Enviar pesquisa
Carregar
Conley Group Operational Security Presentation
•
Transferir como PPT, PDF
•
4 gostaram
•
1,576 visualizações
G
guest019923
Seguir
This is a presentation about the topic of Operational Security, also known as OPSEC.
Leia menos
Leia mais
Tecnologia
Negócios
Denunciar
Compartilhar
Denunciar
Compartilhar
1 de 20
Baixar agora
Recomendados
Conley Group Opsec Presentation
Conley Group Opsec Presentation
The Conley Group, Inc.
OPSEC Vulnerabilities And Indicators
OPSEC Vulnerabilities And Indicators
Department of Defense
Global privacy research
Global privacy research
bbw1984
Catch-me if you can - TOR tricks for bots, shells and general hacking
Catch-me if you can - TOR tricks for bots, shells and general hacking
Jan Seidl
NSA-Proof communications (mostly)
NSA-Proof communications (mostly)
Jan Seidl
Opsec & sns for distro (no vid)
Opsec & sns for distro (no vid)
Naval OPSEC
Reducing attack surface on ICS with Windows native solutions
Reducing attack surface on ICS with Windows native solutions
Jan Seidl
Opsec for families
Opsec for families
Lindy Kyzer
Recomendados
Conley Group Opsec Presentation
Conley Group Opsec Presentation
The Conley Group, Inc.
OPSEC Vulnerabilities And Indicators
OPSEC Vulnerabilities And Indicators
Department of Defense
Global privacy research
Global privacy research
bbw1984
Catch-me if you can - TOR tricks for bots, shells and general hacking
Catch-me if you can - TOR tricks for bots, shells and general hacking
Jan Seidl
NSA-Proof communications (mostly)
NSA-Proof communications (mostly)
Jan Seidl
Opsec & sns for distro (no vid)
Opsec & sns for distro (no vid)
Naval OPSEC
Reducing attack surface on ICS with Windows native solutions
Reducing attack surface on ICS with Windows native solutions
Jan Seidl
Opsec for families
Opsec for families
Lindy Kyzer
OPSEC for Kids
OPSEC for Kids
Department of Defense
OPSEC for Families
OPSEC for Families
Department of Defense
Social Media - Privacy and Settings
Social Media - Privacy and Settings
Vanguard Leadership
Personal Data Ecosystem - NSTIC Privacy Workshop
Personal Data Ecosystem - NSTIC Privacy Workshop
Kaliya "Identity Woman" Young
FB Privacy Settings Jan 2015
FB Privacy Settings Jan 2015
Naval OPSEC
Social Media Safety Tips
Social Media Safety Tips
Department of Defense
Module 10 Physical Security
Module 10 Physical Security
leminhvuong
OPSEC for hackers
OPSEC for hackers
grugq
Army Social Media Presentation
Army Social Media Presentation
Department of Defense
Information Security Lecture #1 ppt
Information Security Lecture #1 ppt
vasanthimuniasamy
Physical Security Presentation
Physical Security Presentation
Wajahat Rajab
Slideshare Powerpoint presentation
Slideshare Powerpoint presentation
elliehood
ISC2014 Beijing Keynote
ISC2014 Beijing Keynote
Cyphort
Security For Free
Security For Free
gwarden
Bring Your Own Device - Key Steps for an effective program
Bring Your Own Device - Key Steps for an effective program
Brent Spencer
Cybersecurity 5 road_blocks
Cybersecurity 5 road_blocks
Cyphort
Transforming the CSO Role to Business Enabler
Transforming the CSO Role to Business Enabler
CloudPassage
dataProtection_p3.ppt
dataProtection_p3.ppt
ssusera76ea9
Pdp It Crisis Ppt
Pdp It Crisis Ppt
Jesse Kedy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Stephanie McVitty
Threat Intelligence + SIEM: A Force to be Reckoned With
Threat Intelligence + SIEM: A Force to be Reckoned With
SolarWinds
The Permanent Campaign
The Permanent Campaign
Denim Group
Mais conteúdo relacionado
Destaque
OPSEC for Kids
OPSEC for Kids
Department of Defense
OPSEC for Families
OPSEC for Families
Department of Defense
Social Media - Privacy and Settings
Social Media - Privacy and Settings
Vanguard Leadership
Personal Data Ecosystem - NSTIC Privacy Workshop
Personal Data Ecosystem - NSTIC Privacy Workshop
Kaliya "Identity Woman" Young
FB Privacy Settings Jan 2015
FB Privacy Settings Jan 2015
Naval OPSEC
Social Media Safety Tips
Social Media Safety Tips
Department of Defense
Module 10 Physical Security
Module 10 Physical Security
leminhvuong
OPSEC for hackers
OPSEC for hackers
grugq
Army Social Media Presentation
Army Social Media Presentation
Department of Defense
Information Security Lecture #1 ppt
Information Security Lecture #1 ppt
vasanthimuniasamy
Physical Security Presentation
Physical Security Presentation
Wajahat Rajab
Slideshare Powerpoint presentation
Slideshare Powerpoint presentation
elliehood
Destaque
(12)
OPSEC for Kids
OPSEC for Kids
OPSEC for Families
OPSEC for Families
Social Media - Privacy and Settings
Social Media - Privacy and Settings
Personal Data Ecosystem - NSTIC Privacy Workshop
Personal Data Ecosystem - NSTIC Privacy Workshop
FB Privacy Settings Jan 2015
FB Privacy Settings Jan 2015
Social Media Safety Tips
Social Media Safety Tips
Module 10 Physical Security
Module 10 Physical Security
OPSEC for hackers
OPSEC for hackers
Army Social Media Presentation
Army Social Media Presentation
Information Security Lecture #1 ppt
Information Security Lecture #1 ppt
Physical Security Presentation
Physical Security Presentation
Slideshare Powerpoint presentation
Slideshare Powerpoint presentation
Semelhante a Conley Group Operational Security Presentation
ISC2014 Beijing Keynote
ISC2014 Beijing Keynote
Cyphort
Security For Free
Security For Free
gwarden
Bring Your Own Device - Key Steps for an effective program
Bring Your Own Device - Key Steps for an effective program
Brent Spencer
Cybersecurity 5 road_blocks
Cybersecurity 5 road_blocks
Cyphort
Transforming the CSO Role to Business Enabler
Transforming the CSO Role to Business Enabler
CloudPassage
dataProtection_p3.ppt
dataProtection_p3.ppt
ssusera76ea9
Pdp It Crisis Ppt
Pdp It Crisis Ppt
Jesse Kedy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Stephanie McVitty
Threat Intelligence + SIEM: A Force to be Reckoned With
Threat Intelligence + SIEM: A Force to be Reckoned With
SolarWinds
The Permanent Campaign
The Permanent Campaign
Denim Group
Vulnerability Management
Vulnerability Management
justinkallhoff
The Permanent Campaign: Driving a Secure Software Initiative in the Enterprise
The Permanent Campaign: Driving a Secure Software Initiative in the Enterprise
Denim Group
Software Security: Is OK Good Enough? OWASP AppSec USA 2011
Software Security: Is OK Good Enough? OWASP AppSec USA 2011
Denim Group
CWIN17 telford gdpr or how to eat the elephant a bit at a time - andy powell
CWIN17 telford gdpr or how to eat the elephant a bit at a time - andy powell
Capgemini
Security Testing for Test Professionals
Security Testing for Test Professionals
TechWell
Software Security: Is OK Good Enough?
Software Security: Is OK Good Enough?
Denim Group
Developing a world class omnichannel customer experience
Developing a world class omnichannel customer experience
Jeremy Cox MA DipM
Enterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to Basics
Damon Small
A Profile of the Backoff PoS Malware that Hit 1000+ Retail Businesses
A Profile of the Backoff PoS Malware that Hit 1000+ Retail Businesses
Lastline, Inc.
Security Testing for Testing Professionals
Security Testing for Testing Professionals
TechWell
Semelhante a Conley Group Operational Security Presentation
(20)
ISC2014 Beijing Keynote
ISC2014 Beijing Keynote
Security For Free
Security For Free
Bring Your Own Device - Key Steps for an effective program
Bring Your Own Device - Key Steps for an effective program
Cybersecurity 5 road_blocks
Cybersecurity 5 road_blocks
Transforming the CSO Role to Business Enabler
Transforming the CSO Role to Business Enabler
dataProtection_p3.ppt
dataProtection_p3.ppt
Pdp It Crisis Ppt
Pdp It Crisis Ppt
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Threat Intelligence + SIEM: A Force to be Reckoned With
Threat Intelligence + SIEM: A Force to be Reckoned With
The Permanent Campaign
The Permanent Campaign
Vulnerability Management
Vulnerability Management
The Permanent Campaign: Driving a Secure Software Initiative in the Enterprise
The Permanent Campaign: Driving a Secure Software Initiative in the Enterprise
Software Security: Is OK Good Enough? OWASP AppSec USA 2011
Software Security: Is OK Good Enough? OWASP AppSec USA 2011
CWIN17 telford gdpr or how to eat the elephant a bit at a time - andy powell
CWIN17 telford gdpr or how to eat the elephant a bit at a time - andy powell
Security Testing for Test Professionals
Security Testing for Test Professionals
Software Security: Is OK Good Enough?
Software Security: Is OK Good Enough?
Developing a world class omnichannel customer experience
Developing a world class omnichannel customer experience
Enterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to Basics
A Profile of the Backoff PoS Malware that Hit 1000+ Retail Businesses
A Profile of the Backoff PoS Malware that Hit 1000+ Retail Businesses
Security Testing for Testing Professionals
Security Testing for Testing Professionals
Último
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
Sergiu Bodiu
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
LoriGlavin3
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
HarshalMandlekar2
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
BookNet Canada
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
LoriGlavin3
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
Curtis Poe
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
Rick Flair
How to write a Business Continuity Plan
How to write a Business Continuity Plan
Databarracks
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
LoriGlavin3
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
LoriGlavin3
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
Nicole Novielli
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
Alan Dix
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
Pixlogix Infotech
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
Nathaniel Shimoni
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
Manik S Magar
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
Lonnie McRorey
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
LoriGlavin3
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
Fwdays
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
hariprasad279825
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
2toLead Limited
Último
(20)
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
How to write a Business Continuity Plan
How to write a Business Continuity Plan
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
Conley Group Operational Security Presentation
1.
Operational Security
(OPSEC) PRESENTED BY TOM M. CONLEY, CPP, CFE, CISM PRESIDENT AND CEO Copyright © 2009 The Conley Group, Inc. All Rights Reserved
2.
Today’s Objectives • What
is OPSEC • Understand the OPSEC Process • Learn how OPSEC applies to YOU in YOUR environment Copyright © 2009 The Conley Group, Inc. All Rights Reserved
3.
What Is OPSEC? •
OPSEC Defined • The OPSEC Process –Critical Information –Indicators –Adversaries –Vulnerabilities –Protective Measures Copyright © 2009 The Conley Group, Inc. All Rights Reserved
4.
OPSEC Covers ALL
Organizational Areas Public Affairs Operations COMPUSEC Emanations Acquisition Personnel COMSEC Logistics Physical Copyright © 2009 The Conley Group, Inc. All Rights Reserved
5.
OPSEC Definition 1 A
process of routinely denying potential adversaries information about our capabilities and/or intentions by identifying, controlling, and protecting any data or other information that may provide evidence of the planning and execution of sensitive activities to our enemy. Copyright © 2009 The Conley Group, Inc. All Rights Reserved
6.
OPSEC Definition 2 The
purpose of OPSEC is to reduce the vulnerability of US and coalition forces from successful adversary exploitation of critical information. OPSEC applies to ALL activities that prepare, sustain, or employ forces during all operations. It prevents the display of, or collection of, critical information — especially while preparing for and conducting actual combat operations. Copyright © 2009 The Conley Group, Inc. All Rights Reserved
7.
Critical Information • Critical
information are the core secrets of an activity, capability, or intention that if known to the adversary, could weaken or defeat the operation. • Critical information is the information about your operations an adversary needs to achieve their goals. • Critical information usually involves only a few key items. • If those items are unavailable to us they could impact the way we conduct business. • Our critical information is information required to be successful in our jobs. Copyright © 2009 The Conley Group, Inc. All Rights Reserved
8.
Indicators
Information May Be Collected By: • Monitoring telephone and public conversations • Analyzing telephone directories, financial or purchasing documents • Position or "job" announcements • Travel documents • Blueprints or drawings • Distribution lists • Social engineering • Information or items found in the trash • Public Websites Copyright © 2009 The Conley Group, Inc. All Rights Reserved
9.
Adversaries • Who are
we talking about? In the Cold War days you knew it was the communist threat. Today, the Cold War is over but new threats have emerged. • Economic superiority and political gain are other driving forces. Our former allies during the Cold War and Desert Storm are now collecting technology from us to gain an advantage in the global market. Copyright © 2009 The Conley Group, Inc. All Rights Reserved
10.
Vulnerabilities • Vulnerabilities are
defined as the characteristics of a system which can cause it to suffer degradation as a result of having been subjected to some level of a hostile threat. • Determining our vulnerabilities involves analyzing how we conduct operations. We must look at ourselves as the adversary would. • From this perspective we can determine what are the true, rather than the hypothetical, vulnerabilities. Copyright © 2009 The Conley Group, Inc. All Rights Reserved
11.
Protective Measures • Vulnerabilities
and specific threats must be matched. • Where the vulnerabilities are great and the threat is evident, the risk of exploitation should be expected. A high priority for protection should be assigned and corrective action taken. • Where the vulnerability is slight and the adversary has a marginal collection capability, the priority should be lower. Copyright © 2009 The Conley Group, Inc. All Rights Reserved
12.
Information Collection Signals Intelligence
(SIGINT) Imagery Intelligence (IMINT) Human Intelligence (HUMINT) Open Source Intelligence (OSINT) Copyright © 2009 The Conley Group, Inc. All Rights Reserved
13.
Consequences of an
OPSEC Failure Copyright © 2009 The Conley Group, Inc. All Rights Reserved
14.
How About
Workplace OPSEC? • Handling sensitive or classified information • Clean desk? • Talking about work matters outside of the workplace • You ARE NOT being a snitch if you report suspicious activity Copyright © 2009 The Conley Group, Inc. All Rights Reserved
15.
OPSEC Simplified Identify
YOUR Critical Information Analyze YOUR Threats Analyze YOUR Vulnerabilities Assess YOUR Risks Employ Correct Protective Measures Copyright © 2009 The Conley Group, Inc. All Rights Reserved
16.
Who is Responsible
for OPSEC? GOOD SECURITY IS A GROUP EFFORT Copyright © 2009 The Conley Group, Inc. All Rights Reserved
17.
The Bottom Line •
The threat is REAL • Protect our technological advantage • Asymmetric Threats are today’s concern and not always clearly evident • Practice common sense and include OPSEC in your daily routines • YOUR adversary IS watching – are you? Copyright © 2009 The Conley Group, Inc. All Rights Reserved
18.
Summary • OPSEC is
an Analytic Process • OPSEC is Adversary-Oriented • Every Operation Has Vulnerabilities • All Indicators Cannot Be Eliminated • Risk Can Be Mitigated (vs. Avoided) • An Effective Countermeasure is a Good Countermeasure (anything legal that works) Copyright © 2009 The Conley Group, Inc. All Rights Reserved
19.
Final Thoughts
THINK OPSEC Copyright © 2009 The Conley Group, Inc. All Rights Reserved
20.
Questions? Copyright © 2009
The Conley Group, Inc. All Rights Reserved
Baixar agora