Postcards from the edge cyber security risk management in an escalating threat environment
This presentation is the property of its rightful owner.
Sponsored Links
1 / 22

Postcards from the edge cyber-security risk management in an escalating threat environment PowerPoint PPT Presentation


  • 97 Views
  • Uploaded on
  • Presentation posted in: General

Postcards from the edge cyber-security risk management in an escalating threat environment. threats are escalating at a near exponential rates. Nothing short of game-change innovation can stem this rising tide Seems everything changes, everyday. Pharming > 50% of all PCs compromised

Download Presentation

Postcards from the edge cyber-security risk management in an escalating threat environment

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Postcards from the edge cyber security risk management in an escalating threat environment

Postcards from the edge cyber-security risk management in an escalating threat environment


Threats are escalating at a near exponential rates

threats are escalating at a near exponential rates

  • Nothing short of game-change innovation can stem this rising tide

  • Seems everything changes, everyday

  • Pharming

  • > 50% of all PCs compromised

  • Application Attacks

  • BotArmies/DDOS2

  • Organized Cyber-crime Ecosystem

  • Hacktivism

  • Cyber Terrorism

  • Phishing

  • Identity Theft

  • OS Hacking

  • BotNets/DDOS

  • Cyber Criminals

  • Script Kiddies


The us reaction has been weak without a civilian cyber czar named at present

the US reaction has been weak without a civilian “cyber-czar” named at present


The new cyber command is still very young and does not yet have a base of operations

the new Cyber Command is still very young and does not yet have a base of operations

Needs a good home


Postcards from the edge cyber security risk management in an escalating threat environment

Public awareness is largely absence driven by unconnected and one-off dramatic events. Many in the media lack a thorough understanding of the issues

“Estonia Sending Cyber Defense Experts to Georgia”

Network World


Postcards from the edge cyber security risk management in an escalating threat environment

most security technology providers have a narrow perspective of the cyber-security landscape


Postcards from the edge cyber security risk management in an escalating threat environment

Unfortunately the Reality of the cyber security landscape is somewhat larger


Summarizing the context

summarizing the context

  • Threats are escalating at an alarming rate

  • Public policy has generally failed us

  • Government action has been inadequate

  • Media/public is at best confused about cyber threats

  • Technology has provided little more than a band-aid

  • Many believe cyber-criminals have almost mystical powers


Postcards from the edge cyber security risk management in an escalating threat environment

Most Cyber-security conventional wisdom attempts to model our cyber defenses based on traditional defense in depth implementations

CalstenFortress c. 1600’s, Marstrand, Sweden


Changing the game

The digital warrior

Changing the game

A fundamental change in tactics

Principles of a Resilient cyber defense


1 it s too easy too be hard

1. It’s too easy too be hard!

Where:

  • 80%+ of all successful cyber-attacks exploit vulnerabilities in four categories; none require rocket science to fix

    • Input validation, poor coding technique – business logic, authentication and access control, device hardening – patching, secure baselines

  • Building in security is 60 times less expensive that bolting-on later

    • Up-level security in SDLC

      We must develop:

  • Strong vulnerability management program

  • Assessment and remediation of legacy code used in operating systems and applications

  • Assessment and remediation of web site vulnerabilities

    • This will continue to be the most sought-after attack vectors by criminals to host links to phishing and identity theft code.

  • Assessment and remediation third party code and widgets

    • An attractive attack vector

      • Demonstrated by the “Secret Crush” malware that posed as a Facebook widget to install itself on about 1 million PCs in late 2007 and early 2008


2 be a really good first responder

2. Be a really good first responder

Where:

  • Complex systems fail complexly, it is not possible to anticipate all the failure modes

  • Complexity provides both opportunity and hiding places for attackers

  • Damping out complexity is impossible when coupled with change, growth and innovation

  • Security failures are inevitable

    We Must Develop:

  • Robust incident management integrating all aspects of business (e.g. communications, development, legal)

  • Security SME throughout the SDLC

  • Deploy analytical tools to continually assess the security of development and the infrastructure

  • Provide security training to development and infrastructure teams


3 gracefully degrade

3. Gracefully degrade

If:

  • A successful attack is inevitable

    Then we must develop:

  • A thorough understanding of the business, key business assets and critical functionality

  • Define defensible perimeters

  • Expanded firewall and IPS footprint

  • Develop/understanding network choke-points

  • Bandwidth allocation

  • Dynamic re-configuration


3a diversity diversity diversity

3a. Diversity…Diversity…Diversity

Where:

  • You can’t live without it!

    • “Run from monoculture in the name of survivability” – Dan Geer

      We must develop:

  • Multiple tools for detection and analysis

  • Multiple mitigation methods

  • Segmentation for everything

  • New thinking – situational awareness – attack simulation…


4 treat the inside like the outside

4. Treat the inside like the outside

Where:

  • Every cyber criminal is our next door neighbor

  • We can never retreat to a safe neighborhood

    We must develop:

  • The ability to defend knowing the current threat profile, generally and specifically to us.

  • Encryption for everything moving in our networks

  • Defensive applications coding

    • More important than ever with 3rd party software


5 it s the data and the transactions

5. It’s the data and the transactions

Where:

  • Cyber criminals are attacking transaction streams

  • Transaction attacks are extremely difficult to detect

    We must develop:

  • Protect data

  • Protect the transactions

  • Employee exfiltration blocking


6 defense is guaranteed to be a losing strategy play offense whenever possible

6. Defense is guaranteed to be a losing strategy, play offense whenever possible

  • May be averting a crises, but not getting in front of the problem


7 innovate innovate innovate

7. Innovate…innovate…innovate

  • Innovating for impact

  • Incremental

  • Sustaining core and context

  • Radical


8 know what is happening know what happened

8. Know what is happening, know what happened

Where:

  • Attacks are becoming much more subtle

  • Attacks are using multiple channels


9 continuously adapt the strategy be agile

9. Continuously Adapt the strategy – Be agile

If you are not moving forward you are falling behind…status quo is unacceptable

Nothing is stable

Surprise is constant

We work at a permanent, structural disadvantage compared to our attackers


Success now and in the future we are vigilant and mindful to the potential perils

Success Now and in the Future:We Are Vigilant and Mindful to the Potential Perils


Remember 90 of the putts that are short don t go in

Remember – 90% of the putts that are short don’t go in.

Yogi Berra


  • Login