Upload
mervin-evans
View
218
Download
2
Tags:
Embed Size (px)
Citation preview
+
Secure C2 SystemsAli Alhamdan, PhD
National Information Center Ministry of Interior
April 28th, 2015
Alhamdan 2/32
+Command and Control Systems
Collection of technology, people, information and business
All military functions and operations
War is a complex phenomenon and interact with enemy’s complex system in a competitive way
A process of continuous adaptation
Technology People
Information Business
Alhamdan 3/32
+Command and Control Systems
Trusted and secure C2 systems
High availability C2 systems
Right access from right people or systems
Consider security methodology, standard and technology
Vulnerabilities can be exploited anywhere and anytime
Threats and APT
C2 is targeted
Alhamdan 4/32
+C2 and Security
Commanders rely HEAVILY on trusted and available systems
Alhamdan 5/32
+Security Statistics
Estimated annual cost globally around 100 Billion and expected to be 120.1 Billion by 20171
556 Million victims per year1
10% of social network users are fallen victim1
59% of ex-employees admitted to steal company data after leaving job1
92% of 100,000 security incidents are covered by 9 attack patterns2
Sources: 1) Go-Gulf (http://www.go-gulf.com/blog/cyber-crime/) 2) Verizon - 2014 Data breach investigations report 3) Symantec, 2014 Internet Security Threat Report, Volume 19
Alhamdan 6/32
+Motivations of Cyber Attacks
Motivation Percentage (%)
Cyber Crime 40%
Hacktivism 50%
Cyber Warfare 3%
Cyber Espionage 7%
Source: Go-Gulf (http://www.go-gulf.com/blog/cyber-crime/)
Alhamdan 7/32
+Characteristics of New Threats
TR
AD
IT
IO
NA
L
TH
RE
AT
S
AD
VA
NC
ED
T
HR
EA
TSKnown &
PatchableUnknown & Zero
Day
Open Hidden
One Time Persistent
Broad Targeted
Alhamdan 8/32
+Security Statistics
Source: Verizon - 2014 Data breach investigations report
10 years of threat actions leading to data breaches
Number of breaches per threat action category over time
Alhamdan 9/32
+Widening Security Gap
Sources: IDC
Alhamdan 10/32
+Security and C2
Insecure channels
Use cryptograph: Confidentiality: preventing unauthorized
disclosure of information Integrity: maintaining and assuring the
accuracy and consistency of data over its entire life-cycle and ensuring the information originality
Availability: ensuring resources are accessible when required by an authorized user
Access control Identification Authentication (multi factors) Authorization (level privileges)
Implementation attacks
Alhamdan 11/32
+Security Defense
Security culture (awareness)
Security operation center (SOC)
Analytic methods
Investigation and forensics
Defines of depth
Challenge: most tools discover around 90% of the total attacks, APT!!
Alhamdan 12/32
+Security Baseline
Apply and comply with the international standards e.g. ISO 27001 and 27002 NIST (e.g. 800-53, 800-37, 800-14,... etc.)
Business Continuity Management
Alhamdan 13/32
+To be
Should build required capabilities (Human & Tech)
Enhance security culture
Adapt automated and sophisticated tools and methods of cyber security
Share knowledge and information about attacks with others
Adopt intelligent systems (monitoring, analyzing, detecting and preventing)
Alhamdan 14/32
+Should Be
Reactive
Proactive
Predictive
Access controlOne factor authentication
Device password Acceptable use policy
Single sign on Encryption
Mobile device management Logging and
monitoring Network management SIEM solutions
Privileged access management Multi factor
authentication VA/PT & DLP
Real time policy enforcement Analytics based on live feeds
from multiple sources integrated with management
consoles
Alhamdan 15/32
+