SlideShare uma empresa Scribd logo

Socio-technical Secuirty Value Chain

‱Transferir como PPTX, PDF‱
‱
S
Stewart Kowalski

Discusses how to improve security on the internets

Internet
1 de 36
A Framework and Prototype for A Socio-Technical Security Information and Event Management System ST-SIEM Bilal AlSabbagh Department of Computer and Systems Science Stockholm University Stockholm, Sweden bilal@dsv.su.se Stewart Kowalski Norwegian Information Security Lab Center for Cyber and Information Security Norwegian University of Science and Technology GjĂžvik, Norway stewart.kowalski@ntnu.no
2 Outline 19 slides 15 minutes! ‱ Personal Introductions – Industrial Doctoral Student 1 slide – A very old jaded Cyber Security (Knowledge) Worker (3 slides ) ‱ Meta Goal and Goal $ – (5 minutes - 6 slides) ‱ Problem(s) and Background (s) – (5 Minutes- 3 slides) ‱ Contributions – (5 minutes – 4 slides) ‱ Questions and Next Steps – 5 minutes 2-slides)
Bilal Al Sabbagh ‱ Academic Credentials: – PhD Candidate, DSV, Stockholm University – Research Interests: ‱ Social aspects of information security, security culture – Academic Degrees ‱ MSc Information and Communication Systems Security, KTH, 2006 ‱ BSc Computer Engineering, 2002 ‱ Industrial Credentials – Information and Network Security Consultant at – Works full time with the security on the dot sa (Saudia Arabia), – Industrial Credentials ‱ CISSP, CISA, CCSP, CCNA 3 10/2/2016 Bilal Al Sabbagh, - DSV
4JAG= A CUP THAT RUNNETH OVER My research work and industrial work in security stretch over 30 years and include both theoretical and empirical research in security and product and services.
5INDUSTRIAL VS UNIVERSITY WORK Deal with complex problems. Must give simple solutions. Deal with simple problems. Must give complex solutions. As a Professor “Swedish rumpnisse” in Norway I have earned the right to ask simple questions and give complex answers!
6 IT/IS SECURITY VALUE CHAIN Researching Teaching Standardizing + Regulation Product Management Development Sales Support Operations & Services Crypto Key Managment Systems Designer Philips Fiancial Business System 1988
7 Researching Teaching Standardizing + Regulation Product Management Development Sales Support Operations & Services Crypto Key Managment Systems Designer Philips Fiancial Business System 1988 Assitant Professor Computer & Telecom Secruity and Business 1989 Stockholm Universtiy Royal Institute of Technology University College GĂ€vle Stockholm School of Economics IT/IS Security Value Chain
8 Researching Teaching Standardizing + Regulation Product Management Development Sales Support Operations & Services Manager Research Business + Security Telia 1998 Crypto Key Managment Systems Designer Philips Fiancial Business System 1988 Assitant Professor Computer & Telecom Secruity and Business 1989 Stockholm Universtiy Royal Institute of Technology University College GĂ€vle Stockholm School of Economics IT/IS Security Value Chain
9 Researching Teaching Standardizing + Regulation Product Management Development Sales Support Operations & Services Manager Research Business + Security Telia 1998 Senior Security Management Consult Ericsson 1999 Crypto Key Managment Systems Designer Philips Fiancial Business System 1988 Assitant Professor Computer & Telecom Secruity and Business 1989 Stockholm Universtiy Royal Institute of Technology University College GĂ€vle Stockholm School of Economics IT/IS Security Value Chain
10 Researching Teaching Standardizing + Regulation Product Management Development Sales Support Operations & Services Manager Research Business + Security Telia 1998 Senior Security Management Consult Ericsson 1999 Strategic Product Manager Security and Fraud Prevention Core Networks Ericsson 2002 Crypto Key Managment Systems Designer Philips Fiancial Business System 1988 Assitant Professor Computer & Telecom Secruity and Business 1989 Stockholm Universtiy Royal Institute of Technology University College GĂ€vle Stockholm School of Economics IT/IS SECURITY VALUE CHAIN
11 Researching Teaching Standardizing + Regulation Product Management Development Sales Support Operations & Services Manager Research Business + Security Telia 1998 Senior Security Management Consult Ericsson 1999 Strategic Product Manager Security and Fraud Prevention Core Networks Ericsson 2002 Crypto Key Managment Systems Designer Philips Fiancial Business System 1988 Manager Ericsson Security Evaluations Competence Center 2003 Assitant Professor Computer & Telecom Secruity and Business 1989 Stockholm Universtiy Royal Institute of Technology University College GĂ€vle Stockholm School of Econmics IT/IS SECURITY VALUE CHAIN
12 Researching Teaching Standardizing + Regulation Product Management Development Sales Support Operations & Services Manager Research Business + Security Telia 1998 Senior Security Management Consult Ericsson 1999 Strategic Product Manager Security and Fraud Prevention Core Networks Ericsson 2002 Crypto Key Managment Systems Designer Philips Fiancial Business System 1988 Manger Risk & Security Business Unit Global Services Global Network Operations Center 2006-2009 Manager Ericsson Security Evaluations Competence Center 2003 Assitant Professor Computer & Telecom Secruity and Business 1989 Stockholm Universtiy Royal Institute of Technology University College GĂ€vle Stockholm School of Economics IT/IS SECURITY VALUE CHAIN
13 Researching Teaching Standardizing + Regulation Product Management Development Sales Support Operations & Services Manager Research Business + Security Telia 1998 Senior Security Management Consult Ericsson 1999 Strategic Product Manager Security and Fraud Prevention Core Networks Ericsson 2002 Crypto Key Managment Systems Designer Philips Fiancial Business System 1988 Manger Risk & Security Business Unit Global Services Global Network Operations Center 2006-2009 Manager Ericsson Security Evaluations Competence Center 2003 Associate Professor 17 May 2010 Assitant Professor Computer & Telecom Secruity and Business 1989 Stockholm Universtiy Royal Institute of Technology University College GĂ€vle Stockholm School of Economics Senior Security Architecte and Product Manager Huawei Technologies 2009- 2011 IT/IS SECURITY VALUE CHAIN
14 Researching Teaching Standardizing + Regulation Product Management Development Sales Support Operations & Services Manager Research Business + Security Telia 1998 Senior Security Management Consult Ericsson 1999 Strategic Product Manager Security and Fraud Prevention Core Networks Ericsson 2002 Crypto Key Managment Systems Designer Philips Fiancial Business System 1988 Manger Risk & Security Business Unit Global Services Global Network Operations Center 2006-2009 Manager Ericsson Security Evaluations Competence Center 2003 Full time academic 1st April 2011 Associate Professor Computer & Telecom Secruity and Business 1989 Stockholm Universtiy Royal Institute of Technology University College GĂ€vle Stockholm School of Business Senior Security Architecte and Product Manager Huawei Technologies 2009- 2011 IT/IS SECURITY VALUE CHAIN
Meta Goal of The Research ‱ 7 year industrial doctoral research plan to investigate how best to add value $ to the socio- technical global cyber security value chain. In system X
Concrete Goal Open Source Security Event Management Systems- How to make it socio-technically efficient and or/Cheaper?
A Value Chain is ‱ the interconnect group of industry participants that collectively create value for the end user. ‱ If technologies or services are to succeed they must deliver financial or operational value at every stage of the chain. ‱ For any technology or service to be adopted, each element on the chain must add value for the next element. Ref: The strategic Implications of Computing and the Internet on Wireless: The Competitive Blur Through 2008, Herschel Schoteck Associates. ) Meta-Goal
Security Spending Mental Models IT Workers individuals (Saudi Arabia) Personal Organizational Natiional Spending /Priority Deter Prevent Detect Correct Recover 18Bilal Al Sabbagh, Stewart Kowalski - DSV
Comparing Swedish and Norwegian Bank’s Security Value Chain Oct 2011
20 Concrete Value Chain Hardware Software Systems Services “the primary defining concept in a value chain is what the customer is willing to pay for” Porter 1985 The Competitive Advantage
Security Value Chain Concrete $ View Hardware Software System ServicesBuyers Total global market size for e-business security products in $ millions (2000–2005) 2000 2001 2002 2003 2004 2005 Access security 940 2,160 4,830 7,850 12,690 16,120 Communication security 810 1,610 2,970 4,680 7,340 9,040 Content security 660 1,300 2,390 3,700 5,660 6,910 Security Management 700 1,520 2,790 4,460 9,490 11,820 Services 410 1,020 2,390 4,610 9,050 14,780 Total 3,520 7,610 15,370 25,300 44,230 58,670 $ Security Incident Event Management Systems and Services $
Outline ‱ Goal and Meta Goal $ – (5 minutes - 6 slides) ‱ Concrete Problem and Background – (5 Minutes- 3 slides) ‱ Contributions – (5 minutes – 4 slides) ‱ Questions and Next Steps – 5 minutes 2-slides)
National Computer Emergency Response Teams (CERT)s Role ‱ Support organizations with security incident response capabilities ‱ Provide actionable security information ‱ Utilize several tools (SIEMs and others) for effectiveness and efficiency ‱ Collects; prepare; process; enrich ; disseminate security information Background
Problems with Security Event Management Reduce False positives by ABC = Always be contextualizing Ref : https://www.linkedin.com/pulse/contextualization-security-analytics-niranjan-mayya Hardware Software System ServicesBuyers $ Security Incident Event Management Systems and Services $
ENISA HIGHLIGHTS ‱ Actionable information disseminated by CERTs are not equally relevant (or even actionable) to constituents ‱ Challenges for security managers how to respond to this information using their information security management systems (ISMS) Problem CERT.SE Company X SIEM Company X ISMS
Outline ‱ Goal and Meta Goal $ – (5 minutes - 2 slides) ‱ Problem and Background – (5 Minutes- 5 slides) ‱ Contributions – (5 minutes – 6 slides) ‱ Questions and Next Steps – 5 minutes 2-slides
Paper contribution 1. Framework for a socio-technical SIEM to improve security response at organizations 2. Correlating technical security events with the risk escalation maturity levels of constituents (socio-technical) 3. The risk factor is not generic but directed based on the organization security culture and technological security posture
Paper contribution 1 ‱ Framework for a socio-technical SIEM to improve security response at organizations
Paper contribution 1. Framework for a socio-technical SIEM to improve security response at organizations 2. Correlating technical security events with the risk escalation maturity levels of constituents (socio-technical) 3. The risk factor is not generic but directed based on the organization security culture and technological security posture
Framework for information security risk management and escalation Combination of NIST and ISO Frameworks
Risk escalation maturity levels Non- existent Repeatable Defined Managed Optimized Risk Escalation Maturity Awareness Responsibility Reporting Policies/Standards Knowledge/education Procedures/tools
Paper contribution 1. Framework for a socio-technical SIEM to improve security response at organizations 2. Correlating technical security events with the risk escalation maturity levels of constituents (socio-technical) 3. The risk factor is not generic but directed based on the organization security culture and technological security posture
Security Event: Managed organization firewall has rejected a connection from a source host to the destination organization asset because the configured per-client connections limit was exceeded. Priority: 1 of 5 Reliability: 1 of 10 Targeted asset value: 4 of 5 (Asset in this case was the DNS server) Risk factor: 4 x 1 x 1 /25 = 0.16 of 10 Contribution 3 Page 73 of the user guide https://www.alienvault.com/doc-repo/usm/v5/USM-v5-User-Guide.pdf
34 Outline ‱ Goal and Meta Goal $ – (5 minutes - 2 slides) ‱ Problem and Background – (5 Minutes- 5 slides) ‱ Contributions – (5 minutes – 4 slides) ‱ Next Steps and Your Suggestion Questions – 5 minutes 2-slides
Next Step Desk-Top/Ex-Post Risk Scenario Test of Socio-technical Correlation Engine Risk factor = f (security event technical attributes, organization risk escalation maturity level) ? EX-post Ex-Ante Risk Scenari o ? CERT.X Org ML3 Org ML3..MLN
A global Socio-Technical cyber security Warning Systems 36 >?<

Recomendados

Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Sncs2015 cybersecurityy risk and control jakarta 3-4 juni 2015 ver01
Sncs2015 cybersecurityy risk and control jakarta 3-4 juni 2015 ver01Sncs2015 cybersecurityy risk and control jakarta 3-4 juni 2015 ver01
Sncs2015 cybersecurityy risk and control jakarta 3-4 juni 2015 ver01Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Progress towards security in the Cloud-HĂ©ctor SĂĄnchez, Microsoft
Progress towards security in the Cloud-HĂ©ctor SĂĄnchez, MicrosoftProgress towards security in the Cloud-HĂ©ctor SĂĄnchez, Microsoft
Progress towards security in the Cloud-HĂ©ctor SĂĄnchez, MicrosoftMind the Byte
 
Sarwono sutikno nisd2013 - transforming cybersecurity
Sarwono sutikno nisd2013 - transforming cybersecuritySarwono sutikno nisd2013 - transforming cybersecurity
Sarwono sutikno nisd2013 - transforming cybersecuritySarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Security fundamentals
Security fundamentalsSecurity fundamentals
Security fundamentalsSofoklisEfremidisAIT
 
IT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAE
IT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAEIT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAE
IT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAE360 BSI
 
Ethical Hacking Workshop is an essential for hackers
Ethical Hacking Workshop is an essential for hackersEthical Hacking Workshop is an essential for hackers
Ethical Hacking Workshop is an essential for hackerstechnoxian
 
Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...
Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...
Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...360 BSI
 

Recomendados

Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Sncs2015 cybersecurityy risk and control jakarta 3-4 juni 2015 ver01
Sncs2015 cybersecurityy risk and control jakarta 3-4 juni 2015 ver01Sncs2015 cybersecurityy risk and control jakarta 3-4 juni 2015 ver01
Sncs2015 cybersecurityy risk and control jakarta 3-4 juni 2015 ver01Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Progress towards security in the Cloud-HĂ©ctor SĂĄnchez, Microsoft
Progress towards security in the Cloud-HĂ©ctor SĂĄnchez, MicrosoftProgress towards security in the Cloud-HĂ©ctor SĂĄnchez, Microsoft
Progress towards security in the Cloud-HĂ©ctor SĂĄnchez, MicrosoftMind the Byte
 
Sarwono sutikno nisd2013 - transforming cybersecurity
Sarwono sutikno nisd2013 - transforming cybersecuritySarwono sutikno nisd2013 - transforming cybersecurity
Sarwono sutikno nisd2013 - transforming cybersecuritySarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Security fundamentals
Security fundamentalsSecurity fundamentals
Security fundamentalsSofoklisEfremidisAIT
 
IT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAE
IT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAEIT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAE
IT Security Architecture & Leadership, 03 - 06 March 2019 Dubai, UAE360 BSI
 
Ethical Hacking Workshop is an essential for hackers
Ethical Hacking Workshop is an essential for hackersEthical Hacking Workshop is an essential for hackers
Ethical Hacking Workshop is an essential for hackerstechnoxian
 
Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...
Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...
Cybersecurity Management Principles, 11 - 14 Sept 2017 KL, Malaysia / 17 - 20...360 BSI
 
Allergy and Epi-pen
Allergy and Epi-penAllergy and Epi-pen
Allergy and Epi-penjkidd423
 
secQme BodyGuard in your mobile phone
secQme BodyGuard in your mobile phonesecQme BodyGuard in your mobile phone
secQme BodyGuard in your mobile phoneKhoo Shiang
 
Cert IV in Security & Risk Managment
Cert IV in Security & Risk ManagmentCert IV in Security & Risk Managment
Cert IV in Security & Risk ManagmentPaul Harrison J.P.
 
Choosing the Right Fabric for Your Bespoke Suit
Choosing the Right Fabric for Your Bespoke SuitChoosing the Right Fabric for Your Bespoke Suit
Choosing the Right Fabric for Your Bespoke SuitbyDCLA
 
BUSQUEDA EN INTERNET
BUSQUEDA EN INTERNETBUSQUEDA EN INTERNET
BUSQUEDA EN INTERNETvillacorta25912
 
Credit Card Computers and Their Application in HE
Credit Card Computers and Their Application in HECredit Card Computers and Their Application in HE
Credit Card Computers and Their Application in HEThomas Danford
 
Barrington Ayre Shirtmaker & Tailor Brochure
Barrington Ayre Shirtmaker & Tailor BrochureBarrington Ayre Shirtmaker & Tailor Brochure
Barrington Ayre Shirtmaker & Tailor BrochureTom Wharton
 
Panel Discussion - Counterfeit Electronics and the Defense Authorization Bill
Panel Discussion - Counterfeit Electronics and the Defense Authorization BillPanel Discussion - Counterfeit Electronics and the Defense Authorization Bill
Panel Discussion - Counterfeit Electronics and the Defense Authorization BillIHS
 
Group Research & Proposal for Fashion Shoe Brand Eighthereal
Group Research & Proposal for Fashion Shoe Brand EightherealGroup Research & Proposal for Fashion Shoe Brand Eighthereal
Group Research & Proposal for Fashion Shoe Brand EightherealEna Teo Jia En
 
Security Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurity Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurestorm
 
Flavor components
Flavor componentsFlavor components
Flavor componentsemem amparo
 
Mens Fashion
Mens FashionMens Fashion
Mens FashionTTC Webmaster
 
Mobile Phone and SIM card cloning
Mobile Phone and SIM card cloningMobile Phone and SIM card cloning
Mobile Phone and SIM card cloningAnkur Kumar
 
Mobile phone cloning
Mobile phone cloningMobile phone cloning
Mobile phone cloningSaisharan Amaravadhi
 
Epi pen presentation
Epi pen presentationEpi pen presentation
Epi pen presentationvbiccum
 
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...skpatel91
 
CV Luca Tartarone_EN
CV Luca Tartarone_ENCV Luca Tartarone_EN
CV Luca Tartarone_ENLuca Tartarone
 
Cv
Cv Cv
Cv HaithamSalah13
 
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan tiSosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan tiSarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Troubleshooting Tips for Data communications, Networking & TCP/IP
Troubleshooting Tips for Data communications, Networking & TCP/IPTroubleshooting Tips for Data communications, Networking & TCP/IP
Troubleshooting Tips for Data communications, Networking & TCP/IPLiving Online
 
List of cybersecurity training courses by Tonex
List of cybersecurity training courses by TonexList of cybersecurity training courses by Tonex
List of cybersecurity training courses by TonexWesley Comal
 
Cybersecurity Training Seminars, 44 Courses : Tonex Training
Cybersecurity Training Seminars, 44 Courses : Tonex TrainingCybersecurity Training Seminars, 44 Courses : Tonex Training
Cybersecurity Training Seminars, 44 Courses : Tonex TrainingBryan Len
 

Mais conteĂșdo relacionado

Destaque

Allergy and Epi-pen
Allergy and Epi-penAllergy and Epi-pen
Allergy and Epi-penjkidd423
 
secQme BodyGuard in your mobile phone
secQme BodyGuard in your mobile phonesecQme BodyGuard in your mobile phone
secQme BodyGuard in your mobile phoneKhoo Shiang
 
Cert IV in Security & Risk Managment
Cert IV in Security & Risk ManagmentCert IV in Security & Risk Managment
Cert IV in Security & Risk ManagmentPaul Harrison J.P.
 
Choosing the Right Fabric for Your Bespoke Suit
Choosing the Right Fabric for Your Bespoke SuitChoosing the Right Fabric for Your Bespoke Suit
Choosing the Right Fabric for Your Bespoke SuitbyDCLA
 
BUSQUEDA EN INTERNET
BUSQUEDA EN INTERNETBUSQUEDA EN INTERNET
BUSQUEDA EN INTERNETvillacorta25912
 
Credit Card Computers and Their Application in HE
Credit Card Computers and Their Application in HECredit Card Computers and Their Application in HE
Credit Card Computers and Their Application in HEThomas Danford
 
Barrington Ayre Shirtmaker & Tailor Brochure
Barrington Ayre Shirtmaker & Tailor BrochureBarrington Ayre Shirtmaker & Tailor Brochure
Barrington Ayre Shirtmaker & Tailor BrochureTom Wharton
 
Panel Discussion - Counterfeit Electronics and the Defense Authorization Bill
Panel Discussion - Counterfeit Electronics and the Defense Authorization BillPanel Discussion - Counterfeit Electronics and the Defense Authorization Bill
Panel Discussion - Counterfeit Electronics and the Defense Authorization BillIHS
 
Group Research & Proposal for Fashion Shoe Brand Eighthereal
Group Research & Proposal for Fashion Shoe Brand EightherealGroup Research & Proposal for Fashion Shoe Brand Eighthereal
Group Research & Proposal for Fashion Shoe Brand EightherealEna Teo Jia En
 
Security Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurity Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurestorm
 
Flavor components
Flavor componentsFlavor components
Flavor componentsemem amparo
 
Mobile Phone and SIM card cloning
Mobile Phone and SIM card cloningMobile Phone and SIM card cloning
Mobile Phone and SIM card cloningAnkur Kumar
 
Epi pen presentation
Epi pen presentationEpi pen presentation
Epi pen presentationvbiccum
 
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...skpatel91
 

Destaque (16)

Allergy and Epi-pen
Allergy and Epi-penAllergy and Epi-pen
Allergy and Epi-pen
 
secQme BodyGuard in your mobile phone
secQme BodyGuard in your mobile phonesecQme BodyGuard in your mobile phone
secQme BodyGuard in your mobile phone
 
Cert IV in Security & Risk Managment
Cert IV in Security & Risk ManagmentCert IV in Security & Risk Managment
Cert IV in Security & Risk Managment
 
Choosing the Right Fabric for Your Bespoke Suit
Choosing the Right Fabric for Your Bespoke SuitChoosing the Right Fabric for Your Bespoke Suit
Choosing the Right Fabric for Your Bespoke Suit
 
BUSQUEDA EN INTERNET
BUSQUEDA EN INTERNETBUSQUEDA EN INTERNET
BUSQUEDA EN INTERNET
 
Credit Card Computers and Their Application in HE
Credit Card Computers and Their Application in HECredit Card Computers and Their Application in HE
Credit Card Computers and Their Application in HE
 
Barrington Ayre Shirtmaker & Tailor Brochure
Barrington Ayre Shirtmaker & Tailor BrochureBarrington Ayre Shirtmaker & Tailor Brochure
Barrington Ayre Shirtmaker & Tailor Brochure
 
Panel Discussion - Counterfeit Electronics and the Defense Authorization Bill
Panel Discussion - Counterfeit Electronics and the Defense Authorization BillPanel Discussion - Counterfeit Electronics and the Defense Authorization Bill
Panel Discussion - Counterfeit Electronics and the Defense Authorization Bill
 
Group Research & Proposal for Fashion Shoe Brand Eighthereal
Group Research & Proposal for Fashion Shoe Brand EightherealGroup Research & Proposal for Fashion Shoe Brand Eighthereal
Group Research & Proposal for Fashion Shoe Brand Eighthereal
 
Security Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurity Framework for Digital Risk Managment
Security Framework for Digital Risk Managment
 
Flavor components
Flavor componentsFlavor components
Flavor components
 
Mens Fashion
Mens FashionMens Fashion
Mens Fashion
 
Mobile Phone and SIM card cloning
Mobile Phone and SIM card cloningMobile Phone and SIM card cloning
Mobile Phone and SIM card cloning
 
Mobile phone cloning
Mobile phone cloningMobile phone cloning
Mobile phone cloning
 
Epi pen presentation
Epi pen presentationEpi pen presentation
Epi pen presentation
 
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
 

Semelhante a Socio-technical Secuirty Value Chain

CV Luca Tartarone_EN
CV Luca Tartarone_ENCV Luca Tartarone_EN
CV Luca Tartarone_ENLuca Tartarone
 
Troubleshooting Tips for Data communications, Networking & TCP/IP
Troubleshooting Tips for Data communications, Networking & TCP/IPTroubleshooting Tips for Data communications, Networking & TCP/IP
Troubleshooting Tips for Data communications, Networking & TCP/IPLiving Online
 
List of cybersecurity training courses by Tonex
List of cybersecurity training courses by TonexList of cybersecurity training courses by Tonex
List of cybersecurity training courses by TonexWesley Comal
 
Cybersecurity Training Seminars, 44 Courses : Tonex Training
Cybersecurity Training Seminars, 44 Courses : Tonex TrainingCybersecurity Training Seminars, 44 Courses : Tonex Training
Cybersecurity Training Seminars, 44 Courses : Tonex TrainingBryan Len
 
youssef_amr_madkour
youssef_amr_madkour youssef_amr_madkour
youssef_amr_madkour Youssef Amr
 
Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityEnterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityThe Open Group SA
 
SMi Group's 6th annual European Smart Grid Cyber Security 2016
SMi Group's 6th annual European Smart Grid Cyber Security 2016SMi Group's 6th annual European Smart Grid Cyber Security 2016
SMi Group's 6th annual European Smart Grid Cyber Security 2016Dale Butler
 
Esguf Profile Short V34
Esguf Profile Short V34Esguf Profile Short V34
Esguf Profile Short V34Jorge Sebastiao
 
Continuous Multilayer Protection: Operationalizing a Security Framework
Continuous Multilayer Protection: Operationalizing a Security FrameworkContinuous Multilayer Protection: Operationalizing a Security Framework
Continuous Multilayer Protection: Operationalizing a Security FrameworkQuEST Forum
 
Most Advanced Cybersecurity, Network Security Training - Tonex Training
Most Advanced Cybersecurity, Network Security Training - Tonex TrainingMost Advanced Cybersecurity, Network Security Training - Tonex Training
Most Advanced Cybersecurity, Network Security Training - Tonex TrainingBryan Len
 
Security-by-Design in Enterprise Architecture
Security-by-Design in Enterprise ArchitectureSecurity-by-Design in Enterprise Architecture
Security-by-Design in Enterprise ArchitectureThe Open Group SA
 

Semelhante a Socio-technical Secuirty Value Chain (20)

CV Luca Tartarone_EN
CV Luca Tartarone_ENCV Luca Tartarone_EN
CV Luca Tartarone_EN
 
Cv
Cv Cv
Cv
 
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan tiSosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
 
Troubleshooting Tips for Data communications, Networking & TCP/IP
Troubleshooting Tips for Data communications, Networking & TCP/IPTroubleshooting Tips for Data communications, Networking & TCP/IP
Troubleshooting Tips for Data communications, Networking & TCP/IP
 
List of cybersecurity training courses by Tonex
List of cybersecurity training courses by TonexList of cybersecurity training courses by Tonex
List of cybersecurity training courses by Tonex
 
Cybersecurity Training Seminars, 44 Courses : Tonex Training
Cybersecurity Training Seminars, 44 Courses : Tonex TrainingCybersecurity Training Seminars, 44 Courses : Tonex Training
Cybersecurity Training Seminars, 44 Courses : Tonex Training
 
Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015
Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015
Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015
 
youssef_amr_madkour
youssef_amr_madkour youssef_amr_madkour
youssef_amr_madkour
 
Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityEnterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber Security
 
SMi Group's 6th annual European Smart Grid Cyber Security 2016
SMi Group's 6th annual European Smart Grid Cyber Security 2016SMi Group's 6th annual European Smart Grid Cyber Security 2016
SMi Group's 6th annual European Smart Grid Cyber Security 2016
 
CV_almurdh A
CV_almurdh A CV_almurdh A
CV_almurdh A
 
Esguf Profile Short V34
Esguf Profile Short V34Esguf Profile Short V34
Esguf Profile Short V34
 
Continuous Multilayer Protection: Operationalizing a Security Framework
Continuous Multilayer Protection: Operationalizing a Security FrameworkContinuous Multilayer Protection: Operationalizing a Security Framework
Continuous Multilayer Protection: Operationalizing a Security Framework
 
Dr. Charles Pak
Dr. Charles PakDr. Charles Pak
Dr. Charles Pak
 
TONY LOBATO (CV) - LinkedIn
TONY LOBATO (CV) - LinkedInTONY LOBATO (CV) - LinkedIn
TONY LOBATO (CV) - LinkedIn
 
TONY LOBATO (LinkedIn)
TONY LOBATO (LinkedIn)TONY LOBATO (LinkedIn)
TONY LOBATO (LinkedIn)
 
Most Advanced Cybersecurity, Network Security Training - Tonex Training
Most Advanced Cybersecurity, Network Security Training - Tonex TrainingMost Advanced Cybersecurity, Network Security Training - Tonex Training
Most Advanced Cybersecurity, Network Security Training - Tonex Training
 
Security-by-Design in Enterprise Architecture
Security-by-Design in Enterprise ArchitectureSecurity-by-Design in Enterprise Architecture
Security-by-Design in Enterprise Architecture
 
Mynd company presentation
Mynd company presentationMynd company presentation
Mynd company presentation
 
Academic
AcademicAcademic
Academic
 

Último

"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"growthgrids
 
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...tanu pandey
 
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...roncy bisnoi
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge GraphsEleniIlkou
 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698
 
âž„đŸ” 7737669865 đŸ”â–» mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
âž„đŸ” 7737669865 đŸ”â–» mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...âž„đŸ” 7737669865 đŸ”â–» mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
âž„đŸ” 7737669865 đŸ”â–» mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...nirzagarg
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdfMatthew Sinclair
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfJOHNBEBONYAP1
 
💚😋 Salem Escort Service Call Girls, 9352852248 â‚č5000 To 25K With AC💚😋
💚😋 Salem Escort Service Call Girls, 9352852248 â‚č5000 To 25K With AC💚😋💚😋 Salem Escort Service Call Girls, 9352852248 â‚č5000 To 25K With AC💚😋
💚😋 Salem Escort Service Call Girls, 9352852248 â‚č5000 To 25K With AC💚😋nirzagarg
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdfMatthew Sinclair
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubaikojalkojal131
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)Delhi Call girls
 
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...tanu pandey
 
Microsoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftMicrosoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftAanSulistiyo
 
All Time Service Available Call Girls Mg Road 👌 ⏭ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭ 6378878445ruhi
 
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...SUHANI PANDEY
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrHenryBriggs2
 

Último (20)

Low Sexy Call Girls In Mohali 9053900678 đŸ„”Have Save And Good Place đŸ„”
Low Sexy Call Girls In Mohali 9053900678 đŸ„”Have Save And Good Place đŸ„”Low Sexy Call Girls In Mohali 9053900678 đŸ„”Have Save And Good Place đŸ„”
Low Sexy Call Girls In Mohali 9053900678 đŸ„”Have Save And Good Place đŸ„”
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
 
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
 
âž„đŸ” 7737669865 đŸ”â–» mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
âž„đŸ” 7737669865 đŸ”â–» mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...âž„đŸ” 7737669865 đŸ”â–» mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
âž„đŸ” 7737669865 đŸ”â–» mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
 
💚😋 Salem Escort Service Call Girls, 9352852248 â‚č5000 To 25K With AC💚😋
💚😋 Salem Escort Service Call Girls, 9352852248 â‚č5000 To 25K With AC💚😋💚😋 Salem Escort Service Call Girls, 9352852248 â‚č5000 To 25K With AC💚😋
💚😋 Salem Escort Service Call Girls, 9352852248 â‚č5000 To 25K With AC💚😋
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
 
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
 
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
 
Thalassery Escorts Service ☎ 6378878445 ( Sakshi Sinha ) High Profile Call G...
Thalassery Escorts Service ☎ 6378878445 ( Sakshi Sinha ) High Profile Call G...Thalassery Escorts Service ☎ 6378878445 ( Sakshi Sinha ) High Profile Call G...
Thalassery Escorts Service ☎ 6378878445 ( Sakshi Sinha ) High Profile Call G...
 
Microsoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftMicrosoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck Microsoft
 
All Time Service Available Call Girls Mg Road 👌 ⏭ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭ 6378878445
 
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
 

Socio-technical Secuirty Value Chain

  • 1. A Framework and Prototype for A Socio-Technical Security Information and Event Management System ST-SIEM Bilal AlSabbagh Department of Computer and Systems Science Stockholm University Stockholm, Sweden bilal@dsv.su.se Stewart Kowalski Norwegian Information Security Lab Center for Cyber and Information Security Norwegian University of Science and Technology GjĂžvik, Norway stewart.kowalski@ntnu.no
  • 2. 2 Outline 19 slides 15 minutes! ‱ Personal Introductions – Industrial Doctoral Student 1 slide – A very old jaded Cyber Security (Knowledge) Worker (3 slides ) ‱ Meta Goal and Goal $ – (5 minutes - 6 slides) ‱ Problem(s) and Background (s) – (5 Minutes- 3 slides) ‱ Contributions – (5 minutes – 4 slides) ‱ Questions and Next Steps – 5 minutes 2-slides)
  • 3. Bilal Al Sabbagh ‱ Academic Credentials: – PhD Candidate, DSV, Stockholm University – Research Interests: ‱ Social aspects of information security, security culture – Academic Degrees ‱ MSc Information and Communication Systems Security, KTH, 2006 ‱ BSc Computer Engineering, 2002 ‱ Industrial Credentials – Information and Network Security Consultant at – Works full time with the security on the dot sa (Saudia Arabia), – Industrial Credentials ‱ CISSP, CISA, CCSP, CCNA 3 10/2/2016 Bilal Al Sabbagh, - DSV
  • 4. 4JAG= A CUP THAT RUNNETH OVER My research work and industrial work in security stretch over 30 years and include both theoretical and empirical research in security and product and services.
  • 5. 5INDUSTRIAL VS UNIVERSITY WORK Deal with complex problems. Must give simple solutions. Deal with simple problems. Must give complex solutions. As a Professor “Swedish rumpnisse” in Norway I have earned the right to ask simple questions and give complex answers!
  • 6. 6 IT/IS SECURITY VALUE CHAIN Researching Teaching Standardizing + Regulation Product Management Development Sales Support Operations & Services Crypto Key Managment Systems Designer Philips Fiancial Business System 1988
  • 7. 7 Researching Teaching Standardizing + Regulation Product Management Development Sales Support Operations & Services Crypto Key Managment Systems Designer Philips Fiancial Business System 1988 Assitant Professor Computer & Telecom Secruity and Business 1989 Stockholm Universtiy Royal Institute of Technology University College GĂ€vle Stockholm School of Economics IT/IS Security Value Chain
  • 8. 8 Researching Teaching Standardizing + Regulation Product Management Development Sales Support Operations & Services Manager Research Business + Security Telia 1998 Crypto Key Managment Systems Designer Philips Fiancial Business System 1988 Assitant Professor Computer & Telecom Secruity and Business 1989 Stockholm Universtiy Royal Institute of Technology University College GĂ€vle Stockholm School of Economics IT/IS Security Value Chain
  • 9. 9 Researching Teaching Standardizing + Regulation Product Management Development Sales Support Operations & Services Manager Research Business + Security Telia 1998 Senior Security Management Consult Ericsson 1999 Crypto Key Managment Systems Designer Philips Fiancial Business System 1988 Assitant Professor Computer & Telecom Secruity and Business 1989 Stockholm Universtiy Royal Institute of Technology University College GĂ€vle Stockholm School of Economics IT/IS Security Value Chain
  • 10. 10 Researching Teaching Standardizing + Regulation Product Management Development Sales Support Operations & Services Manager Research Business + Security Telia 1998 Senior Security Management Consult Ericsson 1999 Strategic Product Manager Security and Fraud Prevention Core Networks Ericsson 2002 Crypto Key Managment Systems Designer Philips Fiancial Business System 1988 Assitant Professor Computer & Telecom Secruity and Business 1989 Stockholm Universtiy Royal Institute of Technology University College GĂ€vle Stockholm School of Economics IT/IS SECURITY VALUE CHAIN
  • 11. 11 Researching Teaching Standardizing + Regulation Product Management Development Sales Support Operations & Services Manager Research Business + Security Telia 1998 Senior Security Management Consult Ericsson 1999 Strategic Product Manager Security and Fraud Prevention Core Networks Ericsson 2002 Crypto Key Managment Systems Designer Philips Fiancial Business System 1988 Manager Ericsson Security Evaluations Competence Center 2003 Assitant Professor Computer & Telecom Secruity and Business 1989 Stockholm Universtiy Royal Institute of Technology University College GĂ€vle Stockholm School of Econmics IT/IS SECURITY VALUE CHAIN
  • 12. 12 Researching Teaching Standardizing + Regulation Product Management Development Sales Support Operations & Services Manager Research Business + Security Telia 1998 Senior Security Management Consult Ericsson 1999 Strategic Product Manager Security and Fraud Prevention Core Networks Ericsson 2002 Crypto Key Managment Systems Designer Philips Fiancial Business System 1988 Manger Risk & Security Business Unit Global Services Global Network Operations Center 2006-2009 Manager Ericsson Security Evaluations Competence Center 2003 Assitant Professor Computer & Telecom Secruity and Business 1989 Stockholm Universtiy Royal Institute of Technology University College GĂ€vle Stockholm School of Economics IT/IS SECURITY VALUE CHAIN
  • 13. 13 Researching Teaching Standardizing + Regulation Product Management Development Sales Support Operations & Services Manager Research Business + Security Telia 1998 Senior Security Management Consult Ericsson 1999 Strategic Product Manager Security and Fraud Prevention Core Networks Ericsson 2002 Crypto Key Managment Systems Designer Philips Fiancial Business System 1988 Manger Risk & Security Business Unit Global Services Global Network Operations Center 2006-2009 Manager Ericsson Security Evaluations Competence Center 2003 Associate Professor 17 May 2010 Assitant Professor Computer & Telecom Secruity and Business 1989 Stockholm Universtiy Royal Institute of Technology University College GĂ€vle Stockholm School of Economics Senior Security Architecte and Product Manager Huawei Technologies 2009- 2011 IT/IS SECURITY VALUE CHAIN
  • 14. 14 Researching Teaching Standardizing + Regulation Product Management Development Sales Support Operations & Services Manager Research Business + Security Telia 1998 Senior Security Management Consult Ericsson 1999 Strategic Product Manager Security and Fraud Prevention Core Networks Ericsson 2002 Crypto Key Managment Systems Designer Philips Fiancial Business System 1988 Manger Risk & Security Business Unit Global Services Global Network Operations Center 2006-2009 Manager Ericsson Security Evaluations Competence Center 2003 Full time academic 1st April 2011 Associate Professor Computer & Telecom Secruity and Business 1989 Stockholm Universtiy Royal Institute of Technology University College GĂ€vle Stockholm School of Business Senior Security Architecte and Product Manager Huawei Technologies 2009- 2011 IT/IS SECURITY VALUE CHAIN
  • 15. Meta Goal of The Research ‱ 7 year industrial doctoral research plan to investigate how best to add value $ to the socio- technical global cyber security value chain. In system X
  • 16. Concrete Goal Open Source Security Event Management Systems- How to make it socio-technically efficient and or/Cheaper?
  • 17. A Value Chain is ‱ the interconnect group of industry participants that collectively create value for the end user. ‱ If technologies or services are to succeed they must deliver financial or operational value at every stage of the chain. ‱ For any technology or service to be adopted, each element on the chain must add value for the next element. Ref: The strategic Implications of Computing and the Internet on Wireless: The Competitive Blur Through 2008, Herschel Schoteck Associates. ) Meta-Goal
  • 18. Security Spending Mental Models IT Workers individuals (Saudi Arabia) Personal Organizational Natiional Spending /Priority Deter Prevent Detect Correct Recover 18Bilal Al Sabbagh, Stewart Kowalski - DSV
  • 20. 20 Concrete Value Chain Hardware Software Systems Services “the primary defining concept in a value chain is what the customer is willing to pay for” Porter 1985 The Competitive Advantage
  • 21. Security Value Chain Concrete $ View Hardware Software System ServicesBuyers Total global market size for e-business security products in $ millions (2000–2005) 2000 2001 2002 2003 2004 2005 Access security 940 2,160 4,830 7,850 12,690 16,120 Communication security 810 1,610 2,970 4,680 7,340 9,040 Content security 660 1,300 2,390 3,700 5,660 6,910 Security Management 700 1,520 2,790 4,460 9,490 11,820 Services 410 1,020 2,390 4,610 9,050 14,780 Total 3,520 7,610 15,370 25,300 44,230 58,670 $ Security Incident Event Management Systems and Services $
  • 22. Outline ‱ Goal and Meta Goal $ – (5 minutes - 6 slides) ‱ Concrete Problem and Background – (5 Minutes- 3 slides) ‱ Contributions – (5 minutes – 4 slides) ‱ Questions and Next Steps – 5 minutes 2-slides)
  • 23. National Computer Emergency Response Teams (CERT)s Role ‱ Support organizations with security incident response capabilities ‱ Provide actionable security information ‱ Utilize several tools (SIEMs and others) for effectiveness and efficiency ‱ Collects; prepare; process; enrich ; disseminate security information Background
  • 24. Problems with Security Event Management Reduce False positives by ABC = Always be contextualizing Ref : https://www.linkedin.com/pulse/contextualization-security-analytics-niranjan-mayya Hardware Software System ServicesBuyers $ Security Incident Event Management Systems and Services $
  • 25. ENISA HIGHLIGHTS ‱ Actionable information disseminated by CERTs are not equally relevant (or even actionable) to constituents ‱ Challenges for security managers how to respond to this information using their information security management systems (ISMS) Problem CERT.SE Company X SIEM Company X ISMS
  • 26. Outline ‱ Goal and Meta Goal $ – (5 minutes - 2 slides) ‱ Problem and Background – (5 Minutes- 5 slides) ‱ Contributions – (5 minutes – 6 slides) ‱ Questions and Next Steps – 5 minutes 2-slides
  • 27. Paper contribution 1. Framework for a socio-technical SIEM to improve security response at organizations 2. Correlating technical security events with the risk escalation maturity levels of constituents (socio-technical) 3. The risk factor is not generic but directed based on the organization security culture and technological security posture
  • 28. Paper contribution 1 ‱ Framework for a socio-technical SIEM to improve security response at organizations
  • 29. Paper contribution 1. Framework for a socio-technical SIEM to improve security response at organizations 2. Correlating technical security events with the risk escalation maturity levels of constituents (socio-technical) 3. The risk factor is not generic but directed based on the organization security culture and technological security posture
  • 30. Framework for information security risk management and escalation Combination of NIST and ISO Frameworks
  • 31. Risk escalation maturity levels Non- existent Repeatable Defined Managed Optimized Risk Escalation Maturity Awareness Responsibility Reporting Policies/Standards Knowledge/education Procedures/tools
  • 32. Paper contribution 1. Framework for a socio-technical SIEM to improve security response at organizations 2. Correlating technical security events with the risk escalation maturity levels of constituents (socio-technical) 3. The risk factor is not generic but directed based on the organization security culture and technological security posture
  • 33. Security Event: Managed organization firewall has rejected a connection from a source host to the destination organization asset because the configured per-client connections limit was exceeded. Priority: 1 of 5 Reliability: 1 of 10 Targeted asset value: 4 of 5 (Asset in this case was the DNS server) Risk factor: 4 x 1 x 1 /25 = 0.16 of 10 Contribution 3 Page 73 of the user guide https://www.alienvault.com/doc-repo/usm/v5/USM-v5-User-Guide.pdf
  • 34. 34 Outline ‱ Goal and Meta Goal $ – (5 minutes - 2 slides) ‱ Problem and Background – (5 Minutes- 5 slides) ‱ Contributions – (5 minutes – 4 slides) ‱ Next Steps and Your Suggestion Questions – 5 minutes 2-slides
  • 35. Next Step Desk-Top/Ex-Post Risk Scenario Test of Socio-technical Correlation Engine Risk factor = f (security event technical attributes, organization risk escalation maturity level) ? EX-post Ex-Ante Risk Scenari o ? CERT.X Org ML3 Org ML3..MLN
  • 36. A global Socio-Technical cyber security Warning Systems 36 >?<