Encuesta 2010 Csi Information Security
Thanks!
The 2010/2011 Survey Report is Available at GoCSI.com, either on its Own or as part of a CSI membership.
CyberForensics: Insights on Moving Forward
Jim Jaeger Director, Cyber Defense & Forensics December 2010
Cyber Security
Capabilities
• • • • • • Commercial forensics & incident response Cyber operations& monitoring Digital forensics Indications & warning systems Network security Information operations
Key Solutions and Programs
• Department of Defense Cyber Crime Center (DC3) • United StatesComputer Emergency Readiness Team (USCERT) • Department of Homeland Security National Infrastructure Coordinating Center, National Operations Center • National Security Agency signals intelligence andexploitation • Department of Justice/Federal Bureau of Investigation, Drug Enforcement Agency
Reaching Beyond Compliance
• Every large enterprise must now deal with constant cyber attacks
• 100%of the enterprises we’ve investigated were compliant with some security standard
• In their cases, compliance provided a false sense of security • Every set of compliance standards is understood byhackers • To protect your enterprise the new price of doing business is going beyond compliance
Situational Awareness
“Often times, our situational awareness is, indeed, forensics--which meansthat something has happened and policing up after the fact--versus mitigating it in real time. We need real-time situational awareness in our networks, to see where something bad is happening and totake action there at that time. We do not have ‘common-operational picture’ for our networks. We need to get there. We need to build that.”
General Keith Alexander, Congressional Testimony, 9/23/2010Cyber Situational Awareness
Know What Normal Is
• • Knowing your network Recognize changes
Know the Threat
• How they move • What they are after
Share Information
• CSI Computer Crime...
Regístrate para leer el documento completo.