SlideShare une entreprise Scribd logo

Paul Howland - DSTL - SPF EM risk framework presentation v2

techUK
techUK

Presentations from the SPF Spectrum Resilience workshop on 03 May 2018 More information about the UK Spectrum Policy Forum is available here. http://www.techuk.org/about/uk-spectrum-policy-forum

Technologie
1  sur  9
A Framework for Understanding Spectrum Resilience – Initial Thoughts Spectrum Resilience Workshop 03 May 2018 Paul Howland OFFICIAL© Crown copyright 2018 Dstl 29 May 2018 Disclaimer: The content of this presentation are the views of the author and do not necessarily represent those of Dstl or MOD
Key Framework Elements • Understand – How does an enterprise use EM Spectrum – What is the enterprise exposure to EM Threats and Risks • Assessment – What are the impacts to the enterprise of threats and risks – What are the probabilities of these threats and risks being realised • Measures – What has/can be done to mitigate threats and risks • Test and Verify – Evaluate and verify efficacy of measures • Regular Validation and Verification – To ensure changing and emerging threats are recognised and managed – Ensure currency of training, process, technology etc. OFFICIAL© Crown copyright 2018 Dstl 29 May 2018
Understand • Understand the Enterprise Exposure to Threat/Risk – What systems are reliant on EM Spectrum • Directly - Sensors , Data Communications, Product Delivery • Indirectly – Sales, Market Mechanisms, Synchronisation • Corporate/Enterprise Communications • Noting that manufacturing and service control need to be considered as well as office Information Systems – How is this impacted by medium and long term plans – This is potentially complex and often not intuative OFFICIAL© Crown copyright 2018 Dstl 29 May 2018
Assessment - Consideration Space • Risks (Examples Only) – Service Delivery – Product Management – Manufacturing Output – Product Quality – Growth – Reputation – Share Value • Risk Dimensions – Impact, Probability OFFICIAL • EM “Threat” Classes (Enterprise risks arise from Threats) – Deliberate – Accidental – Environmental – Regulatory – Technical • Threat Evolution (Now, Next Future) © Crown copyright 2018 Dstl 29 May 2018 Scaling and prioritisation of potential impacts is neccesary
Mitigation Measures • A good starting point for considering threat mitigation measures • Most have civil analogies • Not yet thought through so to seed thinking OFFICIAL • Defence Lines of Development – Describing capability needs • TEPIDOIL – Training – Equipment and technology – Personnel – Information – Doctrine and concepts – Organization, – Infrastructure – Logistics © Crown copyright 2018 Dstl 29 May 2018
Test and Verify • Once mitigations are in place: – Verify Status of mitigations e.g. • Key Staff identified and posts filled • Redundant Equipment and Infrastructure in place • Response and Recovery processes in place – Test • Analogous to fire alarm testing • To suit Risk and mitigation • Paper exercises – for enterprise wide contingency planning • Extension to penetration testing – Cyber and Physical • Equipment and Infrastructure Component Testing (Lab and Field) • Audit Training Records OFFICIAL© Crown copyright 2018 Dstl 29 May 2018
Revalidation and regular verification • Revalidate: – Threat – Risk exposure – Mitigations – Test and verification processes • Re-verification – Ensure testing and training regimes are kept up to date – That prioritisation is reviewed – Processes keep pace with technical and infrastructure evolution – That assessments are in line with current medium and long term plans OFFICIAL© Crown copyright 2018 Dstl 29 May 2018 Threat Changes, Risk exposure changes, Staff change, Technology advances
Finally • Example Metrics – Blue, Green, Amber or Red for each Risk – (Vulnerability?) – Blue – System does not degrade “significantly” in the presence of Threat, – Green - some degradation but minimum impact on critical infrastructure (CI) or customer services – Amber – Significant impact on CI or Customer service (Short outage or significant degradation in service quality attributes, – Red – Prolonged, significant impact or service outage) © Crown copyright 2018 Dstl 29 May 2018
© Crown copyright 2018 Dstl 29 May 2018

Recommandé

Exeter university ig manager presentation [1]
Exeter university ig manager presentation [1]Exeter university ig manager presentation [1]
Exeter university ig manager presentation [1]Martin Lawrence
 
The Security Value Chain
The Security Value ChainThe Security Value Chain
The Security Value ChainBrandon Dunlap
 
Nfpa apsei evolution-ofsecurity_wl_14092010
Nfpa apsei evolution-ofsecurity_wl_14092010Nfpa apsei evolution-ofsecurity_wl_14092010
Nfpa apsei evolution-ofsecurity_wl_14092010Nuno Tasso de Figueiredo
 
Supply_sample
Supply_sampleSupply_sample
Supply_sampleahmad bassiouny
 
Class 16 organizational structure 2
Class 16 organizational structure 2Class 16 organizational structure 2
Class 16 organizational structure 2manikanta malla
 
Mis 1
Mis 1Mis 1
Mis 1Md. Mashiur Rahman
 
RPG Analytics Overview 2015
RPG Analytics Overview 2015RPG Analytics Overview 2015
RPG Analytics Overview 2015ReefPoint Group
 
Mis 3
Mis 3Mis 3
Mis 3Md. Mashiur Rahman
 

Recommandé

Exeter university ig manager presentation [1]
Exeter university ig manager presentation [1]Exeter university ig manager presentation [1]
Exeter university ig manager presentation [1]Martin Lawrence
 
The Security Value Chain
The Security Value ChainThe Security Value Chain
The Security Value ChainBrandon Dunlap
 
Nfpa apsei evolution-ofsecurity_wl_14092010
Nfpa apsei evolution-ofsecurity_wl_14092010Nfpa apsei evolution-ofsecurity_wl_14092010
Nfpa apsei evolution-ofsecurity_wl_14092010Nuno Tasso de Figueiredo
 
Supply_sample
Supply_sampleSupply_sample
Supply_sampleahmad bassiouny
 
Class 16 organizational structure 2
Class 16 organizational structure 2Class 16 organizational structure 2
Class 16 organizational structure 2manikanta malla
 
Mis 1
Mis 1Mis 1
Mis 1Md. Mashiur Rahman
 
RPG Analytics Overview 2015
RPG Analytics Overview 2015RPG Analytics Overview 2015
RPG Analytics Overview 2015ReefPoint Group
 
Mis 3
Mis 3Mis 3
Mis 3Md. Mashiur Rahman
 
Internal financial control - how ready are you - Webinar
Internal financial control - how ready are you - WebinarInternal financial control - how ready are you - Webinar
Internal financial control - how ready are you - WebinarAli Zeeshan
 
Operational Excellence in Oil and Gas Loss Prevention
Operational Excellence in Oil and Gas Loss PreventionOperational Excellence in Oil and Gas Loss Prevention
Operational Excellence in Oil and Gas Loss PreventionMichael Marshall, PE
 
BiznetGio Presentation Business Continuity
BiznetGio Presentation Business ContinuityBiznetGio Presentation Business Continuity
BiznetGio Presentation Business ContinuityYusuf Hadiwinata Sutandar
 
NEBOSH HSE PSM Element 1 v1.pdf
NEBOSH HSE PSM Element 1 v1.pdfNEBOSH HSE PSM Element 1 v1.pdf
NEBOSH HSE PSM Element 1 v1.pdfMohamed Ghonema
 
GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014Paul Simidi
 
CompTIA Security+.pptx
CompTIA Security+.pptxCompTIA Security+.pptx
CompTIA Security+.pptxKiranKumar24546
 
It and business risk alignment guide
It and business risk alignment guideIt and business risk alignment guide
It and business risk alignment guideAstalapulosListestos
 
Safety management
Safety managementSafety management
Safety managementSrini Vasan
 
IT Business Continuity Planning 2004
IT Business Continuity Planning 2004IT Business Continuity Planning 2004
IT Business Continuity Planning 2004Donald E. Hester
 
Key concepts of Technology Management
Key concepts of Technology ManagementKey concepts of Technology Management
Key concepts of Technology ManagementAce Institute of Management (Nepal), Institute of Management Studies (Nepal)
 
How To Build An Incident Response Function
How To Build An Incident Response FunctionHow To Build An Incident Response Function
How To Build An Incident Response FunctionResilient Systems
 
Syllabus CIISA ( Certified Internasional Information System Auditor ).pdf
Syllabus CIISA ( Certified Internasional Information System Auditor ).pdfSyllabus CIISA ( Certified Internasional Information System Auditor ).pdf
Syllabus CIISA ( Certified Internasional Information System Auditor ).pdfYoyo Sudaryo
 
5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response Plan5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response PlanResilient Systems
 
3 focus areas for any organisation's IT & Security department
3 focus areas for any organisation's IT & Security department 3 focus areas for any organisation's IT & Security department
3 focus areas for any organisation's IT & Security department Sandeep S Jaryal
 
Start With A Great Information Security Plan!
Start With A Great Information Security Plan!Start With A Great Information Security Plan!
Start With A Great Information Security Plan!Tammy Clark
 
Cyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitCyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitKevin Duffey
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentAdetula Bunmi
 
Business Continuity, Disaster Recovery Planning & Leadership, 16 - 19 Februar...
Business Continuity, Disaster Recovery Planning & Leadership, 16 - 19 Februar...Business Continuity, Disaster Recovery Planning & Leadership, 16 - 19 Februar...
Business Continuity, Disaster Recovery Planning & Leadership, 16 - 19 Februar...360 BSI
 
After the Contracts Are Signed: Busing the Most Common Myths in HR Technology
After the Contracts Are Signed: Busing the Most Common Myths in HR TechnologyAfter the Contracts Are Signed: Busing the Most Common Myths in HR Technology
After the Contracts Are Signed: Busing the Most Common Myths in HR TechnologyH3 HR Advisors, Inc.
 
Setting up an Effective Security and Compliance Office
Setting up an Effective Security and Compliance OfficeSetting up an Effective Security and Compliance Office
Setting up an Effective Security and Compliance OfficeCloud Watchmen Inc.
 
Abhaya Sumanasena - Real Wireless - Spectrum Options
Abhaya Sumanasena - Real Wireless - Spectrum Options Abhaya Sumanasena - Real Wireless - Spectrum Options
Abhaya Sumanasena - Real Wireless - Spectrum Options techUK
 
Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_...
Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_...Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_...
Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_...techUK
 

Contenu connexe

Similaire à Paul Howland - DSTL - SPF EM risk framework presentation v2

Internal financial control - how ready are you - Webinar
Internal financial control - how ready are you - WebinarInternal financial control - how ready are you - Webinar
Internal financial control - how ready are you - WebinarAli Zeeshan
 
Operational Excellence in Oil and Gas Loss Prevention
Operational Excellence in Oil and Gas Loss PreventionOperational Excellence in Oil and Gas Loss Prevention
Operational Excellence in Oil and Gas Loss PreventionMichael Marshall, PE
 
NEBOSH HSE PSM Element 1 v1.pdf
NEBOSH HSE PSM Element 1 v1.pdfNEBOSH HSE PSM Element 1 v1.pdf
NEBOSH HSE PSM Element 1 v1.pdfMohamed Ghonema
 
GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014Paul Simidi
 
It and business risk alignment guide
It and business risk alignment guideIt and business risk alignment guide
It and business risk alignment guideAstalapulosListestos
 
Safety management
Safety managementSafety management
Safety managementSrini Vasan
 
IT Business Continuity Planning 2004
IT Business Continuity Planning 2004IT Business Continuity Planning 2004
IT Business Continuity Planning 2004Donald E. Hester
 
How To Build An Incident Response Function
How To Build An Incident Response FunctionHow To Build An Incident Response Function
How To Build An Incident Response FunctionResilient Systems
 
Syllabus CIISA ( Certified Internasional Information System Auditor ).pdf
Syllabus CIISA ( Certified Internasional Information System Auditor ).pdfSyllabus CIISA ( Certified Internasional Information System Auditor ).pdf
Syllabus CIISA ( Certified Internasional Information System Auditor ).pdfYoyo Sudaryo
 
5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response Plan5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response PlanResilient Systems
 
3 focus areas for any organisation's IT & Security department
3 focus areas for any organisation's IT & Security department 3 focus areas for any organisation's IT & Security department
3 focus areas for any organisation's IT & Security department Sandeep S Jaryal
 
Start With A Great Information Security Plan!
Start With A Great Information Security Plan!Start With A Great Information Security Plan!
Start With A Great Information Security Plan!Tammy Clark
 
Cyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitCyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitKevin Duffey
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentAdetula Bunmi
 
Business Continuity, Disaster Recovery Planning & Leadership, 16 - 19 Februar...
Business Continuity, Disaster Recovery Planning & Leadership, 16 - 19 Februar...Business Continuity, Disaster Recovery Planning & Leadership, 16 - 19 Februar...
Business Continuity, Disaster Recovery Planning & Leadership, 16 - 19 Februar...360 BSI
 
After the Contracts Are Signed: Busing the Most Common Myths in HR Technology
After the Contracts Are Signed: Busing the Most Common Myths in HR TechnologyAfter the Contracts Are Signed: Busing the Most Common Myths in HR Technology
After the Contracts Are Signed: Busing the Most Common Myths in HR TechnologyH3 HR Advisors, Inc.
 
Setting up an Effective Security and Compliance Office
Setting up an Effective Security and Compliance OfficeSetting up an Effective Security and Compliance Office
Setting up an Effective Security and Compliance OfficeCloud Watchmen Inc.
 

Similaire à Paul Howland - DSTL - SPF EM risk framework presentation v2 (20)

Internal financial control - how ready are you - Webinar
Internal financial control - how ready are you - WebinarInternal financial control - how ready are you - Webinar
Internal financial control - how ready are you - Webinar
 
Operational Excellence in Oil and Gas Loss Prevention
Operational Excellence in Oil and Gas Loss PreventionOperational Excellence in Oil and Gas Loss Prevention
Operational Excellence in Oil and Gas Loss Prevention
 
BiznetGio Presentation Business Continuity
BiznetGio Presentation Business ContinuityBiznetGio Presentation Business Continuity
BiznetGio Presentation Business Continuity
 
NEBOSH HSE PSM Element 1 v1.pdf
NEBOSH HSE PSM Element 1 v1.pdfNEBOSH HSE PSM Element 1 v1.pdf
NEBOSH HSE PSM Element 1 v1.pdf
 
GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014
 
CompTIA Security+.pptx
CompTIA Security+.pptxCompTIA Security+.pptx
CompTIA Security+.pptx
 
It and business risk alignment guide
It and business risk alignment guideIt and business risk alignment guide
It and business risk alignment guide
 
Safety management
Safety managementSafety management
Safety management
 
IT Business Continuity Planning 2004
IT Business Continuity Planning 2004IT Business Continuity Planning 2004
IT Business Continuity Planning 2004
 
Key concepts of Technology Management
Key concepts of Technology ManagementKey concepts of Technology Management
Key concepts of Technology Management
 
How To Build An Incident Response Function
How To Build An Incident Response FunctionHow To Build An Incident Response Function
How To Build An Incident Response Function
 
Syllabus CIISA ( Certified Internasional Information System Auditor ).pdf
Syllabus CIISA ( Certified Internasional Information System Auditor ).pdfSyllabus CIISA ( Certified Internasional Information System Auditor ).pdf
Syllabus CIISA ( Certified Internasional Information System Auditor ).pdf
 
5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response Plan5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response Plan
 
3 focus areas for any organisation's IT & Security department
3 focus areas for any organisation's IT & Security department 3 focus areas for any organisation's IT & Security department
3 focus areas for any organisation's IT & Security department
 
Start With A Great Information Security Plan!
Start With A Great Information Security Plan!Start With A Great Information Security Plan!
Start With A Great Information Security Plan!
 
Cyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitCyber Recovery - Legal Toolkit
Cyber Recovery - Legal Toolkit
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer Environment
 
Business Continuity, Disaster Recovery Planning & Leadership, 16 - 19 Februar...
Business Continuity, Disaster Recovery Planning & Leadership, 16 - 19 Februar...Business Continuity, Disaster Recovery Planning & Leadership, 16 - 19 Februar...
Business Continuity, Disaster Recovery Planning & Leadership, 16 - 19 Februar...
 
After the Contracts Are Signed: Busing the Most Common Myths in HR Technology
After the Contracts Are Signed: Busing the Most Common Myths in HR TechnologyAfter the Contracts Are Signed: Busing the Most Common Myths in HR Technology
After the Contracts Are Signed: Busing the Most Common Myths in HR Technology
 
Setting up an Effective Security and Compliance Office
Setting up an Effective Security and Compliance OfficeSetting up an Effective Security and Compliance Office
Setting up an Effective Security and Compliance Office
 

Plus de techUK

Abhaya Sumanasena - Real Wireless - Spectrum Options
Abhaya Sumanasena - Real Wireless - Spectrum Options Abhaya Sumanasena - Real Wireless - Spectrum Options
Abhaya Sumanasena - Real Wireless - Spectrum Options techUK
 
Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_...
Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_...Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_...
Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_...techUK
 
Peter Curnow-Ford - SPF Cluster 2 - Spectrum Access Evolution
Peter Curnow-Ford - SPF Cluster 2 - Spectrum Access EvolutionPeter Curnow-Ford - SPF Cluster 2 - Spectrum Access Evolution
Peter Curnow-Ford - SPF Cluster 2 - Spectrum Access EvolutiontechUK
 
Stephen Temple - 5GIC - Dynamic Spectrum Expansion for 21 May SPF
Stephen Temple - 5GIC - Dynamic Spectrum Expansion for 21 May SPFStephen Temple - 5GIC - Dynamic Spectrum Expansion for 21 May SPF
Stephen Temple - 5GIC - Dynamic Spectrum Expansion for 21 May SPFtechUK
 
Nigel King - UK WISPA - Flexible Spectrum Access
Nigel King - UK WISPA - Flexible Spectrum AccessNigel King - UK WISPA - Flexible Spectrum Access
Nigel King - UK WISPA - Flexible Spectrum AccesstechUK
 
Tony lavender - Plum Consulting - Flexible Spectrum Access Methods
Tony lavender - Plum Consulting - Flexible Spectrum Access MethodsTony lavender - Plum Consulting - Flexible Spectrum Access Methods
Tony lavender - Plum Consulting - Flexible Spectrum Access MethodstechUK
 
Cliff Mason - Ofcom - Spectrum Awards, Access and Sharing
Cliff Mason - Ofcom - Spectrum Awards, Access and SharingCliff Mason - Ofcom - Spectrum Awards, Access and Sharing
Cliff Mason - Ofcom - Spectrum Awards, Access and SharingtechUK
 
Tony lavender - Plum Consulting - incorporating social value into spectrum al...
Tony lavender - Plum Consulting - incorporating social value into spectrum al...Tony lavender - Plum Consulting - incorporating social value into spectrum al...
Tony lavender - Plum Consulting - incorporating social value into spectrum al...techUK
 
Philip bates - Analysys Mason - spectrum policy forum 29 march 2018
Philip bates - Analysys Mason - spectrum policy forum 29 march 2018Philip bates - Analysys Mason - spectrum policy forum 29 march 2018
Philip bates - Analysys Mason - spectrum policy forum 29 march 2018techUK
 
Enabling Dynamic Spectrum Management
Enabling Dynamic Spectrum ManagementEnabling Dynamic Spectrum Management
Enabling Dynamic Spectrum ManagementtechUK
 
Spectrum Requirements for Utilities
Spectrum Requirements for UtilitiesSpectrum Requirements for Utilities
Spectrum Requirements for UtilitiestechUK
 
406MHz - 430MHz Sharing and Trials
406MHz - 430MHz Sharing and Trials 406MHz - 430MHz Sharing and Trials
406MHz - 430MHz Sharing and Trials techUK
 
CMU Update Review
CMU Update Review CMU Update Review
CMU Update Review techUK
 
Sharing Defence Managed Spectrum - MOD
Sharing Defence Managed Spectrum - MODSharing Defence Managed Spectrum - MOD
Sharing Defence Managed Spectrum - MODtechUK
 
India Secondment
India SecondmentIndia Secondment
India SecondmenttechUK
 
DIT Space FDI
DIT Space FDIDIT Space FDI
DIT Space FDItechUK
 
Space Trade Negotiations Priorities
Space Trade Negotiations PrioritiesSpace Trade Negotiations Priorities
Space Trade Negotiations PrioritiestechUK
 
Feedback from USA Workshop
Feedback from USA WorkshopFeedback from USA Workshop
Feedback from USA WorkshoptechUK
 
Amberhawk - Law Enforcement Parts of the Data Protection Bill
Amberhawk - Law Enforcement Parts of the Data Protection BillAmberhawk - Law Enforcement Parts of the Data Protection Bill
Amberhawk - Law Enforcement Parts of the Data Protection BilltechUK
 
Thales - LED and DP from a Vendor's Perspective
Thales - LED and DP from a Vendor's PerspectiveThales - LED and DP from a Vendor's Perspective
Thales - LED and DP from a Vendor's PerspectivetechUK
 

Plus de techUK (20)

Abhaya Sumanasena - Real Wireless - Spectrum Options
Abhaya Sumanasena - Real Wireless - Spectrum Options Abhaya Sumanasena - Real Wireless - Spectrum Options
Abhaya Sumanasena - Real Wireless - Spectrum Options
 
Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_...
Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_...Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_...
Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_...
 
Peter Curnow-Ford - SPF Cluster 2 - Spectrum Access Evolution
Peter Curnow-Ford - SPF Cluster 2 - Spectrum Access EvolutionPeter Curnow-Ford - SPF Cluster 2 - Spectrum Access Evolution
Peter Curnow-Ford - SPF Cluster 2 - Spectrum Access Evolution
 
Stephen Temple - 5GIC - Dynamic Spectrum Expansion for 21 May SPF
Stephen Temple - 5GIC - Dynamic Spectrum Expansion for 21 May SPFStephen Temple - 5GIC - Dynamic Spectrum Expansion for 21 May SPF
Stephen Temple - 5GIC - Dynamic Spectrum Expansion for 21 May SPF
 
Nigel King - UK WISPA - Flexible Spectrum Access
Nigel King - UK WISPA - Flexible Spectrum AccessNigel King - UK WISPA - Flexible Spectrum Access
Nigel King - UK WISPA - Flexible Spectrum Access
 
Tony lavender - Plum Consulting - Flexible Spectrum Access Methods
Tony lavender - Plum Consulting - Flexible Spectrum Access MethodsTony lavender - Plum Consulting - Flexible Spectrum Access Methods
Tony lavender - Plum Consulting - Flexible Spectrum Access Methods
 
Cliff Mason - Ofcom - Spectrum Awards, Access and Sharing
Cliff Mason - Ofcom - Spectrum Awards, Access and SharingCliff Mason - Ofcom - Spectrum Awards, Access and Sharing
Cliff Mason - Ofcom - Spectrum Awards, Access and Sharing
 
Tony lavender - Plum Consulting - incorporating social value into spectrum al...
Tony lavender - Plum Consulting - incorporating social value into spectrum al...Tony lavender - Plum Consulting - incorporating social value into spectrum al...
Tony lavender - Plum Consulting - incorporating social value into spectrum al...
 
Philip bates - Analysys Mason - spectrum policy forum 29 march 2018
Philip bates - Analysys Mason - spectrum policy forum 29 march 2018Philip bates - Analysys Mason - spectrum policy forum 29 march 2018
Philip bates - Analysys Mason - spectrum policy forum 29 march 2018
 
Enabling Dynamic Spectrum Management
Enabling Dynamic Spectrum ManagementEnabling Dynamic Spectrum Management
Enabling Dynamic Spectrum Management
 
Spectrum Requirements for Utilities
Spectrum Requirements for UtilitiesSpectrum Requirements for Utilities
Spectrum Requirements for Utilities
 
406MHz - 430MHz Sharing and Trials
406MHz - 430MHz Sharing and Trials 406MHz - 430MHz Sharing and Trials
406MHz - 430MHz Sharing and Trials
 
CMU Update Review
CMU Update Review CMU Update Review
CMU Update Review
 
Sharing Defence Managed Spectrum - MOD
Sharing Defence Managed Spectrum - MODSharing Defence Managed Spectrum - MOD
Sharing Defence Managed Spectrum - MOD
 
India Secondment
India SecondmentIndia Secondment
India Secondment
 
DIT Space FDI
DIT Space FDIDIT Space FDI
DIT Space FDI
 
Space Trade Negotiations Priorities
Space Trade Negotiations PrioritiesSpace Trade Negotiations Priorities
Space Trade Negotiations Priorities
 
Feedback from USA Workshop
Feedback from USA WorkshopFeedback from USA Workshop
Feedback from USA Workshop
 
Amberhawk - Law Enforcement Parts of the Data Protection Bill
Amberhawk - Law Enforcement Parts of the Data Protection BillAmberhawk - Law Enforcement Parts of the Data Protection Bill
Amberhawk - Law Enforcement Parts of the Data Protection Bill
 
Thales - LED and DP from a Vendor's Perspective
Thales - LED and DP from a Vendor's PerspectiveThales - LED and DP from a Vendor's Perspective
Thales - LED and DP from a Vendor's Perspective
 

Dernier

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 

Dernier (20)

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 

Paul Howland - DSTL - SPF EM risk framework presentation v2

  • 1. A Framework for Understanding Spectrum Resilience – Initial Thoughts Spectrum Resilience Workshop 03 May 2018 Paul Howland OFFICIAL© Crown copyright 2018 Dstl 29 May 2018 Disclaimer: The content of this presentation are the views of the author and do not necessarily represent those of Dstl or MOD
  • 2. Key Framework Elements • Understand – How does an enterprise use EM Spectrum – What is the enterprise exposure to EM Threats and Risks • Assessment – What are the impacts to the enterprise of threats and risks – What are the probabilities of these threats and risks being realised • Measures – What has/can be done to mitigate threats and risks • Test and Verify – Evaluate and verify efficacy of measures • Regular Validation and Verification – To ensure changing and emerging threats are recognised and managed – Ensure currency of training, process, technology etc. OFFICIAL© Crown copyright 2018 Dstl 29 May 2018
  • 3. Understand • Understand the Enterprise Exposure to Threat/Risk – What systems are reliant on EM Spectrum • Directly - Sensors , Data Communications, Product Delivery • Indirectly – Sales, Market Mechanisms, Synchronisation • Corporate/Enterprise Communications • Noting that manufacturing and service control need to be considered as well as office Information Systems – How is this impacted by medium and long term plans – This is potentially complex and often not intuative OFFICIAL© Crown copyright 2018 Dstl 29 May 2018
  • 4. Assessment - Consideration Space • Risks (Examples Only) – Service Delivery – Product Management – Manufacturing Output – Product Quality – Growth – Reputation – Share Value • Risk Dimensions – Impact, Probability OFFICIAL • EM “Threat” Classes (Enterprise risks arise from Threats) – Deliberate – Accidental – Environmental – Regulatory – Technical • Threat Evolution (Now, Next Future) © Crown copyright 2018 Dstl 29 May 2018 Scaling and prioritisation of potential impacts is neccesary
  • 5. Mitigation Measures • A good starting point for considering threat mitigation measures • Most have civil analogies • Not yet thought through so to seed thinking OFFICIAL • Defence Lines of Development – Describing capability needs • TEPIDOIL – Training – Equipment and technology – Personnel – Information – Doctrine and concepts – Organization, – Infrastructure – Logistics © Crown copyright 2018 Dstl 29 May 2018
  • 6. Test and Verify • Once mitigations are in place: – Verify Status of mitigations e.g. • Key Staff identified and posts filled • Redundant Equipment and Infrastructure in place • Response and Recovery processes in place – Test • Analogous to fire alarm testing • To suit Risk and mitigation • Paper exercises – for enterprise wide contingency planning • Extension to penetration testing – Cyber and Physical • Equipment and Infrastructure Component Testing (Lab and Field) • Audit Training Records OFFICIAL© Crown copyright 2018 Dstl 29 May 2018
  • 7. Revalidation and regular verification • Revalidate: – Threat – Risk exposure – Mitigations – Test and verification processes • Re-verification – Ensure testing and training regimes are kept up to date – That prioritisation is reviewed – Processes keep pace with technical and infrastructure evolution – That assessments are in line with current medium and long term plans OFFICIAL© Crown copyright 2018 Dstl 29 May 2018 Threat Changes, Risk exposure changes, Staff change, Technology advances
  • 8. Finally • Example Metrics – Blue, Green, Amber or Red for each Risk – (Vulnerability?) – Blue – System does not degrade “significantly” in the presence of Threat, – Green - some degradation but minimum impact on critical infrastructure (CI) or customer services – Amber – Significant impact on CI or Customer service (Short outage or significant degradation in service quality attributes, – Red – Prolonged, significant impact or service outage) © Crown copyright 2018 Dstl 29 May 2018
  • 9. © Crown copyright 2018 Dstl 29 May 2018

Notes de l'éditeur

  1. This slide may be shown at the end of the presentation.