erau webinar november 2016 cyber security
TRANSCRIPT
![Page 1: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/1.jpg)
Welcome!
![Page 2: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/2.jpg)
Today’s Agenda• Welcome and Introductions—Bill
Gibbs, Webinar Coordinator• Presentation—Dr. Jon Haass• Questions and Answers• Upcoming Webinars and Webinar Plus
Degree BriefingBill GibbsDirector, Campus OutreachWebinar Coordinator
![Page 3: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/3.jpg)
Dr. Jon Haass
• Associate Professor and Program Director for Bachelor of Science in Cyber Intelligence and Security—Prescott
• Frequent speaker at national conferences• Two bachelor’s degrees from University of Wyoming
(Mathematics, Physics)• Ph.D. in Mathematics from Massachusetts Institute of
Technology (MIT)• Leader or Founder of several software development
companies including Sun Microsystems, OpenTV, and SoftKrypt
![Page 4: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/4.jpg)
Cyber SecurityChallenges and Solutions
Jon C. HaassCyber Intelligence and Security
![Page 5: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/5.jpg)
The Cyber Security Landscape Challenges Faced Solutions and Best Practices Areas of Research Question and Answer
Webinar Overview
![Page 6: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/6.jpg)
Breaches in the news
Source: Informationisbeautiful.net – updated August 2016
![Page 7: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/7.jpg)
Could be any company …
![Page 8: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/8.jpg)
Could be any company …
![Page 9: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/9.jpg)
Is it safe to click?
The_User@Home
![Page 10: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/10.jpg)
Is it safe to click?
Does my SmartTV or DVR have vulnerabilities?
◦ Is it listening?◦ Is it infected with Mirai “Bot”?
The_User@Home
![Page 11: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/11.jpg)
Is that email really from HR?
Malicious email borne attacksEntry into critical networksDevelopment and Key employees
June 23, 2015 – FBI alerts ISACs of Business e-mail Compromise attacks that are increasingly successful, well crafted and malicious fronts for APT (Advanced Persistent Threats)
SpearPhishing@Work
![Page 12: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/12.jpg)
Dear John,
The bank has notified us of suspicious activity on your account. As part of the service provided due to OPM breach, we are notifying you. Please click to process.
Account ManagerTel:202-767-1800US Office of Personnel Management
Ransomware@Hospitals
![Page 13: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/13.jpg)
Dear Mary,
The bank has notified us of suspicious activity on your account. As part of the service provided due to OPM breach, we are notifying you. Please click to process.
Account ManagerTel:202-767-1800US Office of Personnel Management
Ransomware@Hospitals
https://opm.gov/cybersecurity/contact.aspx
![Page 14: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/14.jpg)
July 2016
Cybersecurity threats know no boundaries
Cybersecurity threats know no boundaries
![Page 15: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/15.jpg)
National Security / Intellectual Property / Safety
Critical Infrastructure
FinancialServices
Energy Manufacturing
NuclearWater
Transportation
![Page 16: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/16.jpg)
National Security / Intellectual Property / Safety
Critical Infrastructure
FinancialServices
Energy Manufacturing
NuclearWater
Transportation
Power grid attack in
UkrainePower grid attack in
Ukraine
![Page 17: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/17.jpg)
NSA’s view of the world
Every network can be (is) breached
Anything on a computer can be stolen.
General Keith Alexander (retired) Former NSA, Cyber Command now CEO IronNet
![Page 18: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/18.jpg)
InvisibleHard to “see” bits / bytes / network packets
We need forensic tools
and automation
and vigilance
Challenges in Cyberspace
![Page 19: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/19.jpg)
Volume205 Billion emails per day3.5 Billion Google searches per day
Fiber speeds means
BIG DATA
Adversary hides in traffic
![Page 20: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/20.jpg)
Variety230,000 new malware variants per day – 2015Trojans – 51%
Test againstexisting AV - software
Malware evolving
![Page 21: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/21.jpg)
VulnerabilitiesFlaws in software
Difficult to makeerror free systems
iPhone app90,000 lines code
More Complex Software
![Page 22: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/22.jpg)
AttributionMasquerading SpoofingProxy
Rely on mistakes
Who Done It? - Anonymity
![Page 23: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/23.jpg)
Whack-a-Mole gameStop one, another pops up
DoD wants to bemore pro-active
Cyber Intel.
Army of Adversaries
![Page 24: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/24.jpg)
It’s a $500Bn IndustryGDP of Sweden or Belgium (37)!
On the Dark Net TodayMalware as a ServiceCustomer supportMalware testingMoney laundering
Cyber Crime Pays
![Page 25: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/25.jpg)
JurisdictionInternet is Global
Can we attack back?
Arrest someone?
Fine or Jail someone?
Is it Illegal? And where?
![Page 26: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/26.jpg)
Cyber Help Wanted 348,975!NIST announces CyberSeek
We Need More Skilled People
![Page 27: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/27.jpg)
Stop more than 95%Update your software Keep current anti-malwareDon’t re-use passwords (or use top million!)Know your emailsCaution where you browseSet security above lowRoutine backups!!!
Solutions: Cyber Hygiene
![Page 28: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/28.jpg)
Stop Attacker …Notice unusual trafficDeny easy vulnerabilitiesAuthenticate softwareMonitor suspicious connectsDeny access to key data
Defense in Depth
![Page 29: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/29.jpg)
Everyone MattersMost breaches from some mistake
InsiderSpearPhishMisconfigurationUn Patched Vulnerability
Cyber Security as Team Sport
![Page 30: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/30.jpg)
Risk ManagementNot just an IT issue
What is important?Cost if compromised?Then…What to do about it
Annual Review
Cyber Security Solutions
![Page 31: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/31.jpg)
NIST Cyber “Best Practice”
Service Providers can support
![Page 32: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/32.jpg)
Bright ideas needed!
Students & Faculty Wanted!!
Future Research Outlook
![Page 33: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/33.jpg)
Mining Threat InformationInformation Sharing Organizations (ISAO)Arizona Cyber Threat Response Alliance ACTRA
Actionable IntelligenceRanking SystemIntegration
Add in Machine Learning
Improved Intelligence
What’s on your network?
![Page 34: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/34.jpg)
Creative, Resilient PersonnelAcademic / Industry Collaboration
What is working?What more is needed?Streamline?Re-training in career?Apprentice / Co-op?
Improved Education
![Page 35: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/35.jpg)
BYOD Cyber Security
Security of EFB / PED for crew and passenger
Vulnerabilities in aircraft systems
![Page 36: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/36.jpg)
Internet of Things Security
Security of EFB / PED for crew and passenger
Includes the newAirport of Things
Authentication & protect defaults
![Page 37: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/37.jpg)
What is unseen can hurt!Future trends becoming clearer
![Page 38: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/38.jpg)
Questions and Comments
Jon C. HaassCyber Intelligence and SecurityEmbry-Riddle Aeronautical [email protected]
![Page 39: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/39.jpg)
Upcoming Webinars:Jan. 12 Airport Construction Risk Management and SafetyFeb. 9 The Continuing Search for Amelia EarhartMar. 9 Cross-Cultural Project ManagementApr. 13 10 Traits Every Leader Should HaveMay 11 An Introduction to Human Factors in AviationJun. 22 How to Create a Career Enhancement Toolkit
webinars.erau.edu
![Page 40: ERAU webinar november 2016 cyber security](https://reader036.vdocuments.pub/reader036/viewer/2022081605/587b24e31a28ab736c8b7591/html5/thumbnails/40.jpg)
Join us for a Webinar “Plus” Degree Briefing!Thursday, Dec. 1 (two weeks from today)
2 p.m. Eastern (USA) (same time as today)
Covering:• Bachelor of Science in Cyber Intelligence and
Security (Prescott Campus Residential Program)
• Bachelor of Science in Homeland Security• Master of Science in Cybersecurity Management
and Policy
webinars.erau.edu