Eleven days after the September 11, 2001, terrorist attacks, the first Director of the Office of Homeland Security was appointed leading to the combination of 22 different federal departments and agencies into a unified, integrated cabinet agency when it was established in 2002.
The Department has a vital mission to secure the U.S. from many threats with capabilities that range from aviation and border security to emergency response, from cybersecurity to chemical facility inspections.
The three day conference focused on a number of important topics including:
Technology in the public sector has revolutionized the way government agencies deliver services, conduct operations and secure sensitive information. Last week, I had the pleasure of learning from several prominent government leaders about how smart, visionary leaders have harnessed the power of new technology to transform the way they fulfill their respective missions.
We started by visiting the National Cybersecurity Center of Excellence (NCCoE) in Rockville, Maryland, which is part of the National Institute of Standards and Technology (NIST). When complete later in summer 2015 the NCCoE facility will be the epicenter of cybersecurity education, strategy and technology for government, academia and private industry and corporations such as Cisco. Now more than ever, such public-private partnerships are imperative in recognizing and thwarting common enemies who can wreak havoc by compromising sensitive information. This center will allow the top thinkers, practitioners, IT professionals and educators to collaborate and develop strategies to keep our sensitive information protected. Donna Dodson, director of the Center, hopes it will evolve into a hub for cyber solutions derived from government and private-sector tools. Read More »
The Internet of Things (IoT) is a topic that’s beginning to gain quite a head of steam lately, particularly when it comes to security concerns that accompany it. Billions of new devices, most of which are in insecure locations. You don’t own them; oftentimes can’t see them; and you don’t control them in any way, shape, or form. Yet they’re sending petabytes of data through your network. It’s enough to make a security professional lose sleep for weeks at a time.
But while many security professionals are focusing on these challenges, there’s also a huge security benefit that will come in the form of IoT enabled security! Remember, IoT isn’t about the devices themselves, it’s about the network of devices – the benefits from having all of those devices work together to produce actionable intelligence. In a similar vein, securing IoT networks can’t be about the individual security devices, but rather the network of security devices, so that they can work together to produce comprehensive, actionable security intelligence in near real-time – increasing the organization’s overall security posture with little or no human intervention required.
I grew up in Northern New York State, so a trip to Helsinki in the middle of February held no fears for me. Interesting things are going on in Finland from a cybersecurity point of view, so I jumped at the chance to speak to the Security Day conference in Finland’s capital city. The conference appearance was actually one stop on an itinerary that took me to three countries, two press conferences, and four customer visits…in five days.
In some ways, it’s a tribute to globalization that audiences all over world share the same concerns about cybersecurity. Mobility, identity, explosive growth of an Internet of Things, and an increasingly malicious threat environment are as much on the minds of the people I met in Finland as they are in every part of the world I have traveled. I also found it notable that the Security Day conference celebrated its 12th anniversary this year with the largest number of attendees in its history. My talk centered on three kinds of methods that can make it harder for cybersecurity adversaries to succeed. First, I recommend doing the basics—patching, asset inventories, identity management, visibility into device and user behavior—and doing them well. Here it is particularly important to eliminate any dark space in an infrastructure. It’s the assets and users that you don’t know about that will oftentimes create our largest risks.
Second, the security community has been innovating some delightful ways to lead adversaries on merry, frustrating chases. Virtualization, honey pots, software-defined network configuration changes, and systems set up to act as mineshaft canaries, can be used to bring frustration and confusion to the working lives of adversaries.
Third, I shared my thoughts on developing new kinds of metrics designed to reflect changing definitions of security effectiveness. These include heightened ability to measure…
Adversarial Dwell Time—Time required to detect an adversary entering a system.
Compromise Speed—Time required for an adversary to perform their mission.
Unmitigated Attack Duration—Time an attack operates before stopping it.
Adversarial Confusion Ratio 1—Ratio of time an adversary appears confused to the total time of an attack.
Adversarial Confusion Ratio 2—Number of incorrect adversary decisions to the number of correct decisions.
Cost Effectiveness Ratios—Cost of protecting an infrastructure and/or service to cost of losses, and cost of protecting an infrastructure to cost of restoring a service.
These proposed metrics probably justify a free-standing blog post in their own right, so stay tuned for that.
In summing up, I described the above methods as steps along the path of building a condition of information superiority over security adversaries. This means knowing more about the infrastructure, services, and users you protect than your adversaries as a precondition for the ability to act effectively.
There’s a lot more that can be said about this, and the more I talk to customers and security practitioners, the more I’m learning and processing to take these concepts further. That alone is one of the factors that makes cybersecurity so fascinating. There’s something new to learn and think about every day.
Despite its overwhelming business benefits, the Internet of Things (IoT) also significantly increases security risks. That’s why Cisco is pleased to announce the IoT Security Grand Challenge, an industry-wide initiative to bring the global security community together to secure the IoT, and deliver intelligent cybersecurity for the real world – before, during, and after an attack. Winners will be awarded $50,000 in prize money and be publicly announced at the IoT World Forum this Fall!