19 Nov 2015
Doubleheader

Behavior-based Cyber Situational Awareness: the Internet Monitor (1 – 2 pm ET)
and
Breaking the Attack Lifecycle -- A Strategic Approach to Cyber Defense (2:15 – 3:15 ET)

Mark your calendars and come join your friends in the CAE community for a Tech Talk presentation. We are a warm group that shares our technical knowledge. CAE Tech Talks are free and conducted live in real-time over the Internet so no travel is required. You can attend from just about anywhere (office, home, etc.) Capitol Technology University (CTU) hosts the presentation(s) using their online delivery platform (Adobe Connect). The presentation along with questions and answers is conducted live in real-time using VOIP and chat. Just log in as “Guest” and enjoy the presentation(s).

Below is a description of the presentation(s) and logistics of attendance:

Date: Thursday 19 Nov 2015
Time: 1pm – 2pm ET
Title/Topic: Behavior-based Cyber Situational Awareness: the Internet Monitor
Presenter: Isis Rose (New Mexico Tech)
Location: https://capitol.adobeconnect.com/cae_tech_talk/
Note: An overflow room is available at the address below:
http://capitol.adobeconnect.com/cae2/

Just log in as “Guest” and enter your name. No password required.

Audience Skill Level:  All Levels
Description:
Signature-based mechanisms for cyber situational awareness, while an important component of security and robustness, ultimately cannot keep up with the co-evolutionary process of adversarial cyber warfare. It is much easier for an adversary to change their specific tactics to circumvent a defense mechanism than it is for the defender to anticipate threats, leaving the defender stuck in a purely reactive posture.  Instead of focusing on adversary behavior, system behaviors themselves can provide a rich data source for scalable network situational awareness in multiple domains of critical infrastructure. This is because a network’s responses to stimuli are governed more by its structure and configuration than by the identity of the stimulus itself, so such a detection mechanism is more adaptable to novel threats.  ICASA has developed a framework for near-real-time situational awareness of the Internet at global scale, called the Internet Monitor.  This capability is presented as an example of a behavior-based, data-driven tool for moving past signature detection and into a more proactive approach to cyber situational awareness.

Date: Thursday 19 Nov 2015
Time: 2:15 pm – 3:15 pm ET
Title/Topic: Breaking the Attack Lifecycle -- A Strategic Approach to Cyber Defense
Presenter: Department of Defense
Location: https://capitol.adobeconnect.com/cae_tech_talk/
Note: An overflow room is available at the address below:
http://capitol.adobeconnect.com/cae2/
login as “Guest” and enter your name. No password required.

Audience Skill Level:  All levels
Description:
System owners, managers, security professionals, and system administrators are challenged on a daily basis to secure their systems and networks. It seems the number and severity of network intrusions are ever increasing. However, the defensive posture for many has not grown beyond patching, signature scans, firewalls, and intrusion detection systems. This session presents a simple and cost effective strategy for cyber defense that embodies the DoD’s notion of defense in depth and (part of) NIST’s cybersecurity framework to “protect” the mission. The strategy is distinct in that it “breaks the attack lifecycle.” That is, mitigations can be deployed to obstruct the adversary at each phase of an attack. The selection and prioritization of mitigations is then based on today’s most prevalent threats. The strategy can be implemented by operators, taught as part of an academic program, and used as a premise for future research.

After the live presentation(s), CTU will post a recording of the presentation(s) on its website:
https://capitol.instructure.com/courses/sis_course_id:CAE_Tech_Talk/external_tools/4
Announcements for CAE Tech Talk events can be found in the news and calendar section of the CAE community website: www.caecommunity.org
For questions on CAE Tech Talk events, please send email to CAETechTalk@nsa.gov