Cyber bdm

Cybersecurity: Trust, Visibility, Resilience

With Pervasive Connectivity

What is at stake?

Cybersecurity Threats

Manipulation Espionage Disruption

Pentagon Report

“financial terrorism (in 2008) may have cost the global economy as much as $50 trillion.”

Popular Mechanic

“Currently on Chinese military drawing boards are plans for combat aircraft, the Chengdu J-10 and Xian JH-7A fighter jets; a combat helicopter, the Z-10; advanced warships; and even space-based weapons designed to knock out communications satellites. U.S. observers fear that much of this will be made possible by espionage.”

How? Advanced Malware: Stuxnet

Target: Iranian Nuclear Reactors

Impact: 2-5 Year Delay

Exploit: Siemens PLC Software

Origin: Unknown

The Challenges of Cybersecurity are the Same

Trust, Visibility, Resilience

Regardless of the Mission

Federal Cybersecurity Challenges

Operational Management

Business Resiliency

Data Capacity

Supply Chain

Data Loss

Federal Cybersecurity

What is Cisco’s Role?

Why Cisco? Everything is on the Network

“No single company can solve the complex challenge presented

by the Internet, but the inherent role

of the network positions Cisco as the

natural partner in developing and

executing a successful cybersecurity strategy”

Cisco’s Approach to Cybersecurity

Trust

Visibi

lityResilience

Identify and Manage

Respond and Recover

Prevent and Detect

Who and What?What is on my Network?Who is on my Network? What can they access?

Continuous MonitoringData ExfiltrationBoundary DefenseMalware and APT DefenseSituational Awareness

Identity and AccessSecure Mobility Wireless IntegrityConfiguration AssurancePhysical SecurityAudit and Compliance

COOPIncident HandlingAvailabilityService Level Assurance

Trust Visibility Resilience

Cisco Cyber Solutions

What and Where?What threats are present? Where are they? How do we take action?

How?How do we avoid disruption?How can we mitigate risk?How do we get back to trust?

The Collective Application of Cisco

TVR Solutions Create a Layered Cyber Defense

PartnershipPrivate SectorPublic Sector

Regulatory Alignment

Private/Public Partnerships Cybersecurity Innovation

Thought leadership

Manufacturing Integrity

Education

Investment

The Cybersecurity JourneyThe Journey Ahead

Backup Slides

Systems Integrators

SIEM Partners

ImplementationPartners

Technology Partners

Building solutions with best of breed ISVs & Technology Partners

Cybersecurity Partner Ecosystem:

• IRAD projects to address customer requirements• Integrate component parts in proof-of-concept environments to foster learning and innovation

• Ecosystem partners to meet diverse customer security incident and event management requirements• Cisco validated design and deployment methodologies

• Cybersecurity focus partners to ensure consistent delivery of Cisco and partner systems• Agile custom solution development

• Complimentary technology partners to complete Cybersecurity solution offerings• Best of bread market proven technologies

Federal Cybersecurity Priorities

Situational Awareness

Real-timeContinuous Monitoring

Application Security

Identity Mgmt.

Secure Supply Chain

Education and Training

Vulnerability Analysis/IDS

Continuous Monitoring

Application Security

Vulnerability Analysis/IDS

Limited Access Points

SecurityProducts

Embedded Security Capabilities Cross

Architecture

Visibility Tools

ServicesTrusted HW/SW

Why Cisco?

Cisco’s Pervasive FootprintThe Network is the SensorPublic/Private PartnershipsEducationCertificationsIncident ResponseSupply Chain Management

•Contingency Planning•System & CommunicationProtection•Incident Monitoring•Physical & Environmental

Data Center/Virtualization

Collaboration

• Performance Routing• NSF/SSO• EnergyWise• Policy Based Routing

• Cisco Works LMS 4.0• Cisco Configuration Engine• Cisco TrustSec (Identity)• Cisco AnyConnect Client• Cisco VPN Services• Cisco Mobility Engine & Wireless Solution• Cisco Unified Border Element• ASA Firewall• IOS Firewall

• Security Intelligence Operations• IPS 4200 Series• Clean Air Technology• NBAR• IOS Intrusion Prevention• IOS NetFlow• Service Control Engine• ASA BotNet Filter

TRUST

VISIBILITY

RESILIENCE

•Access Control•Audit & Accountability•Configuration Management•Identification & •AuthenticationMaintenance•System & CommunicationProtection

•Security Assessment &Authorization•System & CommunicationProtection•System & Information Integrity•Incident Monitoring

NIS

T 80

0-53

NIS

T 80

0-53

NIS

T 80

0-53

Critical Control Family



Identity and AccessSecure Mobility Wireless IntegrityAudit and Compliance Configuration AssurancePhysical Security

Continuous MonitoringData ExfiltrationBoundary DefenseMalware DefenseSituational Awareness


SOLUTIONS ARCHITECTURESSTRATEGY

Borderless Networks

TVR-Trust Use Case

Problem #1: Customers don’t know what is on their network

Solution: Cisco Trustsec (802.1X, Profiling)

Problem #2: DoD Networks/resources are being shared amongst each other and coalition forces

Solution: Cisco Trustsec (Security Group Tags)

Problem #3: DoD is subject to multi level security

Solution: Cisco Trustsec (Security Group Tags, 802.1AE)

Problem #4: DoD is turning up wireless

Solution: Cisco Secure Wireless (Clean Air, Suite B, etc)

TVR-Visibility Use Case

Problem #1: Customers want a common operating picture

Solution: SIEM Ecosystem, Various IOS Features, CSM, (COSMOS future)

Problem #2: Customers need to stop Data Leakage

Solution: Trustsec, Ironport DLP, FW

Problem #3: Customers need actionable intelligence

Solution: AIPS 4200, IronPort (ESA/WSA), SCE, IOS Security Services (Firewall, ISRG2, Content Filtering)

TVR-Resilience Use Case

Problem #1: Customers need to prevent disruption to service

Solution: SCE (e.g. DPI) IOS Technologies (Control Plane Policing –CoPP, QOS, IP-SLA, NBAR,syslog, Ecosystem (e.g. Arbor Networks) Continuity of Operations (DC-Vblock, Webex/Tandberg, CVO-HR1722

Problem #2: Customers need to mitigate damage from attack

Solution: IronPort ESA/WSA, Cloud Security / Scan Safe, Cisco Firewall Solutions (e.g. DPI), IPS, Netflow

Problem #3: If attacked, customers need Incident response capabilities

Solution: Cisco FISMA Response Solution, Cisco Security Optimization ServiceSIM Ecosystem (NBAR,Syslog, Netflow, QOS, IPS, Network Telemetry)

“No single company can solve the complex challenge presented by the Internet, but the inherent role of the

network positions Cisco as the natural partner in developing and

executing a successful cyber security strategy”

Cyber bdm

Technology

Transcript of Cyber bdm