Classification The Threat Environment Joyce Corell, NCSC Assistant Director for Supply Chain National Defense Industrial Association Global Supply Chain.

Slides:

Advertisements

Similar presentations

Preparing Marylands Workforce to Compete Globally Kenneth E. Poole, Ph.D. President CREC Executive Dir. C 2 ER.

Advertisements

1 Protecting the Long Island Business Community A Public Safety Partnership.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

Enabling Responsible International Workplaces New FFC Partnership Model.

RISK ADVISORY SERVICES Green State IT Strictly Private and Confidential 29 September 2014 An initiative towards higher maturity for managing software.

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

Cyber and Maritime Infrastructure

Chapter 1: Expanding Abroad Motivations, Means, and Mentalities

Cyber Metrics in the DoD or How Do We Know What We Don’t Know? John S. Bay, Ph.D. Executive Director.

The Internal Organization Resources, Capabilities, Core Competencies, and Competitive Advantages Pages

Chapter 3: The Internal Organization: Resources, Capabilities, Core Competencies and Competitive Advantages Overview: Importance of understanding internal.

Risk and Economic Analysis of Terrorism Events Detlof von Winterfeldt Professor of Public Policy and Management Director, Center for Risk and Economic.

1 Trade Facilitation A narrow sense –A reduction/streamlining of the logistics of moving goods through ports or the documentation requirements at a customs.

COUNTERINTELLIGENCE TRENDS

OPERATIONS and LOGISTICS MANAGEMENT

IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.

Electronic Business (MGT-485)

1. 2 Learning Objectives To understand: the elements or stages of the strategic management process the different perspectives on strategy development.

21 – 22 September 2006, Kuala Lumpur Savings Banks and Foundations, contribution for a sustainable society Laurel E Grossman, Chief Executive Officer,

Join Our Research Efforts in CCAA to Improve Cybersecurity Robustness, Resiliency and Management in Enterprises Information Slides to Encourage Your Organization.

ENGG 401 X2 Fundamentals of Engineering Management Spring 2008 Chapter 1: Engineering, Business, and Society Dave Ludwick Dept. of Mechanical Engineering.

Theo Tryfonas Centre in Systems, Faculty of Engineering Embedding Competitor Intelligence Capability in the Software Development Lifecycle Security and.

MKT7 - Slide 1 to Global Marketing MKT7. 2MKT7 - Slide 1 to 14 Why global marketing? Trade is increasingly global today Because of improved transportation.

1. 2 Learning Objectives To understand: the elements or stages of the strategic management process the different perspectives on strategy development.

1© Copyright 2012 EMC Corporation. All rights reserved. Getting Ahead of Advanced Threats Advanced Security Solutions for Trusted IT Chezki Gil – Territory.

Isdefe ISXXXX XX Your best ally Panel: Future scenarios for European critical infrastructures protection Carlos Martí Sempere. Essen.

The Financial Accounting Foundation The Financial Accounting Foundation Advancing Financial Reporting.

International Cyber Warfare and Security Conference Cyber Defence Germany's Analysis of Global Threats 19th November 2013, Ankara.

Cyber Security Nevada Businesses Overview June, 2014.

H UMAN R ESOURCES M ANAGEMENT Beki Webster Director, HR, Intelligence Systems Division Northrop Grumman Information Systems July 31, 2009.

WIPO Pilot Project - Assisting Member States to Create an Adequate Innovation Infrastructure to Support University – Industry Collaboration.

1 INFSY540 Information Resources in Management Lesson 12 Chapter 11 Strategic Analysis Operations Tactics Strategy.

Security Innovation & Startup. OPEN THREAT EXCHANGE (OTX): THE HISTORY AND FUTURE OF OPEN THREAT INTELLIGENCE COMMUNITY ALIENVAULT OTX.

Enterprise Risk Management Chapter One Prepared by: Raval, Fichadia Raval Fichadia John Wiley & Sons, Inc

℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.

Cloud Computing Security Keep Your Head and Other Data Secure in the Cloud Lynne Pizzini, CISSP, CISM, CIPP Information Systems Security Officer Information.

Randy Beavers CS 585 – Computer Security February 19, 2009.

WELCOME CyberSecurity and Global Affairs Workshop Enhancing Situational Awareness Through Cyber Intelligence Henry Horton, CISM Partner, CyberSecurity.

GLOBAL MARKETING Distribution Management. Why A Distribution Strategy? To make the right quantities of the right product or service available at the right.

Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

Hurdles in implementation of cyber security in India.

Ewan Donald Cyber Security FEEL FREE A NEW APPROACH TO CYBER SECURITY.

© Dr. Karl Popp Acquiring companies in a digitalized world Dr. Karl Popp Follow

From Information Assurance to Trusted Systems – A Strategic Shift Patricia A. Muoio Chief, NSA Trusted Systems Research (formerly known as National Information.

The Future of Global Tourism The environment today –Vulnerability –Resilience –Reclamation.

Chapter7 TELECOMMUNICATIONS AND NETWORKS. Content e-Business Systems – Cross-Functional Enterprise Applications – Enterprise Application Integration –

UNCLASSIFIED 1 National Security in Cyberspace: It Takes a Nation Sandra Stanar-Johnson NSA/CSS Representative to the Department of Homeland Security February.

 Cooperation between international firms can take many forms, such as cross-licensing of proprietary technology, sharing of production facilities, cofunding.

Hollings Manufacturing Extension Partnership MEP Overview 2015.

A firm’s “vulnerability” can be viewed as a combination of the likelihood of a disruption and its potential severity. Vulnerability can be caused by:

1 RAND October 30, 2003 Border Security Issues After 9/11 November 5, 2003.

Purpose: These slides are for use with customers by the Microsoft Dynamics NAV sales force and partners. How to use: Add these slides to the core customer.

Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

Cyber Defense: The Industry point of view Asgeir Myhre Managing director Teleplan Globe AS (Norway)

Trinity Industries, Inc. FEI Presentation May 31, 2012.

Crown capital management international relations International Affairs.

Corporate responsibility for security Sibylle Bauer SIPRI Sofia, 22 May 2006.

Proactive Incident Response

MGMT 452 Corporate Social Responsibility

Cybersecurity, competence and preparedness

Information Technology Sector

Cyber Security: State of the Nation

Best Practices in Cyber Security Maggy Powell Senior Manager Real-Time Systems Security Exelon 21 March 2018.

Chief, ARSTAF Cyberspace Task Force

The Global Challenges of Cybersecurity and Digital Terrorism

Best Practices in Cyber Security Maggy Powell Senior Manager Real-Time Systems Security Exelon 26 September 2018.

CHAPTER 10 Corporate Governance

I4.0 in Action The importance of people and culture in the Industry 4.0 transformation journey Industry 4.0 Industry 3.0 Industry 2.0 Industry 1.0 Cyber.

CYBER RISKS IN SECURITIES SERVICES

Presentation transcript:

Classification The Threat Environment Joyce Corell, NCSC Assistant Director for Supply Chain National Defense Industrial Association Global Supply Chain Summit 09 December 2014 Classification

Director of National Intelligence Classification Director of National Intelligence 2 Classification

Risk = ƒ ( cost, schedule, performance) Classification Assessing Risk Risk = ƒ ( cost, schedule, performance) Security Integrity Defense Science Board Task Force Report Resilient Military Systems and the Advanced Cyber Threat 25Feb2013 Risk = ƒ ( threat, vulnerability, consequence) 3 Classification

Classification Threat Model Nation-State Corporate & Organized Crime / Non-State Individual / Hacktivist Advanced Persistent Threats Defense Science Board Task Force Report Resilient Military Systems and the Advanced Cyber Threat 25Feb2013 $K $M $B Proliferation of cheap, readily available, and effective Cyber Network Operation tools increasingly gives less capable actors the means to conduct cyber attacks. 4 Classification

Adversaries Need Not Look Foreign Classification Adversaries Need Not Look Foreign Global US Temporary Workers & Visitors Recruited Citizens Recruited Work & Student Visas Subsidiaries False Flags Overseas Suppliers & End Users Multinationals Front Companies 5 Classification

Things Are Not Always What They Seem… Classification Things Are Not Always What They Seem… Observable behavior of Multinational Firm Nefarious Intent … ? … or Business as Usual? Tries to purchase US firms, create joint ventures Seeking intellectual property for intelligence activities Secure market share, distribution, and access to technology and IP Conduct business intelligence on competition Acts as intelligence agents for foreign government Plans and intentions of rivals; limitations of competing products Access to systems or networks after equipment or software install Foreign government access for collection, exploitation, and disruption Retain access to customer systems for service, maintenance, and license compliance monitoring Fills key overseas positions with individuals of specific nationality Vetted trusted insiders can facilitate intelligence activities Executives with strong ties to firm to protect IP and business interests Uses financial structure that is complex with limited transparency Conceals financials to appear independent and fiscally sound Global variation in taxes incentivize complex financial structures; privately held firms limit details Seeks contracts to supply US government Firm may be trying to supply subverted products US government is a large customer of products and services Classification

Classification Collaboration The U.S. National Security Community is deeply concerned about the integrity of supply chains. We have more than enough evidence to know the threat is real and dangerous, but we will inevitably have difficulty predicting targets and assessing impacts. Supply chain security is a group effort; government and industry must identify threats and implement countermeasures. 7 Classification

Classification QUESTIONS? 8 Classification