafeNet
 
Cisco_eBook_ShiftLeftSecurity_2022_06_07a.pdf
Cisco_eBook_ShiftLeftSecurity_2022_06_07a.pdfCisco_eBook_ShiftLeftSecurity_2022_06_07a.pdf
Cisco_eBook_ShiftLeftSecurity_2022_06_07a.pdfNathanDjami
 
What CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityWhat CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityPhil Agcaoili
 
Most patients with mental health disorders are not aggressive. H.docx
Most patients with mental health disorders are not aggressive. H.docxMost patients with mental health disorders are not aggressive. H.docx
Most patients with mental health disorders are not aggressive. H.docxhelzerpatrina
 
MotivationExplain your motivation for applying to this prog.docx
MotivationExplain your motivation for applying to this prog.docxMotivationExplain your motivation for applying to this prog.docx
MotivationExplain your motivation for applying to this prog.docxhelzerpatrina
 

More Related Content

Similar to Wiki Page  Chapter 10 AwarenessWikis for Learning and Collaborat.docx

Cyber Warfare e scenari di mercato
Cyber Warfare e scenari di mercatoCyber Warfare e scenari di mercato
Cyber Warfare e scenari di mercatoHP Enterprise Italia
 
11Copyright © 2012, Elsevier Inc. All Rights Reserved
11Copyright © 2012, Elsevier Inc. All Rights Reserved11Copyright © 2012, Elsevier Inc. All Rights Reserved
11Copyright © 2012, Elsevier Inc. All Rights ReservedMargenePurnell14
 
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docxaulasnilda
 
SuperSec Bank-Cybersecurity Department-t
SuperSec Bank-Cybersecurity Department-tSuperSec Bank-Cybersecurity Department-t
SuperSec Bank-Cybersecurity Department-tittiitti00
 
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docxRAJU852744
 
Best practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSBest practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSAmazon Web Services
 
Conduct a research and provide a brief comments to this Wiki pag.docx
Conduct a research and provide a brief comments to this Wiki pag.docxConduct a research and provide a brief comments to this Wiki pag.docx
Conduct a research and provide a brief comments to this Wiki pag.docxpatricke8
 
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docxherminaprocter
 
Yaksas CSC - Vulnerability Assessment & Penetration Testing
Yaksas CSC - Vulnerability Assessment & Penetration Testing Yaksas CSC - Vulnerability Assessment & Penetration Testing
Yaksas CSC - Vulnerability Assessment & Penetration Testing Uday Mittal
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032PECB
 
How to Use the NIST CSF to Recover from a Healthcare Breach
How to Use the NIST CSF to Recover from a Healthcare Breach How to Use the NIST CSF to Recover from a Healthcare Breach
How to Use the NIST CSF to Recover from a Healthcare Breach Symantec
 
Cyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor uploadCyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor uploadsavassociates1
 
Weakest links of an organization's Cybersecurity chain
Weakest links of an organization's Cybersecurity chainWeakest links of an organization's Cybersecurity chain
Weakest links of an organization's Cybersecurity chainSanjay Chadha, CPA, CA
 
The Importance of Consolidating Your Infrastructure Security – by United Secu...
The Importance of Consolidating Your Infrastructure Security – by United Secu...The Importance of Consolidating Your Infrastructure Security – by United Secu...
The Importance of Consolidating Your Infrastructure Security – by United Secu...United Security Providers AG
 
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...robbiesamuel
 
Towards Quantification of Cyber Risk
Towards Quantification of Cyber RiskTowards Quantification of Cyber Risk
Towards Quantification of Cyber RiskKirstjen Nielsen
 
Cyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldCyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldSafeNet
 
Cisco_eBook_ShiftLeftSecurity_2022_06_07a.pdf
Cisco_eBook_ShiftLeftSecurity_2022_06_07a.pdfCisco_eBook_ShiftLeftSecurity_2022_06_07a.pdf
Cisco_eBook_ShiftLeftSecurity_2022_06_07a.pdfNathanDjami
 
What CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityWhat CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityPhil Agcaoili
 

Similar to Wiki Page  Chapter 10 AwarenessWikis for Learning and Collaborat.docx (20)

Cyber Warfare e scenari di mercato
Cyber Warfare e scenari di mercatoCyber Warfare e scenari di mercato
Cyber Warfare e scenari di mercato
 
11Copyright © 2012, Elsevier Inc. All Rights Reserved
11Copyright © 2012, Elsevier Inc. All Rights Reserved11Copyright © 2012, Elsevier Inc. All Rights Reserved
11Copyright © 2012, Elsevier Inc. All Rights Reserved
 
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
 
SuperSec Bank-Cybersecurity Department-t
SuperSec Bank-Cybersecurity Department-tSuperSec Bank-Cybersecurity Department-t
SuperSec Bank-Cybersecurity Department-t
 
Application Hackers Have A Handbook. Why Shouldn't You?
Application Hackers Have A Handbook. Why Shouldn't You?Application Hackers Have A Handbook. Why Shouldn't You?
Application Hackers Have A Handbook. Why Shouldn't You?
 
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
 
Best practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSBest practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWS
 
Conduct a research and provide a brief comments to this Wiki pag.docx
Conduct a research and provide a brief comments to this Wiki pag.docxConduct a research and provide a brief comments to this Wiki pag.docx
Conduct a research and provide a brief comments to this Wiki pag.docx
 
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
 
Yaksas CSC - Vulnerability Assessment & Penetration Testing
Yaksas CSC - Vulnerability Assessment & Penetration Testing Yaksas CSC - Vulnerability Assessment & Penetration Testing
Yaksas CSC - Vulnerability Assessment & Penetration Testing
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032
 
How to Use the NIST CSF to Recover from a Healthcare Breach
How to Use the NIST CSF to Recover from a Healthcare Breach How to Use the NIST CSF to Recover from a Healthcare Breach
How to Use the NIST CSF to Recover from a Healthcare Breach
 
Cyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor uploadCyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor upload
 
Weakest links of an organization's Cybersecurity chain
Weakest links of an organization's Cybersecurity chainWeakest links of an organization's Cybersecurity chain
Weakest links of an organization's Cybersecurity chain
 
The Importance of Consolidating Your Infrastructure Security – by United Secu...
The Importance of Consolidating Your Infrastructure Security – by United Secu...The Importance of Consolidating Your Infrastructure Security – by United Secu...
The Importance of Consolidating Your Infrastructure Security – by United Secu...
 
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
 
Towards Quantification of Cyber Risk
Towards Quantification of Cyber RiskTowards Quantification of Cyber Risk
Towards Quantification of Cyber Risk
 
Cyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldCyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative World
 
Cisco_eBook_ShiftLeftSecurity_2022_06_07a.pdf
Cisco_eBook_ShiftLeftSecurity_2022_06_07a.pdfCisco_eBook_ShiftLeftSecurity_2022_06_07a.pdf
Cisco_eBook_ShiftLeftSecurity_2022_06_07a.pdf
 
What CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityWhat CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber Security
 

More from helzerpatrina

Most patients with mental health disorders are not aggressive. H.docx
Most patients with mental health disorders are not aggressive. H.docxMost patients with mental health disorders are not aggressive. H.docx
Most patients with mental health disorders are not aggressive. H.docxhelzerpatrina
 
MotivationExplain your motivation for applying to this prog.docx
MotivationExplain your motivation for applying to this prog.docxMotivationExplain your motivation for applying to this prog.docx
MotivationExplain your motivation for applying to this prog.docxhelzerpatrina
 
Most public policy is made from within government agencies. Select a.docx
Most public policy is made from within government agencies. Select a.docxMost public policy is made from within government agencies. Select a.docx
Most public policy is made from within government agencies. Select a.docxhelzerpatrina
 
Mr. Smith brings his 4-year-old son to your primary care office. He .docx
Mr. Smith brings his 4-year-old son to your primary care office. He .docxMr. Smith brings his 4-year-old son to your primary care office. He .docx
Mr. Smith brings his 4-year-old son to your primary care office. He .docxhelzerpatrina
 
Mrs. Walsh, a woman in her 70s, was in critical condition after rep.docx
Mrs. Walsh, a woman in her 70s, was in critical condition after rep.docxMrs. Walsh, a woman in her 70s, was in critical condition after rep.docx
Mrs. Walsh, a woman in her 70s, was in critical condition after rep.docxhelzerpatrina
 
Much has been made of the new Web 2.0 phenomenon, including social n.docx
Much has been made of the new Web 2.0 phenomenon, including social n.docxMuch has been made of the new Web 2.0 phenomenon, including social n.docx
Much has been made of the new Web 2.0 phenomenon, including social n.docxhelzerpatrina
 
MSN 5550 Health Promotion Prevention of Disease Case Study Module 2.docx
MSN 5550 Health Promotion Prevention of Disease Case Study Module 2.docxMSN 5550 Health Promotion Prevention of Disease Case Study Module 2.docx
MSN 5550 Health Promotion Prevention of Disease Case Study Module 2.docxhelzerpatrina
 
MSEL Strategy Mid-term Instructions Miguel Rivera-SantosFormat.docx
MSEL Strategy Mid-term Instructions Miguel Rivera-SantosFormat.docxMSEL Strategy Mid-term Instructions Miguel Rivera-SantosFormat.docx
MSEL Strategy Mid-term Instructions Miguel Rivera-SantosFormat.docxhelzerpatrina
 
Much of the focus in network security centers upon measures in preve.docx
Much of the focus in network security centers upon measures in preve.docxMuch of the focus in network security centers upon measures in preve.docx
Much of the focus in network security centers upon measures in preve.docxhelzerpatrina
 
Mt. Baker Hazards Hazard Rating Score High silic.docx
Mt. Baker Hazards Hazard Rating Score High silic.docxMt. Baker Hazards Hazard Rating Score High silic.docx
Mt. Baker Hazards Hazard Rating Score High silic.docxhelzerpatrina
 
Motivation and Cognitive FactorsQuestion AAlfred Hit.docx
Motivation and Cognitive FactorsQuestion AAlfred Hit.docxMotivation and Cognitive FactorsQuestion AAlfred Hit.docx
Motivation and Cognitive FactorsQuestion AAlfred Hit.docxhelzerpatrina
 
Motivation in OrganizationsMotivation i.docx
Motivation in OrganizationsMotivation i.docxMotivation in OrganizationsMotivation i.docx
Motivation in OrganizationsMotivation i.docxhelzerpatrina
 
Motivations to Support Charity-Linked Events After Exposure to.docx
Motivations to Support Charity-Linked Events After Exposure to.docxMotivations to Support Charity-Linked Events After Exposure to.docx
Motivations to Support Charity-Linked Events After Exposure to.docxhelzerpatrina
 
Mrs. Walsh, a woman in her 70s, was in critical condition after.docx
Mrs. Walsh, a woman in her 70s, was in critical condition after.docxMrs. Walsh, a woman in her 70s, was in critical condition after.docx
Mrs. Walsh, a woman in her 70s, was in critical condition after.docxhelzerpatrina
 
MOVIE TITLE IS LIAR LIAR starring JIM CARREYProvide the name o.docx
MOVIE TITLE IS LIAR LIAR starring JIM CARREYProvide the name o.docxMOVIE TITLE IS LIAR LIAR starring JIM CARREYProvide the name o.docx
MOVIE TITLE IS LIAR LIAR starring JIM CARREYProvide the name o.docxhelzerpatrina
 
mple selection, and assignment to groups (as applicable). Describe.docx
mple selection, and assignment to groups (as applicable). Describe.docxmple selection, and assignment to groups (as applicable). Describe.docx
mple selection, and assignment to groups (as applicable). Describe.docxhelzerpatrina
 
More and more businesses have integrated social media into every asp.docx
More and more businesses have integrated social media into every asp.docxMore and more businesses have integrated social media into every asp.docx
More and more businesses have integrated social media into every asp.docxhelzerpatrina
 
Module Five Directions for the ComparisonContrast EssayWrite a.docx
Module Five Directions for the ComparisonContrast EssayWrite a.docxModule Five Directions for the ComparisonContrast EssayWrite a.docx
Module Five Directions for the ComparisonContrast EssayWrite a.docxhelzerpatrina
 
Monica asked that we meet to see if I could help to reduce the d.docx
Monica asked that we meet to see if I could help to reduce the d.docxMonica asked that we meet to see if I could help to reduce the d.docx
Monica asked that we meet to see if I could help to reduce the d.docxhelzerpatrina
 
Module 6 AssignmentPlease list and describe four types of Cy.docx
Module 6 AssignmentPlease list and describe four types of Cy.docxModule 6 AssignmentPlease list and describe four types of Cy.docx
Module 6 AssignmentPlease list and describe four types of Cy.docxhelzerpatrina
 

More from helzerpatrina (20)

Most patients with mental health disorders are not aggressive. H.docx
Most patients with mental health disorders are not aggressive. H.docxMost patients with mental health disorders are not aggressive. H.docx
Most patients with mental health disorders are not aggressive. H.docx
 
MotivationExplain your motivation for applying to this prog.docx
MotivationExplain your motivation for applying to this prog.docxMotivationExplain your motivation for applying to this prog.docx
MotivationExplain your motivation for applying to this prog.docx
 
Most public policy is made from within government agencies. Select a.docx
Most public policy is made from within government agencies. Select a.docxMost public policy is made from within government agencies. Select a.docx
Most public policy is made from within government agencies. Select a.docx
 
Mr. Smith brings his 4-year-old son to your primary care office. He .docx
Mr. Smith brings his 4-year-old son to your primary care office. He .docxMr. Smith brings his 4-year-old son to your primary care office. He .docx
Mr. Smith brings his 4-year-old son to your primary care office. He .docx
 
Mrs. Walsh, a woman in her 70s, was in critical condition after rep.docx
Mrs. Walsh, a woman in her 70s, was in critical condition after rep.docxMrs. Walsh, a woman in her 70s, was in critical condition after rep.docx
Mrs. Walsh, a woman in her 70s, was in critical condition after rep.docx
 
Much has been made of the new Web 2.0 phenomenon, including social n.docx
Much has been made of the new Web 2.0 phenomenon, including social n.docxMuch has been made of the new Web 2.0 phenomenon, including social n.docx
Much has been made of the new Web 2.0 phenomenon, including social n.docx
 
MSN 5550 Health Promotion Prevention of Disease Case Study Module 2.docx
MSN 5550 Health Promotion Prevention of Disease Case Study Module 2.docxMSN 5550 Health Promotion Prevention of Disease Case Study Module 2.docx
MSN 5550 Health Promotion Prevention of Disease Case Study Module 2.docx
 
MSEL Strategy Mid-term Instructions Miguel Rivera-SantosFormat.docx
MSEL Strategy Mid-term Instructions Miguel Rivera-SantosFormat.docxMSEL Strategy Mid-term Instructions Miguel Rivera-SantosFormat.docx
MSEL Strategy Mid-term Instructions Miguel Rivera-SantosFormat.docx
 
Much of the focus in network security centers upon measures in preve.docx
Much of the focus in network security centers upon measures in preve.docxMuch of the focus in network security centers upon measures in preve.docx
Much of the focus in network security centers upon measures in preve.docx
 
Mt. Baker Hazards Hazard Rating Score High silic.docx
Mt. Baker Hazards Hazard Rating Score High silic.docxMt. Baker Hazards Hazard Rating Score High silic.docx
Mt. Baker Hazards Hazard Rating Score High silic.docx
 
Motivation and Cognitive FactorsQuestion AAlfred Hit.docx
Motivation and Cognitive FactorsQuestion AAlfred Hit.docxMotivation and Cognitive FactorsQuestion AAlfred Hit.docx
Motivation and Cognitive FactorsQuestion AAlfred Hit.docx
 
Motivation in OrganizationsMotivation i.docx
Motivation in OrganizationsMotivation i.docxMotivation in OrganizationsMotivation i.docx
Motivation in OrganizationsMotivation i.docx
 
Motivations to Support Charity-Linked Events After Exposure to.docx
Motivations to Support Charity-Linked Events After Exposure to.docxMotivations to Support Charity-Linked Events After Exposure to.docx
Motivations to Support Charity-Linked Events After Exposure to.docx
 
Mrs. Walsh, a woman in her 70s, was in critical condition after.docx
Mrs. Walsh, a woman in her 70s, was in critical condition after.docxMrs. Walsh, a woman in her 70s, was in critical condition after.docx
Mrs. Walsh, a woman in her 70s, was in critical condition after.docx
 
MOVIE TITLE IS LIAR LIAR starring JIM CARREYProvide the name o.docx
MOVIE TITLE IS LIAR LIAR starring JIM CARREYProvide the name o.docxMOVIE TITLE IS LIAR LIAR starring JIM CARREYProvide the name o.docx
MOVIE TITLE IS LIAR LIAR starring JIM CARREYProvide the name o.docx
 
mple selection, and assignment to groups (as applicable). Describe.docx
mple selection, and assignment to groups (as applicable). Describe.docxmple selection, and assignment to groups (as applicable). Describe.docx
mple selection, and assignment to groups (as applicable). Describe.docx
 
More and more businesses have integrated social media into every asp.docx
More and more businesses have integrated social media into every asp.docxMore and more businesses have integrated social media into every asp.docx
More and more businesses have integrated social media into every asp.docx
 
Module Five Directions for the ComparisonContrast EssayWrite a.docx
Module Five Directions for the ComparisonContrast EssayWrite a.docxModule Five Directions for the ComparisonContrast EssayWrite a.docx
Module Five Directions for the ComparisonContrast EssayWrite a.docx
 
Monica asked that we meet to see if I could help to reduce the d.docx
Monica asked that we meet to see if I could help to reduce the d.docxMonica asked that we meet to see if I could help to reduce the d.docx
Monica asked that we meet to see if I could help to reduce the d.docx
 
Module 6 AssignmentPlease list and describe four types of Cy.docx
Module 6 AssignmentPlease list and describe four types of Cy.docxModule 6 AssignmentPlease list and describe four types of Cy.docx
Module 6 AssignmentPlease list and describe four types of Cy.docx
 

Recently uploaded

Application of Matrices in real life. Presentation on application of matrices
Application of Matrices in real life. Presentation on application of matricesApplication of Matrices in real life. Presentation on application of matrices
Application of Matrices in real life. Presentation on application of matricesRased Khan
 
An Overview of the Odoo 17 Discuss App.pptx
An Overview of the Odoo 17 Discuss App.pptxAn Overview of the Odoo 17 Discuss App.pptx
An Overview of the Odoo 17 Discuss App.pptxCeline George
 
The basics of sentences session 4pptx.pptx
The basics of sentences session 4pptx.pptxThe basics of sentences session 4pptx.pptx
The basics of sentences session 4pptx.pptxheathfieldcps1
 
The Last Leaf, a short story by O. Henry
The Last Leaf, a short story by O. HenryThe Last Leaf, a short story by O. Henry
The Last Leaf, a short story by O. HenryEugene Lysak
 
Matatag-Curriculum and the 21st Century Skills Presentation.pptx
Matatag-Curriculum and the 21st Century Skills Presentation.pptxMatatag-Curriculum and the 21st Century Skills Presentation.pptx
Matatag-Curriculum and the 21st Century Skills Presentation.pptxJenilouCasareno
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaasiemaillard
 
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...Sayali Powar
 
Salient features of Environment protection Act 1986.pptx
Salient features of Environment protection Act 1986.pptxSalient features of Environment protection Act 1986.pptx
Salient features of Environment protection Act 1986.pptxakshayaramakrishnan21
 
Morse OER Some Benefits and Challenges.pptx
Morse OER Some Benefits and Challenges.pptxMorse OER Some Benefits and Challenges.pptx
Morse OER Some Benefits and Challenges.pptxjmorse8
 
The Art Pastor's Guide to Sabbath | Steve Thomason
The Art Pastor's Guide to Sabbath | Steve ThomasonThe Art Pastor's Guide to Sabbath | Steve Thomason
The Art Pastor's Guide to Sabbath | Steve ThomasonSteve Thomason
 
slides CapTechTalks Webinar May 2024 Alexander Perry.pptx
slides CapTechTalks Webinar May 2024 Alexander Perry.pptxslides CapTechTalks Webinar May 2024 Alexander Perry.pptx
slides CapTechTalks Webinar May 2024 Alexander Perry.pptxCapitolTechU
 
How to Manage Notification Preferences in the Odoo 17
How to Manage Notification Preferences in the Odoo 17How to Manage Notification Preferences in the Odoo 17
How to Manage Notification Preferences in the Odoo 17Celine George
 
[GDSC YCCE] Build with AI Online Presentation
[GDSC YCCE] Build with AI Online Presentation[GDSC YCCE] Build with AI Online Presentation
[GDSC YCCE] Build with AI Online PresentationGDSCYCCE
 
IATP How-to Foreign Travel May 2024.pdff
IATP How-to Foreign Travel May 2024.pdffIATP How-to Foreign Travel May 2024.pdff
IATP How-to Foreign Travel May 2024.pdff17thcssbs2
 
Danh sách HSG Bộ môn cấp trường - Cấp THPT.pdf
Danh sách HSG Bộ môn cấp trường - Cấp THPT.pdfDanh sách HSG Bộ môn cấp trường - Cấp THPT.pdf
Danh sách HSG Bộ môn cấp trường - Cấp THPT.pdfQucHHunhnh
 
Dementia (Alzheimer & vasular dementia).
Dementia (Alzheimer & vasular dementia).Dementia (Alzheimer & vasular dementia).
Dementia (Alzheimer & vasular dementia).Mohamed Rizk Khodair
 
2024_Student Session 2_ Set Plan Preparation.pptx
2024_Student Session 2_ Set Plan Preparation.pptx2024_Student Session 2_ Set Plan Preparation.pptx
2024_Student Session 2_ Set Plan Preparation.pptxmansk2
 

Recently uploaded (20)

Application of Matrices in real life. Presentation on application of matrices
Application of Matrices in real life. Presentation on application of matricesApplication of Matrices in real life. Presentation on application of matrices
Application of Matrices in real life. Presentation on application of matrices
 
An Overview of the Odoo 17 Discuss App.pptx
An Overview of the Odoo 17 Discuss App.pptxAn Overview of the Odoo 17 Discuss App.pptx
An Overview of the Odoo 17 Discuss App.pptx
 
The basics of sentences session 4pptx.pptx
The basics of sentences session 4pptx.pptxThe basics of sentences session 4pptx.pptx
The basics of sentences session 4pptx.pptx
 
The Last Leaf, a short story by O. Henry
The Last Leaf, a short story by O. HenryThe Last Leaf, a short story by O. Henry
The Last Leaf, a short story by O. Henry
 
Matatag-Curriculum and the 21st Century Skills Presentation.pptx
Matatag-Curriculum and the 21st Century Skills Presentation.pptxMatatag-Curriculum and the 21st Century Skills Presentation.pptx
Matatag-Curriculum and the 21st Century Skills Presentation.pptx
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
 
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
 
Salient features of Environment protection Act 1986.pptx
Salient features of Environment protection Act 1986.pptxSalient features of Environment protection Act 1986.pptx
Salient features of Environment protection Act 1986.pptx
 
“O BEIJO” EM ARTE .
“O BEIJO” EM ARTE .“O BEIJO” EM ARTE .
“O BEIJO” EM ARTE .
 
Morse OER Some Benefits and Challenges.pptx
Morse OER Some Benefits and Challenges.pptxMorse OER Some Benefits and Challenges.pptx
Morse OER Some Benefits and Challenges.pptx
 
The Art Pastor's Guide to Sabbath | Steve Thomason
The Art Pastor's Guide to Sabbath | Steve ThomasonThe Art Pastor's Guide to Sabbath | Steve Thomason
The Art Pastor's Guide to Sabbath | Steve Thomason
 
slides CapTechTalks Webinar May 2024 Alexander Perry.pptx
slides CapTechTalks Webinar May 2024 Alexander Perry.pptxslides CapTechTalks Webinar May 2024 Alexander Perry.pptx
slides CapTechTalks Webinar May 2024 Alexander Perry.pptx
 
Word Stress rules esl .pptx
Word Stress rules esl .pptxWord Stress rules esl .pptx
Word Stress rules esl .pptx
 
NCERT Solutions Power Sharing Class 10 Notes pdf
NCERT Solutions Power Sharing Class 10 Notes pdfNCERT Solutions Power Sharing Class 10 Notes pdf
NCERT Solutions Power Sharing Class 10 Notes pdf
 
How to Manage Notification Preferences in the Odoo 17
How to Manage Notification Preferences in the Odoo 17How to Manage Notification Preferences in the Odoo 17
How to Manage Notification Preferences in the Odoo 17
 
[GDSC YCCE] Build with AI Online Presentation
[GDSC YCCE] Build with AI Online Presentation[GDSC YCCE] Build with AI Online Presentation
[GDSC YCCE] Build with AI Online Presentation
 
IATP How-to Foreign Travel May 2024.pdff
IATP How-to Foreign Travel May 2024.pdffIATP How-to Foreign Travel May 2024.pdff
IATP How-to Foreign Travel May 2024.pdff
 
Danh sách HSG Bộ môn cấp trường - Cấp THPT.pdf
Danh sách HSG Bộ môn cấp trường - Cấp THPT.pdfDanh sách HSG Bộ môn cấp trường - Cấp THPT.pdf
Danh sách HSG Bộ môn cấp trường - Cấp THPT.pdf
 
Dementia (Alzheimer & vasular dementia).
Dementia (Alzheimer & vasular dementia).Dementia (Alzheimer & vasular dementia).
Dementia (Alzheimer & vasular dementia).
 
2024_Student Session 2_ Set Plan Preparation.pptx
2024_Student Session 2_ Set Plan Preparation.pptx2024_Student Session 2_ Set Plan Preparation.pptx
2024_Student Session 2_ Set Plan Preparation.pptx
 

Wiki Page  Chapter 10 AwarenessWikis for Learning and Collaborat.docx

  • 1. Wiki Page Chapter 10 Awareness Wikis for Learning and Collaboration A wiki is a collaborative web site that collects and organizes content, created and revised by its users. The most well-known example is Wikipedia. Wikis are a way to grow a knowledge base around a particular content area, be it best practices in a particular field or how to use a specific piece of hardware/software. A hallmark of Web 2.0 is that it improves as more people use it and this approach underlies wiki-based learning. It is based on the idea that within any enterprise, a great deal of knowledge exists among the members. Sharing this knowledge and information can raise the organization’s intelligence level, be it a university, an association, a corporation or club. Describe how situational awareness is a driver for detection and response controls. Conduct your own research and post a short relevant summary of your findings. ( Post current information, not older than five years ). Use not more than three (3) references. You must provide AT LEAST 2 substantive comments on other student's views. 1 Copyright © 2012, Elsevier Inc. All Rights Reserved Chapter 10 Awareness
  • 2. Cyber Attacks Protecting National Infrastructure, 1st ed. 2 • Situational awareness is the real-time understanding within an organization of its security risk posture • Awareness of security posture requires consideration of the following – Known vulnerabilities – Security infrastructure – Network and computing architecture – Business environment – Global threats – Hardware and software profiles Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1
  • 3. 0 – A w a re n e s s Introduction 3 Fig. 10.1 – Optimal period of system usage for cyber security Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 –
  • 4. A w a re n e s s 4 • Factoring in all elements of situational awareness should create an overview of current security risk • Descriptors such as high, medium, and low are too vague to be helpful • Security risk levels should be linked with actionable items Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1
  • 5. 0 – A w a re n e s s Introduction 5 Fig. 10.2 – Rough dashboard estimate of cyber security posture Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 –
  • 6. A w a re n e s s 6 Fig. 10.3 – Security posture changes based on activity and response Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w
  • 7. a re n e s s 7 Detecting Infrastructure Attacks • No security task is more difficult and complex than the detection of an ongoing attack • Many tools for detecting attack, yet none comprehensive or foolproof • Determination of risk level is a fluid process Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 –
  • 8. A w a re n e s s 8 Fig. 10.4 – Attack confidence changes based on events Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a
  • 9. re n e s s 9 Managing Vulnerability Information • Situational awareness for national infrastructure protection requires a degree of attention to daily trivia around vulnerability information • Practical heuristics for managing vulnerability information – Structured collection – Worst case assumptions – Nondefinitive conclusions – Connection to all sources Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te
  • 10. r 1 0 – A w a re n e s s 10 Fig. 10.5 – Vulnerability management structure Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 –
  • 11. A w a re n e s s 11 Managing Vulnerability Information • Three basic rules for managers – Always assume adversary knows as much or more about your infrastructure – Assume the adversary is always keeping vulnerability- related secrets from you – Never assume you know everything relevant to the security of your infrastructure Copyright © 2012, Elsevier Inc. All rights Reserved C h a
  • 12. p te r 1 0 – A w a re n e s s 12 Cyber Security Intelligence Reports • Daily cyber security intelligence reports are standard in government agencies • They would be useful in enterprise settings • A cyber security intelligence report would include – Current security posture – Top and new security risks – Automated metrics
  • 13. – Human interpretation Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s 13 Cyber Security Intelligence Reports • Tasks for creating a cyber security intelligence report – Intelligence gathering
  • 14. – Interpretation and publication – Dissemination and archiving Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s 14 Fig. 10.6 – Cyber security intelligence report creation and dissemination
  • 15. Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s 15 Risk Management Process • Security risks must be tracked and prioritized • Generally agreed upon approach to measuring risk associated with specific components begins with two estimations
  • 16. – Liklihood – Consequences • Actual numeric value of risk less important than overall relative risk • A useful construct compares security risk against cost of recommended action Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s
  • 17. 16 Fig. 10.7 – Risk versus cost decision path structure Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s 17 Risk Management Process
  • 18. • Increasing risks likely incur increased costs • Summary of management considerations – Maintaining a prioritized list of security risks – Justifying all decisions Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s 18
  • 19. Security Operations Centers • The security operations center (SOC) is the most visible realization of real-time security situational awareness • Most SOC designs begin with centralized model – a facility tied closely to operation • A global dispersal of SOC resources is an around-the- clock real-time analysis of security threats Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s
  • 20. s 19 Fig. 10.8 – Security operations center (SOC) high-level design Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s
  • 21. 20 • A national-level view of security posture will require consideration of the following – Commercial versus government information – Information classification – Agency politics – SOC responsibility Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 0 – A w a re n e s s