postcards from the edge cyber-security risk management in an escalating threat environment
DESCRIPTION
Postcards from the edge cyber-security risk management in an escalating threat environment. threats are escalating at a near exponential rates. Nothing short of game-change innovation can stem this rising tide Seems everything changes, everyday. Pharming > 50% of all PCs compromised - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/1.jpg)
POSTCARDS FROM THE EDGE
CYBER-SECURITY RISK MANAGEMENT IN AN ESCALATING THREAT ENVIRONMENT
![Page 2: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/2.jpg)
• Pharming• > 50% of all PCs
compromised• Application Attacks• BotArmies/DDOS2
• Organized Cyber-crime Ecosystem• Hacktivism • Cyber Terrorism
• Phishing• Identity Theft • OS Hacking• BotNets/DDOS• Cyber Criminals• Script Kiddies
• Nothing short of game-change innovation can stem this rising tide
• Seems everything changes, everyday
THREATS ARE ESCALATING AT A NEAR EXPONENTIAL RATES
![Page 3: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/3.jpg)
THE US REACTION HAS BEEN WEAK WITHOUT A CIVILIAN “CYBER-CZAR” NAMED AT PRESENT
![Page 4: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/4.jpg)
THE NEW CYBER COMMAND IS STILL VERY YOUNG AND DOES NOT YET HAVE A BASE OF OPERATIONS
Needs a good home
![Page 5: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/5.jpg)
PUBLIC AWARENESS IS LARGELY ABSENCE DRIVEN BY UNCONNECTED AND ONE-OFF DRAMATIC EVENTS.
MANY IN THE MEDIA LACK A THOROUGH UNDERSTANDING OF THE
ISSUES“Estonia Sending Cyber Defense Experts to Georgia”
Network World
![Page 6: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/6.jpg)
MOST SECURITY TECHNOLOGY PROVIDERS HAVE A NARROW PERSPECTIVE OF THE
CYBER-SECURITY LANDSCAPE
![Page 7: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/7.jpg)
UNFORTUNATELY THE REALITY OF THE CYBER SECURITY LANDSCAPE IS
SOMEWHAT LARGER
![Page 8: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/8.jpg)
SUMMARIZING THE CONTEXT
THREATS ARE ESCALATING AT AN ALARMING RATE PUBLIC POLICY HAS GENERALLY FAILED US GOVERNMENT ACTION HAS BEEN INADEQUATE MEDIA/PUBLIC IS AT BEST CONFUSED ABOUT
CYBER THREATS TECHNOLOGY HAS PROVIDED LITTLE MORE THAN
A BAND-AID MANY BELIEVE CYBER-CRIMINALS HAVE ALMOST
MYSTICAL POWERS
![Page 9: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/9.jpg)
MOST CYBER-SECURITY CONVENTIONAL WISDOM ATTEMPTS TO MODEL OUR CYBER DEFENSES BASED ON TRADITIONAL DEFENSE IN DEPTH IMPLEMENTATIONS
Calsten Fortress c. 1600’s, Marstrand, Sweden
![Page 10: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/10.jpg)
CHANGING THE GAMEThe digital warrior
A FUNDAMENTAL CHANGE IN TACTICSPRINCIPLES OF A RESILIENT CYBER DEFENSE
![Page 11: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/11.jpg)
1. IT’S TOO EASY TOO BE HARD!
Where: 80%+ of all successful cyber-attacks exploit vulnerabilities in four categories;
none require rocket science to fix Input validation, poor coding technique – business logic, authentication and access control,
device hardening – patching, secure baselines Building in security is 60 times less expensive that bolting-on later
Up-level security in SDLC
We must develop: Strong vulnerability management program Assessment and remediation of legacy code used in operating systems and
applications Assessment and remediation of web site vulnerabilities
This will continue to be the most sought-after attack vectors by criminals to host links to phishing and identity theft code.
Assessment and remediation third party code and widgets An attractive attack vector
Demonstrated by the “Secret Crush” malware that posed as a Facebook widget to install itself on about 1 million PCs in late 2007 and early 2008
![Page 12: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/12.jpg)
2. BE A REALLY GOOD FIRST RESPONDER
Where: Complex systems fail complexly, it is not possible to anticipate all
the failure modes Complexity provides both opportunity and hiding places for
attackers Damping out complexity is impossible when coupled with change,
growth and innovation Security failures are inevitable
We Must Develop: Robust incident management integrating all aspects of business
(e.g. communications, development, legal) Security SME throughout the SDLC Deploy analytical tools to continually assess the security of
development and the infrastructure Provide security training to development and infrastructure teams
![Page 13: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/13.jpg)
3. GRACEFULLY DEGRADEIf: A successful attack is inevitable
Then we must develop: A thorough understanding of the business, key
business assets and critical functionality Define defensible perimeters Expanded firewall and IPS footprint Develop/understanding network choke-points Bandwidth allocation Dynamic re-configuration
![Page 14: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/14.jpg)
3A. DIVERSITY…DIVERSITY…DIVERSITY
Where: You can’t live without it!
“Run from monoculture in the name of survivability” – Dan Geer
We must develop: Multiple tools for detection and analysis Multiple mitigation methods Segmentation for everything New thinking – situational awareness – attack
simulation…
![Page 15: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/15.jpg)
4. TREAT THE INSIDE LIKE THE OUTSIDE
Where: Every cyber criminal is our next door neighbor We can never retreat to a safe neighborhood
We must develop: The ability to defend knowing the current
threat profile, generally and specifically to us. Encryption for everything moving in our
networks Defensive applications coding
More important than ever with 3rd party software
![Page 16: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/16.jpg)
5. IT’S THE DATA AND THE TRANSACTIONS
Where: Cyber criminals are attacking transaction
streams Transaction attacks are extremely difficult
to detectWe must develop: Protect data Protect the transactions Employee exfiltration blocking
![Page 17: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/17.jpg)
6. DEFENSE IS GUARANTEED TO BE A LOSING STRATEGY,
PLAY OFFENSE WHENEVER POSSIBLE
May be averting a crises, but not getting in front of the problem
![Page 18: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/18.jpg)
7. INNOVATE…INNOVATE…INNOVATE
Innovating for impact Incremental Sustaining core and context Radical
![Page 19: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/19.jpg)
8. KNOW WHAT IS HAPPENING, KNOW WHAT HAPPENED
Where: Attacks are becoming much more subtle Attacks are using multiple channels
![Page 20: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/20.jpg)
9. CONTINUOUSLY ADAPT THE STRATEGY – BE AGILE
• If you are not moving forward you are falling behind…status quo is unacceptable• Nothing is stable• Surprise is constant• We work at a permanent, structural disadvantage compared to our attackers
![Page 21: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/21.jpg)
SUCCESS NOW AND IN THE FUTURE:
WE ARE VIGILANT AND MINDFUL TO THE POTENTIAL PERILS
![Page 22: Postcards from the edge cyber-security risk management in an escalating threat environment](https://reader035.vdocuments.site/reader035/viewer/2022070500/568168d5550346895ddfc6a9/html5/thumbnails/22.jpg)
REMEMBER – 90% OF THE PUTTS THAT ARE SHORT
DON’T GO IN.Yogi Berra