robert lentz - cso perspectives roadshow 2016
TRANSCRIPT
WELCOME
Robert LentzPresident, Cyber Security Strategies
Former CISO Dept of DefenseAdapt or Die – The Evolution in Cyber Security
Key Tenets
Vision to be Predictive and Resilient Strong Governance and CultureCyber Security Risk and EconomicsBalance people, process, and technology investment to
execute policy and support transformationUnified path and principles, metrics and “systems” to
accelerate cyber maturity and sustain improvementRaise cost to attacker to better defend and deter
End Game
Cyber Resilience
COST TO DEFEND
Cyber Gap
Advantage: Attackers Advantage: Defenders
COST TO ATTACKCost
Today’s Situation• Large Attack Surface• Reactive and slow• People/Process Lag• IneffectiveTechnology• Assigned Identity
Tomorrow’s Solution• Reduced Attack Surface• Predictive and fast• Mobilization of People• Systems over Tools• Root-of-trust Identity
Mobilization… Risk and Economics
Cyber Resilience… Destination
AE BD CC DB EAReactive & Manual Tools-Based Integrated Picture Active DefensePeople-based, followingdoctrine and doing their best to “put out fires”
Applying tools andtechnologies piecemealto assist people inreacting faster
Loosely integrated with focus on interoperabilityand standards baseddata exchange forIA situational awareness
Resilient EnterprisePredictive and agile, the enterprise instantiatespolicy, illuminates events and helps the operators find, fix, and target for response
Thre
at a
nd C
onse
quen
ce
CC
AE B
NATIONSTATE THREAT
ADVANCEDPERSISTENTTHREAT
CONVENTIONALTHREAT
Resilience
D
EA
DB
Agility / Speed of Action
Most Enterprises Pursuit Path
Predicative and business focused, isolates and contains damage, software assurance and protect key enterprise resources to continue operationdespite cyber attacks
Cyber Maturity Model
Security IntelligenceMaturity LevelsLevel 0: BlindLevel 1: Minimally ComplaintLevel 2: Securely CompliantLevel 3: VigilantLevel 4: Resilient
Delivering a Path to Success
Level 0 Level 1 Level 2 Level 3 Level 4
EXPOSEDTO THREATS
RESILIENTTO THREATS
Tim
efra
me
MEAN-TIME-TO-DETECT (MTTD)
MEAN-TIME-TO-RESPOND (MTTR)
Greater threat resiliency is achieved at higher levels of security intelligence maturity
Cyber Security Maturity Model
Agility / Speed of Action
Reactive and Manual Tools-Based Integrated Picture Active DefensePeople based followingdoctrine and doing theirbest to “put out fires”
Applying tools and technologies piecemeal to assist people in reacting faster
Loosely integrated with focus on interoperabilityand standards baseddata exchange forIA situational awareness
Resilient EnterprisePredictive and agile, the enterprise instantiatespolicy, illuminates events and helps the operators find, fix, and target for response
Thre
at a
nd C
onse
quen
ce
Predictive and business focused, isolates and contains damage, rapid forensics to protect key enterprise resources to continue operation despite cyber attacks
NATIONSTATE
ADVANCEDPERSISTENT
THREAT
CONVENTIONALTHREAT
Resilience
*Cyber Security Strategies, LLC
C B ADE
A
B
C
DE
offense/defense
dislocation
Investment in this zone is
critical
Majority of Enterprises