the dos and don ts of national cybersecurity · support and development of cyber professionals...
TRANSCRIPT
UNCLASSIFIEDThis document contains proprietary information of Israel Aerospace Industries Ltd. and may not be reproduced, copied, disclosed or utilized in any way in whole or in part, without the prior written consent of Israel Aerospace Industries Ltd
The Dos and Don’ts of National Cybersecurity
UNCLASSIFIEDThis document contains proprietary information of Israel Aerospace Industries Ltd. and may not be reproduced, copied, disclosed or utilized in any way in whole or in part, without the prior written consent of Israel Aerospace Industries Ltd
National Challenge
The U.S. Government has
identified cybersecurity as “one
of the most serious economic and
national security challenges we
face as a nation”1
(U.S. White House Office)
UNCLASSIFIEDThis document contains proprietary information of Israel Aerospace Industries Ltd. and may not be reproduced, copied, disclosed or utilized in any way in whole or in part, without the prior written consent of Israel Aerospace Industries Ltd
Cyber Threat Landscape
UNCLASSIFIEDThis document contains proprietary information of Israel Aerospace Industries Ltd. and may not be reproduced, copied, disclosed or utilized in any way in whole or in part, without the prior written consent of Israel Aerospace Industries Ltd
What Has Changed?
Security Solutions The PerimeterVendor
Vulnerabilities
Standard IT Network
Security Solutions Aren’t
Enough
The Perimeter Is
Breached: Software
Updates, Technical
Support, Physical
Presence
Connectivity
OT and Mission Critical
Networks Are More
Connected Than Ever
Vendor Vulnerabilities
Leave Your Network
Exposed
UNCLASSIFIEDThis document contains proprietary information of Israel Aerospace Industries Ltd. and may not be reproduced, copied, disclosed or utilized in any way in whole or in part, without the prior written consent of Israel Aerospace Industries Ltd
The Solution – a Robust Cyber Eco-System
UNCLASSIFIEDThis document contains proprietary information of Israel Aerospace Industries Ltd. and may not be reproduced, copied, disclosed or utilized in any way in whole or in part, without the prior written consent of Israel Aerospace Industries Ltd
National Cyber Security Overview
Critical InfrastructureDefense
Independent Cyber Eco System(Indigenous Capabilities)
Bespoke Mission Critical Cyber Defense
National Level and Sectorial Cyber Defense
UNCLASSIFIEDThis document contains proprietary information of Israel Aerospace Industries Ltd. and may not be reproduced, copied, disclosed or utilized in any way in whole or in part, without the prior written consent of Israel Aerospace Industries Ltd
Infrastructure, Data and Processes
Scope of Cyber Space
Important Sectors
Military
HLSPrivate &
Public Enterprises SOEs Government
Agencies
Defense Industry
Ministries
Critical Infrastructure
IHLs
UNCLASSIFIEDThis document contains proprietary information of Israel Aerospace Industries Ltd. and may not be reproduced, copied, disclosed or utilized in any way in whole or in part, without the prior written consent of Israel Aerospace Industries Ltd
Level of Engagement
Dedicated Guidance
Mandatory Standards
Promoting Knowledge &
Awareness
Level of Risk to Public Interests
Critical Infrastructures
Essential Sectors &
Organizations
Entire Market & Public
UNCLASSIFIEDThis document contains proprietary information of Israel Aerospace Industries Ltd. and may not be reproduced, copied, disclosed or utilized in any way in whole or in part, without the prior written consent of Israel Aerospace Industries Ltd
MitigationPrevention Protection Response Recovery
InvestigationProactive Intelligence AttributionEnforcement
Collaborative Approach
CooperationInformation
Sharing
UNCLASSIFIEDThis document contains proprietary information of Israel Aerospace Industries Ltd. and may not be reproduced, copied, disclosed or utilized in any way in whole or in part, without the prior written consent of Israel Aerospace Industries Ltd
Should we adopt an established standard?
Different Models Different Lessons
UNCLASSIFIEDThis document contains proprietary information of Israel Aerospace Industries Ltd. and may not be reproduced, copied, disclosed or utilized in any way in whole or in part, without the prior written consent of Israel Aerospace Industries Ltd
Tailored to Specific National Needs
Overseas Partners CERT
Security agencies
Energy
A
B
C
D Military
A
B
C
D
Trusted Sharing
National level SOC
G-SOC
A
B
C
D
State Level Monitoring
State level Situational Awareness
Threat Intelligence
Information Sharing
Sectorial SOC
Situational Awareness
Forensics Abilities
Pro active Defense Arrays
State Level IR Abilities
Mission Critical
Hardening
• National strategy• Inter-Agency Co-operation• Regulation & legislation • Resilience• Organizational structure
UNCLASSIFIEDThis document contains proprietary information of Israel Aerospace Industries Ltd. and may not be reproduced, copied, disclosed or utilized in any way in whole or in part, without the prior written consent of Israel Aerospace Industries Ltd
Civilian
Sectors
Framework
National Cyber Security
National
Security
&
Law
Enforcement
Robustness Resilience Defense
National
Incidents
Management
National
CERT
Market
Regulation
Analysis & Investigation
Knowledge
and Guidance
Critical
Infrastructures
Early
Warning
Operations
&
Intelligence
12
UNCLASSIFIEDThis document contains proprietary information of Israel Aerospace Industries Ltd. and may not be reproduced, copied, disclosed or utilized in any way in whole or in part, without the prior written consent of Israel Aerospace Industries Ltd
National Cyber Roadmap
▪ Plan a “Road Map”
Phased approach
Most critical organizations
Best chances for success – quick wins
Needed lessons
UNCLASSIFIEDThis document contains proprietary information of Israel Aerospace Industries Ltd. and may not be reproduced, copied, disclosed or utilized in any way in whole or in part, without the prior written consent of Israel Aerospace Industries Ltd
CERT Operator
Cyber Studies in Universities
High School Cyber Program
ISSI
GRC Manager
CISO Cyber Defense Architect
Human Capital
Penetration Tester Forensic
s Expert
Malware Analyst
On Going Support and
Development of Cyber
Professionals
Cyber Core Professions Training Paths
• Education & training as a major part of National Cyber Security
• Professional training & infrastructure• International certifications• Courses & (core) Professions• Knowledge transfer• National independence
UNCLASSIFIEDThis document contains proprietary information of Israel Aerospace Industries Ltd. and may not be reproduced, copied, disclosed or utilized in any way in whole or in part, without the prior written consent of Israel Aerospace Industries Ltd
Who We Are?
UNCLASSIFIEDThis document contains proprietary information of Israel Aerospace Industries Ltd. and may not be reproduced, copied, disclosed or utilized in any way in whole or in part, without the prior written consent of Israel Aerospace Industries Ltd
National Challenges Require National Solutions
▪ Technology
▪ Methodology
▪ Constant Innovation
▪ Cooperation (national and international)
▪ Capacity Build-up and Maintenance
UNCLASSIFIEDThis document contains proprietary information of Israel Aerospace Industries Ltd. and may not be reproduced, copied, disclosed or utilized in any way in whole or in part, without the prior written consent of Israel Aerospace Industries Ltd
IAI - a Gate to Israel’s Cyber Eco-System and Innovation
▪ IAI leads the best and finest of Israel’s cyber eco-system & Innovation
▪ Reducing the risk of choosing novel technology and dealing with start-ups
▪ Israeli Cyber Companies Consortium (IC3)
UNCLASSIFIEDThis document contains proprietary information of Israel Aerospace Industries Ltd. and may not be reproduced, copied, disclosed or utilized in any way in whole or in part, without the prior written consent of Israel Aerospace Industries Ltd
IAC3 – Israeli Aviation Cyber Companies Consortium
▪ IAI lead a diverse group of Israel's leading cyber & aviation companies
▪ Providing holistic, end to end, cyber solutions for commercial aviation
Custodio Pte Ltd
• Established in 2014 as Israel Aerospace Industries' (IAI) cyber early warning R&D centre in Singapore
• In late 2016, Custodio Technologies was spun-off from Custodio, taking on the mantle of continuing Custodio's pioneering cyber R&D work
• Custodio became IAI Cyber division’s holding and business development company in APAC
19
UNCLASSIFIEDThis document contains proprietary information of Israel Aerospace Industries Ltd. and may not be reproduced, copied, disclosed or utilized in any way in whole or in part, without the prior written consent of Israel Aerospace Industries Ltd
THANK YOU