measuring the performance and effectiveness of critical
play

Measuring the Performance and Effectiveness of Critical security - PowerPoint PPT Presentation

Dec 03, 2023 •287 likes •759 views

Measuring the Performance and Effectiveness of Critical security controls William Makatiani Name Here About Serianu Limited Serianu is a Pan Africa based Cyber Security and business consulting firm. We are an award winning company in the

  1. Measuring the Performance and Effectiveness of Critical security controls William Makatiani Name Here

  2. About Serianu Limited Serianu is a Pan Africa based Cyber Security and business consulting firm. We are an award winning company in the African Cybersecurity sector that helps our customers collect, protect, and analyze critical business information. Our Partnerships • Paladion Networks - Mumbai, India • Liquid Telecom - Africa • Global Honeynet Project – Kenyan chapter founding members • USIU-Africa – Research and Data Analysis Partner

  3. Serianu Cyber-Threat Command Centre (SC3) 24/7 Cyber Security Command Centre

  4. Africa Cyber Immersion Centre

  5. Top 10 Cyber security Priorities for 2018

  8. Objectives  Introduce the inherent risk profiling methodology and approach  Introduce the top critical cyber security controls and metrics measurement approach  Discuss testing the Effectiveness of Critical Cyber Resilience and Visibility Controls  Discuss how metrics can be used to facilitate decision making and improve performance and accountability.  Discuss how to develop metrics that are quantifiable, observable, and objective data supporting metrics.  Discuss how organisations can use metrics to apply corrective actions and improve performance.  Discuss how metrics can be packaged and delivered to different stakeholders - senior management and board members

  9. Content Topic 1: Introduction to Cyber Security metrics and Performance Measurement approach Topic 2: Developing and Implementing monitoring use cases and scenarios Topic 3: Breach scenario analysis Topic 4: Cyber security visibility statements

  10. Content Topic 1: Introduction to Cyber Security metrics and Effectiveness Monitoring Topic 2: Developing and Implementing monitoring use cases and scenarios Topic 3: Breach scenario analysis Topic 4: Cyber security visibility statements

  11. Cyber Security Metrics and Performance  Metrics are designed to facilitate decision making and improve performance and accountability through collection, analysis, and reporting of relevant performance-related data.  Its important to understand the environment you are operating in i.e banking, Insurance, Academia etc. This involves understanding the:  Top Risks  Controls for mitigating these risks  Testing of these controls

  12. Cyber Security Metrics and Performance  Metrics are designed to facilitate decision making and improve performance and accountability through collection, analysis, and reporting of relevant performance-related data.  Its important to understand the environment you are operating. This involves understanding the:  Top Risks and Inherent risks  Controls for mitigating these risks  Testing of these controls

  13. Cyber Security Metrics and Performance  These process enables institutions identify their risks and determine their cybersecurity maturity. The approach provides a repeatable process to measure preparedness over time.

  14. Cyber Security Metrics and Monitoring  Various frameworks provide guidelines for assessing security posture and the frequency of these assessment namely:  ISO 27001  PCIDSS  NIST  CBK Guidelines  Africa Cyber Security Framework (ACSF)

  15. Measuring cyber security performance and effectiveness  Three step approach:  Inherent Risk Profiling – Semi-Annual  Benchmarking and Maturing Assessment - Annual  Visibility and Resilience Monitoring - Periodical  Incident Trending and Reporting - Continuous

  16. Inherent Risk Profiling Cybersecurity inherent risk is the level of risk posed to the institution by • the following: • Technologies and Connection Types • Delivery Channels • Online/Mobile Products and Technology Services • Organizational Characteristics • External Threats

  17. Inherent Risk Profiling • Inherent risk incorporates the type, volume, and complexity of the institution’s operations and threats directed at the institution. Inherent risk does not include mitigating controls. • The Inherent Risk Profile includes descriptions of activities across risk categories with definitions for the least to most levels of inherent risk. • The profile helps management determine exposure to risk that the institution’s activities, services, and products individually and collectively pose to the institution.

  18. Inherent Risk Profiling and Monitoring Category Sub-Category Data Point Least Minimal Moderate Significant Most Technology Technologies and Total number of Internet service provider (ISP) No connections Minimal Complexity (1-20 Moderate Complexity (21-100 Significant Complexity (101- Substantial Complexity (>200 Connection Types connections (including branch connections) Connections) Connections) 200 Connections) Connections) Technology Technologies and Unsecured external connections, number of None Few instances of unsecured Several instances of Significant instances of Substantial instances of Connection Types connections not users (e.g., file transfer protocol connections (1–5) unsecured connections (6–10) unsecured connections (11– unsecured connections (>25) (FTP), Telnet, rlogin) 25) Processes Organizational Mergers and acquisitions (including divestitures and None planned Open to initiating discussions In discussions with at least 1 A sale or acquisition has been Multiple ongoing integrations Characteristics joint ventures) or actively seeking a merger party publicly announced within the of acquisitions are in process or acquisition past year, in negotiations with 1 or more parties People Organizational Direct employees (including information technology Number of employees Number of employees totals Number of employees totals Number of employees totals Number of employees is Characteristics and cybersecurity contractors) totals <50 50– 2,000 2,001–10,000 10,001–50,000 >50,000 Processes Organizational Changes in IT environment (e.g., network, Stable IT environment Infrequent or minimal Frequent adoption of new Volume of significant changes Substantial change in Characteristics infrastructure, critical applications, technologies changes in the IT technologies is high outsourced provider(s) of supporting new products or services) environment critical IT services; large and complex changes to the environment occur frequently Processes Organizational Locations of branches/business presence 1 state 1 region 1 country 1-20 countries >20 countries Characteristics Processes Organizational Locations of operations/data centers 1 state 1 region 1 country 1-20 countries >10 countries Characteristics Technology External Threats Attempted cyber attacks No attempted attacks Few attempts monthly Several attempts monthly Significant number of Substantial number of or reconnaissance (<100); may have had generic (100– 500); phishing attempts monthly (501– attempts monthly (>100,000); phishing campaigns received campaigns targeting 100,000); spear phishing persistent attempts to attack by employees and customers employees or customers at campaigns targeting high net senior management and/or the institution or third parties worth customers and network administrators; supporting critical activities; employees at the institution frequently targeted for DDoS may have experienced an or third parties supporting attacks attempted Distributed Denial critical activities; Institution of Service (DDoS) attack specifically is named in threat within the last year reports; may have experienced multiple attempted DDoS attacks within the last year

  19. Benchmarking and Maturing Assessment  Designed to help management measure the institution’s level of risk and corresponding controls. The levels range from baseline to innovative.  Cybersecurity Maturity includes statements to determine whether an institution’s behaviors, practices, and processes can support cybersecurity preparedness within the following four domains:  Anticipate Risk – Cyber Risk management  Detect Vulnerabilities – Cyber Vulnerability Management  Respond to Incidents – Cyber Incident Management  Contain Threats – Cyber Threat Management

  20. Cyber security Benchmarking and Maturity Framework Cybersecurity Cybersecurity Cybersecurity Cyberthreat Risk Vulnerability Incident Management Management Management Management Risk Vulnerability Management Cyber risk Management Remediation Event Detection People & Culture Information Patch Sharing Management Response and Infrastructure Mitigation Management Metrics and Reporting External Access & Data Dependency Management Monitoring Threat Continuous Intelligence Improvement Third Party Management

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Describing is good: measuring is better. A new means of measuring the effectiveness of networks

Describing is good: measuring is better. A new means of measuring the effectiveness of networks

Describing is good: measuring is better. A new means of measuring the effectiveness of networks and simultaneously strengthening their function 9 th September 2015 Claire Grealy (Urbis) Gail Winkworth &amp; Michael White Known dimensions of

422 views • 16 slides
Measuring Program Effectiveness: Hewson J, Lackeyram D, Lissemore K. Transforming Program

Measuring Program Effectiveness: Hewson J, Lackeyram D, Lissemore K. Transforming Program

Measuring Program Effectiveness: Hewson J, Lackeyram D, Lissemore K. Transforming Program Learning Outcomes Ontario Veterinary College, University of Guelph (PLOs) into a practical measurement tool Measuring Program Effectiveness:

563 views • 8 slides
Measuring for Effectiveness When Nobody is Looking M A N A GE M E N T I N FO R M A T I O N S Y

Measuring for Effectiveness When Nobody is Looking M A N A GE M E N T I N FO R M A T I O N S Y

Measuring for Effectiveness When Nobody is Looking M A N A GE M E N T I N FO R M A T I O N S Y S T E M S : A V I T A L T O O L FO R S U PPO R T I N G H E A L T H CA R E A N D S O CI A L S E R V I CE PR O GR A M S Sapphire Aw ards and

418 views • 22 slides
Measuring effectiveness of MPA management What is OSPAR doing and can we transfer it to HELCOM?

Measuring effectiveness of MPA management What is OSPAR doing and can we transfer it to HELCOM?

Measuring effectiveness of MPA management What is OSPAR doing and can we transfer it to HELCOM? Definition Aim: Well-managed MPA network Management effectiveness is the decree to which management actions are achieving the goals and

390 views • 9 slides
Measuring the Effectiveness of Wisconsin Principals: Two Studies From the State- wide Evaluation

Measuring the Effectiveness of Wisconsin Principals: Two Studies From the State- wide Evaluation

Measuring the Effectiveness of Wisconsin Principals: Two Studies From the State- wide Evaluation of Educator Effectiveness Curtis Jones &amp; Leon Gilman, University of Wisconsin Milwaukee Steve Kimball, University of Wisconsin Madison

337 views • 33 slides
Strategies for Measuring the Effectiveness of District &amp; Regional Initiatives Michelle

Strategies for Measuring the Effectiveness of District &amp; Regional Initiatives Michelle

Strategies for Measuring the Effectiveness of District &amp; Regional Initiatives Michelle Robinette Director of Curriculum, Red Creek CSD Sarah Vakkas Assistant Superintendent for Instruction, GST BOCES Session Objectives Participants will

368 views • 23 slides
Measuring the Cost The author has no disclosures related to the Effectiveness of content of

Measuring the Cost The author has no disclosures related to the Effectiveness of content of

Disclosures: Measuring the Cost The author has no disclosures related to the Effectiveness of content of this presentation. Pharmacogenomic Testing The INGENIOUS trial (NCT02297126) is sponsored by an NIH/NHGRI U01-grant (HG007762)

370 views • 5 slides
Enter the Bathysphere Measuring Complexity-Effectiveness of Future-Generation Silicon

Enter the Bathysphere Measuring Complexity-Effectiveness of Future-Generation Silicon

Enter the Bathysphere Measuring Complexity-Effectiveness of Future-Generation Silicon Architectures Using FPGAs Andrew Schwerin Steven Swanson Mark Oskin Simulation Methodology Have new idea while(not published) Hack simulator Run

221 views • 21 slides
A Critical Examination of Microenterprise Programs: A Look at Effectiveness and Sustainability in

A Critical Examination of Microenterprise Programs: A Look at Effectiveness and Sustainability in

A Critical Examination of Microenterprise Programs: A Look at Effectiveness and Sustainability in Alleviating Poverty Jonathan H. Westover, Ph.D. Woodbury School of Business International Development Conference Presented December 3, 2012

269 views • 15 slides
management consultant and expert in performance management and measurement). Careers NZ kindly

management consultant and expert in performance management and measurement). Careers NZ kindly

Kia ora koutou The Framework was developed from drawing upon findings from our Measuring performance and effectiveness literature review , and with the support of Susan Hitchiner (who is an independent public management consultant and expert in

316 views • 5 slides
Measuring the Effectiveness of a Test (Converting Software Testing from an Art to a Science)

Measuring the Effectiveness of a Test (Converting Software Testing from an Art to a Science)

Measuring the Effectiveness of a Test (Converting Software Testing from an Art to a Science) Harry M. Sneed Software Test Engineer ANECON GmbH., Vienna, Austria Abstract: The proposed paper presents a set of metrics developed by the author while

401 views • 23 slides
Measuring and Communicating the Effectiveness of Systems Operation Strategies Subcommittee for

Measuring and Communicating the Effectiveness of Systems Operation Strategies Subcommittee for

Measuring and Communicating the Effectiveness of Systems Operation Strategies Subcommittee for Systems Operation and Management Annual Meeting April 9-10, 2013; Phoenix, Arizona Daniela Bremmer WSDOT: Director, Strategic Assessment 1 Building

391 views • 19 slides
Methodological Advances in Measuring the Methodological Advances in Measuring the Effectiveness

Methodological Advances in Measuring the Methodological Advances in Measuring the Effectiveness

Methodological Advances in Measuring the Methodological Advances in Measuring the Effectiveness of Behavioral Nudges on Participation Effectiveness of Behavioral Nudges on Participation in Agri-Environmental Programs in Agri-Environmental

449 views • 40 slides
Key Performance I ndicators in Measuring PAI s &amp; PLO Performance For Electrical Engineering

Key Performance I ndicators in Measuring PAI s &amp; PLO Performance For Electrical Engineering

Key Performance I ndicators in Measuring PAI s &amp; PLO Performance For Electrical Engineering Department Curriculum of Malaysian Polytechnics (The he role o of KPIs Is to assess a and improve the he Ou Outcomes-based E Educati tion)

741 views • 47 slides
Disclosures Research support from UCOP CHQI In-Hospital Cardiac Arrest: award Measuring

Disclosures Research support from UCOP CHQI In-Hospital Cardiac Arrest: award Measuring

5/29/2014 Disclosures Research support from UCOP CHQI In-Hospital Cardiac Arrest: award Measuring Effectiveness and Improving Outcomes J. Matthew Aldrich, MD Anesthesia &amp; Critical Care UCSF Overview Cardiopulmonary Arrest: Quality

283 views • 12 slides
Measuring Carbon Price Volatility and Its Impact on the Effectiveness of the ETS Scheme

Measuring Carbon Price Volatility and Its Impact on the Effectiveness of the ETS Scheme

Measuring Carbon Price Volatility and Its Impact on the Effectiveness of the ETS Scheme Professor Nils-Henrik von der Fehr University of Oslo and CERRE Expert Workshop on Carbon Price Volatility Brussels, 14 October 2015 The Textbook Model

419 views • 8 slides
Introduction to Malicious Web Sites Ktcl Web Sitelerine Bir lk Bak Ali Ikinci

Introduction to Malicious Web Sites Ktcl Web Sitelerine Bir lk Bak Ali Ikinci

OWASP T urkey - Uygulama Gvenlii Gn Introduction to Malicious Web Sites Ktcl Web Sitelerine Bir lk Bak Ali Ikinci Siber Gvenlik Dernei ali@ikinci.info 9 June 2012 Turkey About Me Working on Malicious Web Sites

505 views • 31 slides
NETWORK DEFENCE STRATEGY EVALUATION: SIMULATION VS. LIVE NETWORK Tuesday 9 th May, 2017 Jana

NETWORK DEFENCE STRATEGY EVALUATION: SIMULATION VS. LIVE NETWORK Tuesday 9 th May, 2017 Jana

NETWORK DEFENCE STRATEGY EVALUATION: SIMULATION VS. LIVE NETWORK Tuesday 9 th May, 2017 Jana Medkov Martin Husk, Martin Draar Introduction optimal strategy to defend network infrastructure no standard for benchmarking Network Defence

574 views • 18 slides
What do we know? What can we measure? Martin Eling OECD Expert Workshop, May 13, 2017

What do we know? What can we measure? Martin Eling OECD Expert Workshop, May 13, 2017

Cyber Risk and Cyber Risk Insurance: What do we know? What can we measure? Martin Eling OECD Expert Workshop, May 13, 2017 Management Summary Research Approach: Overview of the main research topics in the fields of cyber risk and

579 views • 12 slides
An Open Botnet Analysis Framework for An Open Botnet Analysis Framework for Automatic Tracking

An Open Botnet Analysis Framework for An Open Botnet Analysis Framework for Automatic Tracking

An Open Botnet Analysis Framework for An Open Botnet Analysis Framework for Automatic Tracking and Activity Visualization Automatic Tracking and Activity Visualization marco riccardi Italian Chapter - The Honeynet Project marco cremonini

393 views • 36 slides
Virtual machine introspection in a hybrid honeypot architecture Tamas K Lengyel &amp; Justin

Virtual machine introspection in a hybrid honeypot architecture Tamas K Lengyel &amp; Justin

Virtual machine introspection in a hybrid honeypot architecture Tamas K Lengyel &amp; Justin Neumann University of Connecticut The role of the honeypot The limitations Low-interaction honeypots: &quot;Artificial&quot; attack surface

846 views • 13 slides
Industrial Control Systems Honeypot May1601 Aashwatth Agarwal Dan Borgerding Jon Hope Nik

Industrial Control Systems Honeypot May1601 Aashwatth Agarwal Dan Borgerding Jon Hope Nik

Industrial Control Systems Honeypot May1601 Aashwatth Agarwal Dan Borgerding Jon Hope Nik Kinkel Jon Osborne Korbin Stich http://may1601.sd.ece.iastate.edu Client : Alliant Energy Advisor : Dr. Doug Jacobson April 28, 2016 May1601 ICS

384 views • 15 slides
NCSC One: IoT Honeypot Pieter Jansen &amp; Jurriaan Bremer On the agenda: 1. Introduction 2.

NCSC One: IoT Honeypot Pieter Jansen &amp; Jurriaan Bremer On the agenda: 1. Introduction 2.

NCSC One: IoT Honeypot Pieter Jansen &amp; Jurriaan Bremer On the agenda: 1. Introduction 2. SBIR 3. Cuckoo Sandbox 4. Project 5. Architecture 6. Offline demo 7. Roadmap Introduction Pieter Jansen - CEO @ Cybersprint -

859 views • 42 slides
Towards malware inspired management frameworks J er ome Fran cois, Radu State and

Towards malware inspired management frameworks J er ome Fran cois, Radu State and

April, 8 2008 http://madynes.loria.fr/ Towards malware inspired management frameworks J er ome Fran cois, Radu State and Olivier Festor Introduction Malware for management Models Results Conclusion Outline 1 Introduction 2

513 views • 34 slides

More recommend