security 101: overview of information assurance...security 101: overview of information assurance...
TRANSCRIPT
![Page 1: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/1.jpg)
Security101:OverviewofInformationAssurance
Dr.BarbaraEndicott-PopovskyICSDepartmentUHMUW/UHMCenterforIAandCybersecurity
![Page 2: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/2.jpg)
PutinPraisesDNCHackButDeniesRussiaWasBehindIt
RussianPresidentVladimirPutinispraisingthehackthatbrokeintotheDemocraticNationalCommitteeandleakedinternalemailsonline-- butsaysRussiawasnotbehindit.
Cybersecurityexpertshavefingeredtwohackinggroups workingwiththeRussiangovernmentintheDNChack,whichtheFBIisalsoinvestigating,andDemocraticofficialssaythebreachwaspartoftheMoscow'sattempttoinfluencethepresidentialelectioninfavorofDonaldTrump.ThehackresultedintheousterofseveraltopDNCofficials,includingitsformerchair.
Thursday,PutinsaidthehackwasapublicservicebecauseitexposedtheDNC'sapparentfavoritismofClintonduringtheDemocraticpresidentialprimary,butclaimed,"Idon'tknowanythingaboutit."
"Listen,doesitevenmatterwhohackedthisdata?''Putinsaid."There'snoneedtodistractthepublic'sattentionfromtheessenceoftheproblembyraisingsomeminorissuesconnectedwiththesearchforwhodidit."
"Theimportantthingisthecontentthatwasgiventothepublic,"headded.Sep22016,10:36amET
http://www.nbcnews.com/card/putin-praises-dnc-hack-denies-russia-was-behind-it-n642061
![Page 3: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/3.jpg)
iClicker Question:• Basedonwhatyouhavereadandheardaboutthishackhow
certainareyouthattheRussiansdidit?
a. Verysure:TheRussiansdidit,nodoubt!They’reevil!b. Sure:Iacceptthenewsmediareports—theyknowwhatthey’re
talkingabout.c. Neithersureorunsure:I’vejustheardaboutitandhavenoopinion.d. Unsure:Howdotheyknowforsure—onwhatevidence?e. Veryunsure:Attributionisverydifficulttodetermineabsolutelyon
Internetcommunications.Forexample,someonecouldhijackRussianservers.
![Page 4: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/4.jpg)
iClicker:A:VerySureB:SureC:NeithersureorunsureD:UnsureE:Veryunsure
![Page 5: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/5.jpg)
Thoughtquestion• AssumingthatthisisanattackontheUSelectoralprocess,wouldthisbe
anactofwar?– Forthatmatter,whenisanintrusiona“hack”(asimplecrime)and
whenisitanactofwar?– Howwillweknow?
• Thesearetoday’sstakes!WhateverhappenedtothekidsstayingupallnightonJolthackingintothePentagon?
![Page 6: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/6.jpg)
CyberWar
http://www.foxnews.com/politics/2016/09/03/putin-calls-dnc-hack-public-service-denies-russias-involvement.html
![Page 7: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/7.jpg)
Agenda
• Context• OverviewThreatLandscape• ThreatSpectrumEvolution• BreachTrends• StrategiesforOrganizationsandIndustries• DoControlsWork?• ChangingourMentalModels
![Page 8: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/8.jpg)
CONTEXTHowdidwegethere?
![Page 9: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/9.jpg)
1960-1980 1985 1995 -
Computer Security INFOSEC Information Assurance
Information System Security Revolution
Other Networks
PacketSwitch
Gateway
FileServer
Bridge
![Page 10: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/10.jpg)
AttributeAgricultural
AgeIndustrial
AgeInformation
AgeWealth Land Capital KnowledgeAdvancement Conquest Invention Paradigm ShiftsTime Sun/Seasons Factory
WhistleTime Zones
Workplace Farm Capital equipment
Networks
OrganizationStructure
Family Corporation Collaborations
Tools Plow Machines ComputersProblem-solving Self Delegation IntegrationKnowledge Generalized Specialized InterdisciplinaryLearning Self-taught Classroom Online
![Page 11: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/11.jpg)
Smashing
IndustrialAge
Infrastructure!
![Page 12: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/12.jpg)
![Page 13: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/13.jpg)
The Sorcerer’s Apprenticehttp://www.youtube.com/watch?v=4ryFOztZrrc
![Page 14: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/14.jpg)
CertificateinIAandCybersecurtyICS426,425and491
![Page 15: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/15.jpg)
SecurityPolliClicker Question:
Beforediscussingthethreatlandscape,howdoyoufeelaboutyouronline
securityingeneral?
A:VerySafeB:SafeC:OkayD:NotsafeE:Vulnerable
![Page 16: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/16.jpg)
OVERVIEWOFTHREATLANDSCAPEWhat’scomingatus?
![Page 17: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/17.jpg)
![Page 18: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/18.jpg)
![Page 19: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/19.jpg)
Threats
![Page 20: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/20.jpg)
CriticalInfrastructure:AnIrresistibleTarget
![Page 21: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/21.jpg)
THREATSPECTRUMEVOLUTIONWhynowissourgent:
Source:GBA
![Page 22: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/22.jpg)
Today’sCriminalsComeinManyForms…allofwhichcandogreatharm
• Scriptkiddies
• Hacktivists
• CyberCriminals
• APTs/NationStatesIMAGESOURCE:http://upload.wikimedia.org/wikipedia/commons/4/48/Anonymus_logo.png
Source:GBA
![Page 23: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/23.jpg)
DifferentFaces,SameBasicProcess
http://www.discoveringidentity.com/2013/03/11/mandiant-report-apt1-exposing-one-of-chinas-cyber-espionage-units/Source:GBA
![Page 24: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/24.jpg)
CommonScriptKiddieAttackProgression
ScriptKiddieenjoyshackingandwantstobuild
reputation
IdentifiesTargetWebsite(s)
ScansforVulnerabilities
PubliclyPostsDataBreachInformationand/orboasts
aboutwhattheydid
DefacesWebsiteorStealsDatafromDatabase
ExploitsVulnerabilities
Source:GBA
![Page 25: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/25.jpg)
• Hacked259websitesin90days
• Stoleandleakedinformation
• Defacedcorporatewebsites
ScriptKiddieDamage
ScreenshotofDefacementby15YearOldSource:GBA
![Page 26: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/26.jpg)
NationStateActors:AdvancedPersistentThreats
• HighlySkilled
• NationStateSponsored
• Example:RBN
• Theyhavemoretime,andmoreresourcesthanyou• Ifyouaretargeted,theyWILLgetintoyoursystemhttp://rbnexploit.blogspot.com/ Source:GBA
![Page 27: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/27.jpg)
Methodology/APTAttackProgression
http://www.www8-hp.com/ca/en/images/T-image__sw__insider-threat__560x342--C-tcm223-1357982--CT-tcm223-1237012-32.png
Thedetailschange,buttheprocessisgenerallythesame
Informationcitedfrom:
Source:GBA
![Page 28: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/28.jpg)
Workspace1(workbooks)
• Discusswhoputthescriptkiddyoutofbusinessandwhy.
• Ifnationstatesandnationstate/criminalsarethemostdevastatingadversaries,whataretheimplicationstotheaverageperson/averagecompanydoingbusinessonline?
![Page 29: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/29.jpg)
BREACHTRENDSStudythedata!
![Page 30: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/30.jpg)
Top9PatternsofIntrusion
![Page 31: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/31.jpg)
MaliciousIntrusionTrends
Source:VerizonDBR2016
![Page 32: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/32.jpg)
MotivationsBehindAttacks
![Page 33: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/33.jpg)
MaliciousTrendsandMotives
Whichcountriesgotattackedthemostandhow(2016)
http://www.hackmageddon.com/2016/02/16/january-2016-cyber-attacks-statistics/
![Page 34: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/34.jpg)
MaliciousTrendsandMotives
http://www.hackmageddon.com/2016/02/16/january-2016-cyber-attacks-statistics/
![Page 35: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/35.jpg)
SecurityPolliClicker:
Afterlearningaboutthethreatlandscape,nowhowdoyoufeelabout
youronlinesecurity?
A:VerySafeB:SafeC:OkayD:NotsafeE:Vulnerable
![Page 36: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/36.jpg)
Workspace2(workbooks)
• Describehowyourownonlinebehaviorwillchangeasaresultofunderstandingthethreatsthatareoutthere.
https://www.stopthinkconnect.org/
![Page 37: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/37.jpg)
STRATEGIESFORORGANIZATIONSANDINDUSTRIES
Howtomanageinthiscontext
![Page 38: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/38.jpg)
IndustryStatus
• Industrylagsgovernment• Lackofawareness
– Literacy– Risks
• Profitmargins• Standardsofcare• Legalliabilityconcerns
• Criticalinfrastructure85%private
![Page 39: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/39.jpg)
ChangeinPerceptionRequired
Today Whereweneedtogo
![Page 40: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/40.jpg)
BasicIAPrinciples
SecurityServices IADesignApproach
![Page 41: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/41.jpg)
SecurityGoals• Confidentiality(secrecy)
– Onlyauthorizedpartiescanaccessanasset• Integrity
– Onlyauthorizedpartiescanmodifiedanasset• Availability
– Assetsareaccessible/modifiablebyauthorizedpartiesatappropriatetimes
– Authorizedpartiescannotbedeniedaccesstotheasset• Audit
– Anattackercannothideitstracks– Forensicanalysisispossible
![Page 42: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/42.jpg)
Testyourknowledge
iClicker:WhichofthefollowingsecuritygoalsamIapplyingifImakemyWebsiteaccessiblefrom9:00A.M.to3:00P.M.?
A:ConfidentialityB:IntegrityC:AvailabilityD:Audit
![Page 43: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/43.jpg)
TestyourknowledgeiClicker:
Whichofthefollowingsecuritygoalswouldpreventpeoplewithoutappropriateaccessfrommodifyingfiles?
A:ConfidentialityB:IntegrityC:AvailabilityD:Audit
![Page 44: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/44.jpg)
Testyourknowledge
iClicker:Whichofthefollowingsecuritygoalswouldrequireonlyanauthorizedpersoncangainaccesstoinformation?
A:ConfidentialityB:IntegrityC:AvailabilityD:Audit
![Page 45: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/45.jpg)
TraditionalSecurityModel:McCumber Cube
Thru info statesSecurity Services
Controls
McCumber,John.ApplicationoftheComprehensiveINFOSECModel:MappingtheCanadianCriteriaforSystemsCertification,UnpublishedManuscript,fromtheProceedingsoftheFifthAnnualCanadianComputerSecurityConference,May1993.Ottawa,Canada.
![Page 46: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/46.jpg)
46
ICISOPerspective
SecureandForensicReady
system
![Page 47: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/47.jpg)
Workspace#2
• Describethethreesecurityservicesandhowtheyworktogether
• DescribehowtheMcCumber Cubeisusedtomanagecybersecurityinorganizations
![Page 48: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/48.jpg)
DOCONTROLSWORK?Whatdowedowiththepeskyhumansinthesystem?
![Page 49: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/49.jpg)
Trusting Controls Assumes:
• Designimplementsyourgoals
• Sumtotalofcontrolsimplementallgoals
• Implementationiscorrect
• Installation/administrationarecorrect
![Page 50: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/50.jpg)
Bottomlineassumption:You Will Never Own a Perfectly Secure System!!!
You Will Never Own a Perfectly Secure System!!!
You Will Never Own a Perfectly Secure System!!!
![Page 51: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/51.jpg)
51
RequiresChangeinStrategyforManagingNetworkedSystems
• Today’snetworkdefensestrategy• Ondefense• Incidentresponsefocusonpatchandrecover• Avoidanceoflegalpursuit
• Proposednetworkdefensestrategy• Onoffense• Assumebreach• Incidentresponsefocusonforensics
![Page 52: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/52.jpg)
Survivability Strategy Tools
ResistanceAbility to repel attacks
• Firewalls• User authentication• Diversification
Recognition1) Ability to detect an attack or a probe2) Ability to react or adapt during an attack
• Intrusion detection systems
• Internal integrity checks
Recovery1) Provide essential services during attack2) Store services following an attack
• Incident response• Replication• Backup systems• Fault tolerant designs
3R Strategy for Managing Networked Systems Traditionally
CMU3RmodelofSurvivability
![Page 53: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/53.jpg)
Survivability Strategy ToolsResistanceAbility to repel attacks
• Firewalls• User authentication• Diversification
Recognition1) Ability to detect an attack or a probe2) Ability to react or adapt during an attack
• Intrusion detection systems
• Internal integrity checks
Recovery1) Provide essential services during attack2) Store services following an attack
• Incident response• Replication• Backup systems• Fault tolerant designs
Redress1)Ability to hold intruders accountable in a
court of law.2)Ability to retaliate
• Digital Forensics• Legal remedies• Active defense
4R’s of Accountable Systems
Endicott-Popovsky,BarbaraandDeborahFrincke."AddingtheFourth'R':ASystemsApproachtoSolvingtheHacker'sArmsRace."Thirty-ninthAnnualHawaiiInternationalConferenceonSystemSciences:Symposium:SkilledHuman-intelligentAgentPerformance:Measurement,ApplicationandSymbiosis,Jan.2006..Kauai,HI.4Jan.2006.<http://www.itl.nist.gov/iaui/vvrg/hicss39>
![Page 54: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/54.jpg)
Costs:
• Solution
• Value
• Potential losses
Risks:• Likelihood
• Potential impacts
Balance Risk vs. Cost
![Page 55: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/55.jpg)
Workspace3(workbooks)
• Recallthatthe2016VerizonDataBreachReportindicatesthatmiscellaneouserrorsarethemostsignificantintrusiontrend.
• Ismanagingthetechnology,orthepeopleusingthetechnology,orboth,moreimportanttocybersecurityinanorganization?
• Justifyyouranswer.
![Page 56: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/56.jpg)
CHANGINGOURMENTALMODELSEliminatingourscotomas
![Page 57: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/57.jpg)
AttributeAgricultural
AgeIndustrial
AgeInformation
AgeWealth Land Capital KnowledgeAdvancement Conquest Invention Paradigm ShiftsTime Sun/Seasons Factory
WhistleTime Zones
Workplace Farm Capital equipment
Networks
OrganizationStructure
Family Corporation Collaborations
Tools Plow Machines ComputersProblem-solving Self Delegation IntegrationKnowledge Generalized Specialized InterdisciplinaryLearning Self-taught Classroom Online
![Page 58: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/58.jpg)
ITManagementEvolution
• Mainframe– Access
• Limitedlists• Signinlogs• 7/24attendants
– Perimeterdefense• Closedareas• Cypherlockeddoors
– Discforensics
• Distributedprocessing– Authentication– Firewalls– Networkforensics
– IDS– Forensicreadiness– Drivesecuritytophysicallayer
![Page 59: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/59.jpg)
ForensicsasaSecurityService:RevisedMcCumber Cube
Thru info statesSecurity Services
Controls
NonRepudiation
Maconachy,Vic.,CorySchou,DanRagsdaleandDougWelch.AModelforInformationAssurance:AnIntegratedApproach,fromtheProceedings oftheSecondAnnualConferenceoftheIEEESystems,ManandCyberneticsInformationAssuranceWorkshop,Jun.2001,WestPoint,NY:UnitedStatesMilitaryAcademy,pp.306-310
![Page 60: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/60.jpg)
Embedding Hercule Poirotin Networks:
AddressingInefficienciesinDigitalForensicsInvestigations…
B. Endicott-Popovsky, PhD, UWD. Frincke, PhD, PNNL
![Page 61: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/61.jpg)
ResearchGap
• AcomprehensivemethodologytoembedForensicReadiness :
• Knowledgeofadetective– Rulesofevidence– Legalrequirements– Courtroomadmissibilitystandards
• Knowledgeofnetworks
![Page 62: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/62.jpg)
![Page 63: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/63.jpg)
Workspace#4
• Whatisthevalueofaddingnon-repudiationasaserviceofcomputersecurity?
• Howwouldyoudescribeforensicreadiness?
![Page 64: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/64.jpg)
Thoughtquestion• Webeganwiththeconundrumofcybercrimevs.cyberwarasitappliesto
theDNChack.• Wehavereviewedthethreatlandscapeandtheescalationofchallenges
facingusonline.• BesidesrealizingwemayalreadybeinWWIII,whatotherdramatic
societalchangesareimpliedbygoingdigital?
OctoberisNationalCyberSecurityAwarenessMonth
https://staysafeonline.org/ncsam/
![Page 65: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/65.jpg)
.
.
.
.
.
..
.
.
.
.
.
.
.
.
.
.
.. .
.
.
.
.
.
.
.
.
.
.
.
RESISTANCE IS FUTILE.PREPARE TO BE ASSIMULATED?
.
.
.
.
.
.
.
. .
..
..
...
.
..
.
..
.
.
.
..
.
..
.
.
Species 8472
Courtesy:K.Bailey/E.Hayden,CISOs
![Page 66: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/66.jpg)
Backup
![Page 67: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/67.jpg)
CYBERUNEMPLOYMENTRATE=0%
EducationCertificateAA/BS/MSSFS
CertificationCISSPGIACCEH
Experience
Job/CareerAnalystEngineerArchitectAuditor
InternshipApprenticeshipPublicService
Asupply,notademandproblem
![Page 68: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/68.jpg)
68
VeterantoSTEMPrograms9November2011
![Page 69: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/69.jpg)
CIAC 1.0ExpertIAGraduates• SFSScholars
• TransitionedMilitary
EducationPrograms• 4Masterdegrees• 4Certificates• PhD’s• MOOC’s
Research• NSA/DoD• NSF
SecureCodeMilitarystudiesPedagogicalresearch
• NIST• DHS• PNNL
ACM2013
INPUT OUTPUT
![Page 70: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/70.jpg)
PacificRimCollegiateCyberDefenseContest(PRCCDC)http://www.uwtv.org/video/player.aspx?dwrid=27982
NOTE: UW won Nationals in 2011 and 2012 !!
![Page 71: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/71.jpg)
iClicker Question:• Basedonthisandotherrecenthacknews,howsafedoyou
feelaboutyourphotosandpersonalinformationareonline?a. Verysafe:Irarelythinkaboutcomputersecurity,asIhaveprotected
mydeviceswithappropriatesecuritymeasures.b. Safe:Ithinkaboutmyphotoandinformationsecurityfromtimeto
time.IamtypicallyworriedwhenIreadaboutitinthenews.c. Okay:Ithinkaboutsecurityonaregularbasis,butfeelsafebecause
Ikeepmydevicesup-to-dateandusesecuritymeasures.d. Notsafe:Iworryaboutsecurityalotandtendtoonlyusesocial
mediaonalimitedbasis.e. Vulnerable:Iamconstantlyworriedaboutsecurityandrarelydo
anythingonanetworkunlessIknowitissafe.
• Whydoyoufeelthisway?
![Page 72: Security 101: Overview of Information Assurance...Security 101: Overview of Information Assurance Dr. Barbara Endicott-Popovsky ICS Department UHM ... Cyber security experts have fingered](https://reader030.vdocument.in/reader030/viewer/2022041110/5f0ed8987e708231d44138ff/html5/thumbnails/72.jpg)
iClicker:A:VerySafeB:SafeC:OkayD:NotsafeE:Vulnerable