Transcript Slide 1
CUBIC DEFENSE APPLICATIONS Security Summit Discussions Jeff Snyder Vice President, Cyber Programs Cubic Defense Applications Cyber Attacks Up 300% Since 2005 Threats diverse and expanding • • • • • • • Incidents Reported to US-CERT Foreign government sanctioned and/or financed Politically/militarily/economically motivated Domestic and International Organizations as well as individual actors Shift from “nuisance” attacks to intent to damage Goal: disruption, destruction and theft Must also consider “collateral damage” – 2 Information disruption caused by some unrelated physical disruption Source: GAO Attacks continue to rise • Up 200% since 2006 (& over 300% since 05) • Increasing in complexity and coordination Cyber Threats Causing Market Changes Comprehensive National Cyber Initiative (CNCI) has 12 Key Elements that will be the Focus for Protecting the Nation’s Critical Infrastructures. Cyber Threats Causing Market Changes Civilian Initiatives Span Several Agencies Comprehensive National Cyber Initiative (CNCI) GSA’s MTIPS •Established by President Bush in 1/2008 •Goal of improving efforts to protect against intrusion attempts and anticipate future threats across federal computer networks •Estimated budget of $40b over several years Established March 2009 Allows agencies to obtain TICcompliant Internet services through Networx OMB’s Information Systems Security Line of Business (ISS LoB) Department of Homeland Security Initiatives •Established as part of President Bush’s eGov Initiative •Goal of improving the level of information systems security across the federal government, and to gain cost efficiencies by sharing functions and processes for managing information security OMB’s FDCC •Federal Desktop Core Configuration (FDCC) •Established by OMB in 2007 Collaboration with DHS NSC Division/US-CERT and NIST •National Cyber Security Center (NCSC) •U.S. Computer Emergency Readiness Team (US-CERT) •EINSTEIN •Trusted Internet Connections (TIC) •Cyber Storm •Cyber Security R&D Center GSA’s SmartBUY GSA’s program for improving, streamlining and automating IT systems for lender processing systems Key Cyber Activities to Benefit Industry • IPv6 Tools & Processes to Address Cyber Security Implications • Intrusion Detection Sensor (IDS) to Intrusion Prevention Sensor (IPS) Technologies to “Predict” the Threat • Cyber Information Correlation, Analysis, and Course of Action Response • Standardized Cyber Simulation, Training, and Exercise System System • More Robust Insider Threat Tools 5 • Cyber Workforce Modernization and Expansion