Download - Cyber bdm
Cybersecurity: Trust, Visibility, Resilience
With Pervasive Connectivity
What is at stake?
Cybersecurity Threats
Manipulation Espionage Disruption
Pentagon Report
“financial terrorism (in 2008) may have cost the global economy as much as $50 trillion.”
Popular Mechanic
“Currently on Chinese military drawing boards are plans for combat aircraft, the Chengdu J-10 and Xian JH-7A fighter jets; a combat helicopter, the Z-10; advanced warships; and even space-based weapons designed to knock out communications satellites. U.S. observers fear that much of this will be made possible by espionage.”
How? Advanced Malware: Stuxnet
Target: Iranian Nuclear Reactors
Impact: 2-5 Year Delay
Exploit: Siemens PLC Software
Origin: Unknown
The Challenges of Cybersecurity are the Same
Trust, Visibility, Resilience
Regardless of the Mission
Federal Cybersecurity Challenges
Operational Management
Business Resiliency
Data Capacity
Supply Chain
Data Loss
Federal Cybersecurity
What is Cisco’s Role?
Why Cisco? Everything is on the Network
“No single company can solve the complex challenge presented
by the Internet, but the inherent role
of the network positions Cisco as the
natural partner in developing and
executing a successful cybersecurity strategy”
Cisco’s Approach to Cybersecurity
Trust
Visibi
lityResilience
Identify and Manage
Respond and Recover
Prevent and Detect
Who and What?What is on my Network?Who is on my Network? What can they access?
Continuous MonitoringData ExfiltrationBoundary DefenseMalware and APT DefenseSituational Awareness
Identity and AccessSecure Mobility Wireless IntegrityConfiguration AssurancePhysical SecurityAudit and Compliance
COOPIncident HandlingAvailabilityService Level Assurance
Trust Visibility Resilience
Cisco Cyber Solutions
What and Where?What threats are present? Where are they? How do we take action?
Identity and AccessSecure Mobility Wireless IntegrityConfiguration AssurancePhysical SecurityAudit and Compliance
Continuous MonitoringData ExfiltrationBoundary DefenseMalware and APT DefenseSituational Awareness
COOPIncident HandlingAvailabilityService Level Assurance
Trust Visibility Resilience
Cisco Cyber Solutions
How?How do we avoid disruption?How can we mitigate risk?How do we get back to trust?
Identity and AccessSecure Mobility Wireless IntegrityConfiguration AssurancePhysical SecurityAudit and Compliance
Continuous MonitoringData ExfiltrationBoundary DefenseMalware and APT DefenseSituational Awareness
COOPIncident HandlingAvailabilityService Level Assurance
Trust Visibility Resilience
Cisco Cyber Solutions
The Collective Application of Cisco
TVR Solutions Create a Layered Cyber Defense
PartnershipPrivate SectorPublic Sector
Regulatory Alignment
Private/Public Partnerships Cybersecurity Innovation
Thought leadership
Manufacturing Integrity
Education
Investment
The Cybersecurity JourneyThe Journey Ahead
Backup Slides
Systems Integrators
SIEM Partners
ImplementationPartners
Technology Partners
Building solutions with best of breed ISVs & Technology Partners
Cybersecurity Partner Ecosystem:
• IRAD projects to address customer requirements• Integrate component parts in proof-of-concept environments to foster learning and innovation
• Ecosystem partners to meet diverse customer security incident and event management requirements• Cisco validated design and deployment methodologies
• Cybersecurity focus partners to ensure consistent delivery of Cisco and partner systems• Agile custom solution development
• Complimentary technology partners to complete Cybersecurity solution offerings• Best of bread market proven technologies
Federal Cybersecurity Priorities
Situational Awareness
Real-timeContinuous Monitoring
Application Security
Identity Mgmt.
Secure Supply Chain
Education and Training
Vulnerability Analysis/IDS
Continuous Monitoring
Application Security
Vulnerability Analysis/IDS
Limited Access Points
SecurityProducts
Embedded Security Capabilities Cross
Architecture
Visibility Tools
ServicesTrusted HW/SW
Why Cisco?
Cisco’s Pervasive FootprintThe Network is the SensorPublic/Private PartnershipsEducationCertificationsIncident ResponseSupply Chain Management
•Contingency Planning•System & CommunicationProtection•Incident Monitoring•Physical & Environmental
Data Center/Virtualization
Collaboration
• Performance Routing• NSF/SSO• EnergyWise• Policy Based Routing
• Cisco Works LMS 4.0• Cisco Configuration Engine• Cisco TrustSec (Identity)• Cisco AnyConnect Client• Cisco VPN Services• Cisco Mobility Engine & Wireless Solution• Cisco Unified Border Element• ASA Firewall• IOS Firewall
• Security Intelligence Operations• IPS 4200 Series• Clean Air Technology• NBAR• IOS Intrusion Prevention• IOS NetFlow• Service Control Engine• ASA BotNet Filter
TRUST
VISIBILITY
RESILIENCE
•Access Control•Audit & Accountability•Configuration Management•Identification & •AuthenticationMaintenance•System & CommunicationProtection
•Security Assessment &Authorization•System & CommunicationProtection•System & Information Integrity•Incident Monitoring
NIS
T 80
0-53
NIS
T 80
0-53
NIS
T 80
0-53
Critical Control Family
Critical Control Family
Critical Control Family
Identity and AccessSecure Mobility Wireless IntegrityAudit and Compliance Configuration AssurancePhysical Security
Continuous MonitoringData ExfiltrationBoundary DefenseMalware DefenseSituational Awareness
COOPIncident HandlingAvailabilityService Level Assurance
SOLUTIONS ARCHITECTURESSTRATEGY
Borderless Networks
TVR-Trust Use Case
Problem #1: Customers don’t know what is on their network
Solution: Cisco Trustsec (802.1X, Profiling)
Problem #2: DoD Networks/resources are being shared amongst each other and coalition forces
Solution: Cisco Trustsec (Security Group Tags)
Problem #3: DoD is subject to multi level security
Solution: Cisco Trustsec (Security Group Tags, 802.1AE)
Problem #4: DoD is turning up wireless
Solution: Cisco Secure Wireless (Clean Air, Suite B, etc)
TVR-Visibility Use Case
Problem #1: Customers want a common operating picture
Solution: SIEM Ecosystem, Various IOS Features, CSM, (COSMOS future)
Problem #2: Customers need to stop Data Leakage
Solution: Trustsec, Ironport DLP, FW
Problem #3: Customers need actionable intelligence
Solution: AIPS 4200, IronPort (ESA/WSA), SCE, IOS Security Services (Firewall, ISRG2, Content Filtering)
TVR-Resilience Use Case
Problem #1: Customers need to prevent disruption to service
Solution: SCE (e.g. DPI) IOS Technologies (Control Plane Policing –CoPP, QOS, IP-SLA, NBAR,syslog, Ecosystem (e.g. Arbor Networks) Continuity of Operations (DC-Vblock, Webex/Tandberg, CVO-HR1722
Problem #2: Customers need to mitigate damage from attack
Solution: IronPort ESA/WSA, Cloud Security / Scan Safe, Cisco Firewall Solutions (e.g. DPI), IPS, Netflow
Problem #3: If attacked, customers need Incident response capabilities
Solution: Cisco FISMA Response Solution, Cisco Security Optimization ServiceSIM Ecosystem (NBAR,Syslog, Netflow, QOS, IPS, Network Telemetry)
“No single company can solve the complex challenge presented by the Internet, but the inherent role of the
network positions Cisco as the natural partner in developing and
executing a successful cyber security strategy”