next generation security
play

Next Generation Security Adaptive | Intelligent | Resilient Scott - PowerPoint PPT Presentation

Oct 04, 2023 •274 likes •523 views

NIST Cyber Security Framework & Healthcare IT Security Clarksville, MD | 22 April 2016 | Annual Spring Conference Next Generation Security Adaptive | Intelligent | Resilient Scott Montgomery VP, Chief Technical Strategist

  1. NIST Cyber Security Framework & Healthcare IT Security Clarksville, MD | 22 April 2016 | Annual Spring Conference Next Generation Security Adaptive | Intelligent | Resilient Scott Montgomery VP, Chief Technical Strategist scott.montgomery@intel.com +1 240 498 2941 m McAfee Confidential

  2. DISCLAIMER “The information contained in this document is for informational purposes only and should not be deemed an offer by Intel Security or create an obligation on Intel Security. Intel Security reserves the right to discontinue products at any time, add or subtract features or functionality, or modify its products, at its sole discretion, without notice and without incurring further obligations.” 2 McAfee Confidential

  3. HealthCare Security Landscape… Sector’s Top Attack Categories DDoS Account Hijacking Malware “Average data breach cost per capita for the healthcare industry is $363” Sources: Ponemon Data breach report 2015 and Intel Security Group 3 McAfee Confidential

  4. Ransomware Cyber-Threat-Alliance “ When researching profits made by the group behind CW3, an estimated $325 million dollars was discovered. ” Ransomware-as-a-Service (RaaS) is booming in the early start of 2016, multiple sites and campaigns have been detected. Most prevalent ransomware families at the moment: CryptoWall v4 and TeslaCrypt Source: McAfee Labs Threat Report, November 2015 Source: http://cyberthreatalliance.org/cryptowall-report.pdf McAfee Confidential

  5. HealthCare – Ransomware attacks Attackers ask $3.6 million ransom - Hospital’s network down for more than a week - Systems for CT scans and others impacted - Email, Patient-files and other data encrypted - Staff went back to fax-machines for communication - They were not the only hospital hit by ransomware.. Reported by CSO Online 5 McAfee Confidential

  6. HealthCare We still have a long way to go: simple scan of Internet facing devices for remote control software without password 6 McAfee Confidential

  7. Healthcare Organizations are Subject to Many Legislative & Regulatory Requirements… “Authoritative Sources” Often Overlap 7 McAfee Confidential

  8. NIST Cybersecurity Framework What it is…and why Why? • An organizational Cybersecurity Risk Management tool for: • Improving communications between technical staff and the • Released (Version 1.0) business decision makers February 12, 2014, it is in direct response and support of • A common language for discussing organizational cybersecurity President Obama's February issues 2013 Executive Order 13636 • Evaluating an organization’s current security posture "Improving Critical Infrastructure Cybersecurity." • Developing an organization’s target security profile • Helps organizations to identify, • Providing a means to develop a roadmap for improving the understand, manage and reduce cybersecurity posture based on specifics cybersecurity risks by prioritizing security investments • Improving Cybersecurity Risk Management decision making within the organization • Voluntary • Guidance created based on existing standards and best-practices (private and public sector were involved in the creation) • A living document 8 8 McAfee Confidential

  9. NIST Cybersecurity Framework What it is not… • Prescriptive Organizations will continue to have • A replacement for existing risk management unique risks – different threats, different vulnerabilities, different risk tolerances – methodologies (but can augment and compliment OR fill and how they implement the practices in gap if none exists) the Framework will vary. Organizations can determine activities that are • Foolproof! No, implementing the CSF does not mean your important to critical service delivery and immune to being compromised! can prioritize investments to maximize the impact of each dollar spent. • A “One size fits all” approach Ultimately, the Framework is aimed at reducing and better managing • A substitute for thoughtful review, evaluation and cybersecurity risks. pragmatism in addressing risk concerns and priorities Source: NIST Framework for Improving • It is NOT an IT governance “Framework” in the classic Critical Infrastructure Cybersecurity, sense of CoBIT Version 1.0. • It is not a silver bullet 9 9 McAfee Confidential

  10. NIST Cyber Security Framework - Overview Three primary components: 1) Profile: Comprised of two views; current “as is” and target “to be” 2) Implementation Tiers (1 – 4): Partial, Risk Informed, Repeatable, Adaptive 3) Core: - Functions: Identify, Protect, Detect, Respond, Recover - Categories, subcategories and Informative References Source for slide content: http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf 10 McAfee Confidential

  11. NIST Cyber Security Framework - Overview Implementation Tiers: Tier 1 – Partial : Risk management process and program ad hoc, reactive. Cybersecurity activities and risk management visibility limited. Tier 2 – Risk Informed : Risk management practices approved by management may not be fully established across organization. Cybersecurity activities and risk management concerns have some level of visibility but may not be all- encompassing across organization. Tier 3 – Repeatable : Risk management practices are clearly approved and defined, adhered to and consistent methods in place to respond to and address risks across the organization. Tier 4 – Adaptive : Organization adapts, evolves risk management, cybersecurity practices based on lessons learned and predictive analysis. Cybersecurity risk management is part of culture. Tiers can provide context for the organization relative to how they view and manage cybersecurity risks Source for slide content: http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf 11 McAfee Confidential

  12. NIST Cyber Security Framework - Overview The CSF provides a common method for organizations to: 3. Identify and 1. Baseline and 2. Describe “to describe “as is” prioritize be” target state improvements current posture 5. Communicate 4. Assess to stakeholders progress Source for slide content: http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf 12 McAfee Confidential

  13. Points of Consideration It is the start of a journey • Enables continuity and continuous Leveraging the CSF can help improvement drive better risk management, prioritized investments and • Branch out and connect with partners and foster better communication others who are taking this journey across state organizations • Keep it simple! Do not go too deep or too fast • Understanding risk and managing priorities in investments to address enables compliance 13 13 McAfee Confidential

  14. Our Lessons Learned The CSF fosters essential internal discussions about alignment, risk tolerance, control maturity, and other elements of cyber risk management • Setting our own Tier Targets was especially useful The CSF provides a common language for cross- organizational communications, allowing apple-to-apples comparisons Engage all stakeholders early; the Framework itself facilitates discussion Its alignment to industry practices made it easy to scale and tailor it to our environment with surprisingly minimal impact 14 McAfee Confidential

  15. NIST CSF Update to Industry… Cyber Security Framework Workshop 6-7 April 2016 On December 11, 2015, NIST issued its third request for information (RFI), Views on the Framework for Improving Critical Infrastructure Cybersecurity, to receive feedback. The RFI analysis served as a starting point for discussion at the Cybersecurity Framework Workshop 2016, hosted by NIST in Gaithersburg, Maryland on April 6 & 7, 2016. The workshop, with approximately 800 participants, continued important conversations begun in the recent RFI and included topics such as :  Ways in which the Framework is being used to improve cybersecurity risk management,  How best practices for using the Framework are being shared,  The relative value of different parts of the Framework,  The possible need for an update of the Framework, and  Options for long-term governance of the Framework. 15 McAfee Confidential

  16. NIST CSF Update to Industry… Cyber Security Framework Example RFI Responses 11 Dec 2015 16 McAfee Confidential

  17. Reaching Critical Mass Security teams are overwhelmed by manually intensive solutions Collect | Normalize | Enrich | Correlate Data Sources Threat Intelligence ! ! ! ! Endpoint Organizational ! Object Community Network ! Global Logs Security Consoles 17 17 McAfee Confidential

  18. Gap in Cyber Security Skilled Labor Global shortfall in talent Actual Requirements Hiring Gap The 2015 (ISC)2 Global Information Security Workforce Survey 18 McAfee Confidential

  19. Intelligence Based Orchestration & Automation Apply the power of knowledge – Security Connected Global Threat Intel Security Organizational 3 rd Party Solutions Intelligence Countermeasures Threat Intelligence McAfee Global Analytics & response Administrator Security Innovation Threat Intelligence Knowledge Alliance Payload inspection Virus Total & detonation STIX/TAXII Organization Prevalence & 3rd Party Feeds Cloud assisted Forensics protection Evolution of endpoints 19 McAfee Confidential

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Algebraic Security Analysis of Key Generation with Physical Unclonable Functions Matthias Hiller 1

Algebraic Security Analysis of Key Generation with Physical Unclonable Functions Matthias Hiller 1

Algebraic Security Analysis of Key Generation with Physical Unclonable Functions Matthias Hiller 1 , Michael Pehl 1 , Gerhard Kramer 2 and Georg Sigl 1,3 1 Chair of Security in Information Technology 2 Chair of Communications Engineering 2

963 views • 19 slides
Introduction Design Key Scheduling Keystream Generation Security

Introduction Design Key Scheduling Keystream Generation Security

MARC: Modified ARC4 Jianliang Zheng and Jie Li The City University of New York Contents Introduction Design Key Scheduling Keystream Generation Security Statistical Testing Performance Testing Introduction RC4

588 views • 16 slides
A Scalable Approach to Attack Graph Generation By Ou, Boyer, McQueen Presented By: Philip Koshy

A Scalable Approach to Attack Graph Generation By Ou, Boyer, McQueen Presented By: Philip Koshy

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA A Scalable Approach to Attack Graph Generation By Ou, Boyer,

591 views • 33 slides
Generation CMSC 426 - Computer Security Slides originally by Dr. Marron, modified by Robert Joyce

Generation CMSC 426 - Computer Security Slides originally by Dr. Marron, modified by Robert Joyce

Random Number Generation CMSC 426 - Computer Security Slides originally by Dr. Marron, modified by Robert Joyce Outline Properties of PRNGs LCGs Blum, Blum, Shub NIST SP 800-90A Random Number Uses Generation of symmetric

540 views • 18 slides
Next generation mobile rootkits Hack In Paris 2013 leveldown security Thomas Roth Hi!

Next generation mobile rootkits Hack In Paris 2013 leveldown security Thomas Roth Hi!

Next generation mobile rootkits Hack In Paris 2013 leveldown security Thomas Roth Hi! Thomas Roth Embedded security (Payment terminals etc.) Distributed computing (and breaking) Web-stuff Social: @stacksmashing leveldown

986 views • 76 slides
+ How to generate security cameras: Towards defence generation for socio-technical systems Olga

+ How to generate security cameras: Towards defence generation for socio-technical systems Olga

+ How to generate security cameras: Towards defence generation for socio-technical systems Olga Gadyatskaya (SnT, University of Luxembourg) olga.gadyatskaya@uni.lu ADT2P + Agenda 2 n Socio-technical models and attack generation n

778 views • 28 slides
Privilege Security & Next-Generation Technology Morey J. Haber Chief Technology Officer

Privilege Security & Next-Generation Technology Morey J. Haber Chief Technology Officer

Privilege Security & Next-Generation Technology Morey J. Haber Chief Technology Officer mhaber@beyondtrust.com Agenda The Next-Gen Threat Landscape o Infomatics, Breaches & the Attack Chain o Securing Cloud, DevOps & IoT o

450 views • 31 slides
THE INDUSTRIAL IMMUNE SYSTEM Using Machine Learning for Next Generation ICS Security Jeff

THE INDUSTRIAL IMMUNE SYSTEM Using Machine Learning for Next Generation ICS Security Jeff

THE INDUSTRIAL IMMUNE SYSTEM Using Machine Learning for Next Generation ICS Security Jeff Cornelius, Ph.D., EVP, Darktrace Darktrace Background Founded by world-leading mathematicians, from the University of Cambridge, and cyber operations

175 views • 15 slides
Generation Z Libraries and the Post-Millennial Generation

Generation Z Libraries and the Post-Millennial Generation

Generation Z Libraries and the Post-Millennial Generation http://procatdigital.co.uk/images/procat/blog/generation%20z%20words.jpg What is a generation? Generations in America

574 views • 22 slides
Next-Generation Secure Public-Key Infrastructures Pawe Szaachowski Network Security Group,

Next-Generation Secure Public-Key Infrastructures Pawe Szaachowski Network Security Group,

Next-Generation Secure Public-Key Infrastructures Pawe Szaachowski Network Security Group, ETH Zrich Public Key Infrastructure (PKI) Scalability issues with symmetric crypto Distribution Challenges in managing n secrets

757 views • 39 slides
Generation Integrated Power Grid Including Adequacy and Dynamic Security Assessment Vijay

Generation Integrated Power Grid Including Adequacy and Dynamic Security Assessment Vijay

Reliability Evaluation of Renewable Generation Integrated Power Grid Including Adequacy and Dynamic Security Assessment Vijay Vittal, ASU Chanan Singh, TAMU Mojdeh Khorsand, ASU Graduate Student Yingying Wang PSERC Webinar Jan 28, 2020

757 views • 36 slides
Ocean ecosystem conservation and seafood security for future generation A case study of

Ocean ecosystem conservation and seafood security for future generation A case study of

Ocean ecosystem conservation and seafood security for future generation A case study of ecosystem g y y approach to fisheries and the adaptive management of the Shiretoko World Natural Heritage Site g

950 views • 37 slides
Secure Network Access System (SNAS) Indigenous Next Generation Network Security Solutions Gigi

Secure Network Access System (SNAS) Indigenous Next Generation Network Security Solutions Gigi

Secure Network Access System (SNAS) Indigenous Next Generation Network Security Solutions Gigi Joseph, Computer Division,BARC. Gigi@barc.gov.in Intranet Security Components 1a. Network Authentication Network Admission Control 1b. End

701 views • 38 slides
Cryptography and Network Random Number Generation Security The comparatively late rise of the

Cryptography and Network Random Number Generation Security The comparatively late rise of the

4/19/2010 Chapter 7 Stream Ciphers and Cryptography and Network Random Number Generation Security The comparatively late rise of the theory of Chapter 7 probability shows how hard it is to grasp, and the many paradoxes show clearly that we, as

72 views • 4 slides
Think of the Children: Preparing the Next Generation of Security Specialists Roman Bohuk

Think of the Children: Preparing the Next Generation of Security Specialists Roman Bohuk

Think of the Children: Preparing the Next Generation of Security Specialists Roman Bohuk @RomanBohuk Jake Smith @jtsmith282 Deep Run High School Who are we?? Students at Deep Run High School Little formal experience Organize our

769 views • 38 slides
A First Step towards the Automatic Generation of Security Protocols Adrian Perrig and Dawn Song

A First Step towards the Automatic Generation of Security Protocols Adrian Perrig and Dawn Song

A First Step towards the Automatic Generation of Security Protocols Adrian Perrig and Dawn Song CMU, UCB Adrian Perrig and Dawn Song NDSS - APG 1 Difficulties in the Design of Security Protocols Usually ad-hoc, lacking formalism. Hidden

324 views • 19 slides
A SECURITY REFERENCE ARCHITECTURE FOR CLOUD SYSTEMS Eduardo B. Fernandez Dept. of Computer

A SECURITY REFERENCE ARCHITECTURE FOR CLOUD SYSTEMS Eduardo B. Fernandez Dept. of Computer

A SECURITY REFERENCE ARCHITECTURE FOR CLOUD SYSTEMS Eduardo B. Fernandez Dept. of Computer Science and Engineering Florida Atlantic University Boca Raton, FL, USA http://www.cse.fau.edu/~ed ed@cse.fau.edu Secure Systems Research Group - FAU

1.08k views • 76 slides
Approaching Security from an "Architecture First" Perspective Rick Kazman, University

Approaching Security from an "Architecture First" Perspective Rick Kazman, University

Approaching Security from an "Architecture First" Perspective Rick Kazman, University of Hawaii Jungwoo Ryoo, Penn State University Humberto Cervantes, Universidad Autonoma Metropolitana-Itztapalapa An Architectural Approach

435 views • 24 slides
Next Generation Ethernet Alan McGuire, New Wave Networks, OneIT, BT Enterprises

Next Generation Ethernet Alan McGuire, New Wave Networks, OneIT, BT Enterprises

Next Generation Ethernet Alan McGuire, New Wave Networks, OneIT, BT Enterprises Enterprises look to scale a single community of interest They are their own customer Which may range in size from a small number of desktops to an

129 views • 10 slides
Retailer To Consumer Legislation And The Pros and Cons of Reciprocity Tom Wark, Executive

Retailer To Consumer Legislation And The Pros and Cons of Reciprocity Tom Wark, Executive

Retailer To Consumer Legislation And The Pros and Cons of Reciprocity Tom Wark, Executive Director NAWR Wine Retailer Summit 2018 Permit Laws VS. Reciprocity Laws PERMIT LAWS : Any retailer in any state may apply for a states Shipping

731 views • 14 slides
Secure Relocation: Understanding Data Security Dave Siegel Siegel

Secure Relocation: Understanding Data Security Dave Siegel Siegel

Secure Relocation: Understanding Data Security Dave Siegel Siegel Data Management (SDM) resources bring nearly 100 man-years of global business experience

519 views • 15 slides
Cloud Security Today Presenter: Jason Sheffield Topics What are the issues today? What is the

Cloud Security Today Presenter: Jason Sheffield Topics What are the issues today? What is the

Cloud Security Today Presenter: Jason Sheffield Topics What are the issues today? What is the Cloud? How the Cloud is delivered: Iaas, PaaS and SaaS Cloud security challenges and risk Current Cloud security report Cloud security technology

302 views • 27 slides
Security and Resilience Juan Torres, SNL April 21, 2016 Overview The "Security and

Security and Resilience Juan Torres, SNL April 21, 2016 Overview The "Security and

Security and Resilience Juan Torres, SNL April 21, 2016 Overview The "Security and Resilience" focus area has five main activities, based on the NIST cybersecurity framework, but expanded to all- hazards. Improve the Ability to

647 views • 6 slides
BitSight Security Ratings www.bitsighttech.com Trends 2 www.bitsighttech.com Increasing

BitSight Security Ratings www.bitsighttech.com Trends 2 www.bitsighttech.com Increasing

BitSight Security Ratings www.bitsighttech.com Trends 2 www.bitsighttech.com Increasing governance and assurance required Subsidiary Third Party Risk Risk Management Management Fourth Party Risk Benchmarking Management Cyber

407 views • 29 slides

More recommend