• Home
  • Understanding and Managing Cyber-Risk with a Dwell Time Based Approach

Understanding and Managing Cyber-Risk with a Dwell Time Based Approach

  • 16 November 2019
  • 09:30 - 11:30

Information Systems Security Association Northern Virginia Chapter (ISSA NoVa) Risk Management Framework (RMF) LifeBoat

Visit the meetup’s web site register, URL: https://www.meetup.com/NCR-Risk-Management-Framework-Lifeboat/

For those who do not wish to join the meetup community, please send an email to gingerdoetsch@gmail.com and you will be placed on the rmf.lifeboat@gmail.com blind copy distro list to receive meeting announcements. Non-Meetup members can RSVP for a meeting via this email address or by calling 703-402-4379.

Attendees earn Professional Development Units (PDUs) for participating in our ISSA Northern Virginia Chapter (ISSA NoVa) RMF LifeBoat Group meeting,.

Abstract: Security is critical in today’s system design and architecture in order to ensure availability, integrity, and confidentiality. As computer systems are opened to large population of users via web services on the public Internet, the task of protecting them becomes more daunting. The vulnerabilities of such systems expose them to malicious attacks. Adding to the challenge is the fact that security attacks have become more sophisticated, so that a system cannot rely solely on intrusion prevention and detection for its security protection. For example, Marriot systems were compromised and it was discovered that the attacker was in the system for 5 years! The time an attacker is in the system is referred to as ATTACKER DWELL time. We suggest relying only on prevention and detection is not wise. We need additional approaches that will reduce DWELL time. Moving Target Defense (MTD) is a new approach to protecting systems. In this presentation we present one MTD approach called SCIT. MTD changes the attack surface and thus confuses the attacker. SCIT architecture is a time-based approach. Since there is no perfect prevention and detection of intrusions, the guiding principle of SCIT design is that security compromises are inevitable. The SCIT design goal is to minimize the losses incurred because of an intrusion. Towards this end we focus on reducing the attacker DWELL time. In this presentation we will present an approach to reduce attacker DWELL time. We have built systems in which the DWELL time was reduced to 90 seconds. SCIT has been applied to on-premise systems and cloud based systems.

Presenter’s Bio: Dr. Arun Sood is Professor of Computer Science, at George Mason University, Fairfax, VA. His research interests are in cyber resilience and security architectures; image and multimedia computing; performance modeling and evaluation; simulation, modeling, and optimization. LinkedIn: http://www.linkedin.com/in/arunsood/ https://cs.gmu.edu/~asood/

Flyer Here.

Cyber & STEAM Global Innovation Alliance (2018 - 2020)

Powered by Wild Apricot Membership Software