Are we near the point of cyber-armageddon or are we simply engaged in a new reality of information security priorities? Are the attacks being discovered daily against private sector and public federal systems somehow unique and new, or are they simply the new reality of cyberspace? Organizations are regularly forced to make difficult decisions about how best to protect their information systems. Executives daily open the newspaper to find another example of effective cyber attacks and hacking. How do organizations know when security mechanisms are enough to keep their data safe? In an effort to answer this question and respond to mounting cyber incidents worldwide, the US federal government has been engaging in numerous efforts to secure cyberspace. But what are they and will they be enough? In this presentation James Tarala, a Senior Instructor with the SANS Institute and a Principal Consultant at Enclave Security, will describe current efforts and the tools being offered to help citizens and protect cyberspace.
24. 60 Day Cyber Security Review
Recommendations from the Review:
1. Appoint a cybersecurity policy official responsible for
coordinating the Nation’s cybersecurity policies and activities
2. Prepare an updated national strategy to secure the
information and communications infrastructure
3. Designate cybersecurity as one of the President’s key
management priorities and establish performance metrics.
4. Designate a privacy and civil liberties official to the NSC
cybersecurity directorate.
5. Formulate coherent unified policy guidance that clarifies
roles, responsibilities, and the application of agency
authorities for cybersecurity-related activities across the
Federal government.
25. 60 Day Cyber Security Review (2)
Recommendations from the Review (cont):
6. Initiate a national public awareness and education campaign
to promote cybersecurity
7. Develop U.S. Government positions for an international
cybersecurity policy
8. Prepare a cybersecurity incident response plan; initiate a
dialog to enhance public-private partnerships with an eye
toward streamlining, aligning, and providing resources to
optimize their contribution and engagement
9. Develop a framework for research and development strategies
that focus on game-changing technologies
10. Build a cybersecurity-based identity management vision and
strategy
27. US Military Security Efforts
Creation of a Central Cyber Command:
– Referred to as Cybercom
– To be led by Director of the National Security Agency (NSA)
Gen. Keith Alexander
– To be located at Fort Meade
– To have both defensive and offensive capabilities
– Will centrally coordinate all DoD cyber defensive activities
– Will assist private industry with “Perfect Citizen” program
– This is in addition to numerous commands within each of
the branches of service
28. DARPA’s Contribution
• “The National Cyber Range
program demonstrates the
government’s commitment
to incubate and create
incentives for game-
changing technological
innovation.”
• “Test new “leap-ahead”
concepts and capabilities
required to protect U.S.
interests against a growing,
worldwide cyber threat.”
Are we near the point of cyber-armageddon or are we simply engaged in a new reality of information security priorities? Are the attacks being discovered daily against private sector and public federal systems somehow unique and new, or are they simply the new reality of cyberspace? Organizations are regularly forced to make difficult decisions about how best to protect their information systems. Executives daily open the newspaper to find another example of effective cyber attacks and hacking. How do organizations know when security mechanisms are enough to keep their data safe? In an effort to answer this question and respond to mounting cyber incidents worldwide, the US federal government has been engaging in numerous efforts to secure cyberspace. But what are they and will they be enough? In this presentation James Tarala, a Senior Instructor with the SANS Institute and a Principal Consultant at Enclave Security, will describe current efforts and the tools being offered to help citizens and protect cyberspace.