Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

From Cybersecurity to Cyber Resilience

8 553 vues

Publié le

The slideshare identifies the six steps to moving beyond cybersecurity to cyber resilience. Ensuring federal agencies maintain continuous operations while under persistent threat. Learn more: https://accntu.re/2Q2cdDj

Publié dans : Technologie

Les commentaires sont fermés

  • Soyez le premier à commenter

From Cybersecurity to Cyber Resilience

  2. 2. ABSOLUTELY IMPOSSIBLE ABSOLUTE SECURITY IS It’s not a question of “if” adversaries will attempt to breach systems and data. It’s a matter of “when.” Cybersecurity protections are important. But they aren’t enough. Copyright © 2018 Accenture. All rights reserved. 2
  3. 3. EFFECTIVE DEFENSE THE NATURE OF Instead of focusing solely on cybersecurity, take a cue from Mother Nature. Design for Cyber Resilience—the ability to continuously deliver the intended outcome despite adverse cyber events. Do everything you can to prevent attacks— and to minimize impact and potential loss when an event does happen. Copyright © 2018 Accenture. All rights reserved. 3
  4. 4. Overdesigned Systems approach from Civil/Mechanical Engineering Self-Contained Redundant Systems Aeronautical approach Failure-Proof Hardware failed approach to IT hardware Fail-Over Hardware automated switching to cold sites with backup generators and disaster recovery resources Failure-Tolerant Designs highly automated, distributed, over-designed, redundant systems Copyright © 2018 Accenture. All rights reserved. 4 SHORTHISTORYOFRESILIENCE AS SEEN IN CLOUD COMPUTING AND THE ELECTRIC POWER GRID
  5. 5. STEAL.MODIFY. Our adversaries want two things: to steal and modify data. We must make it hard for them to attack data or take control. And design systems to minimize the damage when they do. Copyright © 2018 Accenture. All rights reserved. 5 HARDTOFIND ATTACK DAMAGE STEAL
  6. 6. RESILIENCE Copyright © 2018 Accenture. All rights reserved. 6 =ITRESILIENCE =MISSIONRESILIENCE CYBER STOPREACTING.STARTANTICIPATING. Anticipation is a hallmark of Cyber Resilience. Engaging in proactive behavior is essential to achieving Cyber Resilience. You can start with 6 steps to Cyber Resilience.
  7. 7. BE BRILLIANT ATTHE BASICS The “basics” include patching, updates, access permissions, and other “blocking and tackling” elements of cybersecurity. These are absolutely essential—but only represent the beginning. Copyright © 2018 Accenture. All rights reserved. 7
  8. 8. EMBRACE THE CLOUD FOR SECURITY Security must be at the top of the many reasons to migrate federal systems to the cloud. By embracing the cloud you can tap into elastic workloads, multi-zone computing, and multi- cloud strategies that make it exponentially harder for adversaries to find and harm you. Copyright © 2018 Accenture. All rights reserved. 8
  9. 9. IMPLEMENT DATA- CENTRIC SECURITY Harden your data using one or more techniques of data-centric security: Copyright © 2018 Accenture. All rights reserved. 9 Encryption Marking Tokenization Segmentation Throttle access Tagging Strong identity and access management Automated access decisions
  10. 10. DEMAND APPLICATION SECURITY BYDESIGN Make security integral to every stage of your development process. Adopt DevSecOps practices and use automated scanning and testing to continually identify potential vulnerabilities. Consider polymorphic coding techniques to constantly shape-shift your application attack surface—further frustrating and raising the cost to your adversaries. Copyright © 2018 Accenture. All rights reserved. 10
  11. 11. LEVERAGE SOFTWARE- DEFINED NETWORKING If adversaries can’t find you, they can’t attack you. With software-defined networking, you can constantly shape-shift your network. Literally changing routes mid-session—sending adversaries on the proverbial wild goose chase. Copyright © 2018 Accenture. All rights reserved. 11
  12. 12. ENGAGE IN PROACTIVE DEFENSE Apply AI and security automation and orchestration tools to detect and act at machine speed. Constantly probe and pressure-test your environment to find vulnerabilities before your adversaries do. Use threat intelligence to better understand your adversaries and focus on the threats that matter most. Copyright © 2018 Accenture. All rights reserved. 12 In other words: become the hunter—not the hunted.
  13. 13. THENATUREOFEFFECTIVEDEFENSE Weave together the 6 steps to create the fabric of Cyber Resilience. But remember: Copyright © 2018 Accenture. All rights reserved. 13 Cyber Resilience doesn’t happen overnight. ONE STEP AT A TIME. This isn’t just about systems. It’s also about people and mindset. Bring together Mission, IT, and Security. CULTURE OF RESILIENCE. Prioritize by what matters to the mission. Focus first on the “crown jewels” and take steps to assure day-to-day mission continuity. For minimum mission disruption, start fresh and engineer Cyber Resilience into new systems. AGILE APPROACH.
  14. 14. 15 GUS HUNT Managing Director and Cyber Strategy Lead, Accenture Federal Services gus.hunt@accenturefederal.com linkedin.com/in/gus-hunt-55b57b3/ twitter.com/gushunt_ Copyright © 2018 Accenture. All rights reserved. accenture.com/cyber