Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Trusted Computing wikipedia , lookup
Citizen Lab wikipedia , lookup
Next-Generation Secure Computing Base wikipedia , lookup
Distributed firewall wikipedia , lookup
Mobile security wikipedia , lookup
Security-focused operating system wikipedia , lookup
Cyberterrorism wikipedia , lookup
Cyber-security regulation wikipedia , lookup
Computer security wikipedia , lookup
What the Chiefs Say groWing cybEr thrEats dEmand advancEd mitigation mEthodologiEs by Jeff Snyder Jeff snyder Vice President, Cyber Programs Raytheon Company It seems like every day that we hear about the growing cyber threat environment, whether from nation states trying to steal intellectual property, cyber criminals attempting to steal credit information or money, or just political activists who want to emphasize one cause or another. Whatever the case, the threats are real, stealthy, and persistent and occur in real-time. Consider the range of cyber threats that we face each and every day that can eviscerate our critical infrastructure or destabilize our economic viability. Some of the more pervasive avenues include mobile device exploitation, insecure web applications, Advanced Persistent Threats (APTs), BOTNETS, Phishing techniques, and the use of social media channels. threat Mitigation techniques and Potential solutions Given the heightened cyber threat environment, there are proven techniques to address this growing threat. Best practices generally lead to a “layered”, multi-faceted approach to protect critical infrastructure from both external and insider threats. This approach includes perimeter security; supply chain security; associated secure software development practices; secure embedded processing for mission critical applications; and insider threat monitoring. Perimeter security solutions – The first stage of defense rests with an effective perimeter security solution to protect the external boundaries of an enterprise or critical infrastructure. Typically, this is a distributed architecture of intrusion detection sensors, firewalls and other tools, integrated into a round-the-clock cyber command center staffed by well-trained analysts. Nonetheless, perimeter solutions are penetrable by an advanced adversary. Additionally, sensors today are “signature-based,” posing a challenge to defend against new threat signatures that have not yet been detected and analyzed. Efforts are underway to develop intrusion prevention sensors (IPSs) that can better predict and block new threats from compromising an infrastructure. supply Chain security and secure software – Significant Development Practices developments are underway to minimize exploitation vulnerabilities in software, hardware and firmware that are integral to fielded systems. Organizations are implementing policies to address secure software development practices, and beyond using software scanning tools, finding it important to integrate secure software practices into the culture of the organization. Some firms have found that using judicious secure software development processes can reduce vulnerabilities associated with mission critical software by 70%. secure Processing initiatives – The next level of a nested defense involves hosting mission-critical applications and information at the processor level. INTEL’s acquisition of McAffee suggests a new level of interest in migrating cyber defense techniques to the processor. insider threat Considerations – Previous discussions focused on the external threat and the risks they pose, yet many in industry believe the most significant threat remains the “insider.” Policies are evolving to address the insider threat problem through the use of proven technologies to monitor computer activities for unusual behavior. A more comprehensive cyber solution involves much more than installing a few firewalls to block the novice attacker. The advanced cybersecurity threat is very real, complex, zero-day and persistent. As such, it takes a layered, multi-faceted approach to minimize the probability of experiencing cyber harm from both external and insider threats. Europe’s World Summer 2012 |9