Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cybersecurity EXERCISE (CE) ATD Scenario intro

Published byAlfred Morgan Modified over 5 years ago

Similar presentations

Presentation on theme: "Cybersecurity EXERCISE (CE) ATD Scenario intro"— Presentation transcript:

1 Cybersecurity EXERCISE (CE) ATD Scenario intro

2 LEARNING objectives Recognizing importance to integrate cybersecurity early and throughout lifecycle Applying cybersecurity risk management Applying cybersecurity regulatory, statutory, and best practices Identifying security and resiliency trade-space Applying contract strategies to acquire secure and resilient systems Recognize system impacts to cybersecurity threats Students should be able to understand: the difference between threat, risk, attack and vulnerability how threats materialize into attacks where to find information about threats, vulnerabilities and attacks typical threats, attacks and exploits and the motivations behind them high-level understanding of how example attacks work (e.g. DDOS, phishing and buffer overflow) how users are targeted in an attack and why this must be considered in defending against such attacks the concept of a threat landscape, its dynamic nature and how to create a landscape for an organization how to classify threats and example categories that there are different attacks, which have different patterns and different steps – for example be able to compare a DDOS to an attack designed to copy information how to classify threats and example categories that there are different types of malware – for example viruses, Trojans and spyware – their distribution mechanism and a detailed understanding of how they compromise information and systems that attacks can be combined for greater effect (e.g. phishing , followed by social engineering phone call)

3 Exercise objectives Apply 5-step cybersecurity framework throughout the system's lifecycle Analyze via representative system Apply cybersecurity risk management process Recognize role of team approach to cybersecurity success Analyze risk; consequences and likelihood via risk cube Develop alternatives to material/non-material solution(s) via tradeoff analyzes Students should be able to understand: the difference between threat, risk, attack and vulnerability how threats materialize into attacks where to find information about threats, vulnerabilities and attacks typical threats, attacks and exploits and the motivations behind them high-level understanding of how example attacks work (e.g. DDOS, phishing and buffer overflow) how users are targeted in an attack and why this must be considered in defending against such attacks the concept of a threat landscape, its dynamic nature and how to create a landscape for an organization how to classify threats and example categories that there are different attacks, which have different patterns and different steps – for example be able to compare a DDOS to an attack designed to copy information how to classify threats and example categories that there are different types of malware – for example viruses, Trojans and spyware – their distribution mechanism and a detailed understanding of how they compromise information and systems that attacks can be combined for greater effect (e.g. phishing , followed by social engineering phone call)

4 Exercise ground rules There are no right or wrong answers or ideas
Maintain a no-fault, stress-free environment Use the scenario to provide context and spark creative ideas Do not limit discussion to positions or policies Tap community resources and assets to aid/enhance brainstorming Students should be able to understand: the difference between threat, risk, attack and vulnerability how threats materialize into attacks where to find information about threats, vulnerabilities and attacks typical threats, attacks and exploits and the motivations behind them high-level understanding of how example attacks work (e.g. DDOS, phishing and buffer overflow) how users are targeted in an attack and why this must be considered in defending against such attacks the concept of a threat landscape, its dynamic nature and how to create a landscape for an organization how to classify threats and example categories that there are different attacks, which have different patterns and different steps – for example be able to compare a DDOS to an attack designed to copy information how to classify threats and example categories that there are different types of malware – for example viruses, Trojans and spyware – their distribution mechanism and a detailed understanding of how they compromise information and systems that attacks can be combined for greater effect (e.g. phishing , followed by social engineering phone call)

5 Cyber Attack SURFACE (p. 4)
CONSEQUENCES TO SEAPORT OPERATIONS FROM MALICIOUS CYBER ACTIVITY, 2016, Department of Homeland Security Available at

6 Threat to navigation systems

7 IMO and PMO RESPONSIBILITY
International Maritime Organization (IMO) Incorporate framework that is fair, effective, universally adopted & implemented Ensure operators address financial issues without compromising security Ensure operators comply with regulatory, statutory, and cybersecurity best practices Ensure “Public” that ship operations are safe Program Management Office (PMO) Identify mission gaps and weaknesses in existing or new requirements for planned system Evaluate architecture for security gaps or weaknesses to influence design Evaluate architecture, systems, or solutions (material/non-material) to determine funding prioritization Ensure systems are secure, resilient, and operate in a cyber contested environment

8 IMO DUTIES Require ship’s compliance with security guidelines IAW NIST’s Cybersecurity Framework Ensure PMOs deploy a COTS Navigation System that operate secure and resilient, and defeat new/updated threat(s) IAW Interim Maritime Cyber Risk Management Guideline Notice Ensure PMO report system’s compliancy with NIST Cybersecurity Framework Within 36-months Identify material or non-material solution(s) If not in compliance, revoke each affected ship’s sea-worthiness and port of call certificate, which may deny the ability to obtain or maintain carrier insurance

9 Cyber exercise (CE) schedule morning session
Time Tasking Actions/Outcomes 0800 – 0845 Engineering, Program Management, and Contracts Disclosures Discuss goals and objectives Discuss participant roles and expectations 0900 – 0915 Cyber Exercise (CE) Intro Discuss organizational structure Identify statutory, regulatory, best practices, & tools 0915 – 1120 Round 1: Team Work Focus on “Identify & Protect” cybersecurity aspects Understand the adversary Maintain situational awareness Consider the operating environment 1130 – 1200 Large Group Discussion Discuss Round 1 answers and recommended response 1200 – 1300 Lunch

10 Cyber exercise (CE) schedule afternoon session
Time Tasking Actions/Outcomes 1300 – 1315 Afternoon intro Discussion Discuss cyber focus transition to detect, respond & recover of a Navigation System from GPS Spoofing 1315 – 1350 Round 2: Team Work Focus on “Detect” cybersecurity aspects Update scenario Update threat analysis Inject new threat vector 1400 – 1420 Large Group Discussion Discuss Round 2 answers and recommended response 1430 – 1520 Round 3: Intro and Team Work Focus on “Respond & Recover” cybersecurity aspects Define contingency plans 1530 – 1630 CE ends. Large Group Discussion Team brief out and closing remarks

11 Questions

Download ppt "Cybersecurity EXERCISE (CE) ATD Scenario intro"

Similar presentations

Microsoft Operations Framework (MOF) 4.0

Microsoft Operations Framework (MOF) 4.0
S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,

S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Cybersecurity Brief [Date of presentation]

National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Cybersecurity Brief [Date of presentation]
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
 Jonathan Trull, Deputy State Auditor, Colorado Office of the State Auditor  Travis Schack, Colorado’s Information Security Officer  Chris Ingram,

 Jonathan Trull, Deputy State Auditor, Colorado Office of the State Auditor  Travis Schack, Colorado’s Information Security Officer  Chris Ingram,
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Copyright © 2011 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Software Assurance Session 15 INFM 603. Bug hunting vs. vulnerability spotting Bugs are your code not behaving as you designed it. Many can be found by.

Software Assurance Session 15 INFM 603. Bug hunting vs. vulnerability spotting Bugs are your code not behaving as you designed it. Many can be found by.
Copyright © 2011 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Figures – Chapter 14. Figure 14.1 System layers where security may be compromised.

Figures – Chapter 14. Figure 14.1 System layers where security may be compromised.
Homeland Security UNCLASSIFIED United States Coast Guard Office of Port and Facility Compliance (CG-FAC) Cyber Security and the Marine Transportation System.

Homeland Security UNCLASSIFIED United States Coast Guard Office of Port and Facility Compliance (CG-FAC) Cyber Security and the Marine Transportation System.
Copyright © 2011 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
1 1 Cybersecurity : Optimal Approach for PSAPs FCC Task Force on Optimal PSAP Architecture Working Group 1 Final Report December 10 th, 2015.

1 1 Cybersecurity : Optimal Approach for PSAPs FCC Task Force on Optimal PSAP Architecture Working Group 1 Final Report December 10 th, 2015.
Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.

Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.

Similar presentations

Ads by Google