Cyber Security Theater: Providing Cyber Security Inventory & Compliance Tracking & C2 in a Heterogeneous Tool Environment
Wednesday, May 16, 2018: 8:15 AM - 9:15 AM
Speaker(s)
Description
This session will include discussion of the following:
-Blue force attribution (i.e., COAMS, OAM, scorecard tagging to identify devices' owning organization, admin organization, location, accreditation boundary, mission, COCOM AOR, CCSP) across multiple tools in an interoperable fashion
- Unique device identification and tracking across time in support of asset management, as a foundation for vulnerability management, patch management, mitigation management, and risk management, to include special cases, like VDI and Docker containers
- Data extraction, normalization, and updating cyber physical and virtual device data across time at scale
- C2 and compliance tracking issues with implementing multiple tools for, for example, containment, anti-malware, Host IPS, application whitelisting
- Examples of existing systems trying to address these issues: Cybersecurity Scorecard, BDP, CMRS, eMASS - SCAP as an example of standards-based approaches to resolving the problem, advantages and disadvantages
Tracks:
Approved for 1 CompTIA CEU: A+, Network+, Security+, Cloud+, CySA+, and CASP; 1 GIAC CPE