8. • Hopefully, most of you can relate to several of these
scenarios
• If you have not experienced anything, at least some
of you are lying, misinformed, or new
• If you aren't worried about attacks, why are you here?
Cyber-Attacks!
9. • Incidents will happen
• Systems will be compromised
• Applications need to both work and be secure
• People will break things
• You will need to be an expert on something
you've never seen before
Truths
12. • Nothing beats practical experience
• How do you get practical
experience?
• Production systems
• Personal equipment
• Labs
• Simulated production systems
Practical
13. • Hands on, practical experience
• Simulated Production systems
• Types
• Defense
• Attack
• Attack/Defend
Competitive Security Events
15. • National Collegiate Cyber Security Competition
• Focuses on both business and technical aspects
Collegiate Cyber Defense
Competition (CCDC)
16. • Pre-qualifying (state) events
• Regional events
• Growing every year
• Winner goes to national competition
• National Competition
• San Antonio, Texas
• Top 9 teams in the nation
Competition Structure
17. • Competing teams have just been
hired as the IT staff for a company
• Everyone was fired
• Teams must secure their network,
while completing a multitude of
business tasks (injects)
• Red team = bad guys
Competition Premise
18. •DNS
•Mail (SMTP and POP)
•Web
•Secure Web (ecommerce)
•FTP
•Database
•SSH
•VoIP
What types of applications?
19. • Cisco IOS (Router, Switch, ASA)
• Windows
• Linux
• MacOS
• Printers
• VoIP Phones
• Wireless
What types of systems?
20. • Investigate a database breach
• Deploy McAfee security software
• Upgrade clients to Windows 7
• Provide a list of top attacking IPs
• Install and configure Splunk
Potential Injects - Technical
21. • Block social networking websites
• Develop an IT policy
• Create user accounts
• Recover lost e-mail
• Create a job description for HR
Potential Injects - Business
22. • Unplug everything, secure it, and bring it back online
• Services are not available
• Customers are not happy
• Mitigate security issues while keeping services alive
• The red team is everywhere
• Run away, crying
Potential Strategies – Day One
23. • Number of issues/systems/tasks greater than available
manpower
• Unexpected difficulties/limitations/business rules and
policies
• Uptime & SLA requirements
Challenges
Matrix reference - "load me up the helicopter program"
Based on Career Impact Survey of more than 2250 information security professionals conducted by (ISC)², the administrators of the CISSP certification.