Session Seven: Panel: Alternative Futures for Cyber and Space - David White

1. Managing the Right Risks
David White, PhD
Senior Manager
Sandia National Laboratories
November 16, 2011
Sandia is a multiprogram laboratory
operated by Sandia Corporation, a
Lockheed Martin Company, for the United
States Department of Energy’s National
Nuclear Security Administration under
contract DE-AC04-94AL85000.
2011-8664 C

2. Full Spectrum Cyber Defense Requires
Understanding the Adversary
Defender must be successful everywhere, continuously, and frequently in the open
Satellite SCADA Weapons Network C2 Logistics Switches
Targets – Microelectronics and Software Elements
SIPRNET Defenses:
Common
Firewall
Reality of Perception Spyware
CND of Virus
CND IDS
Cyber
Full Spectrum of Offensive Methods
Cover
Entry Human Sigint ClanTech Cyber Special Liaison Deception Company
Adversary Determines time, place, combination of methods, and operates in secret
Source: J. Gosler – Vaults, Mirrors, Masks: Rediscovering U.S. Counterintelligence

3. Are we driving the right behavior?
*http://xkcd.co
m/936

4. Compliance
Machine
Generated
Two Factor Passwords Supply
Spear Authentication
Chain
Phishing
Attacks
“Pass the
hash”