SlideShare una empresa de Scribd logo

Building the Next Generation ISAC-- A Blueprint for Success

Booz Allen Hamilton
Booz Allen Hamilton
Tecnología
1 de 2
Descargar para leer sin conexión
www.boozallen.com Booz Allen Hamilton is a leading provider of management consulting, technology, and engineering services to the US government in defense, intelligence, and civil markets, and to major corporations, institutions, and not-for-profit organizations. Booz Allen is headquartered in McLean, Virginia, employs approximately 23,000 people, and had revenue of $5.76 billion for the 12 months ended March 31, 2013. In 2014, Booz Allen celebrates its 100th anniversary year. To learn more, visit www.boozallen.com. (NYSE: BAH) About Booz Allen Hamilton Building the Next Generation ISAC—A Blueprint for Success Information Sharing as a Critical Asset Cyber-attacks have leveled the playing field for today’s businesses, encouraging industries to collaborate and share cybersecurity information. As threats evolve, companies rely on their peers and competitors to better understand common challenges presented in the evolving threat environment and to learn how they can work together to remediate and protect their critical infrastructure. To be more effective at both the business and industry level, Information Sharing and Analysis Centers (ISAC) have become key players in strengthening an industry’s resistance to and resilience after cyber-attacks. ISACs provide a trusted environment for members to share information during both steady-state and crisis operations and to decrease overall cybersecurity risk. At Booz Allen Hamilton, a leading strategy and technology consulting firm, our experience working on the most sophisticated national security threats has given us superior visibility into the landscape of emerging cyber challenges within both the government and commercial industry sectors. We work to fully understand your unique cybersecurity challenges and tailor solutions so that you can act decisively. Building an ISAC requires the acumen and knowledge in understanding a complex threat environment and the expertise in how to share critical information and navigate collaboration with both industry partners and government entities. Given our experience and record of success, we can apply a unique approach to building and growing ISACs across various critical infrastructures. Booz Allen’s ISAC Organizational Blueprint Experience shows us that there are foundational building blocks necessary to create successful information sharing and analysis organizations. Whether yours is a new ISAC or an existing ISAC looking to mature, the five key building blocks—Governance, Policy, Technology, For more information, contact Jim Koenig Principal koenig_james@bah.com 267-330-7822 Scott Walters Senior Associate walters_scott@bah.com 917-305-8011 Susan Maly Lead Associate maly_susan@bah.com 703-377-6448
Culture, and Economics—ensure the solid foundation required for successful implementation. We ask questions such as: • Policy: Who is eligible for membership? • Governance: How will the ISAC be governed and does it have a strong leader with the right industry and functional cybersecurity skills to oversee day-to-day operations? • Technology: What mechanisms exist to manage identities, authorize and authenticate users, and ensure confidentiality? • Culture: Has the ISAC created a trusted environment where members feel comfortable sharing information? • Economics: How will the ISAC be funded and measure success? We have seen these building blocks emerge via a five-phase process that engages key industry partners from inception to maturity. As ISACs mature, Booz Allen can provide support across three focus areas: management, operations, and infrastructure. Booz Allen recognizes the importance of an ISAC to: • Create a trusted environment to quickly detect or respond to threats before they affect your enterprise • Learn from others to decrease your overall risk, increase safety, and avoid revenue loss • Protect your reputation and serve as an industry leader out in front of attackers • Access pertinent information to avoid data overload and make timely decisions Client Success Stories • Startup Project Management: Booz Allen partnered with the oil and natural gas subsector to create an ISAC to strengthen the industry. • Cyber Threat Sharing: Booz Allen supported the Defense Information Systems Agency and DoD Chief Information Officer in the development, accreditation, and sustainment of the Defense Industrial Base Network Portal environment (DIBNet) to allow DIB companies and the U.S. Government to exchange cyber threat and incident information. • Enhancement Through Wargaming: Booz Allen joined forces with the financial services industry to conduct simulations and evaluate industry response to cybersecurity risks and incidents. ISAC FOCUS AREAS BOOZ ALLEN SUPPORT MANAGEMENT OPERATIONS INFRASTRUCTURE • Advisory services • Conference and webinar support • Member management • Cybersecurity roadmaps • Project management • ISAC start-up support • Staffing support • Subject matter expertise • Threat intelligence • Forensics & malware analysis • Simulations and exercises • Industry benchmarking • Vendor benchmarking • Onsite incident response and recovery support • Strategic communications • Development of secure web portals • Incident response plans and playbooks • System/firewall support • Intrusion detection and prevention • Industry best practices PHASE I Engage Partners PHASE II Mobilize ISAC Planning Team PHASE III Develop Concept of Operations PHASE IV Incorporate and Implement Operations PHASE V Mature the Organization 03.072.14

Recomendados

Best cybersecurity services for organizations
Best cybersecurity services for organizationsBest cybersecurity services for organizations
Best cybersecurity services for organizations
wilsonconsulting1
 
2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber Security2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber Security
Phil Agcaoili
 
Wilson Consulting Group: A Cybersecurity Company
Wilson Consulting Group: A Cybersecurity CompanyWilson Consulting Group: A Cybersecurity Company
Wilson Consulting Group: A Cybersecurity Company
wilsonconsulting1
 
Find the best cyebersecurity services
Find the best cyebersecurity servicesFind the best cyebersecurity services
Find the best cyebersecurity services
wilsonconsulting1
 
JNeiditz NLJ Trailblazers 2016
JNeiditz NLJ Trailblazers 2016JNeiditz NLJ Trailblazers 2016
JNeiditz NLJ Trailblazers 2016
Jon Neiditz
 
Strategies for cyber resilience - Everyone has a Role
Strategies for cyber resilience - Everyone has a RoleStrategies for cyber resilience - Everyone has a Role
Strategies for cyber resilience - Everyone has a Role
Kevin Duffey
 
What CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityWhat CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber Security
Phil Agcaoili
 
Cyber Resilience: A New Perspective on Security
Cyber Resilience: A New Perspective on SecurityCyber Resilience: A New Perspective on Security
Cyber Resilience: A New Perspective on Security
Ina Luft
 

Recomendados

Best cybersecurity services for organizations
Best cybersecurity services for organizationsBest cybersecurity services for organizations
Best cybersecurity services for organizations
wilsonconsulting1
 
2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber Security2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber Security
Phil Agcaoili
 
Wilson Consulting Group: A Cybersecurity Company
Wilson Consulting Group: A Cybersecurity CompanyWilson Consulting Group: A Cybersecurity Company
Wilson Consulting Group: A Cybersecurity Company
wilsonconsulting1
 
Find the best cyebersecurity services
Find the best cyebersecurity servicesFind the best cyebersecurity services
Find the best cyebersecurity services
wilsonconsulting1
 
JNeiditz NLJ Trailblazers 2016
JNeiditz NLJ Trailblazers 2016JNeiditz NLJ Trailblazers 2016
JNeiditz NLJ Trailblazers 2016
Jon Neiditz
 
Strategies for cyber resilience - Everyone has a Role
Strategies for cyber resilience - Everyone has a RoleStrategies for cyber resilience - Everyone has a Role
Strategies for cyber resilience - Everyone has a Role
Kevin Duffey
 
What CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityWhat CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber Security
Phil Agcaoili
 
Cyber Resilience: A New Perspective on Security
Cyber Resilience: A New Perspective on SecurityCyber Resilience: A New Perspective on Security
Cyber Resilience: A New Perspective on Security
Ina Luft
 
Mitre: People in Progress
Mitre: People in ProgressMitre: People in Progress
Mitre: People in Progress
SoCo Partners
 
Cybersecurity Service Provider
Cybersecurity Service ProviderCybersecurity Service Provider
Cybersecurity Service Provider
Vishvendra Saini
 
The Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian OrganizationsThe Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian Organizations
Brian Rushton-Phillips
 
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data AssetsFS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
Puneet Kukreja
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital Economy
Agus Wicaksono
 
ACGSV_Feb11_Keynote_Program
ACGSV_Feb11_Keynote_ProgramACGSV_Feb11_Keynote_Program
ACGSV_Feb11_Keynote_Program
Jaim Harlow
 
How to Improve Your Board’s Cyber Security Literacy
How to Improve Your Board’s Cyber Security LiteracyHow to Improve Your Board’s Cyber Security Literacy
How to Improve Your Board’s Cyber Security Literacy
Tripwire
 
Your clouds must be transparent - an intro to Cloud Security Alliance
Your clouds must be transparent - an intro to Cloud Security AllianceYour clouds must be transparent - an intro to Cloud Security Alliance
Your clouds must be transparent - an intro to Cloud Security Alliance
David Jones
 
How Data Security is Strangling Companies and What to Do About It
How Data Security is Strangling Companies and What to Do About ItHow Data Security is Strangling Companies and What to Do About It
How Data Security is Strangling Companies and What to Do About It
Finance Network marcus evans
 
12 Top Talks from the 2017 R-CISC Summit
12 Top Talks from the 2017 R-CISC Summit12 Top Talks from the 2017 R-CISC Summit
12 Top Talks from the 2017 R-CISC Summit
Tripwire
 
ISACA talk - cybersecurity and security culture
ISACA talk - cybersecurity and security cultureISACA talk - cybersecurity and security culture
ISACA talk - cybersecurity and security culture
Craig McGill
 
It Security Overview
It Security OverviewIt Security Overview
It Security Overview
joegleinser
 
Boldon James - SharePoint: information security's weakest link?
Boldon James - SharePoint: information security's weakest link?Boldon James - SharePoint: information security's weakest link?
Boldon James - SharePoint: information security's weakest link?
boldonjames
 
Cloud Security - Reality or Illusion
Cloud Security - Reality or IllusionCloud Security - Reality or Illusion
Cloud Security - Reality or Illusion
Srinivas Thimmaiah
 
Data Protection for Higher Education
Data Protection for Higher EducationData Protection for Higher Education
Data Protection for Higher Education
Kate Carruthers
 
Iid infoshare exec_summary final
Iid infoshare exec_summary finalIid infoshare exec_summary final
Iid infoshare exec_summary final
Andrew_Goss
 
Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015
ITSM Academy, Inc.
 
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf
Sania Baker
 
2017 in Review: Infosec Pros Look Back on the Year
2017 in Review: Infosec Pros Look Back on the Year2017 in Review: Infosec Pros Look Back on the Year
2017 in Review: Infosec Pros Look Back on the Year
Tripwire
 
The Enterprise Integrator - C4ISR
The Enterprise Integrator - C4ISRThe Enterprise Integrator - C4ISR
The Enterprise Integrator - C4ISR
Booz Allen Hamilton
 
Booz Allen Industrial Cybersecurity Threat Briefing
Booz Allen Industrial Cybersecurity Threat BriefingBooz Allen Industrial Cybersecurity Threat Briefing
Booz Allen Industrial Cybersecurity Threat Briefing
Booz Allen Hamilton
 
Optimiza tu canal de youtube
Optimiza tu canal de youtubeOptimiza tu canal de youtube
Optimiza tu canal de youtube
Excellere Consultora Educativa - Natalia Gil
 

Más contenido relacionado

La actualidad más candente

Mitre: People in Progress
Mitre: People in ProgressMitre: People in Progress
Mitre: People in Progress
SoCo Partners
 
ACGSV_Feb11_Keynote_Program
ACGSV_Feb11_Keynote_ProgramACGSV_Feb11_Keynote_Program
ACGSV_Feb11_Keynote_Program
Jaim Harlow
 
It Security Overview
It Security OverviewIt Security Overview
It Security Overview
joegleinser
 
Boldon James - SharePoint: information security's weakest link?
Boldon James - SharePoint: information security's weakest link?Boldon James - SharePoint: information security's weakest link?
Boldon James - SharePoint: information security's weakest link?
boldonjames
 
Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015
ITSM Academy, Inc.
 

La actualidad más candente (19)

Mitre: People in Progress
Mitre: People in ProgressMitre: People in Progress
Mitre: People in Progress
 
Cybersecurity Service Provider
Cybersecurity Service ProviderCybersecurity Service Provider
Cybersecurity Service Provider
 
The Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian OrganizationsThe Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian Organizations
 
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data AssetsFS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital Economy
 
ACGSV_Feb11_Keynote_Program
ACGSV_Feb11_Keynote_ProgramACGSV_Feb11_Keynote_Program
ACGSV_Feb11_Keynote_Program
 
How to Improve Your Board’s Cyber Security Literacy
How to Improve Your Board’s Cyber Security LiteracyHow to Improve Your Board’s Cyber Security Literacy
How to Improve Your Board’s Cyber Security Literacy
 
Your clouds must be transparent - an intro to Cloud Security Alliance
Your clouds must be transparent - an intro to Cloud Security AllianceYour clouds must be transparent - an intro to Cloud Security Alliance
Your clouds must be transparent - an intro to Cloud Security Alliance
 
How Data Security is Strangling Companies and What to Do About It
How Data Security is Strangling Companies and What to Do About ItHow Data Security is Strangling Companies and What to Do About It
How Data Security is Strangling Companies and What to Do About It
 
12 Top Talks from the 2017 R-CISC Summit
12 Top Talks from the 2017 R-CISC Summit12 Top Talks from the 2017 R-CISC Summit
12 Top Talks from the 2017 R-CISC Summit
 
ISACA talk - cybersecurity and security culture
ISACA talk - cybersecurity and security cultureISACA talk - cybersecurity and security culture
ISACA talk - cybersecurity and security culture
 
It Security Overview
It Security OverviewIt Security Overview
It Security Overview
 
Boldon James - SharePoint: information security's weakest link?
Boldon James - SharePoint: information security's weakest link?Boldon James - SharePoint: information security's weakest link?
Boldon James - SharePoint: information security's weakest link?
 
Cloud Security - Reality or Illusion
Cloud Security - Reality or IllusionCloud Security - Reality or Illusion
Cloud Security - Reality or Illusion
 
Data Protection for Higher Education
Data Protection for Higher EducationData Protection for Higher Education
Data Protection for Higher Education
 
Iid infoshare exec_summary final
Iid infoshare exec_summary finalIid infoshare exec_summary final
Iid infoshare exec_summary final
 
Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015
 
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf
 
2017 in Review: Infosec Pros Look Back on the Year
2017 in Review: Infosec Pros Look Back on the Year2017 in Review: Infosec Pros Look Back on the Year
2017 in Review: Infosec Pros Look Back on the Year
 

Destacado

Final Year Project (Tesi)_GFRP_Francesco Di Paolo
Final Year Project (Tesi)_GFRP_Francesco Di PaoloFinal Year Project (Tesi)_GFRP_Francesco Di Paolo
Final Year Project (Tesi)_GFRP_Francesco Di Paolo
Francesco Di Paolo
 
Behavioral Dynamics from the SERP’s Perspective: What are Failed SERPs and Ho...
Behavioral Dynamics from the SERP’s Perspective: What are Failed SERPs and Ho...Behavioral Dynamics from the SERP’s Perspective: What are Failed SERPs and Ho...
Behavioral Dynamics from the SERP’s Perspective: What are Failed SERPs and Ho...
Julia Kiseleva
 
Lecture: Modeling intracellular cargo transport by several molecular motors
Lecture: Modeling intracellular cargo transport by several molecular motorsLecture: Modeling intracellular cargo transport by several molecular motors
Lecture: Modeling intracellular cargo transport by several molecular motors
Melanie JI Mueller
 

Destacado (20)

The Enterprise Integrator - C4ISR
The Enterprise Integrator - C4ISRThe Enterprise Integrator - C4ISR
The Enterprise Integrator - C4ISR
 
Booz Allen Industrial Cybersecurity Threat Briefing
Booz Allen Industrial Cybersecurity Threat BriefingBooz Allen Industrial Cybersecurity Threat Briefing
Booz Allen Industrial Cybersecurity Threat Briefing
 
Optimiza tu canal de youtube
Optimiza tu canal de youtubeOptimiza tu canal de youtube
Optimiza tu canal de youtube
 
Final Year Project (Tesi)_GFRP_Francesco Di Paolo
Final Year Project (Tesi)_GFRP_Francesco Di PaoloFinal Year Project (Tesi)_GFRP_Francesco Di Paolo
Final Year Project (Tesi)_GFRP_Francesco Di Paolo
 
Collaboration Sites
Collaboration SitesCollaboration Sites
Collaboration Sites
 
Lesson1
Lesson1Lesson1
Lesson1
 
It’s your time to ask questions
It’s your time to ask questionsIt’s your time to ask questions
It’s your time to ask questions
 
Behavioral Dynamics from the SERP’s Perspective: What are Failed SERPs and Ho...
Behavioral Dynamics from the SERP’s Perspective: What are Failed SERPs and Ho...Behavioral Dynamics from the SERP’s Perspective: What are Failed SERPs and Ho...
Behavioral Dynamics from the SERP’s Perspective: What are Failed SERPs and Ho...
 
The Intersection of Social Media and Direct
The Intersection of Social Media and Direct The Intersection of Social Media and Direct
The Intersection of Social Media and Direct
 
Comercio exterior 1
Comercio exterior 1Comercio exterior 1
Comercio exterior 1
 
Lecture: Modeling intracellular cargo transport by several molecular motors
Lecture: Modeling intracellular cargo transport by several molecular motorsLecture: Modeling intracellular cargo transport by several molecular motors
Lecture: Modeling intracellular cargo transport by several molecular motors
 
Google Anforderungen 2016 an die lokale Suche - Patrick Hünemohr im Rahmen de...
Google Anforderungen 2016 an die lokale Suche - Patrick Hünemohr im Rahmen de...Google Anforderungen 2016 an die lokale Suche - Patrick Hünemohr im Rahmen de...
Google Anforderungen 2016 an die lokale Suche - Patrick Hünemohr im Rahmen de...
 
Parallel testing with appium
Parallel testing with appiumParallel testing with appium
Parallel testing with appium
 
Executive Resume of the Food Sector Business Profile (2007)
Executive Resume of the Food Sector Business Profile (2007)Executive Resume of the Food Sector Business Profile (2007)
Executive Resume of the Food Sector Business Profile (2007)
 
Content Marketing
Content MarketingContent Marketing
Content Marketing
 
Docker - A high level introduction to dockers and containers
Docker - A high level introduction to dockers and containersDocker - A high level introduction to dockers and containers
Docker - A high level introduction to dockers and containers
 
Booz Allen Hamilton's 100-Year Timeline
Booz Allen Hamilton's 100-Year TimelineBooz Allen Hamilton's 100-Year Timeline
Booz Allen Hamilton's 100-Year Timeline
 
3-D Program Management
3-D Program Management3-D Program Management
3-D Program Management
 
Improving Intelligence Analysis Through Cloud Analytics
Improving Intelligence Analysis Through Cloud AnalyticsImproving Intelligence Analysis Through Cloud Analytics
Improving Intelligence Analysis Through Cloud Analytics
 
When Disaster Strikes
When Disaster StrikesWhen Disaster Strikes
When Disaster Strikes
 

Similar a Building the Next Generation ISAC-- A Blueprint for Success

Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseGary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
EnergySec
 
Cyios corporation
Cyios corporationCyios corporation
Cyios corporation
raja1233
 
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Doeren Mayhew
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk Management
Daren Dunkel
 
MCGlobalTech Commercial Cybersecurity Capability Statement
MCGlobalTech Commercial Cybersecurity Capability StatementMCGlobalTech Commercial Cybersecurity Capability Statement
MCGlobalTech Commercial Cybersecurity Capability Statement
William McBorrough
 
The Emerging IT Landscape and the IT GRC and Security Professional
The Emerging IT Landscape and the IT GRC and Security Professional The Emerging IT Landscape and the IT GRC and Security Professional
The Emerging IT Landscape and the IT GRC and Security Professional
Tokunbo Taiwo
 

Similar a Building the Next Generation ISAC-- A Blueprint for Success (20)

The 10 most influential leaders in security, 2021
The 10 most influential leaders in security, 2021The 10 most influential leaders in security, 2021
The 10 most influential leaders in security, 2021
 
CyberM3 Business Enablement: Cybersecurity That Empowers Your Business with C...
CyberM3 Business Enablement: Cybersecurity That Empowers Your Business with C...CyberM3 Business Enablement: Cybersecurity That Empowers Your Business with C...
CyberM3 Business Enablement: Cybersecurity That Empowers Your Business with C...
 
Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7
 
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseGary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
 
The Connected Vehicle Movement
The Connected Vehicle MovementThe Connected Vehicle Movement
The Connected Vehicle Movement
 
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
 
Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016
Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016
Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016
 
Cyios corporation
Cyios corporationCyios corporation
Cyios corporation
 
Lead Through Disruption Guide PDF
Lead Through Disruption Guide PDFLead Through Disruption Guide PDF
Lead Through Disruption Guide PDF
 
Cleared Job Fair Job Seeker Handbook June 5, 2014, Tysons Corner, VA
Cleared Job Fair Job Seeker Handbook June 5, 2014, Tysons Corner, VACleared Job Fair Job Seeker Handbook June 5, 2014, Tysons Corner, VA
Cleared Job Fair Job Seeker Handbook June 5, 2014, Tysons Corner, VA
 
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
 
The 10 Best Cyber Leaders Igniting the Future of Security with Innovation.pdf
The 10 Best Cyber Leaders Igniting the Future of Security with Innovation.pdfThe 10 Best Cyber Leaders Igniting the Future of Security with Innovation.pdf
The 10 Best Cyber Leaders Igniting the Future of Security with Innovation.pdf
 
Business Leaders as Catalysts for Change
Business Leaders as Catalysts for ChangeBusiness Leaders as Catalysts for Change
Business Leaders as Catalysts for Change
 
BlueVoyant: 7 Experts Share Key Questions To Ask When Evaluating Providers
BlueVoyant: 7 Experts Share Key Questions To Ask When Evaluating ProvidersBlueVoyant: 7 Experts Share Key Questions To Ask When Evaluating Providers
BlueVoyant: 7 Experts Share Key Questions To Ask When Evaluating Providers
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk Management
 
Brochure - Jan 14
Brochure - Jan 14Brochure - Jan 14
Brochure - Jan 14
 
NUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital ageNUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital age
 
MCGlobalTech Commercial Cybersecurity Capability Statement
MCGlobalTech Commercial Cybersecurity Capability StatementMCGlobalTech Commercial Cybersecurity Capability Statement
MCGlobalTech Commercial Cybersecurity Capability Statement
 
8 Experts on Flawless App Delivery
8 Experts on Flawless App Delivery8 Experts on Flawless App Delivery
8 Experts on Flawless App Delivery
 
The Emerging IT Landscape and the IT GRC and Security Professional
The Emerging IT Landscape and the IT GRC and Security Professional The Emerging IT Landscape and the IT GRC and Security Professional
The Emerging IT Landscape and the IT GRC and Security Professional
 

Más de Booz Allen Hamilton

You Can Hack That: How to Use Hackathons to Solve Your Toughest Challenges
You Can Hack That: How to Use Hackathons to Solve Your Toughest ChallengesYou Can Hack That: How to Use Hackathons to Solve Your Toughest Challenges
You Can Hack That: How to Use Hackathons to Solve Your Toughest Challenges
Booz Allen Hamilton
 

Más de Booz Allen Hamilton (20)

You Can Hack That: How to Use Hackathons to Solve Your Toughest Challenges
You Can Hack That: How to Use Hackathons to Solve Your Toughest ChallengesYou Can Hack That: How to Use Hackathons to Solve Your Toughest Challenges
You Can Hack That: How to Use Hackathons to Solve Your Toughest Challenges
 
Examining Flexibility in the Workplace for Working Moms
Examining Flexibility in the Workplace for Working MomsExamining Flexibility in the Workplace for Working Moms
Examining Flexibility in the Workplace for Working Moms
 
The True Cost of Childcare
The True Cost of ChildcareThe True Cost of Childcare
The True Cost of Childcare
 
Booz Allen's 10 Cyber Priorities for Boards of Directors
Booz Allen's 10 Cyber Priorities for Boards of DirectorsBooz Allen's 10 Cyber Priorities for Boards of Directors
Booz Allen's 10 Cyber Priorities for Boards of Directors
 
Inaugural Addresses
Inaugural AddressesInaugural Addresses
Inaugural Addresses
 
Military Spouse Career Roadmap
Military Spouse Career Roadmap Military Spouse Career Roadmap
Military Spouse Career Roadmap
 
Homeland Threats: Today and Tomorrow
Homeland Threats: Today and TomorrowHomeland Threats: Today and Tomorrow
Homeland Threats: Today and Tomorrow
 
Preparing for New Healthcare Payment Models
Preparing for New Healthcare Payment ModelsPreparing for New Healthcare Payment Models
Preparing for New Healthcare Payment Models
 
The Product Owner’s Universe: Agile Coaching
The Product Owner’s Universe: Agile CoachingThe Product Owner’s Universe: Agile Coaching
The Product Owner’s Universe: Agile Coaching
 
Immersive Learning: The Future of Training is Here
Immersive Learning: The Future of Training is HereImmersive Learning: The Future of Training is Here
Immersive Learning: The Future of Training is Here
 
Nuclear Promise: Reducing Cost While Improving Performance
Nuclear Promise: Reducing Cost While Improving PerformanceNuclear Promise: Reducing Cost While Improving Performance
Nuclear Promise: Reducing Cost While Improving Performance
 
Frenemies – When Unlikely Partners Join Forces
Frenemies – When Unlikely Partners Join ForcesFrenemies – When Unlikely Partners Join Forces
Frenemies – When Unlikely Partners Join Forces
 
Booz Allen Secure Agile Development
Booz Allen Secure Agile DevelopmentBooz Allen Secure Agile Development
Booz Allen Secure Agile Development
 
Booz Allen Hamilton and Market Connections: C4ISR Survey Report
Booz Allen Hamilton and Market Connections: C4ISR Survey ReportBooz Allen Hamilton and Market Connections: C4ISR Survey Report
Booz Allen Hamilton and Market Connections: C4ISR Survey Report
 
CITRIX IN AMAZON WEB SERVICES
CITRIX IN AMAZON WEB SERVICESCITRIX IN AMAZON WEB SERVICES
CITRIX IN AMAZON WEB SERVICES
 
Modern C4ISR Integrates, Innovates and Secures Military Networks
Modern C4ISR Integrates, Innovates and Secures Military NetworksModern C4ISR Integrates, Innovates and Secures Military Networks
Modern C4ISR Integrates, Innovates and Secures Military Networks
 
Agile and Open C4ISR Systems - Helping the Military Integrate, Innovate and S...
Agile and Open C4ISR Systems - Helping the Military Integrate, Innovate and S...Agile and Open C4ISR Systems - Helping the Military Integrate, Innovate and S...
Agile and Open C4ISR Systems - Helping the Military Integrate, Innovate and S...
 
Women On The Leading Edge
Women On The Leading Edge Women On The Leading Edge
Women On The Leading Edge
 
Booz Allen Field Guide to Data Science
Booz Allen Field Guide to Data Science Booz Allen Field Guide to Data Science
Booz Allen Field Guide to Data Science
 
Convergence and Disruption in Manufacturing
Convergence and Disruption in ManufacturingConvergence and Disruption in Manufacturing
Convergence and Disruption in Manufacturing
 

Último

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 

Último (20)

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 

Building the Next Generation ISAC-- A Blueprint for Success

  • 1. www.boozallen.com Booz Allen Hamilton is a leading provider of management consulting, technology, and engineering services to the US government in defense, intelligence, and civil markets, and to major corporations, institutions, and not-for-profit organizations. Booz Allen is headquartered in McLean, Virginia, employs approximately 23,000 people, and had revenue of $5.76 billion for the 12 months ended March 31, 2013. In 2014, Booz Allen celebrates its 100th anniversary year. To learn more, visit www.boozallen.com. (NYSE: BAH) About Booz Allen Hamilton Building the Next Generation ISAC—A Blueprint for Success Information Sharing as a Critical Asset Cyber-attacks have leveled the playing field for today’s businesses, encouraging industries to collaborate and share cybersecurity information. As threats evolve, companies rely on their peers and competitors to better understand common challenges presented in the evolving threat environment and to learn how they can work together to remediate and protect their critical infrastructure. To be more effective at both the business and industry level, Information Sharing and Analysis Centers (ISAC) have become key players in strengthening an industry’s resistance to and resilience after cyber-attacks. ISACs provide a trusted environment for members to share information during both steady-state and crisis operations and to decrease overall cybersecurity risk. At Booz Allen Hamilton, a leading strategy and technology consulting firm, our experience working on the most sophisticated national security threats has given us superior visibility into the landscape of emerging cyber challenges within both the government and commercial industry sectors. We work to fully understand your unique cybersecurity challenges and tailor solutions so that you can act decisively. Building an ISAC requires the acumen and knowledge in understanding a complex threat environment and the expertise in how to share critical information and navigate collaboration with both industry partners and government entities. Given our experience and record of success, we can apply a unique approach to building and growing ISACs across various critical infrastructures. Booz Allen’s ISAC Organizational Blueprint Experience shows us that there are foundational building blocks necessary to create successful information sharing and analysis organizations. Whether yours is a new ISAC or an existing ISAC looking to mature, the five key building blocks—Governance, Policy, Technology, For more information, contact Jim Koenig Principal koenig_james@bah.com 267-330-7822 Scott Walters Senior Associate walters_scott@bah.com 917-305-8011 Susan Maly Lead Associate maly_susan@bah.com 703-377-6448
  • 2. Culture, and Economics—ensure the solid foundation required for successful implementation. We ask questions such as: • Policy: Who is eligible for membership? • Governance: How will the ISAC be governed and does it have a strong leader with the right industry and functional cybersecurity skills to oversee day-to-day operations? • Technology: What mechanisms exist to manage identities, authorize and authenticate users, and ensure confidentiality? • Culture: Has the ISAC created a trusted environment where members feel comfortable sharing information? • Economics: How will the ISAC be funded and measure success? We have seen these building blocks emerge via a five-phase process that engages key industry partners from inception to maturity. As ISACs mature, Booz Allen can provide support across three focus areas: management, operations, and infrastructure. Booz Allen recognizes the importance of an ISAC to: • Create a trusted environment to quickly detect or respond to threats before they affect your enterprise • Learn from others to decrease your overall risk, increase safety, and avoid revenue loss • Protect your reputation and serve as an industry leader out in front of attackers • Access pertinent information to avoid data overload and make timely decisions Client Success Stories • Startup Project Management: Booz Allen partnered with the oil and natural gas subsector to create an ISAC to strengthen the industry. • Cyber Threat Sharing: Booz Allen supported the Defense Information Systems Agency and DoD Chief Information Officer in the development, accreditation, and sustainment of the Defense Industrial Base Network Portal environment (DIBNet) to allow DIB companies and the U.S. Government to exchange cyber threat and incident information. • Enhancement Through Wargaming: Booz Allen joined forces with the financial services industry to conduct simulations and evaluate industry response to cybersecurity risks and incidents. ISAC FOCUS AREAS BOOZ ALLEN SUPPORT MANAGEMENT OPERATIONS INFRASTRUCTURE • Advisory services • Conference and webinar support • Member management • Cybersecurity roadmaps • Project management • ISAC start-up support • Staffing support • Subject matter expertise • Threat intelligence • Forensics & malware analysis • Simulations and exercises • Industry benchmarking • Vendor benchmarking • Onsite incident response and recovery support • Strategic communications • Development of secure web portals • Incident response plans and playbooks • System/firewall support • Intrusion detection and prevention • Industry best practices PHASE I Engage Partners PHASE II Mobilize ISAC Planning Team PHASE III Develop Concept of Operations PHASE IV Incorporate and Implement Operations PHASE V Mature the Organization 03.072.14