Upload
dr-robert-d-childs
View
135
Download
1
Embed Size (px)
Citation preview
‹#›
CYBER RESILIENCY: from Prevention to Recovery (Part 2)
10 Dec 2015
Dr. Robert D. Childs President & CEO, iCLEAR LLC
Former Chancellor, National Defense University (NDU) iCollege and Deputy to NDU President for Cyber and Information
‹#›
Cyber Defense Goals
• Protect (policies/governance/rules/tools/educate)
• Detect (monitor/incident response/shift site/network
• Correct (continue ops/recover/lessons learned)
2
‹#›
Analyzing an Attack
• Compliance/audit
• Response (recover, correct, inform)
• Forensics (determine cause, sequence of events, entry
points, type, motivation)
• CONTINUE OPERATIONS !!!
3
‹#›4
Cyber Defense Challenges
• Unawareness of the threats
• Poor computer hygiene practices
• Lack of policies/governance/rules/procedures
• Varying network protocols/monitoring
• Late identification of attacks
• No continuity of operations plan
‹#›
• Have a COOP
• Identify mission critical activities
• Know your partners and supply chain
• Validate software/apps
• Monitor networks
• Establish policies/rules regarding BYOD
• Share information (cooperation)
• Test (exercises)
• Be proactive/agile/adaptive
Required Actions
5
‹#›
The ART of Cyber Strategy
Attribution - tracing the network of origin (vice the routing networks) of attack vectors, as well as determining the identity of the attacker
Rules of engagement - metrics for mission risk exposure for a particular cyber event, and how to determine the appropriate level (e.g., time, magnitude & duration) of the response action [retaliation]
Trust Relationships - dynamic assessment and assignment of trust levels for domestic and international collaborative & sharing offer the greatest fidelity for determining current and future actions
Dr. Gil Duval, CEO Data Security Storage, LLC
6
‹#›
Continuity of Operations Plan
• Build strong relationships (trust)
• Encourage information sharing/collaboration)
• Innovate & leverage technology
• Integrate end-to-end strategy (across enterprise)
• Introduce national cyber legislation
• Establish defensible architecture (suite of
technologies)
• Explore Cyber Assurance-as-a-Service
7
‹#›
Contact
Dr. Robert D. Childs
President & CEO, iCLEAR LLC
Former Chancellor, National Defense University(NDU) iCollege and
Deputy to the NDU President for Cyber and Information
e-mail: [email protected]
iCLEAR LLC website: http://iclearllc.com