The CISO as a Systems Integrator

Similar documents
Second Quarter Fiscal 2018 Investor Presentation

7 STEPS TO BUILD A GRC FRAMEWORK FOR BUSINESS RISK MANAGEMENT BUSINESS-DRIVEN SECURITY SOLUTIONS

Alternative Investments Advisory Services. kpmg.com

BUSINESS-DRIVEN S E C U R I T Y

BRIDGING THE GAP OF GRIEF WITH BUSINESS-DRIVEN SECURITY. Mohammad Alazab Enterprise Security Architect

Enhanced Cyber Risk Management Standards. Advance Notice of Proposed Rulemaking

FIGHTING FRAUD & CHARGEBACKS 5 STRATEGIES FOR WINNING

Mantis Partners is a specialist executive search company, servicing the global financial industry, from our offices in London and Hong Kong.

Advent Direct. Harnessing the power of technology for data management. Tackling the global challenges of fund regulations

The Guide to Budgeting for Insider Threat Management

ALLFINANZ Digital New Business & Underwriting

A Comprehensive FATCA Solution

Cyber Risk Quantification: Translating technical risks into business terms

Early on, your needs were simple. The memory of

Trends Report. Data, Analytics and Risk R I M S

Horse Racing Program. Gaming, Entertainment & Sports Practice

Telematics Usage- Based Insurance

SUNTRUST PRIVATE WEALTH MANAGEMENT SIGNATURE FINANCIAL ADVICE THAT REFLECTS YOUR INDIVIDUALITY

CAPITAL WORKPAPERS TO PREPARED DIRECT TESTIMONY OF GAVIN H. WORDEN ON BEHALF OF SOUTHERN CALIFORNIA GAS COMPANY BEFORE THE PUBLIC UTILITIES COMMISSION

A FRAMEWORK FOR MANAGING CYBER RISK APRIL 2015

Cyber Insurance I don t think it means what you think it means

Jeffrey A. Slotnick CPP, PSP Ron Worman, The Sage Group The ESRM Commission

Cyber Security Risk Information Sharing Program (CRISP) Overview, Budget Projection and Proposed Funding Allocation

THE TRANSFORMATION OF INSURANCE

Control is essential for the attainment of any management objective

Risk Management User Guide. Prepared By: Neville Turbit Version Feb /01/2009 Risk Management User Guide Page 1 of 36

Telematics Usage- Based Insurance

Chapter 2. Objectives

Vendor Disclosure Page

The working roundtable was conducted through two interdisciplinary panel sessions:

Business Continuity Program Management Benchmarking Report

Best Practices in ENTERPRISE RISK MANAGEMENT. [ Managing Risks Holistically ]

AIG Crisis Solution Prevention Services

ENTERPRISE RISK MANAGEMENT Mumbai 10 Aug 2018

The importance of regulating in the FinTech s world for the protection of consumers

Cybersecurity Insurance: The Catalyst We've Been Waiting For

Client Risk Solutions Going beyond insurance. Overview

The role of an actuary in a Policy Administration System implementation

CASUALTY INSURANCE ACE OFFSHORE INSURANCE FOR CONTRACTORS AND SUPPLIERS TO THE OFFSHORE OIL & GAS INDUSTRY

Cisco Insurance Whitepaper Fall 2016

CyberMatics SM FAQs. General Questions

Investment solutions to help fund your organization s goals

Why CISOs Should Embrace Their Cyber Insurer

Achieving integrated risk management

Final Preliminary Survey Report Audit of Budgeting and Forecasting. June 19, Office of Audit and Evaluation

2016 Risk Practices Survey

Sizing the Standalone Commercial Cyber Insurance Market

T A B L E of C O N T E N T S

NZX IPO MASTERCLASS The Wynyard Listing Story. 5 September 2014

Does Your Budgeting Process Lack Accountability?

CITY OF VILLA PARK The Hidden Jewel

Cyber Security Liability:

Trial by fire* Protected. But under pressure to perform

Guidewire ClaimCenter. Adapt and succeed

THE F FILES. Group benefits fraud what you need to know to fight fraud GET #FRAUDSMART

Optimizing the actuarial modeling environment

The future of operational risk in financial services A new approach to operational risk capital management

Risk Management: Assessing and Controlling Risk

THE FIS READINESS REPORT. The Hunt for Growth Across the Insurance Industry. Are you ready to rise?

You ve been hacked. Riekie Gordon & Roger Truebody & Alexandra Schudel. Actuarial Society 2017 Convention October 2017

Why maintenance budgets matter

Sponsored by. Is Your Data Safe? The 2016 Financial Adviser Cybersecurity Assessment

The Smartest Employee Benefit Is Identity Theft Management

Business Continuity: Be Assured

Approved Business Plan and Budget. Florida Reliability Coordinating Council, Inc.

Cybersecurity Insurance: New Risks and New Challenges

Morningstar. Managed PortfoliosSM. Mutual Fund Portfolios. ETF Portfolios. Select Stock Baskets

How to Choose a Total Chargeback Management Provider

2016 Second Quarter Earnings Conference Call

Is your Schedule Ready for the 14-Point DCMA Assessment?

Early on, your needs were simple. The memory of

Compliance, Efficiency, and Growth in Cross- Border Trade kpmg.com

COMPANY OVERVIEW. February 7, 2019

2015 Letter to Our Shareholders

Access to this webinar is for educational and informational purposes only. Consult a licensed broker or registered investment advisor before placing

Alternative Credit Scores: The Key to Financial Inclusion for Consumers

Grow your business 2016 Issue 09

OTC Derivatives Valuation and Data Services Technology-enabled solutions for derivatives and complex instruments

Attract and retain more high-quality customers while reducing your risks.

Digital evolution transforms the insurance. Christof Mascher KBW London / 3 March 2016

FIS INSURANCE PROCESS CONTROLLER SYSTEM INTEGRATION, PROCESS AUTOMATION AND COMPOSITE APPLICATION PLATFORM

It can be achieved... Built by Predictive Modelers for Predictive Modelers TM

Nonprofit Budgeting Part 2: Building Better Budgets

Get Smarter. Data Analytics in the Canadian Life Insurance Industry. Introduction. Highlights. Financial Services & Insurance White Paper

Procurement reporting alignment kpmg.com

Pension Scheme Cyber Resilence Workshop

Optimism for new investment strategies. proven value. Alternatives. The Alpha Game. Hedge Funds Step Up Operations to Capture New Growth

Federal Banking Agencies Request Comment on Enhanced Cybersecurity Standards

people and culture are key to our success

OPENING THE GATEWAY TO A SMART INSURANCE FUTURE WITH DIGITAL

DEBUNKING MYTHS FOR CYBER INSURANCE

HAVE A GOAL START EARLY BE RESILIENT. To achieve a larger purpose. To reach your goals. Through highs and lows.

The Risk of Economic Crime

Real-time Driver Profiling & Risk Assessment for Usage-based Insurance with StreamAnalytix

HITRUST CSF Assurance Program. Simplifying the information protection of healthcare data

At the Heart of Cyber Risk Mitigation

Changing the game. Key findings from The Global State of Information Security Survey 2013

Integrated Cost-Schedule Risk Analysis Improves Cost Contingency Calculation ICEAA 2017 Workshop Portland OR June 6 9, 2017

Catastrophe Models: Learning from Superstorm Sandy

Using data mining to detect insurance fraud

Transcription:

The CISO as a Systems Integrator AKA: Building Your Network Defense through Bad Car Analogies and Idioms Joe McMann Cyber Strategy Leader 2017 LEIDOS. ALL RIGHTS RESERVED. 17-Leidos-0222-1662 PIRA #DIS201702005 The wording LEIDOS used throughout is a registered trademark in the U.S. Patent and Trademark Office owned by Leidos, Inc.

Cybersecurity as a Racetrack Going round and round 2007 2017 Why are we here? Why are we still here? How do we get secure? Why aren t we secure yet? Why is this so hard? Why is this still so hard? 2017 LEIDOS. ALL RIGHTS RESERVED. 17-Leidos-0222-1662

Kicking the can down the road. Solutions come and go yet the questions persist. Are we asking the right questions? Is there a finish line? 3 2017 LEIDOS. ALL RIGHTS RESERVED. 17-Leidos-0222-1662

Slow and steady wins the race. Success [in cybersecurity] is a journey, not a destination. Map: Executable strategy Vehicles: Solution delivery models to suit Travel Companions: Trusted advisors & proven practitioners Snacks: Training, frameworks, tailored technology Cyber is a forever challenge. 4 2017 LEIDOS. ALL RIGHTS RESERVED.

Siri, how do I get to Secure? Cyber Journey Best practices baseline Turn right Drive towards intelligence Arrive at waypoint, plot next objective Intelligence is the collection of information of value and the ability to acquire and apply knowledge and skills 5 2016 LEIDOS. ALL RIGHTS RESERVED.

The CISO as a Systems Integrator Systems integrators generally have to be good at matching customers needs with existing products The current problem is how to harness all the information available, from the various information generators (or sensors) into one complete picture As well as the design of the actual interfaces much effort is being put into presenting the information in a useful manner. Wikipedia Objective: Find those elements which bring value and apply them across people, process, and technology to create a sum greater than it s parts. 6 2017 LEIDOS. ALL RIGHTS RESERVED.

All roads lead to Rome. At least they should. Establish operations: Develop capabilities Refine processes Train skillsets Evolve tradecraft: Encourage mindset Empower the analyst Gather expertise Build a foundation: Define the mission Form relationships Manage information Ensure visibility 7 2017 LEIDOS. ALL RIGHTS RESERVED. 17-Leidos-0222-1662

Case Study: Putting the cart before the horse. Large, international enterprise with federated business units Many non-standardized external connections Proposed a big-data analytics solution for threat hunting Challenges: Incomplete data-set. Solution applied to a limited % of primary gateways. Unknown number of non-standard ingress/egress methods. Post-event detection only. No active mitigations or controls. 8 2016 LEIDOS. ALL RIGHTS RESERVED. 17-Leidos-0222-1662

Rome wasn t built in a day. Five Essential Components for Success Mission focused organization Structured process strategy Visibility, awareness and control Repeatable analysis framework Measurement and accountability 2017 LEIDOS. ALL RIGHTS RESERVED. 17-Leidos-0222-1662

Organizational Integration The mission depends on collaboration across the entire organization Strive to operate in a culture of yes, we ll find the right way Cybersecurity no longer exists as a Black Box. CISO organization stands at center of bi-directional feedback loop between CND operations and the rest of the business and must broker inputs and outputs. 10 2017 LEIDOS. ALL RIGHTS RESERVED.

Analysts Corporate Comms Physical Security Network Defense Engineering & Development Counter-Intelligence Perimeter Physical Security Human Resources CISO Enterprise Controls Host Identity & Asset Management Corporate IT Business Units Policy & Compliance Education & Awareness 11 2017 LEIDOS. ALL RIGHTS RESERVED. 17-Leidos-0222-1662

Process Integration Strategy Plan out processes from the ground up: Define inputs and outputs for each Understand interface points and relationships Build from daily operations Foundational processes should feed, inform, and guide strategic efforts Ask yourself if a process stands on it s own, with limited connectivity back to the core, is it providing value? Does the process belong in this mission for this organization? 12 2017 LEIDOS. ALL RIGHTS RESERVED.

Incident Response Communicate Internal Drivers Coordination Employees Detections and Alerts Triage Leadership & LOBs Employee Notifications Detection & Analysis Remediate Public, LE, Government Testing & Simulation Real-time External Drivers Historical Mitigations & Protections Measure & Report Industry Partnerships Pivoting & Hunting Network Activity Intelligence Host Effectiveness Vendors & Suppliers Tactical & Strategic Impact 2017 LEIDOS. ALL RIGHTS RESERVED. 17-Leidos-0222-1662

Technical Integration Where the rubber hits the road. Not just a collection of solutions Understand how they fit, how they integrate, how they flow Source: The Racetrack Model: Driving Informed Defense Through Analytic Completeness 2016 Lockheed Martin. All rights reserved. 14 2017 LEIDOS. ALL RIGHTS RESERVED. 17-Leidos-0222-1662

Go with the flow. Map out capabilities in a logical flow Intrinsic values Order of operations? Active/Passive? Derived values What information do they provide? What happens if? Source: The Racetrack Model: Driving Informed Defense Through Analytic Completeness 2016 Lockheed Martin. All rights reserved. 15 2017 LEIDOS. ALL RIGHTS RESERVED. 17-Leidos-0222-1662

Case Study: Getting a tune-up. Prime utility company, pieces in place across organization and process. Technology portfolio largely built out, needed to enhance the SIEM capabilities for analysts Challenges: While baseline capabilities existed, available data was not being utilized Some controls feeding SIEM were pushing high-noise, low-value events Limited ability to measure, record, and report on effectiveness of tuning 16 2017 LEIDOS. ALL RIGHTS RESERVED. 17-Leidos-0222-1662

Souvenirs Build on a strong foundation Understand dependencies in the simplest form: People without technology are frustrated Technology without people lacks context and impact People and technology without process leads to chaos Visibility is paramount. Always start there. If you can t see it, you can t detect it. If you can t detect it, you can t analyze it. If you can t analyze it, you ll never know how to stop it. 17 2017 LEIDOS. ALL RIGHTS RESERVED. 17-Leidos-0222-1662

Thank you. Questions and Discussion

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback