Upload
ioanprelipcean8496
View
218
Download
0
Embed Size (px)
Citation preview
8/3/2019 SSES
1/17
Cloud Computing, Security, andCyber Intelligence
Derek GabbardVP, Opera/[email protected]
8/3/2019 SSES
2/17
The US information infrastructureincluding telecommunications and computer networks and systems, and the data that reside on themis critical to virtually every aspect of modern life. Therefore, threats to
our IT infrastructure are an important focus of the IntelligenceCommunity. As government, private sector, and personal activitiescontinue to move to networked operations, as our digital systems add ever more capabilities, as wireless systems become even moreubiquitous, and as the design, manufacture, and service of information technology has moved overseas, our vulnerabilities will continue to grow.
J. Michael McConnellDirector of National IntelligenceTestimony to the Senate ArmedServices Committee, Feb 08
8/3/2019 SSES
3/17
Seen the Internet Lately?
8/3/2019 SSES
4/17
Overview
The Rise of Cloud Computing The (Continued) Rise of Internet Threats
How Security Will Evolve in the Cloud The Differences with Cyber Intel and IT Security Roles of Cyber Intelligence Network Analysis and Data Sharing Future of Cyber Intelligence
8/3/2019 SSES
5/17
What is Cloud Computing?
Cloud Computing means Internet (Cloud)based development and use of computer technology
It is a style of computing where IT-relatedcapabilities are provided as a service Users to access technology-enabled services "in the cloud
Often with no knowledge of, expertise with, or control over the technologyinfrastructure that supports them.
8/3/2019 SSES
6/17
Cloud Computing Examples
Application Hardware Infrastructure Platform Services Storage
8/3/2019 SSES
7/17
Why Cloud Computing?
Capital Expenditure Multitenancy Scalability Reliability Security Performance
Location Independence
8/3/2019 SSES
8/17
Cyber Threats No End in Sight
Thousands of cyber attacks each day on keyutilities [1][2]
Well known infrastructure-based disruptions September 11 Internet Inaccessibility [3]
Estonian DDoS Attacks [4]
DNS Attacks [5]
Georgian Attacks from Russia [6]
General consensus attacks growing insophistication and scale
8/3/2019 SSES
9/17
Security Threats + Cloud = ??
New challenges emerge as services becomemore distributed Nobody owns the cloud
Everyone relies on the cloud Each individual autonomous system is responsible for securing
their section of the cloud Impact of their actions now a f ects everyone even more than
before!
Bottom line things that impact you and your business dont end at your gateway anymore
8/3/2019 SSES
10/17
Evolving Cloud Security
Connections used to be just dumb pipes Now, providers push security into the cloud for
their customers [7] Firewall Spam IDS/IPS Data leakage protection Etc.
8/3/2019 SSES
11/17
Cyber Intelligence and IT Security
Cyber Intelligence is: Understanding global architectures and associated threats Determining how those threats and vulnerabilities can impact a
business, a government, or a military organization Assessing risks, courses of action, and other factors which are
dependent on the global network Correlating global events with business risks
Cyber Intelligence Builds From IT Security:
Administration of rewalls, IDS/IPS, etc. Patching and system hardening SEM or SIM Analysis
8/3/2019 SSES
12/17
8/3/2019 SSES
13/17
The Role of Cyber Intelligence
Military Operations Of ensive and defensive cyber operations Intelligence, Surveillance, and Reconnaissance of cyberspace
Government Protection of critical infrastructure Continuity of government planning Trusted Internet Connection and similar initiatives Intelligence Optimization
Private Sector Protection of business interests, critical information Partnerships with other government to share data to reduce risks
8/3/2019 SSES
14/17
Network Analysis and Data Sharing
Obviously, some global data is unavailable toprivate sector (as well as government)organizations
Movement in government and private sectors toshare data FS-ISAC, MS-ISAC creating initiatives Federal agencies organizing signicant data sharing capabilities as
directed by the President
8/3/2019 SSES
15/17
The Future of Cyber Intelligence
Constantly updated, fused, and meaningful globalarchitecture and threat data
Shared data between those with similar interests(defense, information operations, etc.)
Intelligence services provided by serviceproviders
Tools for analyzing and visualizing huge anddisparate network data sets in development
8/3/2019 SSES
16/17
References
[1] Richards, Jonathan Thousands of cyber attacks each day on key utilities London Times, 23 Aug 08 (http://www.timesonline.co.uk/tol/news/uk/crime/article4592677.ece )
[2] Brodkin, Jon, Government-sponsored cyberattacks on the rise, McAfee
says NetworkWorld, 29 Nov 07 (http://www.networkworld.com/news/2007/112907-government-cyberattacks.html )
[3] Verton, Dan, Digital Destruction Was Worst Imaginable Computerworld Security, Mar 4, 2002 (http://www.computerworld.com/managementtopics/management/
recovery/story/0,10801,68762,00.html )[4] Anderson, Nate, Massive DDoS attacks target Estonia; Russia
accused ARS Technica, May 14 2007 (http://arstechnica.com/news.ars/post/20070514-massive-ddos-attacks-target-estonia-russia-accused.html )
8/3/2019 SSES
17/17
References (Contd)
[5] McMillan, Robert Hackers Slow Internet Root Servers with Attack PC World, Feb 6, 2007 (http://www.pcworld.com/article/128806/hackers_slow_internet_root_servers_with_attack.html )
[6] Hruska, Joel. Georgia cyberattacks lead to questions about risk toUS ARS Technica, 18 August 2008. (http://arstechnica.com/news.ars/post/20080818-georgia-cyberattacks-lead-to-questions-about-risk-to-us.html )
[7] Jackson, Joab Ed Amoroso | The big picture of network security Government Computing News, July 7 2008 (http://www.gcn.com/print/27_16/46577-1.html