cubic defense applications security summit discussions jeff snyder vice president, cyber programs...
TRANSCRIPT
CUBIC DEFENSE APPLICATIONS
Security Summit Discussions
Jeff SnyderVice President, Cyber Programs
Cubic Defense Applications
Cyber Attacks Up 300% Since 2005
Threats diverse and expanding• Foreign government sanctioned
and/or financed• Politically/militarily/economically
motivated• Domestic and International• Organizations as well as individual
actors• Shift from “nuisance” attacks to
intent to damage• Goal: disruption, destruction and
theft• Must also consider “collateral
damage”– Information disruption caused by some
unrelated physical disruption
Incidents Reported to US-CERT
2
Source: GAO
Attacks continue to rise• Up 200% since 2006 (& over 300% since 05)• Increasing in complexity and coordination
Cyber Threats Causing Market Changes
Comprehensive National Cyber Initiative (CNCI) has 12 Key Elements that will be the Focus for Protecting the Nation’s Critical Infrastructures.
Cyber Threats Causing Market Changes
Comprehensive National Cyber Initiative (CNCI)
•Established by President Bush in 1/2008•Goal of improving efforts to protect against intrusion attempts and anticipate future threats across federal computer networks•Estimated budget of $40b over several years
OMB’s Information
Systems Security Line of Business
(ISS LoB)
•Established as part of President Bush’s eGov Initiative•Goal of improving the level of information systems security across the federal government, and to gain cost efficiencies by sharing functions and processes for managing information security
GSA’s SmartBUY
GSA’s program for improving, streamlining and automating IT systems for lender processing systems
Department of Homeland
Security Initiatives
•National Cyber Security Center (NCSC)•U.S. Computer Emergency Readiness Team (US-CERT)•EINSTEIN•Trusted Internet Connections (TIC)•Cyber Storm•Cyber Security R&D Center
OMB’sFDCC
•Federal Desktop Core Configuration (FDCC)•Established by OMB in 2007 Collaboration with DHS NSC Division/US-CERT and NIST
GSA’s MTIPS
Established March 2009 Allows agencies to obtain TIC-compliant Internet services through Networx
Civilian Initiatives Span Several Agencies
5
• IPv6 Tools & Processes to Address Cyber Security Implications
• Intrusion Detection Sensor (IDS) to Intrusion Prevention Sensor (IPS) Technologies to “Predict” the Threat
• Cyber Information Correlation, Analysis, and Course of Action Response
• Standardized Cyber Simulation, Training, and Exercise System System
• More Robust Insider Threat Tools
• Cyber Workforce Modernization and Expansion
Key Cyber Activities to Benefit Industry