SlideShare uma empresa Scribd logo

Data Driven Cybersecurity Governance

Transferir como PPTX, PDF
D
Douglas Gray, CISSP, CISO
Dados e análise
1 de 30
© 2015 Carnegie Mellon University Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Distribution Statement A: Approved for Public Release; Distribution is Unlimited Data-Driven Cybersecurity Governance Douglas Gray
2 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Copyright 2015 Carnegie Mellon University This material is based upon work funded and supported by the Department of Defense under Contract No. FA8721-05-C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the United States Department of Defense. NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN “AS-IS” BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT. [Distribution Statement A] This material has been approved for public release and unlimited distribution. Please see Copyright notice for non-US Government use and distribution. This material may be reproduced in its entirety, without modification, and freely distributed in written or electronic form without requesting formal permission. Permission is required for any other use. Requests for permission should be directed to the Software Engineering Institute at permission@sei.cmu.edu. CERT® and OCTAVE® are registered marks of Carnegie Mellon University. DM-0003094
3 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Data-Driven Cybersecurity Governance Introduction
4 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited • The Software Engineering Institute (SEI) is a U.S.-owned not-for-profit federally funded research and development center (FFRDC) operated by Carnegie Mellon University to focus on software and cybersecurity. • The CERT Division of the SEI is a trusted provider of operationally relevant cybersecurity research and innovative and timely solutions to our nation's cybersecurity challenges. • The CERT Division developed and maintains the CERT Resilience Management Model (CERT-RMM) and OCTAVE Allegro Methodology. Who We Are Introduction We work with the following organizations: • Carnegie Mellon University • Discover Financial • Highlands Union Bank • Lockheed Martin Corporation • Marshall & Ilsley Corporation • PNC Corporation • Pacific Gas and Electric • University of Pittsburgh Medical Center • U.S. Dept. of Defense • U.S. Dept. of Energy • U.S. Dept. of Homeland Security • U.S. Dept. of Health & Human Services • U.S. Environmental Protection Agency • U.S. National Security Agency • U.S. Postal Inspection Service • USBank
5 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited To discuss a process to integrate data analytics into operational cybersecurity governance decision making and execution in a way that • frames the problem quickly and accurately and that enables a fast, effective Observe, Orient, Decide, Act Loop • facilitates better data collection and synthesis, quantitative and qualitative analysis, and visualization • enables practical and repeatable analytical battle drills and TTPs for leaders and enablers at all echelons Purpose Introduction
6 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited W. Edwards Deming’s thoughts What it means to us “If you do not know how to ask the right question, you discover nothing.” We must have a reason to analyze data “If you don't understand how to run an efficient operation, new machinery will just give you new problems of operation and maintenance. The sure way to increase productivity is to better administrate man and machine.” We can’t “tool” our way out of cybersecurity challenges “People with targets and jobs dependent upon meeting them will probably meet the targets - even if they have to destroy the enterprise to do it.” Compliance is the beginning, not the end “Whenever there is fear, you will get wrong figures.” The use of data analytics must be productive in the aggregate, punitive as the exception Improving People and Process Introduction Technology is useless without effective processes and trained people
7 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Governance vs. Operations Introduction Operations Governance Scope Individual networks, systems, users, organizations Multiple networks, systems, user bases, organizations Timescale Immediate to 6 months 3 to 36 months* Level of Abstraction Transactional Trends, aggregations Management Impact Direct interaction Context setting *Although maximum technology-related decision making is limited to approximately three years due to rate of technological change, military organizations must program their expected budget needs five years in advance.
8 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Governance vs. Operations Introduction 8 Operations Weather – “It will snow.” Tactical Cyber – “CVE 2015-xx- xxxx is prevalent and is being compromised.” Governance Climate – “Drought in the southwest limits irrigation.” Strategic/Operational Cyber – “FedRAMP usage improves asset management.”
9 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Why Focus on Governance Introduction Know Prevent Detect Respond Recover Reconnaissance Weaponization Delivery Exploitation Installation Command and Control Actions on the Objective Threat Actor Actions1 Friendly Actions2 Harden People, Information, Information, Technology, Facilities Create Faster, More Accurate TTPs, Battle Drills Source: 1Lockheed Martin Kill Chain 2NIST Cybersecurity Framework Effective preparation creates the context for effective response
10 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Leveraging Situational Awareness to Enable Cyber Mission Command Introduction Observe Orient Decide Act mutual trust shared understanding clear leadership intent disciplined initiative mission- oriented directives prudent risk management
11 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Data-Driven Cybersecurity Governance Observe
12 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Facets of Cybersecurity Governance Observe
13 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Data Fusion Observe Data Fusion Activities Automated vulnerability sensor information •Hardware & Software •Behavioral Observables (Insider Threat) Threat Information •Threat Actor Analysis •Prevailing Attack Patterns Management Information •Budget Information •Demographic Information •Legal & Administrative Investigation Statuses •Mission Impact Analysis Qualitative Assessment • Inspections/Assessments • Professional Sentiments Analysis Orient Unstructured Data Machine Learning Text Analysis Trend Analysis Correlation
14 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Data-Driven Cybersecurity Governance Orient
15 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Decision Science vs. Dashboard Orient 1 Dashboard “It’s going to snow.” Decision Science “It’s going to snow. Wear galoshes, gloves, scarf, winter coat.”
16 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Level 1 Perception of the elements in the environment Level 2 Comprehension of the current situation Level 3 Projection of future status Developing Situational Awareness Orient Source: Endsley, M. & Jones, D. Designing for Situation Awareness: An Approach to User-Centered Design (2nd ed.). CRC Press. 2012.
17 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Decomposing the Situation to Develop Situational Awareness Orient Situational Awareness Voice of the Environment Socio-Political Legal and Policy Technological Business Physical Voice of the Organization Voice of the Mission Voice of the Service Strategic Objectives and Supporting Services Organizational Culture Organizational Assets External Dependencies Voice of the Threat Actor Describe Threat Actor Develop Threat Actor Use Cases Indices Probabilistic Models Game Theory Expert Opinion
18 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Build and Update Targeted Metrics Orient Requirements Identify requirements from mandates, doctrine, strategy Group requirements into categories Goals Develop one or more goals for each category Question Develop one or more questions that, if answered, help determine if the goal is met Indicators Identify the information requirements to answer the question Metrics Identify the metrics that will measure the indicator to answer the question Use new metrics to mature current metrics What do we want to know? Why do we want to know it? What will we do once we know it? Build and add to a metrics library.
19 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Authoritative vs. Non-Authoritative Data Orient Authoritative Data • Based on their ability to stand alone as a source for one or more facets of cybersecurity governance • Population • Comprehensiveness • Poor data quality does not make a source not authoritative; it means the quality problems should be fixed Non-Authoritative Data • Source does not cover enough of the population or not comprehensive enough to be authoritative • Can speak to confidence level of an authoritative data source • Examples: reviews, assessments, inspections, surveys.
20 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Using Behavioral Models to Target Stakeholder Need Orient Executives: • Elected leaders, appointees, GOs, FOs, SESs • Target data with eye toward organizational mission and constituents Middle Management: • Staff officers, analysts • Target data with eye toward routines, procedures information Source: Allison, G. T., & Zelikow, P. (1999). Essence of Decision: Explaining the Cuban Missile Crisis (2nd ed.) (Kindle Edition). New York: Longman. Results of data analysis must be impactful to the recipient. Frame products according to organizational behavioral models.
21 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Data-Driven Cybersecurity Governance Decide
22 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited • Determine confidence level in assessed data • Low – analyze through subsequent OODA loop • Medium to High – develop action plan to effect change • Identify and prioritize governance-level risks; identify metric- supported thresholds of acceptability and unacceptability • Support solutions. Go beyond “name and shame.” Use metrics to identify key trends and corrective governance-level actions • Tie metrics to a resulting set of possible risk management outcomes • Identify enablers such as SMEs, funding, contract vehicles • Identify organizations that exceed expectations in certain areas and their lessons learned • Identify what expected changes in metric values should be and how to avoid bias/gaming • Prioritize and identify metric thresholds where costs will exceed benefits Key Planning and Decision-Making Factors Decide
23 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Data-Driven Cybersecurity Governance Act
24 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Leveraging Enablers to Achieve Desired Effects Act
25 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited • Leverage enablers at the proper organizational level; avoid the “3,000-mile screwdriver” • Governance sets the direction through governance facets. Operations executes through disciplined project management • Avoid numerous, rapid changes that cause enterprise turbulence • Tie actions to expected outcomes and expected timeframes; socialize and communicate expectations • Set decision points to check progress against expectations • Build knowledge base to make for faster and more effective OODA loop Success at the Point of Execution Act
26 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Data-Driven Cybersecurity Governance Implementation
27 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Identify success stories • Lessons Learned • Tie to data analysis Identify cautionary tales • Lessons Learned • Tie to data analysis Track event-driven events • Identify trends that respond to events • Resourcing, technology, incidents Building a Cybersecurity Knowledge Base Implementation 2 7
28 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited • Inventory on-hand data • Inventory metrics • Develop data fusion capabilitiesObserve • Refine metrics based on constraints and mandates • Define stakeholders based on behavioral models • Develop quantitative and qualitative analysis engines • Develop visualization capabilities Orient • Inventory enablers and their capabilities • Identify desired outcomes for metrics (i.e., thresholds) • Develop decision support TTPs • Develop decision-support systems Decide • Develop knowledge base • Simulate and practice new decision-making TTPs • Develop and refine process control mechanisms • Develop, refine and leverage communications channels Act How to Implement Implementation
29 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Outcomes of Data Driven Governance Implementation • Faster, more accurate decision making • Better use of resources • Better enterprise cohesion and synchronization • Data-driven outcomes • Improved information sharing • Adaptable to change Observe Orient Decide Act
30 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Data-Driven Cybersecurity Governance Questions

Recomendados

2018 Adobe Cybersecurity Survey
2018 Adobe Cybersecurity Survey2018 Adobe Cybersecurity Survey
2018 Adobe Cybersecurity SurveyAdobe
 
Hexis Cyber Solutions: Rules of Engagement for Cyber Security Automation
Hexis Cyber Solutions: Rules of Engagement for Cyber Security AutomationHexis Cyber Solutions: Rules of Engagement for Cyber Security Automation
Hexis Cyber Solutions: Rules of Engagement for Cyber Security Automationbarbara bogue
 
The top challenges to expect in network security in 2019 survey report
The top challenges to expect in network security in 2019 survey report The top challenges to expect in network security in 2019 survey report
The top challenges to expect in network security in 2019 survey report Bricata, Inc.
 
Haystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence PlatformHaystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence PlatformHaystax Technology
 
Haystax Technology - About Us
Haystax Technology - About UsHaystax Technology - About Us
Haystax Technology - About UsHaystax Technology
 
Novetta Entity Analytics
Novetta Entity AnalyticsNovetta Entity Analytics
Novetta Entity AnalyticsNovetta
 
The Future of Advanced Analytics
The Future of Advanced AnalyticsThe Future of Advanced Analytics
The Future of Advanced AnalyticsHaystax Technology
 
2014-2015-data-breach-response-guide
2014-2015-data-breach-response-guide2014-2015-data-breach-response-guide
2014-2015-data-breach-response-guideJames Fisher
 

Recomendados

2018 Adobe Cybersecurity Survey
2018 Adobe Cybersecurity Survey2018 Adobe Cybersecurity Survey
2018 Adobe Cybersecurity SurveyAdobe
 
Hexis Cyber Solutions: Rules of Engagement for Cyber Security Automation
Hexis Cyber Solutions: Rules of Engagement for Cyber Security AutomationHexis Cyber Solutions: Rules of Engagement for Cyber Security Automation
Hexis Cyber Solutions: Rules of Engagement for Cyber Security Automationbarbara bogue
 
The top challenges to expect in network security in 2019 survey report
The top challenges to expect in network security in 2019 survey report The top challenges to expect in network security in 2019 survey report
The top challenges to expect in network security in 2019 survey report Bricata, Inc.
 
Haystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence PlatformHaystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence PlatformHaystax Technology
 
Haystax Technology - About Us
Haystax Technology - About UsHaystax Technology - About Us
Haystax Technology - About UsHaystax Technology
 
Novetta Entity Analytics
Novetta Entity AnalyticsNovetta Entity Analytics
Novetta Entity AnalyticsNovetta
 
The Future of Advanced Analytics
The Future of Advanced AnalyticsThe Future of Advanced Analytics
The Future of Advanced AnalyticsHaystax Technology
 
2014-2015-data-breach-response-guide
2014-2015-data-breach-response-guide2014-2015-data-breach-response-guide
2014-2015-data-breach-response-guideJames Fisher
 
Why the DoD Uses Advanced Network-traffic Analytics to Secure its Network
Why the DoD Uses Advanced Network-traffic Analytics to Secure its NetworkWhy the DoD Uses Advanced Network-traffic Analytics to Secure its Network
Why the DoD Uses Advanced Network-traffic Analytics to Secure its NetworkNovetta
 
Whole Person Risk Modeling
Whole Person Risk ModelingWhole Person Risk Modeling
Whole Person Risk ModelingHaystax Technology
 
Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Coastal Pet Products, Inc.
 
The lessons learned from WannaCry.
The lessons learned from WannaCry.The lessons learned from WannaCry.
The lessons learned from WannaCry.dan hyde
 
A_New_Perspective_Whitepaper_05122015
A_New_Perspective_Whitepaper_05122015A_New_Perspective_Whitepaper_05122015
A_New_Perspective_Whitepaper_05122015Scott Van Valkenburgh
 
Demonstrating Information Security Program Effectiveness
Demonstrating Information Security Program EffectivenessDemonstrating Information Security Program Effectiveness
Demonstrating Information Security Program EffectivenessDoug Copley
 
Security Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowMapR Technologies
 
[EB100510] Evelyn del Monte: Context-Aware and Adaptive Security
[EB100510] Evelyn del Monte: Context-Aware and Adaptive Security[EB100510] Evelyn del Monte: Context-Aware and Adaptive Security
[EB100510] Evelyn del Monte: Context-Aware and Adaptive SecurityComputerworld Philippines
 
Haystax carbon for Insider Threat Management & Continuous Evaluation
Haystax carbon for Insider Threat Management & Continuous EvaluationHaystax carbon for Insider Threat Management & Continuous Evaluation
Haystax carbon for Insider Threat Management & Continuous EvaluationHaystax Technology
 
Information Security Strategic Management
Information Security Strategic ManagementInformation Security Strategic Management
Information Security Strategic ManagementMarcelo Martins
 
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursHow to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursSurfWatch Labs
 
Energy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber ResiliencyEnergy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber ResiliencyEnergySec
 
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseGary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseEnergySec
 
Achieving Compliance Through Security
Achieving Compliance Through SecurityAchieving Compliance Through Security
Achieving Compliance Through SecurityEnergySec
 
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalystScale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalystBill Burns
 
Building Human Intelligence – Pun Intended
Building Human Intelligence – Pun IntendedBuilding Human Intelligence – Pun Intended
Building Human Intelligence – Pun IntendedEnergySec
 
Carolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No Shoes
Carolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No ShoesCarolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No Shoes
Carolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No Shoescentralohioissa
 
What affects security program confidence? - may2014 - bill burns
What affects security program confidence? - may2014 - bill burnsWhat affects security program confidence? - may2014 - bill burns
What affects security program confidence? - may2014 - bill burnsBill Burns
 
Enabling Science with Trust and Security – Guest Keynote
Enabling Science with Trust and Security – Guest KeynoteEnabling Science with Trust and Security – Guest Keynote
Enabling Science with Trust and Security – Guest KeynoteGlobus
 
Ruben Melendez - Economically Justifying IT Security Initiatives
Ruben Melendez - Economically Justifying IT Security InitiativesRuben Melendez - Economically Justifying IT Security Initiatives
Ruben Melendez - Economically Justifying IT Security Initiativescentralohioissa
 
Introduction to Internet Governance and Cyber-security
Introduction to Internet Governance and Cyber-securityIntroduction to Internet Governance and Cyber-security
Introduction to Internet Governance and Cyber-securityGlenn McKnight
 
Introduction to cyber security by cyber security infotech (csi)
Introduction to cyber security by cyber security infotech (csi)Introduction to cyber security by cyber security infotech (csi)
Introduction to cyber security by cyber security infotech (csi)Cyber Security Infotech
 

Mais conteúdo relacionado

Mais procurados

Why the DoD Uses Advanced Network-traffic Analytics to Secure its Network
Why the DoD Uses Advanced Network-traffic Analytics to Secure its NetworkWhy the DoD Uses Advanced Network-traffic Analytics to Secure its Network
Why the DoD Uses Advanced Network-traffic Analytics to Secure its NetworkNovetta
 
Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Coastal Pet Products, Inc.
 
The lessons learned from WannaCry.
The lessons learned from WannaCry.The lessons learned from WannaCry.
The lessons learned from WannaCry.dan hyde
 
A_New_Perspective_Whitepaper_05122015
A_New_Perspective_Whitepaper_05122015A_New_Perspective_Whitepaper_05122015
A_New_Perspective_Whitepaper_05122015Scott Van Valkenburgh
 
Demonstrating Information Security Program Effectiveness
Demonstrating Information Security Program EffectivenessDemonstrating Information Security Program Effectiveness
Demonstrating Information Security Program EffectivenessDoug Copley
 
Security Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowMapR Technologies
 
[EB100510] Evelyn del Monte: Context-Aware and Adaptive Security
[EB100510] Evelyn del Monte: Context-Aware and Adaptive Security[EB100510] Evelyn del Monte: Context-Aware and Adaptive Security
[EB100510] Evelyn del Monte: Context-Aware and Adaptive SecurityComputerworld Philippines
 
Haystax carbon for Insider Threat Management & Continuous Evaluation
Haystax carbon for Insider Threat Management & Continuous EvaluationHaystax carbon for Insider Threat Management & Continuous Evaluation
Haystax carbon for Insider Threat Management & Continuous EvaluationHaystax Technology
 
Information Security Strategic Management
Information Security Strategic ManagementInformation Security Strategic Management
Information Security Strategic ManagementMarcelo Martins
 
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursHow to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursSurfWatch Labs
 
Energy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber ResiliencyEnergy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber ResiliencyEnergySec
 
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseGary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseEnergySec
 
Achieving Compliance Through Security
Achieving Compliance Through SecurityAchieving Compliance Through Security
Achieving Compliance Through SecurityEnergySec
 
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalystScale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalystBill Burns
 
Building Human Intelligence – Pun Intended
Building Human Intelligence – Pun IntendedBuilding Human Intelligence – Pun Intended
Building Human Intelligence – Pun IntendedEnergySec
 
Carolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No Shoes
Carolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No ShoesCarolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No Shoes
Carolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No Shoescentralohioissa
 
What affects security program confidence? - may2014 - bill burns
What affects security program confidence? - may2014 - bill burnsWhat affects security program confidence? - may2014 - bill burns
What affects security program confidence? - may2014 - bill burnsBill Burns
 
Enabling Science with Trust and Security – Guest Keynote
Enabling Science with Trust and Security – Guest KeynoteEnabling Science with Trust and Security – Guest Keynote
Enabling Science with Trust and Security – Guest KeynoteGlobus
 
Ruben Melendez - Economically Justifying IT Security Initiatives
Ruben Melendez - Economically Justifying IT Security InitiativesRuben Melendez - Economically Justifying IT Security Initiatives
Ruben Melendez - Economically Justifying IT Security Initiativescentralohioissa
 

Mais procurados (20)

Why the DoD Uses Advanced Network-traffic Analytics to Secure its Network
Why the DoD Uses Advanced Network-traffic Analytics to Secure its NetworkWhy the DoD Uses Advanced Network-traffic Analytics to Secure its Network
Why the DoD Uses Advanced Network-traffic Analytics to Secure its Network
 
Whole Person Risk Modeling
Whole Person Risk ModelingWhole Person Risk Modeling
Whole Person Risk Modeling
 
Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title)
 
The lessons learned from WannaCry.
The lessons learned from WannaCry.The lessons learned from WannaCry.
The lessons learned from WannaCry.
 
A_New_Perspective_Whitepaper_05122015
A_New_Perspective_Whitepaper_05122015A_New_Perspective_Whitepaper_05122015
A_New_Perspective_Whitepaper_05122015
 
Demonstrating Information Security Program Effectiveness
Demonstrating Information Security Program EffectivenessDemonstrating Information Security Program Effectiveness
Demonstrating Information Security Program Effectiveness
 
Security Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to Know
 
[EB100510] Evelyn del Monte: Context-Aware and Adaptive Security
[EB100510] Evelyn del Monte: Context-Aware and Adaptive Security[EB100510] Evelyn del Monte: Context-Aware and Adaptive Security
[EB100510] Evelyn del Monte: Context-Aware and Adaptive Security
 
Haystax carbon for Insider Threat Management & Continuous Evaluation
Haystax carbon for Insider Threat Management & Continuous EvaluationHaystax carbon for Insider Threat Management & Continuous Evaluation
Haystax carbon for Insider Threat Management & Continuous Evaluation
 
Information Security Strategic Management
Information Security Strategic ManagementInformation Security Strategic Management
Information Security Strategic Management
 
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursHow to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
 
Energy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber ResiliencyEnergy Industry Organizational Strategies to Increase Cyber Resiliency
Energy Industry Organizational Strategies to Increase Cyber Resiliency
 
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseGary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
 
Achieving Compliance Through Security
Achieving Compliance Through SecurityAchieving Compliance Through Security
Achieving Compliance Through Security
 
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalystScale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
 
Building Human Intelligence – Pun Intended
Building Human Intelligence – Pun IntendedBuilding Human Intelligence – Pun Intended
Building Human Intelligence – Pun Intended
 
Carolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No Shoes
Carolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No ShoesCarolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No Shoes
Carolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No Shoes
 
What affects security program confidence? - may2014 - bill burns
What affects security program confidence? - may2014 - bill burnsWhat affects security program confidence? - may2014 - bill burns
What affects security program confidence? - may2014 - bill burns
 
Enabling Science with Trust and Security – Guest Keynote
Enabling Science with Trust and Security – Guest KeynoteEnabling Science with Trust and Security – Guest Keynote
Enabling Science with Trust and Security – Guest Keynote
 
Ruben Melendez - Economically Justifying IT Security Initiatives
Ruben Melendez - Economically Justifying IT Security InitiativesRuben Melendez - Economically Justifying IT Security Initiatives
Ruben Melendez - Economically Justifying IT Security Initiatives
 

Destaque

Introduction to Internet Governance and Cyber-security
Introduction to Internet Governance and Cyber-securityIntroduction to Internet Governance and Cyber-security
Introduction to Internet Governance and Cyber-securityGlenn McKnight
 
Introduction to cyber security by cyber security infotech (csi)
Introduction to cyber security by cyber security infotech (csi)Introduction to cyber security by cyber security infotech (csi)
Introduction to cyber security by cyber security infotech (csi)Cyber Security Infotech
 
Governance - how does information & security drive your architecture
Governance - how does information & security drive your architectureGovernance - how does information & security drive your architecture
Governance - how does information & security drive your architectureRandy Williams
 
What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?IT Governance Ltd
 
2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurityMatthew Rosenquist
 
Internet Censorship
Internet CensorshipInternet Censorship
Internet Censorshipqwsny
 
U.S. Approach to Cybersecurity Governance
U.S. Approach to Cybersecurity GovernanceU.S. Approach to Cybersecurity Governance
U.S. Approach to Cybersecurity GovernanceGwanhoo Lee
 
Information security governance
Information security governanceInformation security governance
Information security governanceKoen Maris
 
Developing Metrics for Information Security Governance
Developing Metrics for Information Security GovernanceDeveloping Metrics for Information Security Governance
Developing Metrics for Information Security Governancedigitallibrary
 
Internet Governance
Internet GovernanceInternet Governance
Internet GovernanceARIN
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)Shah Sheikh
 

Destaque (15)

Introduction to Internet Governance and Cyber-security
Introduction to Internet Governance and Cyber-securityIntroduction to Internet Governance and Cyber-security
Introduction to Internet Governance and Cyber-security
 
Introduction to cyber security by cyber security infotech (csi)
Introduction to cyber security by cyber security infotech (csi)Introduction to cyber security by cyber security infotech (csi)
Introduction to cyber security by cyber security infotech (csi)
 
Introduction to Internet Governance
Introduction to Internet GovernanceIntroduction to Internet Governance
Introduction to Internet Governance
 
Governance - how does information & security drive your architecture
Governance - how does information & security drive your architectureGovernance - how does information & security drive your architecture
Governance - how does information & security drive your architecture
 
What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?
 
Cyber security 22-07-29=013
Cyber security 22-07-29=013Cyber security 22-07-29=013
Cyber security 22-07-29=013
 
2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity
 
Internet Censorship
Internet CensorshipInternet Censorship
Internet Censorship
 
U.S. Approach to Cybersecurity Governance
U.S. Approach to Cybersecurity GovernanceU.S. Approach to Cybersecurity Governance
U.S. Approach to Cybersecurity Governance
 
Information security governance
Information security governanceInformation security governance
Information security governance
 
Developing Metrics for Information Security Governance
Developing Metrics for Information Security GovernanceDeveloping Metrics for Information Security Governance
Developing Metrics for Information Security Governance
 
Internet Governance
Internet GovernanceInternet Governance
Internet Governance
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
 
Tata Kelola Keamanan Informasi
Tata Kelola Keamanan InformasiTata Kelola Keamanan Informasi
Tata Kelola Keamanan Informasi
 
Indonesia National Cyber Security Strategy
Indonesia National Cyber Security StrategyIndonesia National Cyber Security Strategy
Indonesia National Cyber Security Strategy
 

Semelhante a Data Driven Cybersecurity Governance

Measure It, Manage It, Ignore It - Software Practitioners and Technical Debt
Measure It, Manage It, Ignore It - Software Practitioners and Technical Debt Measure It, Manage It, Ignore It - Software Practitioners and Technical Debt
Measure It, Manage It, Ignore It - Software Practitioners and Technical Debt Neil Ernst
 
Intelligence Preparation for Operational Resilience (IPOR)
Intelligence Preparation for Operational Resilience (IPOR)Intelligence Preparation for Operational Resilience (IPOR)
Intelligence Preparation for Operational Resilience (IPOR)Douglas Gray, CISSP, CISO
 
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?CA Technologies
 
CIS13: FCCX and IDESG: An Industry Perspectives
CIS13: FCCX and IDESG: An Industry PerspectivesCIS13: FCCX and IDESG: An Industry Perspectives
CIS13: FCCX and IDESG: An Industry PerspectivesCloudIDSummit
 
Applying Software Quality Models to Software Security
Applying Software Quality Models to Software SecurityApplying Software Quality Models to Software Security
Applying Software Quality Models to Software SecurityCAST
 
Utility Cybersecurity Compliance Capabilities
Utility Cybersecurity Compliance CapabilitiesUtility Cybersecurity Compliance Capabilities
Utility Cybersecurity Compliance CapabilitiesBooz Allen Hamilton
 
When Downtime Isn’t an Option: Performance Optimization Analytics in the Era ...
When Downtime Isn’t an Option: Performance Optimization Analytics in the Era ...When Downtime Isn’t an Option: Performance Optimization Analytics in the Era ...
When Downtime Isn’t an Option: Performance Optimization Analytics in the Era ...CA Technologies
 
Risks in the Software Supply Chain
Risks in the Software Supply Chain Risks in the Software Supply Chain
Risks in the Software Supply Chain Sonatype
 
Risks in the Software Supply Chain
Risks in the Software Supply ChainRisks in the Software Supply Chain
Risks in the Software Supply ChainMark Sherman
 
OneNeck AX in the Cloud Webinar Presenation
OneNeck AX in the Cloud Webinar PresenationOneNeck AX in the Cloud Webinar Presenation
OneNeck AX in the Cloud Webinar PresenationScott Fitzgerald
 
Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise Mourad Khalil
 
Cyber Security: Threat and Prevention
Cyber Security: Threat and PreventionCyber Security: Threat and Prevention
Cyber Security: Threat and Preventionfmi_igf
 
Achieve Excellence through Customer Experience
Achieve Excellence through Customer ExperienceAchieve Excellence through Customer Experience
Achieve Excellence through Customer ExperienceNaveen Agarwal
 
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Doeren Mayhew
 
The CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss PreventionThe CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss PreventionDigital Guardian
 
MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?Kurt Hagerman
 
Analytics: What is it really and how can it help my organization?
Analytics: What is it really and how can it help my organization?Analytics: What is it really and how can it help my organization?
Analytics: What is it really and how can it help my organization?SAS Canada
 
Veritas Consulting eBook
Veritas Consulting eBookVeritas Consulting eBook
Veritas Consulting eBookIdeba
 
Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsIBM Security
 

Semelhante a Data Driven Cybersecurity Governance (20)

Measure It, Manage It, Ignore It - Software Practitioners and Technical Debt
Measure It, Manage It, Ignore It - Software Practitioners and Technical Debt Measure It, Manage It, Ignore It - Software Practitioners and Technical Debt
Measure It, Manage It, Ignore It - Software Practitioners and Technical Debt
 
IPOR_Gray_2
IPOR_Gray_2IPOR_Gray_2
IPOR_Gray_2
 
Intelligence Preparation for Operational Resilience (IPOR)
Intelligence Preparation for Operational Resilience (IPOR)Intelligence Preparation for Operational Resilience (IPOR)
Intelligence Preparation for Operational Resilience (IPOR)
 
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
 
CIS13: FCCX and IDESG: An Industry Perspectives
CIS13: FCCX and IDESG: An Industry PerspectivesCIS13: FCCX and IDESG: An Industry Perspectives
CIS13: FCCX and IDESG: An Industry Perspectives
 
Applying Software Quality Models to Software Security
Applying Software Quality Models to Software SecurityApplying Software Quality Models to Software Security
Applying Software Quality Models to Software Security
 
Utility Cybersecurity Compliance Capabilities
Utility Cybersecurity Compliance CapabilitiesUtility Cybersecurity Compliance Capabilities
Utility Cybersecurity Compliance Capabilities
 
When Downtime Isn’t an Option: Performance Optimization Analytics in the Era ...
When Downtime Isn’t an Option: Performance Optimization Analytics in the Era ...When Downtime Isn’t an Option: Performance Optimization Analytics in the Era ...
When Downtime Isn’t an Option: Performance Optimization Analytics in the Era ...
 
Risks in the Software Supply Chain
Risks in the Software Supply Chain Risks in the Software Supply Chain
Risks in the Software Supply Chain
 
Risks in the Software Supply Chain
Risks in the Software Supply ChainRisks in the Software Supply Chain
Risks in the Software Supply Chain
 
OneNeck AX in the Cloud Webinar Presenation
OneNeck AX in the Cloud Webinar PresenationOneNeck AX in the Cloud Webinar Presenation
OneNeck AX in the Cloud Webinar Presenation
 
Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise
 
Cyber Security: Threat and Prevention
Cyber Security: Threat and PreventionCyber Security: Threat and Prevention
Cyber Security: Threat and Prevention
 
Achieve Excellence through Customer Experience
Achieve Excellence through Customer ExperienceAchieve Excellence through Customer Experience
Achieve Excellence through Customer Experience
 
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
 
The CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss PreventionThe CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss Prevention
 
MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?
 
Analytics: What is it really and how can it help my organization?
Analytics: What is it really and how can it help my organization?Analytics: What is it really and how can it help my organization?
Analytics: What is it really and how can it help my organization?
 
Veritas Consulting eBook
Veritas Consulting eBookVeritas Consulting eBook
Veritas Consulting eBook
 
Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gaps
 

Último

RESEARCH-FINAL-DEFENSE-PPT-TEMPLATE.pptx
RESEARCH-FINAL-DEFENSE-PPT-TEMPLATE.pptxRESEARCH-FINAL-DEFENSE-PPT-TEMPLATE.pptx
RESEARCH-FINAL-DEFENSE-PPT-TEMPLATE.pptxronsairoathenadugay
 
+97470301568>>weed for sale in qatar ,weed for sale in dubai,weed for sale in...
+97470301568>>weed for sale in qatar ,weed for sale in dubai,weed for sale in...+97470301568>>weed for sale in qatar ,weed for sale in dubai,weed for sale in...
+97470301568>>weed for sale in qatar ,weed for sale in dubai,weed for sale in...Health
 
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNKDATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNKTimothy Spann
 
Reconciling Conflicting Data Curation Actions: Transparency Through Argument...
Reconciling Conflicting Data Curation Actions: Transparency Through Argument...Reconciling Conflicting Data Curation Actions: Transparency Through Argument...
Reconciling Conflicting Data Curation Actions: Transparency Through Argument...Bertram Ludäscher
 
Top profile Call Girls In Satna [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Satna [ 7014168258 ] Call Me For Genuine Models We ...Top profile Call Girls In Satna [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Satna [ 7014168258 ] Call Me For Genuine Models We ...nirzagarg
 
Charbagh + Female Escorts Service in Lucknow | Starting ₹,5K To @25k with A/C...
Charbagh + Female Escorts Service in Lucknow | Starting ₹,5K To @25k with A/C...Charbagh + Female Escorts Service in Lucknow | Starting ₹,5K To @25k with A/C...
Charbagh + Female Escorts Service in Lucknow | Starting ₹,5K To @25k with A/C...HyderabadDolls
 
Gulbai Tekra * Cheap Call Girls In Ahmedabad Phone No 8005736733 Elite Escort...
Gulbai Tekra * Cheap Call Girls In Ahmedabad Phone No 8005736733 Elite Escort...Gulbai Tekra * Cheap Call Girls In Ahmedabad Phone No 8005736733 Elite Escort...
Gulbai Tekra * Cheap Call Girls In Ahmedabad Phone No 8005736733 Elite Escort...gragchanchal546
 
Predicting HDB Resale Prices - Conducting Linear Regression Analysis With Orange
Predicting HDB Resale Prices - Conducting Linear Regression Analysis With OrangePredicting HDB Resale Prices - Conducting Linear Regression Analysis With Orange
Predicting HDB Resale Prices - Conducting Linear Regression Analysis With OrangeThinkInnovation
 
Jodhpur Park | Call Girls in Kolkata Phone No 8005736733 Elite Escort Service...
Jodhpur Park | Call Girls in Kolkata Phone No 8005736733 Elite Escort Service...Jodhpur Park | Call Girls in Kolkata Phone No 8005736733 Elite Escort Service...
Jodhpur Park | Call Girls in Kolkata Phone No 8005736733 Elite Escort Service...HyderabadDolls
 
Top profile Call Girls In Indore [ 7014168258 ] Call Me For Genuine Models We...
Top profile Call Girls In Indore [ 7014168258 ] Call Me For Genuine Models We...Top profile Call Girls In Indore [ 7014168258 ] Call Me For Genuine Models We...
Top profile Call Girls In Indore [ 7014168258 ] Call Me For Genuine Models We...gajnagarg
 
Nirala Nagar / Cheap Call Girls In Lucknow Phone No 9548273370 Elite Escort S...
Nirala Nagar / Cheap Call Girls In Lucknow Phone No 9548273370 Elite Escort S...Nirala Nagar / Cheap Call Girls In Lucknow Phone No 9548273370 Elite Escort S...
Nirala Nagar / Cheap Call Girls In Lucknow Phone No 9548273370 Elite Escort S...HyderabadDolls
 
Top profile Call Girls In bhavnagar [ 7014168258 ] Call Me For Genuine Models...
Top profile Call Girls In bhavnagar [ 7014168258 ] Call Me For Genuine Models...Top profile Call Girls In bhavnagar [ 7014168258 ] Call Me For Genuine Models...
Top profile Call Girls In bhavnagar [ 7014168258 ] Call Me For Genuine Models...gajnagarg
 
TrafficWave Generator Will Instantly drive targeted and engaging traffic back...
TrafficWave Generator Will Instantly drive targeted and engaging traffic back...TrafficWave Generator Will Instantly drive targeted and engaging traffic back...
TrafficWave Generator Will Instantly drive targeted and engaging traffic back...SOFTTECHHUB
 
Digital Transformation Playbook by Graham Ware
Digital Transformation Playbook by Graham WareDigital Transformation Playbook by Graham Ware
Digital Transformation Playbook by Graham WareGraham Ware
 
High Profile Call Girls Service in Jalore { 9332606886 } VVIP NISHA Call Girl...
High Profile Call Girls Service in Jalore { 9332606886 } VVIP NISHA Call Girl...High Profile Call Girls Service in Jalore { 9332606886 } VVIP NISHA Call Girl...
High Profile Call Girls Service in Jalore { 9332606886 } VVIP NISHA Call Girl...kumargunjan9515
 
Top profile Call Girls In Bihar Sharif [ 7014168258 ] Call Me For Genuine Mod...
Top profile Call Girls In Bihar Sharif [ 7014168258 ] Call Me For Genuine Mod...Top profile Call Girls In Bihar Sharif [ 7014168258 ] Call Me For Genuine Mod...
Top profile Call Girls In Bihar Sharif [ 7014168258 ] Call Me For Genuine Mod...nirzagarg
 
Top profile Call Girls In Begusarai [ 7014168258 ] Call Me For Genuine Models...
Top profile Call Girls In Begusarai [ 7014168258 ] Call Me For Genuine Models...Top profile Call Girls In Begusarai [ 7014168258 ] Call Me For Genuine Models...
Top profile Call Girls In Begusarai [ 7014168258 ] Call Me For Genuine Models...nirzagarg
 
SAC 25 Final National, Regional & Local Angel Group Investing Insights 2024 0...
SAC 25 Final National, Regional & Local Angel Group Investing Insights 2024 0...SAC 25 Final National, Regional & Local Angel Group Investing Insights 2024 0...
SAC 25 Final National, Regional & Local Angel Group Investing Insights 2024 0...Elaine Werffeli
 
Vadodara 💋 Call Girl 7737669865 Call Girls in Vadodara Escort service book now
Vadodara 💋 Call Girl 7737669865 Call Girls in Vadodara Escort service book nowVadodara 💋 Call Girl 7737669865 Call Girls in Vadodara Escort service book now
Vadodara 💋 Call Girl 7737669865 Call Girls in Vadodara Escort service book nowgargpaaro
 
如何办理英国诺森比亚大学毕业证(NU毕业证书)成绩单原件一模一样
如何办理英国诺森比亚大学毕业证(NU毕业证书)成绩单原件一模一样如何办理英国诺森比亚大学毕业证(NU毕业证书)成绩单原件一模一样
如何办理英国诺森比亚大学毕业证(NU毕业证书)成绩单原件一模一样wsppdmt
 

Último (20)

RESEARCH-FINAL-DEFENSE-PPT-TEMPLATE.pptx
RESEARCH-FINAL-DEFENSE-PPT-TEMPLATE.pptxRESEARCH-FINAL-DEFENSE-PPT-TEMPLATE.pptx
RESEARCH-FINAL-DEFENSE-PPT-TEMPLATE.pptx
 
+97470301568>>weed for sale in qatar ,weed for sale in dubai,weed for sale in...
+97470301568>>weed for sale in qatar ,weed for sale in dubai,weed for sale in...+97470301568>>weed for sale in qatar ,weed for sale in dubai,weed for sale in...
+97470301568>>weed for sale in qatar ,weed for sale in dubai,weed for sale in...
 
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNKDATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
 
Reconciling Conflicting Data Curation Actions: Transparency Through Argument...
Reconciling Conflicting Data Curation Actions: Transparency Through Argument...Reconciling Conflicting Data Curation Actions: Transparency Through Argument...
Reconciling Conflicting Data Curation Actions: Transparency Through Argument...
 
Top profile Call Girls In Satna [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Satna [ 7014168258 ] Call Me For Genuine Models We ...Top profile Call Girls In Satna [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Satna [ 7014168258 ] Call Me For Genuine Models We ...
 
Charbagh + Female Escorts Service in Lucknow | Starting ₹,5K To @25k with A/C...
Charbagh + Female Escorts Service in Lucknow | Starting ₹,5K To @25k with A/C...Charbagh + Female Escorts Service in Lucknow | Starting ₹,5K To @25k with A/C...
Charbagh + Female Escorts Service in Lucknow | Starting ₹,5K To @25k with A/C...
 
Gulbai Tekra * Cheap Call Girls In Ahmedabad Phone No 8005736733 Elite Escort...
Gulbai Tekra * Cheap Call Girls In Ahmedabad Phone No 8005736733 Elite Escort...Gulbai Tekra * Cheap Call Girls In Ahmedabad Phone No 8005736733 Elite Escort...
Gulbai Tekra * Cheap Call Girls In Ahmedabad Phone No 8005736733 Elite Escort...
 
Predicting HDB Resale Prices - Conducting Linear Regression Analysis With Orange
Predicting HDB Resale Prices - Conducting Linear Regression Analysis With OrangePredicting HDB Resale Prices - Conducting Linear Regression Analysis With Orange
Predicting HDB Resale Prices - Conducting Linear Regression Analysis With Orange
 
Jodhpur Park | Call Girls in Kolkata Phone No 8005736733 Elite Escort Service...
Jodhpur Park | Call Girls in Kolkata Phone No 8005736733 Elite Escort Service...Jodhpur Park | Call Girls in Kolkata Phone No 8005736733 Elite Escort Service...
Jodhpur Park | Call Girls in Kolkata Phone No 8005736733 Elite Escort Service...
 
Top profile Call Girls In Indore [ 7014168258 ] Call Me For Genuine Models We...
Top profile Call Girls In Indore [ 7014168258 ] Call Me For Genuine Models We...Top profile Call Girls In Indore [ 7014168258 ] Call Me For Genuine Models We...
Top profile Call Girls In Indore [ 7014168258 ] Call Me For Genuine Models We...
 
Nirala Nagar / Cheap Call Girls In Lucknow Phone No 9548273370 Elite Escort S...
Nirala Nagar / Cheap Call Girls In Lucknow Phone No 9548273370 Elite Escort S...Nirala Nagar / Cheap Call Girls In Lucknow Phone No 9548273370 Elite Escort S...
Nirala Nagar / Cheap Call Girls In Lucknow Phone No 9548273370 Elite Escort S...
 
Top profile Call Girls In bhavnagar [ 7014168258 ] Call Me For Genuine Models...
Top profile Call Girls In bhavnagar [ 7014168258 ] Call Me For Genuine Models...Top profile Call Girls In bhavnagar [ 7014168258 ] Call Me For Genuine Models...
Top profile Call Girls In bhavnagar [ 7014168258 ] Call Me For Genuine Models...
 
TrafficWave Generator Will Instantly drive targeted and engaging traffic back...
TrafficWave Generator Will Instantly drive targeted and engaging traffic back...TrafficWave Generator Will Instantly drive targeted and engaging traffic back...
TrafficWave Generator Will Instantly drive targeted and engaging traffic back...
 
Digital Transformation Playbook by Graham Ware
Digital Transformation Playbook by Graham WareDigital Transformation Playbook by Graham Ware
Digital Transformation Playbook by Graham Ware
 
High Profile Call Girls Service in Jalore { 9332606886 } VVIP NISHA Call Girl...
High Profile Call Girls Service in Jalore { 9332606886 } VVIP NISHA Call Girl...High Profile Call Girls Service in Jalore { 9332606886 } VVIP NISHA Call Girl...
High Profile Call Girls Service in Jalore { 9332606886 } VVIP NISHA Call Girl...
 
Top profile Call Girls In Bihar Sharif [ 7014168258 ] Call Me For Genuine Mod...
Top profile Call Girls In Bihar Sharif [ 7014168258 ] Call Me For Genuine Mod...Top profile Call Girls In Bihar Sharif [ 7014168258 ] Call Me For Genuine Mod...
Top profile Call Girls In Bihar Sharif [ 7014168258 ] Call Me For Genuine Mod...
 
Top profile Call Girls In Begusarai [ 7014168258 ] Call Me For Genuine Models...
Top profile Call Girls In Begusarai [ 7014168258 ] Call Me For Genuine Models...Top profile Call Girls In Begusarai [ 7014168258 ] Call Me For Genuine Models...
Top profile Call Girls In Begusarai [ 7014168258 ] Call Me For Genuine Models...
 
SAC 25 Final National, Regional & Local Angel Group Investing Insights 2024 0...
SAC 25 Final National, Regional & Local Angel Group Investing Insights 2024 0...SAC 25 Final National, Regional & Local Angel Group Investing Insights 2024 0...
SAC 25 Final National, Regional & Local Angel Group Investing Insights 2024 0...
 
Vadodara 💋 Call Girl 7737669865 Call Girls in Vadodara Escort service book now
Vadodara 💋 Call Girl 7737669865 Call Girls in Vadodara Escort service book nowVadodara 💋 Call Girl 7737669865 Call Girls in Vadodara Escort service book now
Vadodara 💋 Call Girl 7737669865 Call Girls in Vadodara Escort service book now
 
如何办理英国诺森比亚大学毕业证(NU毕业证书)成绩单原件一模一样
如何办理英国诺森比亚大学毕业证(NU毕业证书)成绩单原件一模一样如何办理英国诺森比亚大学毕业证(NU毕业证书)成绩单原件一模一样
如何办理英国诺森比亚大学毕业证(NU毕业证书)成绩单原件一模一样
 

Data Driven Cybersecurity Governance

  • 1. © 2015 Carnegie Mellon University Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Distribution Statement A: Approved for Public Release; Distribution is Unlimited Data-Driven Cybersecurity Governance Douglas Gray
  • 2. 2 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Copyright 2015 Carnegie Mellon University This material is based upon work funded and supported by the Department of Defense under Contract No. FA8721-05-C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the United States Department of Defense. NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN “AS-IS” BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT. [Distribution Statement A] This material has been approved for public release and unlimited distribution. Please see Copyright notice for non-US Government use and distribution. This material may be reproduced in its entirety, without modification, and freely distributed in written or electronic form without requesting formal permission. Permission is required for any other use. Requests for permission should be directed to the Software Engineering Institute at permission@sei.cmu.edu. CERT® and OCTAVE® are registered marks of Carnegie Mellon University. DM-0003094
  • 3. 3 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Data-Driven Cybersecurity Governance Introduction
  • 4. 4 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited • The Software Engineering Institute (SEI) is a U.S.-owned not-for-profit federally funded research and development center (FFRDC) operated by Carnegie Mellon University to focus on software and cybersecurity. • The CERT Division of the SEI is a trusted provider of operationally relevant cybersecurity research and innovative and timely solutions to our nation's cybersecurity challenges. • The CERT Division developed and maintains the CERT Resilience Management Model (CERT-RMM) and OCTAVE Allegro Methodology. Who We Are Introduction We work with the following organizations: • Carnegie Mellon University • Discover Financial • Highlands Union Bank • Lockheed Martin Corporation • Marshall & Ilsley Corporation • PNC Corporation • Pacific Gas and Electric • University of Pittsburgh Medical Center • U.S. Dept. of Defense • U.S. Dept. of Energy • U.S. Dept. of Homeland Security • U.S. Dept. of Health & Human Services • U.S. Environmental Protection Agency • U.S. National Security Agency • U.S. Postal Inspection Service • USBank
  • 5. 5 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited To discuss a process to integrate data analytics into operational cybersecurity governance decision making and execution in a way that • frames the problem quickly and accurately and that enables a fast, effective Observe, Orient, Decide, Act Loop • facilitates better data collection and synthesis, quantitative and qualitative analysis, and visualization • enables practical and repeatable analytical battle drills and TTPs for leaders and enablers at all echelons Purpose Introduction
  • 6. 6 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited W. Edwards Deming’s thoughts What it means to us “If you do not know how to ask the right question, you discover nothing.” We must have a reason to analyze data “If you don't understand how to run an efficient operation, new machinery will just give you new problems of operation and maintenance. The sure way to increase productivity is to better administrate man and machine.” We can’t “tool” our way out of cybersecurity challenges “People with targets and jobs dependent upon meeting them will probably meet the targets - even if they have to destroy the enterprise to do it.” Compliance is the beginning, not the end “Whenever there is fear, you will get wrong figures.” The use of data analytics must be productive in the aggregate, punitive as the exception Improving People and Process Introduction Technology is useless without effective processes and trained people
  • 7. 7 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Governance vs. Operations Introduction Operations Governance Scope Individual networks, systems, users, organizations Multiple networks, systems, user bases, organizations Timescale Immediate to 6 months 3 to 36 months* Level of Abstraction Transactional Trends, aggregations Management Impact Direct interaction Context setting *Although maximum technology-related decision making is limited to approximately three years due to rate of technological change, military organizations must program their expected budget needs five years in advance.
  • 8. 8 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Governance vs. Operations Introduction 8 Operations Weather – “It will snow.” Tactical Cyber – “CVE 2015-xx- xxxx is prevalent and is being compromised.” Governance Climate – “Drought in the southwest limits irrigation.” Strategic/Operational Cyber – “FedRAMP usage improves asset management.”
  • 9. 9 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Why Focus on Governance Introduction Know Prevent Detect Respond Recover Reconnaissance Weaponization Delivery Exploitation Installation Command and Control Actions on the Objective Threat Actor Actions1 Friendly Actions2 Harden People, Information, Information, Technology, Facilities Create Faster, More Accurate TTPs, Battle Drills Source: 1Lockheed Martin Kill Chain 2NIST Cybersecurity Framework Effective preparation creates the context for effective response
  • 10. 10 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Leveraging Situational Awareness to Enable Cyber Mission Command Introduction Observe Orient Decide Act mutual trust shared understanding clear leadership intent disciplined initiative mission- oriented directives prudent risk management
  • 11. 11 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Data-Driven Cybersecurity Governance Observe
  • 12. 12 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Facets of Cybersecurity Governance Observe
  • 13. 13 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Data Fusion Observe Data Fusion Activities Automated vulnerability sensor information •Hardware & Software •Behavioral Observables (Insider Threat) Threat Information •Threat Actor Analysis •Prevailing Attack Patterns Management Information •Budget Information •Demographic Information •Legal & Administrative Investigation Statuses •Mission Impact Analysis Qualitative Assessment • Inspections/Assessments • Professional Sentiments Analysis Orient Unstructured Data Machine Learning Text Analysis Trend Analysis Correlation
  • 14. 14 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Data-Driven Cybersecurity Governance Orient
  • 15. 15 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Decision Science vs. Dashboard Orient 1 Dashboard “It’s going to snow.” Decision Science “It’s going to snow. Wear galoshes, gloves, scarf, winter coat.”
  • 16. 16 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Level 1 Perception of the elements in the environment Level 2 Comprehension of the current situation Level 3 Projection of future status Developing Situational Awareness Orient Source: Endsley, M. & Jones, D. Designing for Situation Awareness: An Approach to User-Centered Design (2nd ed.). CRC Press. 2012.
  • 17. 17 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Decomposing the Situation to Develop Situational Awareness Orient Situational Awareness Voice of the Environment Socio-Political Legal and Policy Technological Business Physical Voice of the Organization Voice of the Mission Voice of the Service Strategic Objectives and Supporting Services Organizational Culture Organizational Assets External Dependencies Voice of the Threat Actor Describe Threat Actor Develop Threat Actor Use Cases Indices Probabilistic Models Game Theory Expert Opinion
  • 18. 18 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Build and Update Targeted Metrics Orient Requirements Identify requirements from mandates, doctrine, strategy Group requirements into categories Goals Develop one or more goals for each category Question Develop one or more questions that, if answered, help determine if the goal is met Indicators Identify the information requirements to answer the question Metrics Identify the metrics that will measure the indicator to answer the question Use new metrics to mature current metrics What do we want to know? Why do we want to know it? What will we do once we know it? Build and add to a metrics library.
  • 19. 19 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Authoritative vs. Non-Authoritative Data Orient Authoritative Data • Based on their ability to stand alone as a source for one or more facets of cybersecurity governance • Population • Comprehensiveness • Poor data quality does not make a source not authoritative; it means the quality problems should be fixed Non-Authoritative Data • Source does not cover enough of the population or not comprehensive enough to be authoritative • Can speak to confidence level of an authoritative data source • Examples: reviews, assessments, inspections, surveys.
  • 20. 20 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Using Behavioral Models to Target Stakeholder Need Orient Executives: • Elected leaders, appointees, GOs, FOs, SESs • Target data with eye toward organizational mission and constituents Middle Management: • Staff officers, analysts • Target data with eye toward routines, procedures information Source: Allison, G. T., & Zelikow, P. (1999). Essence of Decision: Explaining the Cuban Missile Crisis (2nd ed.) (Kindle Edition). New York: Longman. Results of data analysis must be impactful to the recipient. Frame products according to organizational behavioral models.
  • 21. 21 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Data-Driven Cybersecurity Governance Decide
  • 22. 22 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited • Determine confidence level in assessed data • Low – analyze through subsequent OODA loop • Medium to High – develop action plan to effect change • Identify and prioritize governance-level risks; identify metric- supported thresholds of acceptability and unacceptability • Support solutions. Go beyond “name and shame.” Use metrics to identify key trends and corrective governance-level actions • Tie metrics to a resulting set of possible risk management outcomes • Identify enablers such as SMEs, funding, contract vehicles • Identify organizations that exceed expectations in certain areas and their lessons learned • Identify what expected changes in metric values should be and how to avoid bias/gaming • Prioritize and identify metric thresholds where costs will exceed benefits Key Planning and Decision-Making Factors Decide
  • 23. 23 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Data-Driven Cybersecurity Governance Act
  • 24. 24 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Leveraging Enablers to Achieve Desired Effects Act
  • 25. 25 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited • Leverage enablers at the proper organizational level; avoid the “3,000-mile screwdriver” • Governance sets the direction through governance facets. Operations executes through disciplined project management • Avoid numerous, rapid changes that cause enterprise turbulence • Tie actions to expected outcomes and expected timeframes; socialize and communicate expectations • Set decision points to check progress against expectations • Build knowledge base to make for faster and more effective OODA loop Success at the Point of Execution Act
  • 26. 26 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Data-Driven Cybersecurity Governance Implementation
  • 27. 27 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Identify success stories • Lessons Learned • Tie to data analysis Identify cautionary tales • Lessons Learned • Tie to data analysis Track event-driven events • Identify trends that respond to events • Resourcing, technology, incidents Building a Cybersecurity Knowledge Base Implementation 2 7
  • 28. 28 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited • Inventory on-hand data • Inventory metrics • Develop data fusion capabilitiesObserve • Refine metrics based on constraints and mandates • Define stakeholders based on behavioral models • Develop quantitative and qualitative analysis engines • Develop visualization capabilities Orient • Inventory enablers and their capabilities • Identify desired outcomes for metrics (i.e., thresholds) • Develop decision support TTPs • Develop decision-support systems Decide • Develop knowledge base • Simulate and practice new decision-making TTPs • Develop and refine process control mechanisms • Develop, refine and leverage communications channels Act How to Implement Implementation
  • 29. 29 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Outcomes of Data Driven Governance Implementation • Faster, more accurate decision making • Better use of resources • Better enterprise cohesion and synchronization • Data-driven outcomes • Improved information sharing • Adaptable to change Observe Orient Decide Act
  • 30. 30 Data Driven Cybersecurity Governance Dec. 18 2015 © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited © 2015 Carnegie Mellon University Distribution Statement A: Approved for Public Release; Distribution is Unlimited Data-Driven Cybersecurity Governance Questions

Notas do Editor

  1. 12/21/2015