Sushil Jajodia BDM International Professor of Information Technology, and Director
Center for Secure Information Systems
George Mason University
Maintaining level of operational effectiveness of a CSOC under adverse conditions
In a cybersecurity operations center (CSOC), under normal operating conditions in a day, sufficient numbers of analysts are available to analyze the amount of alert workload generated by intrusion detection systems (IDSs). This means that the cybersecurity analysts can fully investigate each and every alert that is generated by the IDSs in a reasonable amount of time. However, there are a number of disruptive factors that can adversely impact the normal operating conditions such as 1) higher alert generation rates from a few IDSs, 2) new alert patterns that decreases the throughput of the alert analysis process, and 3) analyst absenteeism. The impact of all the above factors is that the alerts wait for a long duration before being analyzed, which impacts the readiness of the CSOC. It is imperative that the readiness of the CSOC be quantified. In my talk, I will describe how this can be quantified, monitored by knowing the exact deviation of the CSOC conditions from normal, and how long it takes for the condition to return to normal.
Joint work with Rajesh Ganesan, Ankit Shah, and Hasan Cam
December 18, 2017 13:45 - 14:45
Stefano Zatti Head of ESA Security Office European Space Agency
The protection of space mission: threats and cyberthreats
Space-based systems play an important role in our daily life and business. The trend is likely to rely on the use of space based systems in a growing number of services or applications that can be either safety-of-life critical or business and mission critical. The security measures implemented in space-based systems may turn out to be insufficient to guarantee the information assurance properties, in particular confidentiality (if required by the data policy), availability and integrity of these services/applications. The various and possible cyber- attacks on space segments, ground stations and its control segments are meanwhile well known and experienced in many cases. This talk will first introduce ESA and its constituency, then address the security specific aspects of its space missions. Threats specific to them from the cyberspace will be introduced, and the possible countermeasures briefly addressed. Based on the different types of space missions, different protection profiles to be implemented will also be discussed.
December 20, 2017 09:30 – 10:30
Gulshan Rai National Cybersecurity Coordinator
Govt of India
Cyber Space: Dimensions and Limitations
December 19, 2017 09:30 – 10:30
Luigi V Mancini Full Professor
University of Rome - La Sapienza
New trends in cyber malware
This talk questions whether there is a new generation of cyber malware whose sophistication is evolving at an alarming rate. This and other related issues will also be illustrated with the help of the description of the characteristics and evolutionary lines of recent large-scale malware attacks (e.g.: Wannacry, Petya, NotPetya and BadRabbit). Is the future of the cyber landscape darker? In coming years, what could be the targets most at risk of these attacks in the light of their recent evolutionary trend?