Embed Size (px)
Citation preview
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
Cybersecurity Best Practices:US Government PerspectiveTyson Scott – Consulting Systems Engineer
US Public Sector Cybersecurity
February 2014
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
Cisco Confidential 2© 2014 Cisco and/or its affiliates. All rights reserved.
Background
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Cybersecurity in the US GovernmentMaking it work
Central Agency for
Cybersecurity
Standards
Organizations
Best Practices and
Frameworks
Acceleration
Programs
US Department of Homeland Security
National Protection and Programs Directorate
National Institute for Standards and Technology
The MITRE Corporation
800 Series Publications
Cybersecurity Framework
Risk Management Framework
C³ Voluntary Program
FedRAMP
Continuous Diagnostics and Mitigation Program
Cybersecurity
Legislation
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
NIST Risk Management Framework (RMF)
Select
SP 800-53
& FIPS 200
1
Risk
Management
Framework
2
3
4
6
5
Categorize
SP 800-60 & FIPS 199
Implement
SP 800-160
Assess
SP 800-53A
Authorize
SP 800-37
Monitor
SP 800-137
Security Life Cycle
The RMF pulls it all
together into an
information security
continuous monitoring
process
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
Cisco Confidential 5© 2014 Cisco and/or its affiliates. All rights reserved.
Cisco Security and the Cybersecurity Best Practices
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
The Threat-Centric Security Model
DiscoverEnforceHarden
DetectBlock
Defend
ScopeContain
Remediate
Identify Protect Detect Respond Recover
Aligning with the Cybersecurity Framework Core
• Asset Management
• Business Environment
• Governance
• Risk Assessment
• Risk Management
Strategy
• Access Control
• Awareness & Training
• Data Security
• Information Protection
• Maintenance
• Protective Technology
• Anomalies and Events
• Security Continuous
Monitoring
• Detection Processes
• Response Planning
• Communications
• Analysis
• Mitigation
• Improvements
• Recovery Planning
• Improvements
• Communications
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
CDM
Phase
Tool Functional Areas
(“CDM Tools”)
1
1 Hardware Asset Management
2 Software Asset Management
3 Configuration Settings Management
4 Vulnerability Management
2
5 Manage Network Access Controls
6 Manage Trust in People Granted Access
7 Manage Security-Related Behavior
8 Manage Credentials and Authentication
9 Manage Account Access/Manage Privileges
3
10 Prepare for Contingencies and Incidents
11 Respond to Contingencies and Incidents
12 Design/Build-In Requirements Policy/Planning
13 Design/Build-In Quality
14 Manage Audit Information
15 Manage Operation Security
Aligning with the CDM Program
The Threat-Centric Security ModelWith ISE PxGrid and a 3rd Party
Covers Full Control Model
Covers Part of Control Model
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Cisco Confidential 8© 2014 Cisco and/or its affiliates. All rights reserved.
Closing Remarks
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Security Manifesto for today’s world
Cisco Annual Security Report 2015
• Security must support the business
• Security must work with existing architecture—and be usable
• Security must be transparent and informative
• Security must enable visibility and appropriate action
• Security must be viewed as a “people problem”
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
Thank You
