thursday, january 23, 2014 10:00 am – 11:30 am. agenda cyber security center of excellence ...

14

IT Steering Committee Meeting Security Operations Center Thursday, January 23, 2014 10:00 am – 11:30 am

Upload: darcy-welch

Post on 27-Dec-2015

213 views

Category:

Documents

0 download

Report

Download

Tags:

Embed Size (px):

TRANSCRIPT

Page 1: Thursday, January 23, 2014 10:00 am – 11:30 am. Agenda Cyber Security Center of Excellence Project Phase Implementation Next Steps 2

IT Steering Committee MeetingSecurity Operations Center

Thursday, January 23, 201410:00 am – 11:30 am

Page 2: Thursday, January 23, 2014 10:00 am – 11:30 am. Agenda Cyber Security Center of Excellence Project Phase Implementation Next Steps 2

Agenda

Cyber Security Center of Excellence Project Phase Implementation Next Steps

2

Page 3: Thursday, January 23, 2014 10:00 am – 11:30 am. Agenda Cyber Security Center of Excellence Project Phase Implementation Next Steps 2

State of Hawaii’s Transformation Programs

3

Page 4: Thursday, January 23, 2014 10:00 am – 11:30 am. Agenda Cyber Security Center of Excellence Project Phase Implementation Next Steps 2

Cyber Securi

ty Center

of Excellence

Strengthen the ability to detect and respond to enterprise-wide

cyber incidents/threat

s

Design a formal enterprise-wide

incident response plan

Accelerate integration of

tools to support SOC

Security Operations Center

Mission Statement:“To enhance the cyber security posture of the Hawaii State Government through continuous monitoring to proactively identify, isolate and manage security incidents thereby reducing the risks from potential cyber threats.”

4

Page 5: Thursday, January 23, 2014 10:00 am – 11:30 am. Agenda Cyber Security Center of Excellence Project Phase Implementation Next Steps 2

Assess

Plan

Implementation

Verify and Validate

Project Phase

4 Phased Approach

5

Page 6: Thursday, January 23, 2014 10:00 am – 11:30 am. Agenda Cyber Security Center of Excellence Project Phase Implementation Next Steps 2

6

Implementation - Security Devices

Page 7: Thursday, January 23, 2014 10:00 am – 11:30 am. Agenda Cyber Security Center of Excellence Project Phase Implementation Next Steps 2

Lessons Learned

IntegrationProcess

Training

Detect Analyze

Respond

Recover

Implementation

7

Enterprise-Wide Incident Response Plan

Page 8: Thursday, January 23, 2014 10:00 am – 11:30 am. Agenda Cyber Security Center of Excellence Project Phase Implementation Next Steps 2

Detection through ArcSight◦ Detect intrusions at perimeter, internal network, hosts,

applications

Implementation - Detect

8

Page 9: Thursday, January 23, 2014 10:00 am – 11:30 am. Agenda Cyber Security Center of Excellence Project Phase Implementation Next Steps 2

Detailed Analysis with LiveAction◦ Determine severity, scope, business impact

Implementation - Analyze

9

Page 10: Thursday, January 23, 2014 10:00 am – 11:30 am. Agenda Cyber Security Center of Excellence Project Phase Implementation Next Steps 2

Initial Cyber Incident Report◦ Notification to Business and Program Owners

Implementation - Analyze

10

Page 11: Thursday, January 23, 2014 10:00 am – 11:30 am. Agenda Cyber Security Center of Excellence Project Phase Implementation Next Steps 2

Response Options◦ Can stop attack at perimeter, access layer, host, or

somewhere in between

Implementation - Respond

11

Page 12: Thursday, January 23, 2014 10:00 am – 11:30 am. Agenda Cyber Security Center of Excellence Project Phase Implementation Next Steps 2

Recover systems to normal state ◦ Includes threat removal, damage assessment, forensics,

reporting and lessons learned

Plan the Recovery Collect Incident Data Cleanup & Recovery of Incident Forensics - Reconstruct Damage & Cost assessment Revise plan & response Complete post-incident analysis and reporting Reporting internally & to authorities

Implementation - Recover

12

Page 13: Thursday, January 23, 2014 10:00 am – 11:30 am. Agenda Cyber Security Center of Excellence Project Phase Implementation Next Steps 2

Ensure mitigation efforts were successful◦ Watch-list monitoring with multiple Cyber Tools

Implementation – Verify and Validate

13

Page 14: Thursday, January 23, 2014 10:00 am – 11:30 am. Agenda Cyber Security Center of Excellence Project Phase Implementation Next Steps 2

Next Steps

Continue Server Categorization Defining use cases for Alerting, Reporting

and Dashboards in ArcSight Continue Adversary Hunting Continued Ingestion of Devices (Servers,

Databases, Routers, Switches, Security Systems)

Begin Enterprise-Wide Incident Response Program Development

Thank You

14

UVSS STEM-Smart And TRUE INORMATION ASSURANCE CYBER SECURITY ACADEMY Veterans Center of Excellence (VCoE)

Cooperative Cyber Defence Centre of Excellence Annual Activities, Tallinn, Estonia; NATO ACT Cyber Defence Framework & Conferences, 2010

DUBAI CYBER SECURITY STRATEGY · The Dubai Cyber Security Strategy, which adds to the government’s numerous achievements, gives further impetus to our journey of excellence in cyber

Centers of Academic Excellence in Cyber Security (CAE-C) Cyber... · CAE Cyber Ops Summer Internship 2013: 8 Interns 2014: 13 Interns 2015 : 16 interns Selection Priority is given

Centers of Academic Excellence in Cyber Defense (CAE-CD)itm.iit.edu/faculty/CAE-CD_2019_Knowledge_Units.pdf · 3. Describe cyber defense tools, methods and components and apply cyber

Introducing Cyber Threat Monitoringgreenprepaid.starhub.com/content/dam/starhub/2016/... · The StarHub Cyber Security Centre of Excellence is a new initiative that helps companies

Savannah District Military Programs · 2013 – Ft. Gordon selected as home for Army Cyber Command (ARCYBER) & Consolidated Cyber School (Cyber Center of Excellence) Cornerstones

EXCELLENCE Professional Hands-On Trainings in Cyber Security, … · Professional Hands-On Trainings in Cyber Security, Cloud Computing, Big Data Analytics, Artificial Intelligence

Colonel James Clifford 2019... · Cyber Center of Excellence and Ft. Gordon May 14, 2019 Our Keynote Speaker Colonel James Clifford Garrison Commander of the Cyber Center of Excellence

Operation Cyber Wellness - fbcconferences.com€¦ · Operation Cyber Wellness The Whole 360 Approach to Cyber Safety Jothi Dugar. Hello! I am Jothi Dugar. The million little parts

Introducing Cyber Threat Monitoring - StarHub · The StarHub Cyber Security Centre of Excellence is a new initiative that helps companies enhance the security of their cyber space

NSA/DHS Centers of Academic Excellence for … NSA/DHS Centers of Academic Excellence in Information Assurance/Cyber Defense Focus Areas 1 NSA/DHS Centers of Academic Excellence for

The Commonwealth Has a “VOICCE” Virginia’s Operational Integration Cyber Center of Excellence

Continuous Cyber Attacks: Achieving Operational Excellence ... · in cyber defense Organizations have a number of specific steps they can take to improve their security operations,

CYBERSECURITY - Cyber Center of Excellence · learning or artificial intelligence Technologies & Capabilities The reach of San Diego’s cyber industry spans the globe, with nearly

Cyber Security Capabilities at The University of Texas at ...csi.utdallas.edu/UTD-Cyber-Security-Summary.pdf · • NSA/DHS Center for Academic Excellence in Cyber Security Education,

Agoramap - filter Pôle Excellence Cyber - (V072017-tbc)

Commonwealth Cyber Initiative Blueprint · 2019-05-16 · EXECUTIVE SUMMARY . 1 . The Commonwealth Cyber Initiative (CCI) will create a Commonwealth-wide ecosystem of innovation excellence

RESOLVING HIGH-TECH'S SECURITY€¦ · • Cyber resilience is the company’s ability to deliver operational excellence in the face of disruptive cyber adversaries. ... As their

Interconnected Cyber Security Landscape in Ireland...Interconnected Cyber Security Landscape in Ireland McAfee has its Centre of Excellence for Enterprise Security Solutions in Ireland

BUSINESS EXCELLENCE PRACTITIONER TRAINING · Managing & Sustaining Business Excellence in Premier Inc 10.45 am – 11.45 am Managing & Sustaining Business Excellence in Computershare

Center of Excellence Enabling Cyber Security at scale with ...Cyber Analysis & Resilience Noblis technologies are driven by interdisciplinary teams of world-class researchers in areas

For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for the New Normal Infographic

AFOSR/Cyber and Information Technology · Integrity Service Excellence AFOSR/Cyber and Information Technology 24 April 2013 Robert J. Bonneau, Ph.D. Department Chair AFOSR/RTC Air

GMU C4I & Cyber Center · GMU C4I & Cyber Center Dr. Mark Pullen, Director Dr. Kathryn Laskey, Associate Director Center of Excellence in Command, Control, Communications, Computing,

For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for the New Normal Exec Summary

CYBER SECURITY EXCELLENCE...2019/05/04 · • Cyber Essentials • Cyber maturity assessment • Forensic readiness MANAGED AND EXPERT SERVICES Taking the cyber security pressure

CGCentre Achieving Excellence - PwC · 2018-11-28 · Achieving Excellence Issue No. 1 Seven key questions boards should ask about cybersecurity Cybersecurity As the cyber threat

EXCELLENCE Professional Hands-On Trainings in Cyber

CORPORATE SEGMENT - Data Security Council of India · CORPORATE SEGMENT DSCI Excellence Award for Capacity Building of Law Enforcement Agencies DSCI Excellence Award: India Cyber

National Cyber Security Organisation: CZECHIA...Defence Centre of Excellence (CCDCOE), each country report outlines the division of cyber security roles and responsibilities between

U.S. ARMY CORPS OF ENGINEERS SAVANNAH DISTRICT … · • Cyber Center of Excellence – 4 MILCON projects – Facilities for Cyber Branch Ft. Gordon undergoing a transformation that

CYBER-SAFETY BASICS · CYBER-SAFETY BASICS Author: PCAVX4630-31 Created Date: 9/22/2016 11:16:47 AM

The European Centre of Excellence for Countering …...Cyber crime –such as identity theft/fraud. In essence this consists of conducting cyber attacks against individuals or private

National Centers of Academic Excellence in Cyber Defense ... · PDF fileNational Centers of Academic Excellence in Cyber Defense (CAE-CD) NICE NATI ON AL IN IT IATIVE FO R CYBERSECURITY