Upload
afcea-international
View
658
Download
1
Embed Size (px)
DESCRIPTION
Session Seven: Panel: Alternative Futures for Cyber and Space - David White
Citation preview
Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear Security Administration under contract DE-AC04-94AL85000. 2011-8664 C
Managing the Right Risks
David White, PhDSenior Manager
Sandia National Laboratories
November 16, 2011
Full Spectrum Cyber Defense Requires Understanding the Adversary
ClanTech Cyber Special Liaison DeceptionSigintHumanEntry CoverCompany
Full Spectrum of Offensive Methods
SCADA Weapons Network C2 Logistics SwitchesSatellite
CommonPerception
ofCND
Defenses:FirewallSpywareVirusIDS
Cyber
SIPRNET
Targets – Microelectronics and Software Elements
Adversary Determines time, place, combination of methods, and operates in secret
Reality ofCND
Defender must be successful everywhere, continuously, and frequently in the open
Source: J. Gosler – Vaults, Mirrors, Masks: Rediscovering U.S. Counterintelligence
Are we driving the right behavior?
*http://xkcd.com/936
Machine Generated PasswordsTwo Factor
Authentication
Compliance
Spear Phishing
Supply Chain
Attacks
“Pass the hash”