4.Adopting a Threat-Aware Proactive Defense

Design defense around your mission or business Cyber Key Terrain

What is your most important line of business or function of your agency? What are your crown jewels (as another author here wrote)? What is the risk to those? What does the enemy want to achieve? This is the just the starting point of protecting your agency or business. Today, it is important to create a threat-aware proactive defense around your Cyber Key Terrain (C-KT) and manage the risk per line of business or... more »

Voting

1 vote
Public Input

3. Breach-to-Response Acceleration

Cyber Battlerooms to learn to recognize adversary action

The old adage "it takes 10,000 hours of practice to become an expert" is very true in cyber defense. We can't teach people to prevent zero day exploits but we can provide an inexpensive way to show what happens when an exploit is used. Technology today is finally available to provide ubiquitous Cyber Battlerooms, like Netflix, where you log into the cloud and "play" on a Virtual Clone Network of a government agency,... more »

Voting

1 vote
Public Input

1. Addressing Cyber Fundamentals

1) How do we move from inconsistent security/privacy protection

This is the difference between thinking tactically and thinking strategically. If you are thinking tactically, your to-do list is endless. There is always one more control to install, one more security practice to implement. There is no way to prioritize the workload or to measure your improvement. Security practitioners sprint from task to task putting out fires, never taking the time to build a program that can absorb... more »

Voting

3 votes
Public Input

7. Executive Leadership-led Risk Management

NEWS FLASH America--CEOs & Sr Ldrs get FIRED over breaches

As enterprises strive to gain value by leveraging technology, the risk associated with digital business is increasing. Isolated approaches to information security, business continuity and incident response are a thing of the past; today, the urgency of providing continuously available services for customers and business partners in the digital economy requires enterprises to become resilient. A resilient enterprise protects... more »

Voting

2 votes
Public Input

6. Solving the Talent Search

Change the paradigm-Invest in Cybersecurity Workforce Dev

Reports and articles keep surfacing on the issue of lacking cybersecurity talent in the federal government. Since 2010, little improvement has been seen regarding increased knowledge, skills, and abilities among the federal cybersecurity workforce. (Williams, 2015b).This can be attributed large to leadership failures across the agencies. Cybersecurity experts in the trenches, industrial organizational psychologists, and... more »

Voting

3 votes
Public Input

5. Sharing of Threat Intelligence

Silos cripple information sharing--Mandate sharing

Threat data sharing or cybersecurity-related information sharing is essential to the protection of the federal government, other critical infrastructure sectors, and to furthering cybersecurity for the Nation. The government needs to set the global standard on establishing an environment that facilitates threat data information sharing, it still operates in silos. Action must be taken to arm stakeholders with needed information... more »

Voting

1 vote
Public Input

4.Adopting a Threat-Aware Proactive Defense

Start with the Crown Jewels & Stop Spreading Peanut Butter

Currently, the government is still focused on perimeter defense will only a shallow defense-in-depth strategy. The problem centers on an enterprise architecture that is designed to usually protect the entire network at the same level, thus peanut butter spreading network defense resources. Agencies fail built a network defense strategy that focus on protecting their crown jewels, vulnerability reduction, and adversary... more »

Voting

2 votes
Public Input

3. Breach-to-Response Acceleration

Response Time--Combines Technology, Threat Knowledge, & Skills

Agencies must plan for success. Increasing response time is a combination of technology, threat knowledge, and skill sets of cybersecurity practitioners. Lag time exists because organizations unable to effectively integrate practitioner skills, threat knowledge, and technology. Although agencies are in possession of effective tools (e.g., Einstein and CDM) that collect indicators and signatures of malicious traffic crisscrossing... more »

Voting

2 votes
Public Input

1. Addressing Cyber Fundamentals

Fundamentals of Security and Privacy start w/Risk Mitigation

Security/Privacy Protection Controls consistency is critical to mitigating organizational risk. Risk mitigation begins at the highest level of an organization. It is a combination of three key things—governance, accountability, and culture. Implementing an organizational governance process will bring myriad benefits, including lower costs, greater control, and overall increased efficiency and effectiveness. A benchmarked... more »

Voting

3 votes
Public Input

5. Sharing of Threat Intelligence

Supported ITAPS recommendations

(Regular print are supported ITAPS recommendations in response to questions, flagged are expanded recommendations to more explicitly address questions, not directly addressed by ITAPS; participated in and collaborated with ITAPS OMB-OPM-NSC Task Force) How can agencies and industry implement and sustain threat data sharing and create a robust, timely and systemic sharing environment (more than just incidents) that can... more »

Voting

1 vote
Public Input

6. Solving the Talent Search

Leverage and Inclusion of All Career Fields

Given that such a small percentage of the US population is in technical fields, the majority of population is not even in the target group. It is important to consider more than just technical people or those who self opt in to the cyber field. Cyber is relevant to all jobs. However, the education and training aspect of cyber is not made relevant to other than cyber focused career fields. Those who work in a range of... more »

Voting

3 votes
Public Input

5. Sharing of Threat Intelligence

"Skin in the Game”

A multifaceted approach of building trust, having “skin in the game” (“AntiFragile” - Taleb), incentives and penalties for both industry and government. It has to be made in the best interest of both “parties” to share threat intelligence. This coupled with a multifaceted approach of incentives, disincentives, non attribution, etc. Then you increase the probability that sharing will occur. The incentives for government... more »

Voting

2 votes
Public Input

4.Adopting a Threat-Aware Proactive Defense

A Proposed Strategy for the Cyber Defense of U.S. Critical Infra

Today, America is in constant contact with the enemy - and the form of conflict has changed. The expansion of the Internet globally is being accompanied by an explosion of cyber threats. Nation-state adversaries, terrorists, and criminals exploit our weakly secured technology. The United States is principally reliant on its technology for a competitive advantage across the globe. Now, thanks to the Internet and cyberspace,... more »

Voting

3 votes
Public Input