Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna


Published on

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Selex ES at Le Bourget 2013 Cyber Security Seminar-Alessandro Menna

  1. 1. Cyber DefenseAlessandro MennaCyber Security & Information AssuranceMonday 17th of June
  2. 2. Main customers in home marketsCyber Security &DefenseCustomsMinistry of InteriorsNational SecuritiesPostal servicesOther Public InstitutionsATC autohorityBanking / FinanceSMB and largeenterprisesCivil Protection /Emergency ServicesPublicAdministrationsMoDsTelecom Operators
  3. 3. Cyber Defense: a multidimensional issueUsersegmentsDoDs, NATO &EUOtherGovernment Dep.CriticalNationalInfrastructuresLarge andmediumEnterprisesDep. ofInteriors+-Complexity of cyber security issueinformationto protectClassifiedUnclassifiedUnclassifiedCyberdomainProtectIntelligenceExploitation
  4. 4. MissionTo be a leading worldwide player in the Cyber Defense sector and the trusted partnerto NATO, Italy Government, and UK Government.Grow further on the international market for Cyber Security for Government, Professional andEnterprise customers.IA ProfessionalServices(Security governance,certification, training)IA Products andsolutions for secureradiocommunications andnavigation Security Operation Center Services for cyber intelligence based on High Performance Computing platform Security Consulting, VA, Secure Architecture Integrated solution for lawful interception of IP and telephonic communications Information Assurance: new generation Crypto systems, EKMS, secure telephoneCyber Security, Defense Information AssuranceOur role in Cyber Security & DefenseCyber SecuritySolutionsManaged SecurityServices (SOC)Intelligence &Analysis
  5. 5. Competences and capabilitiesPhysicalNetworksForce ProtectionInfluenceProtectionPhysical ActivityComputerActivityElectromagneticSpectrumActivityInfluence ActivityLogicalNetworksNetworksPhysicalNetworksInfrastructureCyber User/ OrganizationForce ProtectionInfluenceProtectionAsset / Organization ProtectionIntelligenceProtectionWirelesse.g. Social NetworksProcesses, governace and asset risk analysisAccess control systems and intrution identificationInfrastructures for physical security monitoring and managementCyber Intelligence (e.g. massive data analytics; fraud prevention,analysis of massive social networks )MSSInfrastructures for securityOwn products, solutions fornetwork and data protection(e.g. MILS gateways; cryptos;network detection tool; TEM)Specialist support:Remediation, IRT, malwareanalysis, computer forensics,consultancyLawful interceptionsystems;Spectrum monitoring,protection andjamming systemsSecure navigationsystemsSecure radiocommunications
  6. 6. Routesto MarketA flexible Business ModelConsultancy& Security assessmentSystem / product designand integrationService Provision(outsourced security)Training and otherancillary servicesPlanDesignImplementManage &TLCMSupportSystem /productdevelopmentlifecycleCertification Security project lifecycle Business ModelsMarketsegmentOffering modelOtherGovernmentDep. CriticalNationalInfrastructuresDep. ofDefense, NATOEnterprises- +“Managed service”orientationStandalonesolutions andproductsHybrid solutionsSolutions +co-sourcingFull outsourced securityservices / standalonesecurity servicesConsulting, Engineering support, TLCMCustomerPartnersPlatformintegratorsSELEX1232
  7. 7. Discovery Phase Remediation DesignRemediationImplementationAnalysis&ReportOur approach to the discoveryof vulnerabilities and remediationRealtime Security Monitoring & InvestigationICT Infrastructure Analysis andnetwork probes positioningSecurityAssessmentInterviewRapid, real-time incident response intervention available 24/7
  8. 8. DetectUnderstandDefine aremediationstrategyImplement theStrategyPrevention plan• Monitoring all the traffic on the networkin order di identify the malwarecommunications, its propagation andthe enemys command and controlactivities• Monitoring all executable file on all thehost (clients and servers) of the ITSystem in order to identify when anunknow program is running• Collecting all the alerts from thenetwork/hosts in a SIEM (SecurityInformation and Event Management,in order to create a real time situationawareness picture• Merging this picture with the Dynamicrisk management system, assetinventory System and Cyber-Intelligence information•• Defining the best stategy based on aDecision Support System• Using an host-based agent whichruns on each host in the IT Systemand that is able to remove amalware instantly from all the hosts• Changing configurations on theprevention tools (firewall, proxy,...) and adding new rules on thenerwork monitoring systemNetworkThreatDetectorTrustedExecutionMonitorThreatLabSecurityOperationCenterFighting against cyber threats
  9. 9. Analysis of Massive Social Networks:• Social network information evolution;• Social dynamics;• Computer threat propagation.Massive Data Analytics:• Business Analysis;• Anomaly Detection;• Information Security trends andforecasts;• Knowledge discovery.Network Analysis for Intelligence andSurveillances:• Information collection and analysis;• Pattern Identification• Anomaly detectionCyber Intelligence highlights
  10. 10. Security Operation Centre (SOC)to monitor and react fastand properly to IT incidentSecurityOperation CenterUtilize cyberintelligenceservices to stayahead of thehackerscommunity