If an organization experiences an intrusion, however, it does not necessarily mean that they will experience a substantial loss of sensitive data. A critical time period exists during an attack – the period of time after the attacker has established a presence in the targeted environment, but before the attacker has been able to identify, access and exfiltrate key data. If an intrusion is detected before critical data is exfiltrated, the impact can be minimized. Organizations must develop capabilities not only to prevent successful attacks, but also to detect attacks in progress.
In this webinar, Solutionary will present one approach to develop these capabilities. This approach maps the defensive techniques presented in the SANS 20 Critical Security Controls to the attack phases described in the Cyber Kill Chain. By ensuring that controls exist to detect each step of the kill chain, organizations provide themselves with the best opportunity to detect attacks.
In the United States, one way in which the federal government has addressed this problem is NICE, the National Initiative For Cybersecurity Education. And one of the ways in which NICE seeks to promote cybersecurity education and workforce development is with a two-day annual conference. In 2015, the NICE conference is being held in November, in San Diego, and you can find the details here. If you or your organization are involved in cybersecurity education and workforce development then you might want to consider not only attending NICE 2015, but also sharing your knowledge, experiences, lessons learned, and so on. The Call for Proposals is still open.
The cybersecurity education and workforce deficit has been discussed several times here on We Live Security, for example during the RSA conference. I certainly believe there is an urgent need to train more people in this field and foster cybersecurity as a career choice for students who are still in school. For example, the annual Cyber Boot Camp that ESET facilitates in San Diego every year is targeted directly at this problem.
Referencing breaches from China and Russia, last month Hillary Clinton said that cybersecurity legislation “doesn’t go far enough” to defend the United States. 2016 GOP hopeful Mike Huckabee called on Obama to carry out a cyberattack against China in response to the Office of Personnel Management hack, while Senators Charles Schumer and Lindsey Graham urged the International Monetary Fund to punish the country financially.
Then just last week during the GOP debate, Carly Fiorina called for companies to pull down the “cyberwalls” that stop governments from accessing customer data, and Senator Ted Cruz said that state-sponsored hacks amount to acts of cyberwar.
As these discussions heat up, it’s more important than ever that mainstream politicians actually understand what they’re talking about. Here is a quick primer on what anyone running in the US Presidency race really should know when it comes to cybersecurity.
Although I do not disagree with the premise, I really wonder how much a difference it will actually make long-term. Politicians are motivated by money, and lobbyists will do whatever they can to sell their wares to ignorant politicians, even if it means passing terrible laws.
Instead of late night camp fires, some campers spent hours with their faces lit by laptops as they tried to fix lines of computer code to catch up on the day’s lessons.
Welcome to summer camp, NSA-style.
The spy agency was once so ultra-secret that old hands in national security still call them by the nickname No Such Agency.
Now, the National Security Agency is taking on a more public role trying to boost U.S. cybersecurity defenses.
The GenCyber camp at Dakota State University, one of 43 camps the agency sponsors around the country in conjunction with the National Science Foundation, is one small part of that effort.
New conservative legal challenge to NSA phone data program
In a summer dominated by news of major cyber breaches at the Office of Personnel Management, the NSA is hoping to spot the next generation of white hat hackers and computer security whizzes.
The hope for the camps, NSA officials say, is to attract the interest of young people at a key point in their lives to consider pursuing cybersecurity careers. Young white hat hackers are prized by the NSA and private industry. If they don’t end up working for the NSA or other U.S. government agencies, perhaps they’ll work for big companies to help secure networks from criminals and foreign spies.
It is important to differentiate between organized cyber crime and cyber war. Organized cyber crime’s goal is financial gain for the hacker, either directly through illegally transferring funds or by turning the victim’s computer into a “zombie machine,” which is then used in other cyber attacks. On the other hand, cyber war’s main goal is to gain control and intimidate the target, with the target being a sovereign country’s public or private information system. Cyber terrorism is defined as the politically motivated use of computers and information technology to cause severe disruption or widespread fear.
Cyber attacks allow for small groups to have a disproportionate ability to cause damage on a large scale as even a single skilled hacker could cause serious damage. Additionally, cyber attacks are so inexpensive and hard to track that they’re likely to be used frequently, either in conjunction with conventional warfare or independently. Organizing a cyber attack is becoming increasingly easier as hackers often share corrupted codes over internet chat rooms.
The discussion on Estonia and Georgia are good reminders of the early days of nation state sponsored cyber attacks.