1 / 12

Agility & Evolution: Two Key Attributes of an Effective and Efficient Cyber Security Center

Agility & Evolution: Two Key Attributes of an Effective and Efficient Cyber Security Center. James Bret Michael, Ph.D. Professor of Computer Science and Electrical Engineering U.S. Naval Postgraduate School 12 September 2013. Disclaimer.

lavender
Download Presentation

Agility & Evolution: Two Key Attributes of an Effective and Efficient Cyber Security Center

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Agility & Evolution:Two Key Attributes of an Effective and Efficient Cyber Security Center James Bret Michael, Ph.D. Professor of Computer Science and Electrical Engineering U.S. Naval Postgraduate School 12 September 2013 International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center

  2. Disclaimer • The views and conclusions in this presentation are those of the speaker and should notbe interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of the U.S. Government International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center

  3. “Reversal of defaults” • “What was once private is now public, what was once hard to copy is now trivial to duplicate, and what was once easily forgotten is now stored forever.” • Ron Rivest, Cryptographer and Professor at MIT International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center

  4. Aiming at a moving target • Answers to the following and other relevant questions will change over time: • What are you trying to protect against whom? • What levels of trust in a specific service, system, application, device, component, or system of systems is adequate? • What types and levels of communication and collaboration are needed domestically (public-to-public and public-to-private) and between States? • What resources are needed? International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center

  5. Change in technology and its use • Accelerating rate of innovation in Information and Communication Technology (ICT) with attendant new and sometimes unexpected: • Opportunities • Example: improving product manufacturing workflow processes through leveraging the Internet of Things • Risks • Example: exposing large amounts of valuable intellectual property to theft from “bring-your-own” always-on personal mobile computing devices International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center

  6. Change in law and policy • The “permissible” (law) and “preferable” (policy) change in response to the “possible” (technology), albeit slowly • Need resources such as a corps of subject matter experts who can facilitate collaboration and communication among lawmakers, policy-makers, technologists, and laypeople (i.e., everyone else) • Provide for informed public debate, legislating, policy-making, and introduction (by producers) and use (by consumers) of ICT International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center

  7. What are you trying to protect against whom in outsourcing? • Protecting the confidentiality, integrity, and availability of a user’s or enterprise’s data from: • Service providers • Unauthorizeduser of the service provider’s services (in a public cloud) with different motives and levels of capability (e.g., script-kiddies, State-actors) • The insider threat (authorized users) within the enterprise providing or consuming the services International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center

  8. Consider trust related to outsourcing of ICT • What level of trust should/can users of cloud-based (i.e., provisioned) services? • Will the service provider adequately protect the user’s data and privacy? • Will the provider respect civil, cultural, and other liberties (e.g., not suppress free speech)? • What are the service providers’ security policies and enforcement mechanisms? Are they effective? • What are the service providers’ privacy policies regarding collection, data retention, and uses of user-owned data and associated metadata? International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center

  9. Evolutionary path for the National Cyber Security Center (NCSC) • NCSC must crawl before walking, walk before running, based on experience of U.S. CERT • Standing up the full set of core capabilities will take: time, hard work, funding, patience, and leadership buy-in • Start with a subset of capabilities and tasking for which the participants have expertise and available resources • Gradually add capabilities (e.g., expand beyond operations and analysis to education & training and research & development) • Continuously improve level and quality of capabilities International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center

  10. NCSC needs to be agile • NCSC will need the flexibility to adapt to the changes in ICT and its use • We do not know a priori what those changes will be or what effects they will have on security, privacy, policy, law, etc. • Adaptation will require reprioritization of capabilities and tasking at the: • Tactical level, such as adjusting triage policy in response to a short-term spike in security incidents • Strategic level, such as to address new uses of ICT or shifts in the severity and frequency of occurrence International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center

  11. No time like the present to start • The facility, subject matter experts, and an initial self-study are available • The learning curve cannot be avoided and metrics can be tied to current maturity level • The types of nature of the opportunities and risks we face today cannot be efficiently or effectively addressed without cross-domain, cross-organization orchestration of communication and cooperation • National and international obligations to act International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center

  12. Summary of key points • Big Bang approach is untenable • National Cyber Security Center must rely on an evolutionary approach to building and improving its core capabilities and those of its sister centers • Non-stationarity is a reality • National Cyber Security Center must remain agile to address the changing opportunities and risks posed by ICT and its use • Waiting to start is not a realistic option • NCSC itself is needed to address current obligations for orchestrating communication and cooperation among the spectrum of stakeholders operating in cyberspace International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center

More Related