From: SANS Institute
Thursday, October 11, 2012 at 1:00 PM EDT (1700 UTC/GMT)
SANS is happy to bring you the latest in our complimentary series of Webcasts. Join us on Thursday, October 11, 2012 at 1:00 PM as SANS presents
Beyond Continuous Monitoring: Threat Modeling for Real-time Response
Featuring: G. Mark Hardy and Tiffany Jones
You need to register with the SANS Account to be able to sign in.
Webcast Overview:
Beyond Continuous Monitoring: Threat Modeling for Real-time Response
Featuring: G. Mark Hardy and Tiffany Jones
Threat agents to federal systems run the gamut from state-sponsored attacks emanating from countries like China, to social rebels including Anonymous and Wiki Leaks, to spies for hire in espionage, or to common criminals working to access financial data that could be used in identity theft. The threat has yet to spill over into the realm of cybercombat, but vulnerabilities have been demonstrated in military drones and other connected mechanical and communications systems, making security of all connected systems a priority for multiple Federal regulatory bodies.
As it turns out, most successful intrusions are the result of vulnerabilities (known or unknown) left open by the system owners-whether these be leaving unpatched systems, running vulnerable ports and services, using default and shared passwords, or end users making mistakes. This is why FISMA, which originally mandated periodic enterprise audits and reports, ultimately upgraded requirements from point-in-time audits and reports to continuous monitoring to discover and repair these types of vulnerabilities before they become a huge security event to the enterprise.
In its purest sense, continuous monitoring is inwardly focused on such activities as vulnerability assessment and patch management, which provides valuable situational awareness of systems and potential vulnerabilities. Continuous assessment of the security posture of network devices and security systems will help prevent incidents from being successful. But in the case of an event, monitoring is nothing without the ability to respond accurately and in a timely manner.
In this webcast, G. Mark Hardy, an instructor with the SANS Institute and the founder of National Security Corporation, will discuss how continuous monitoring can go beyond compliance to create a real-time threat model that enables active response with situational awareness. By reducing the latency in sensor feeds, we can begin to defend our networks in real-time, rather than playing catch-up. (But even real-time isn’t as continuous as it seems.) If used to continuously repair vulnerabilities, continuous assessments will result in improved network security and compliance over time.
Register for this webcast and be among the first to receive an advanced paper on the same topic.
Note: Send questions about this webcast to q@sans.org.
Speaker Bios:
G. Mark Hardy: G. Mark Hardy serves as President of National Security Corporation. He has been providing cyber security expertise to government, military, and commercial clients for over 25 years, and is the author of over 100 articles and presentations. He serves on the National Science Foundation’s CyberWATCH Advisory Board, and is a recently retired Navy Captain. A graduate of Northwestern University, he holds a BS in Computer Science, a BA in Mathematics, a Masters in Business Administration, a Masters in Strategic Studies, and is designated as a Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM).
Tiffany Jones: Tiffany Jones leads Symantec’s Public Sector Programs and Strategic Initiative teams. She and her team are responsible for developing and managing Symantec’s partnerships and programs strategy while working closely with senior government customers and systems integrators to address their particular challenges and requirements. Ms. Jones was previously the deputy chief of staff of the President’s Critical Infrastructure Protection Board at the White House. In addition to her chief of staff responsibilities, she was responsible for the Government and Public Affairs Cybersecurity Education and Awareness programs, and Industry Outreach. Ms. Jones graduated from the Coast Guard Academy and received her commission as a Coast Guard Officer. She is a member of the CSIS Cyber Commission, the National Cyber Security Alliance, the executive committee of the IT-ISAC, and immediate past chair of the Information Security Committee at TechAmerica.
Leave a Reply