WELCOME

Robert LentzPresident, Cyber Security Strategies

Former CISO Dept of DefenseAdapt or Die – The Evolution in Cyber Security

Key Tenets

Vision to be Predictive and Resilient Strong Governance and CultureCyber Security Risk and EconomicsBalance people, process, and technology investment to

execute policy and support transformationUnified path and principles, metrics and “systems” to

accelerate cyber maturity and sustain improvementRaise cost to attacker to better defend and deter

End Game

Cyber Resilience

COST TO DEFEND

Cyber Gap

Advantage: Attackers Advantage: Defenders

COST TO ATTACKCost

Today’s Situation• Large Attack Surface• Reactive and slow• People/Process Lag• IneffectiveTechnology• Assigned Identity

Tomorrow’s Solution• Reduced Attack Surface• Predictive and fast• Mobilization of People• Systems over Tools• Root-of-trust Identity

Mobilization… Risk and Economics

Cyber Resilience… Destination

AE BD CC DB EAReactive & Manual Tools-Based Integrated Picture Active DefensePeople-based, followingdoctrine and doing their best to “put out fires”

Applying tools andtechnologies piecemealto assist people inreacting faster

Loosely integrated with focus on interoperabilityand standards baseddata exchange forIA situational awareness

Resilient EnterprisePredictive and agile, the enterprise instantiatespolicy, illuminates events and helps the operators find, fix, and target for response

Thre

at a

nd C

onse

quen

ce

CC

AE B

NATIONSTATE THREAT

ADVANCEDPERSISTENTTHREAT

CONVENTIONALTHREAT

Resilience

D

EA

DB

Agility / Speed of Action

Most Enterprises Pursuit Path

Predicative and business focused, isolates and contains damage, software assurance and protect key enterprise resources to continue operationdespite cyber attacks

Cyber Maturity Model

Security IntelligenceMaturity LevelsLevel 0: BlindLevel 1: Minimally ComplaintLevel 2: Securely CompliantLevel 3: VigilantLevel 4: Resilient

Delivering a Path to Success

Level 0 Level 1 Level 2 Level 3 Level 4

EXPOSEDTO THREATS

RESILIENTTO THREATS

Tim

efra

me

MEAN-TIME-TO-DETECT (MTTD)

MEAN-TIME-TO-RESPOND (MTTR)

Greater threat resiliency is achieved at higher levels of security intelligence maturity

Cyber Security Maturity Model

Agility / Speed of Action

Reactive and Manual Tools-Based Integrated Picture Active DefensePeople based followingdoctrine and doing theirbest to “put out fires”

Applying tools and technologies piecemeal to assist people in reacting faster

Loosely integrated with focus on interoperabilityand standards baseddata exchange forIA situational awareness

Resilient EnterprisePredictive and agile, the enterprise instantiatespolicy, illuminates events and helps the operators find, fix, and target for response

Thre

at a

nd C

onse

quen

ce

Predictive and business focused, isolates and contains damage, rapid forensics to protect key enterprise resources to continue operation despite cyber attacks

NATIONSTATE

ADVANCEDPERSISTENT

THREAT

CONVENTIONALTHREAT

Resilience

*Cyber Security Strategies, LLC

C B ADE

A

B

C

DE

offense/defense

dislocation

Investment in this zone is

critical

Majority of Enterprises