Download Europe`s World - Growing Cyber Threats Demand

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts

Trusted Computing wikipedia , lookup

Citizen Lab wikipedia , lookup

Next-Generation Secure Computing Base wikipedia , lookup

Distributed firewall wikipedia , lookup

Mobile security wikipedia , lookup

Security-focused operating system wikipedia , lookup

Cyberterrorism wikipedia , lookup

Cyber-security regulation wikipedia , lookup

Computer security wikipedia , lookup

Cyberwarfare wikipedia , lookup

Cyberattack wikipedia , lookup

Transcript 
What the Chiefs Say
groWing cybEr thrEats dEmand advancEd
mitigation mEthodologiEs
by Jeff Snyder
Jeff snyder
Vice President,
Cyber Programs
Raytheon Company
It seems like every day that we hear about the growing
cyber threat environment, whether from nation states
trying to steal intellectual property, cyber criminals
attempting to steal credit information or money, or
just political activists who want to emphasize one
cause or another. Whatever the case, the threats are
real, stealthy, and persistent and occur in real-time.
Consider the range of cyber threats that we
face each and every day that can eviscerate our
critical infrastructure or destabilize our economic
viability. Some of the more pervasive avenues
include mobile device exploitation, insecure web
applications, Advanced Persistent Threats (APTs),
BOTNETS, Phishing techniques, and the use of
social media channels.
threat Mitigation techniques and Potential
solutions
Given the heightened cyber threat environment,
there are proven techniques to address this
growing threat. Best practices generally lead to
a “layered”, multi-faceted approach to protect
critical infrastructure from both external and
insider threats. This approach includes perimeter
security; supply chain security; associated secure
software development practices; secure embedded
processing for mission critical applications; and
insider threat monitoring.
Perimeter security solutions – The first stage of
defense rests with an effective perimeter security
solution to protect the external boundaries of an
enterprise or critical infrastructure. Typically, this
is a distributed architecture of intrusion detection
sensors, firewalls and other tools, integrated into
a round-the-clock cyber command center staffed
by well-trained analysts. Nonetheless, perimeter
solutions are penetrable by an advanced adversary.
Additionally, sensors today are “signature-based,”
posing a challenge to defend against new threat
signatures that have not yet been detected and
analyzed. Efforts are underway to develop intrusion
prevention sensors (IPSs) that can better predict
and block new threats from compromising an
infrastructure.
supply Chain security and secure software
–
Significant
Development
Practices
developments are underway to minimize
exploitation vulnerabilities in software, hardware
and firmware that are integral to fielded systems.
Organizations are implementing policies to
address secure software development practices,
and beyond using software scanning tools, finding
it important to integrate secure software practices
into the culture of the organization. Some firms
have found that using judicious secure software
development processes can reduce vulnerabilities
associated with mission critical software by 70%.
secure Processing initiatives – The next level of
a nested defense involves hosting mission-critical
applications and information at the processor level.
INTEL’s acquisition of McAffee suggests a new level
of interest in migrating cyber defense techniques
to the processor.
insider threat Considerations – Previous
discussions focused on the external threat and
the risks they pose, yet many in industry believe
the most significant threat remains the “insider.”
Policies are evolving to address the insider threat
problem through the use of proven technologies to
monitor computer activities for unusual behavior.
A more comprehensive cyber solution involves
much more than installing a few firewalls to block
the novice attacker. The advanced cybersecurity
threat is very real, complex, zero-day and persistent.
As such, it takes a layered, multi-faceted approach
to minimize the probability of experiencing cyber
harm from both external and insider threats.
Europe’s World
Summer 2012
|9
Related documents
A. Explain the nature of marketing plans. B. Explain the role
A. Explain the nature of marketing plans. B. Explain the role
Online dating Virtual gaming Twitter LinkedIn Facebook Google +
Online dating Virtual gaming Twitter LinkedIn Facebook Google +
A. Explain the nature of marketing plans. B. Explain the role of
A. Explain the nature of marketing plans. B. Explain the role of
the cost of cybercrime to australia $276323
the cost of cybercrime to australia $276323
TODAY’S TECHNOLOGY CAN CHANGE IN THE BLINK OF AN EYE.
TODAY’S TECHNOLOGY CAN CHANGE IN THE BLINK OF AN EYE.
Testimony - American Security Project
Testimony - American Security Project
Siemplify, a fast-growing cyber security start
Siemplify, a fast-growing cyber security start
Artificial Intelligence Engineer
Artificial Intelligence Engineer
new zealand`s cyber security strategy
new zealand`s cyber security strategy
Maritime Cyber Vulnerabilities in the Energy Domain
Maritime Cyber Vulnerabilities in the Energy Domain
SECURITY IN THE BALTIC SEA REGION 1. Lecture
SECURITY IN THE BALTIC SEA REGION 1. Lecture
Position: Senior IA/Security Specialist, (Computer Network Defense
Position: Senior IA/Security Specialist, (Computer Network Defense
Darktrace Case Study: Human Longevity, Medical Technology
Darktrace Case Study: Human Longevity, Medical Technology