Annual Computer Security Applications Conference (ACSAC) 2013

Full Program »

Cyber Resiliency

Wednesday, 11 December 2013
15:30 - 16:30

DH Holmes C

The cyber security landscape is rapidly changing. The adversaries of concern are no longer hackers or vandals with limited expertise/resources, attacking targets of opportunity, pursuing their actions for reasons of self-aggrandizement. The new adversary of concern, often known as the advanced persistent threat (APT), is a nation state or an organized crime cartel with sophisticated levels of expertise, significant resources, persistently attacking high value resources of critical organizations, often with the goal of impeding or destroying the organizations ability to carry out its mission. Security measures focused on policy enforcement and boundary protection will not stop such adversaries. Therefore, it is important to ensure that critical missions complete successfully despite successful cyber-attacks against underlying technology. Cyber resiliency focuses on the ability of a nation, organization, mission or business to anticipate, withstand, recover from, and evolve capabilities in the face of adverse conditions, stresses or attacks on the support cyber resources.

Outline:

  1. Overview of Cyber Resiliency (Wednesday, 15:30-17:30)

    Instructor: Deb Bodeau, MITRE Corporation

    Address what is different about cyber resiliency, why it is needed, and how it fits into and relates to other aspects of cyber security, the threats it is intended to address, and a description of the MITRE Cyber Resiliency Framework.

  2. Applying and Using Resiliency (Thursday, 10:30-12:00)

    • MITRE Scenario, Rosalie McQuaid (MITRE)

    • Analyzing the Effects on Cyber Resiliency on the Adversary, Deb Bodeau (MITRE)

  3. Cyber Resiliency Technology & Transition (Thursday, 13:30-15:00)

    • Resiliency in NIST SP 800-53R4, Dr. Ron Ross (NIST)

    • Cyber Maneuver, Chris Eck (Raytheon)

    • Evaluating Cyber Moving Target Techniques, Hamed Okhravi (MIT Lincoln Labs)

  4. Evaluating Resiliency (Thursday, 15:30-17:00)

    • Application of CERT-RMM in Assessing the Cybersecurity Capability of the Power Grid, Nader Mehravari (CERT SEI)

    • CAMEO, Chris Eck (Raytheon)

 

Powered by OpenConf®
Copyright©2002-2014 Zakon Group LLC