1 / 17

Cyber Security: Threats and Needed Actions

Cyber Security: Threats and Needed Actions. John M. Gilligan www.gilligangroupinc.com Research Board September 17, 2009. Topics. Historical Perspectives Cyber Security Threats--A National Crisis White House Cyber Security Policy Review Near Term Opportunities Ongoing Efforts

hamal
Télécharger la présentation

Cyber Security: Threats and Needed Actions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cyber Security: Threats and Needed Actions John M. Gilligan www.gilligangroupinc.com Research Board September 17, 2009

  2. Topics • Historical Perspectives • Cyber Security Threats--A National Crisis • White House Cyber Security Policy Review • Near Term Opportunities • Ongoing Efforts • Longer term Needs • Closing Thoughts

  3. Historical Perspectives • Internet, software industry, (personal) computers—rooted in creativity not engineering • Security in the Cold War Era • Security “Gurus”—Keepers of the Kingdom • The World Wide Web changes the security landscape-- forever • Post Cold War: The Age of Information Sharing Legacy of the past is now our “Achilles Heel”

  4. Cyber Security Threats Today--A New “Ball Game” • Our way of life depends on a reliable cyberspace • Intellectual property is being downloaded at an alarming rate • Cyberspace is now a warfare domain • Attacks increasing at an exponential rate (e.g. Conficker) • Fundamental network and system vulnerabilities cannot be fixed quickly • Entire industries exist to “Band Aid” over engineering and operational weaknesses • Industry impacts can be profound (e.g., Heartland) Cyber Security is a National Security Crisis!

  5. Heartland Payment SystemsDisclosure of intrusions--Jan 20, 2009

  6. Obama Cyberspace Policy Review—“60 Day Review” • The Nation is at a crossroads • Cyberspace risks pose some of most serious challenges to economic and national security • Need to begin national dialogue on cybersecurity • Solutions must involve partnership with private sector and international engagement • White House must lead the way

  7. Recommended Near-Term Actions • Appoint White House Cybersecurity official and supporting organization • Prepare updated national strategy • Designate cybersecurity as Presidential priority • Initiate public awareness campaign and strengthen international partnerships • New policies regarding roles/responsibilities • Prepare cyber incident response plan • Develop research plan and vision for identity management On hold pending appointment of White House Cyber Czar

  8. Government Actions • Comprehensive National Cyber Initiative (CNCI) • Department of Homeland Security Reorganization • Smart Grid Cyber Security Initiative • (Some) Public-Private Partnerships • Defense Industrial Base (DIB) • Other special relationships • (Many) Legislative Proposals

  9. An Effective Public-Private Partnership: 20 Critical Controls for Effective Cyber Defense* • Underlying Rationale • Let “Offense drive Defense” • Focus on most critical areas • CAG: Twenty security controls based on attack patterns • Government and Private Sector consensus • Emphasis on auditable controls and automated implementation/enforcement • Pilots and standards for tools ongoing * Also called the “Consensus Audit Guidelines” or “CAG” (http://www.sans.org/cag/)

  10. Longer-Term Actions: IT Reliably Enabling Business • Change the dialogue: Reliable, resilient IT is fundamental to future National Security and Economic Growth • New business model for software industry • First step—self certified, locked-down configurations • Longer term—software with reliability warranties • Redesign the Internet to provide reliable attribution, increased security • Get the “man out of the loop”—use automated tools (e.g., SCAP) • Foster new IT services models • Assume insecure environment • Increased use of virtualization • Secure “cloud” • Develop professional cyberspace workforce Need to Fundamentally “Change the Game” to Make Progress

  11. Closing Thoughts • Government and Industry need to treat cyber security as an urgent priority • Near-term actions important but need to fundamentally change the game to get ahead of the growing threat • IT community needs to reorient the dialogue on cyber security—the objective is reliable and resilient information • As an example, Cyber Security in DoD is more mature—but still woefully inadequate Cyber Security is Fundamentally a Leadership Issue!

  12. Contact Information jgilligan@gilligangroupinc.com www.gilligangroupinc.com John M. Gilligan

  13. Security Content Automation Protocol (SCAP) • What is it: A set of open standards that allows for the monitoring, positive control, and reporting of security posture of every device in a network. • How is it implemented: Commercial products implement SCAP protocols to exchange and enforce configuration, security policy, and vulnerability information. • Where is it going: Extensions in development to address software design weaknesses, attack patterns, and malware attributes. SCAP Enables Automated Tools To Implement And Enforce Secure Operations

  14. Top 20 Cyber Attacks and Related Control(not in priority order)

  15. Top 20 Cyber Attacks and Related Control (Continued)(not in priority order)

  16. Top 20 Cyber Attacks and Related Control (Continued)(not in priority order)

  17. Top 20 Cyber Attacks and Related Control (Continued)(not in priority order)

More Related