powered by powered by connecting organizations, building community michigan cyber range
TRANSCRIPT
Powered byPowered by Connecting Organizations, Building Community
Michigan Cyber Michigan Cyber RangeRange
Michigan Cyber Michigan Cyber RangeRange
Powered by
IntroductionIntroduction
2
Powered by
IntroductionIntroduction
Dr. Joe Adams Vice President of Research and
Cyber Security 26 years Army Signal Corps Associate Professor at US Military
Academy 3 time winner of the NSA’s Inter-
Service Academy CDX Senior Member IEEE
3
Powered by
AgendaAgenda
Who am I? Where is the Threat? How am I at risk? How to prepare?
4
Powered by
Attack SurfaceAttack Surface
5
Powered by
Attack SurfaceAttack Surface
6
Powered by
Attack SurfaceAttack Surface
7
Powered by
Attack SurfaceAttack Surface
8
Powered by
Attack SurfaceAttack Surface
9
Powered by
Why is this so hard?Why is this so hard?
10
Powered by
PlansPlans
11
Powered by
The Price of Doing BusinessThe Price of Doing Business
12
Powered by13
Powered by
Security TheaterSecurity Theater
14
Powered by
An Example of WhyAn Example of Why
15
Powered by
What can we do?What can we do?
16
Powered by
What has to be protected?What has to be protected?
17
Powered by
What can we monitor?What can we monitor?
18
Powered by
What is on its own?What is on its own?
19
Powered by
Make a planMake a plan
20
Powered by
PolicyPolicy
21
Powered by
Education and AwarenessEducation and Awareness
22
Powered by
The ResultThe Result
23
Powered by
But then…But then…
24
Powered by
Practice the planPractice the plan
25
Powered by
CommunicationCommunication
26
Powered by
Fight complacencyFight complacency
27
Powered by
Internal AuditsInternal Audits
28
Powered by
Build HabitsBuild Habits
29
Powered by
It only takes onceIt only takes once
30
Powered by
What we’ve talked aboutWhat we’ve talked about
31
Powered by
What we’ve talked aboutWhat we’ve talked about
32
Powered by
What we’ve talked aboutWhat we’ve talked about
33
Powered by
What we’ve talked aboutWhat we’ve talked about
34
Powered by
Skills training & maintenance
Classes Events Networking
Accessible
Persistent
Using the Cyber RangeUsing the Cyber Range
Powered by
ClassesClasses
17 Certifications Pen Testing, Incident Handling, Ethical Hacking Forensics Leadership Disaster Recovery
Classes held: At Merit or at the customer’s location Online
Cost includes: Tuition Certification Exam
http://www.merit.edu/cyberrange/courses.php
Powered by
Capture the FlagCapture the Flag
Self-Paced Threads of flags to find
Individual skills Penetration testing Forensics SCADA
Scoring engine Encourages competition
Powered by
Force on ForceForce on Force
Paintball Multiple teams; everyone for themselves Penetrate system, plant a flag, secure the system
Red vs Blue Focus on system & service
security and continuity Force on Force
Incident Response Asynchronous Red team creates havoc Blue team diagnoses and
recovers
Powered by
Welcome to AlphavilleWelcome to Alphaville
Powered by
AlphavilleAlphaville
Powered by
AlphavilleAlphaville
A persistent training environment A Network of Things More realistic than an IP range
Every exercise is a separate, customizable copy of the town and its infrastructure
Heterogeneous environment Wide variety of operating systems and services Residents of Alphaville provide “background noise” Bot nets, rootkits, and backdoors
Powered by
Flexible terms & pricing Pay for what you use
Voucher/Credit system
Using the Cyber RangeUsing the Cyber Range
Powered by
Questions?Questions?
http://www.merit.edu/cyberrange/43