“it’s not if, it’s when” - usc · rapidly report cyber incidents and cooperate with dod to...

`

Cyber Attacks & Breaches

“It’s not if, it’s When”

IMRI Team | Aliso Viejo, CACopyright © 2016 IMRI. All rights reserved. Proprietary Information

Copyright © 2016 IMRI. All rights reserved. Proprietary Information

Data Center/Cloud Computing/Consolidation/Operations • 15 facilities, 4 million users, 2800 applications

• 22 Savings & Loans operations with merger of $2 billion in assets

• Manages over $300 million in High Performance Computing operations

• Managed and delivered multi-million dollars of enterprise technology services for utility companies

Cyber Security • Supports the largest information network in world with over 1500 networks and 7 million devices

• Engaged with U.S Army Network Enterprise Technology Command, Missile Defense Agency,

U.S Army Corps of Engineers, DISA

• F.E.M.A network security and perimeter defense and 3rd party verification and validation

• U.S Unified Combatant Commands and Army Regional Cyber Centers worldwide

TelecommunicationsTrusted advisors to the FirstNet leadership team providing wireless public safety expertise and

professional services support for United States first high speed wireless broadband nationwide network

for first responders solely to police, firefighters, emergency medical service professionals and other public safety officials

Trusted Leader with Solution Oriented Results Since 1992


Why is Federal Government Focused on Cyber?

• State-sponsored hacking is pervasive and difficult to detect and prevent

• Many attacks target intellectual property from the private sector • Stopping state-sponsored IP theft is a “top U.S. national security priority”

• Large-scale data breaches can have a negative impact on the economy as a whole

• 3 million known cyber attacks on DoD networks per month or 100,000 attacks per day

• DoD’s cyber focus causes 99.9% of attempted attacks fail• 100 per day are successful

• DHS US-CERT provides up-to-date information on current cyber security activity, new vulnerabilities and tips on security issues facing the general public

• Helps organizations and companies shore up their defenses and catch potential vulnerabilities before they are exploited by hackers


It is in the United States’ best interest to Focus on Cybersecurity


Challenges in Manufacturing:Indiscriminate internetworking (IOT)Connected networks that operate at different levels of trustIndustry believes that Firewalls are enoughBugs in software allowing for easy entry for malicious activityOnly 80% of the network is known, 20% is “unknown”

Cyber Attacks in Manufacturing

Software bugsFailed firewallsLack of vendor management


What You Should Know About DoD Security and Compliance

• DFARS §252.204-7012 resulted from increased cyber espionage where adversaries stole sensitive government information—often from a contractor or subcontractor.• Requires all DoD contractors to comply with NIST security controls• Minimum cybersecurity standards cover 14 areas as described in NIST 800-171 • Full compliance required by December 31, 2017


DoD relies upon contractors to carry out a wide range of missions and shares sensitive data with them. Inadequate safeguards threaten America’s national security and put service members’ lives at risk.

New DFARS cybersecurity regulations are demanding, especially for small businesses, but solutions exist.

• DoD contractors must adhere to two basic cybersecurity requirements:1. Provide adequate security to safeguard covered defense

information from unauthorized access and disclosure

2. Rapidly report cyber incidents and cooperate with DoD to respond


Vulnerability Points

•Unused telephone line –war dialing

•Use of removable media

• Infected Bluetooth enabled devices

•Wi-Fi enabled computer thathas Ethernet connection to SCADA system

• Insufficiently secure Wi-Fi

•Corporate LAN /WAN

•Corporate web server email servers internet gateways

Typical Ecosystem

Securing the Ecosystem – IMRI’s Approach


Understand the

strengths &

weaknesses of

current cyber

security

arrangements

Identify

critical assets

Understanding

what you are

Protecting

What Can You Do Now?

Develop a cyber

security roadmap

Detect, Protect, and Prevent


`

THANK YOU!Please visit us www.cytellix.com

Call (949) 215-8889

Email [email protected]

IMRI Team | Aliso Viejo, CACopyright © 2016 IMRI. All rights reserved. Proprietary Information


http://www.cytellix.com/

mailto:[email protected]

“it’s not if, it’s when” - usc · rapidly report cyber incidents and cooperate with dod to...

Documents