Presentation is loading. Please wait.

Presentation is loading. Please wait.

Classification The Threat Environment Joyce Corell, NCSC Assistant Director for Supply Chain National Defense Industrial Association Global Supply Chain.

Published byEli Lourie Modified over 9 years ago

Similar presentations

Presentation on theme: "Classification The Threat Environment Joyce Corell, NCSC Assistant Director for Supply Chain National Defense Industrial Association Global Supply Chain."— Presentation transcript:

1 Classification The Threat Environment Joyce Corell, NCSC Assistant Director for Supply Chain National Defense Industrial Association Global Supply Chain Summit 09 December 2014 Classification

2 Director of National Intelligence
Classification Director of National Intelligence 2 Classification

3 Risk = ƒ ( cost, schedule, performance)
Classification Assessing Risk Risk = ƒ ( cost, schedule, performance) Security Integrity Defense Science Board Task Force Report Resilient Military Systems and the Advanced Cyber Threat 25Feb2013 Risk = ƒ ( threat, vulnerability, consequence) 3 Classification

4 Classification Threat Model Nation-State Corporate & Organized Crime / Non-State Individual / Hacktivist Advanced Persistent Threats Defense Science Board Task Force Report Resilient Military Systems and the Advanced Cyber Threat 25Feb2013 $K $M $B Proliferation of cheap, readily available, and effective Cyber Network Operation tools increasingly gives less capable actors the means to conduct cyber attacks. 4 Classification

5 Adversaries Need Not Look Foreign
Classification Adversaries Need Not Look Foreign Global US Temporary Workers & Visitors Recruited Citizens Recruited Work & Student Visas Subsidiaries False Flags Overseas Suppliers & End Users Multinationals Front Companies 5 Classification

6 Things Are Not Always What They Seem…
Classification Things Are Not Always What They Seem… Observable behavior of Multinational Firm Nefarious Intent … ? … or Business as Usual? Tries to purchase US firms, create joint ventures Seeking intellectual property for intelligence activities Secure market share, distribution, and access to technology and IP Conduct business intelligence on competition Acts as intelligence agents for foreign government Plans and intentions of rivals; limitations of competing products Access to systems or networks after equipment or software install Foreign government access for collection, exploitation, and disruption Retain access to customer systems for service, maintenance, and license compliance monitoring Fills key overseas positions with individuals of specific nationality Vetted trusted insiders can facilitate intelligence activities Executives with strong ties to firm to protect IP and business interests Uses financial structure that is complex with limited transparency Conceals financials to appear independent and fiscally sound Global variation in taxes incentivize complex financial structures; privately held firms limit details Seeks contracts to supply US government Firm may be trying to supply subverted products US government is a large customer of products and services Classification

7 Classification Collaboration The U.S. National Security Community is deeply concerned about the integrity of supply chains. We have more than enough evidence to know the threat is real and dangerous, but we will inevitably have difficulty predicting targets and assessing impacts. Supply chain security is a group effort; government and industry must identify threats and implement countermeasures. 7 Classification

8 Classification QUESTIONS? 8 Classification

Download ppt "Classification The Threat Environment Joyce Corell, NCSC Assistant Director for Supply Chain National Defense Industrial Association Global Supply Chain."

Similar presentations

Preparing Marylands Workforce to Compete Globally Kenneth E. Poole, Ph.D. President CREC Executive Dir. C 2 ER.

Preparing Marylands Workforce to Compete Globally Kenneth E. Poole, Ph.D. President CREC Executive Dir. C 2 ER.
1 Protecting the Long Island Business Community A Public Safety Partnership.

1 Protecting the Long Island Business Community A Public Safety Partnership.
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
Enabling Responsible International Workplaces New FFC Partnership Model.

Enabling Responsible International Workplaces New FFC Partnership Model.
RISK ADVISORY SERVICES Green State IT Strictly Private and Confidential 29 September 2014 An initiative towards higher maturity for managing software.

RISK ADVISORY SERVICES Green State IT Strictly Private and Confidential 29 September 2014 An initiative towards higher maturity for managing software.
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Cyber and Maritime Infrastructure

Cyber and Maritime Infrastructure
Chapter 1: Expanding Abroad Motivations, Means, and Mentalities

Chapter 1: Expanding Abroad Motivations, Means, and Mentalities
Cyber Metrics in the DoD or How Do We Know What We Don’t Know? John S. Bay, Ph.D. Executive Director.

Cyber Metrics in the DoD or How Do We Know What We Don’t Know? John S. Bay, Ph.D. Executive Director.
The Internal Organization Resources, Capabilities, Core Competencies, and Competitive Advantages Pages 68 - 94.

The Internal Organization Resources, Capabilities, Core Competencies, and Competitive Advantages Pages
Chapter 3: The Internal Organization: Resources, Capabilities, Core Competencies and Competitive Advantages Overview: Importance of understanding internal.

Chapter 3: The Internal Organization: Resources, Capabilities, Core Competencies and Competitive Advantages Overview: Importance of understanding internal.
Risk and Economic Analysis of Terrorism Events Detlof von Winterfeldt Professor of Public Policy and Management Director, Center for Risk and Economic.

Risk and Economic Analysis of Terrorism Events Detlof von Winterfeldt Professor of Public Policy and Management Director, Center for Risk and Economic.
1 Trade Facilitation A narrow sense –A reduction/streamlining of the logistics of moving goods through ports or the documentation requirements at a customs.

1 Trade Facilitation A narrow sense –A reduction/streamlining of the logistics of moving goods through ports or the documentation requirements at a customs.
COUNTERINTELLIGENCE TRENDS

COUNTERINTELLIGENCE TRENDS
OPERATIONS and LOGISTICS MANAGEMENT

OPERATIONS and LOGISTICS MANAGEMENT
IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.

IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.
Electronic Business (MGT-485)

Electronic Business (MGT-485)
1. 2 Learning Objectives To understand: the elements or stages of the strategic management process the different perspectives on strategy development.

1. 2 Learning Objectives To understand: the elements or stages of the strategic management process the different perspectives on strategy development.
21 – 22 September 2006, Kuala Lumpur Savings Banks and Foundations, contribution for a sustainable society Laurel E Grossman, Chief Executive Officer,

21 – 22 September 2006, Kuala Lumpur Savings Banks and Foundations, contribution for a sustainable society Laurel E Grossman, Chief Executive Officer,
Join Our Research Efforts in CCAA to Improve Cybersecurity Robustness, Resiliency and Management in Enterprises Information Slides to Encourage Your Organization.

Join Our Research Efforts in CCAA to Improve Cybersecurity Robustness, Resiliency and Management in Enterprises Information Slides to Encourage Your Organization.

Similar presentations

Ads by Google