CDM….Where do you start? (OA Cyber Summit)

Transcript of CDM….Where do you start? (OA Cyber Summit)

Ellen Sundra, CISSP

Senior Federal Systems Engineer, ForeScout

ForeScout in Conjunction with 4K Solutions

VISIBLE NOT VISIBLE

Corporate Resources

NetworkDevices

Endpoints

Applications

Users

Antivirus out of date

Unauthorized application

Agents not installed or not running

Non-corporate

Control Access Based on Compliance

Incident ResponseCompliance Dashboard

CompleteVisibility

Enforcement Remediation

Information Sharing

Endpoint Interrogation & Authentication

Device Discovery, Profiling [HW/SW USER LOC ...]

Multi-factor, Complete,Clientless, Access Control

Continuous

Monitoring

Challenge• Asset visibility

• Access and threat dynamics

• Endpoint and infrastructure diversity

• Network authentication and control

• Dynamic threats and remediation costs

Solution• Pre-admission user/device

authentication and authorization

• Continuous endpoint diagnostics, posture assessment and mitigation

• Port-based control and broad device policy enforcement

• Infrastructure agnostic, interoperable, scalable, works with enterprise tool sets Natively or Using Existing

Enterprise Tools

OpenPlatform

MDM

SIEM

Vulnerability

Assessment

Endpoint Protection

EndpointsNetwork

Infrastructure

AdvancedThreatDetection

Identity

http://www.google.co.il/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=MPXb04L1rYfFVM&tbnid=QrFpQ1ObRHg9EM:&ved=0CAUQjRw&url=http://www.takistmr.com/index.php/cisco-switches-interface-status-codes/&ei=A78tUvKtG4batAbLz4GACQ&psig=AFQjCNGpxmU3aNJGGawZsHjDr9G0S-wqXA&ust=1378816097129287

http://www.google.co.il/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=SAjLi9ELg4DQCM&tbnid=w055HlBLWI2zlM:&ved=0CAUQjRw&url=http://www-03.ibm.com/software/lotus/symphony/gallery.nsf/atom_clipArt/D06A76F82AC365B18525759600325093&ei=kcEtUp_RF8rnswaO-oCADg&psig=AFQjCNG-jlBKGrj2r9fcudaGYrtaz7px_A&ust=1378816448150823

https://www.google.co.il/imgres?imgurl&imgrefurl=http://icongal.com/gallery/icon/20647/128/access_point_wireless_router&h=0&w=0&sz=1&tbnid=5ycK0tkkCP49LM&tbnh=225&tbnw=225&zoom=1&docid=NvmglK5AEKApjM&ei=KsMtUo6FMcrBtQaD2IHYBA&ved=0CAMQsCU

http://www.google.co.il/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=EFK1UveUhAzXmM&tbnid=OoVlDXJzkC-81M:&ved=0CAUQjRw&url=http://www.voiceonepbx.com/products/add-ons/ldap/&ei=K8QtUo6nKoXNtAa30IHYDg&psig=AFQjCNET93wHt1u4aruGZbi60PHibSh1gQ&ust=1378817415859144

http://www.google.co.il/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=9HqiFuoZ9wJKdM&tbnid=b7XycAaozpFU_M:&ved=0CAUQjRw&url=http://www.prweb.com/releases/cloud-hosting/StopTheHacker/prweb10679539.htm&ei=acctUsb7GpHCtAaZqYHoAg&psig=AFQjCNGa8kRR9PvFL2oY138EHvoAt29Bsg&ust=1378818164109336

http://www.google.co.il/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=8xLMVBG_z-jgEM&tbnid=28GrVAGL01OjTM:&ved=0CAUQjRw&url=http://www.clker.com/clipart-network-router.html&ei=RcotUozzE8XVswaHj4DICQ&psig=AFQjCNEcLQRISgbqoNp_RpcGGqoZuZiYFQ&ust=1378818522602674

http://www.google.co.il/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=mph1LTaC7Kg0nM&tbnid=4WqDBh3aQ3o9zM:&ved=0CAUQjRw&url=http://www.air-watch.com/solutions/mobile-device-management&ei=_sotUsDjL4XDtAbqhICACQ&psig=AFQjCNE6iTex7l_8R7RYeRIUrir3pAu6Hg&ust=1378819173948561

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=cldHTBHv2_j-DM&tbnid=f4hrYiSGoquTxM:&ved=0CAUQjRw&url=http://www.accelops.com/product/compliance-automation.php&ei=ZM8tUpC0NI-Vswbm-4DABA&bvm=bv.51773540,d.Yms&psig=AFQjCNHUZS06HsRzsMwCy6r2d9u2XLGmHw&ust=1378820321478161

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=eBZFW_-ZWciaHM&tbnid=a8004_n62RF-xM:&ved=0CAUQjRw&url=http://www.mricons.com/show/antivirus-icons&ei=UdQtUoO8F4jrswac6YGwCw&bvm=bv.51773540,d.Yms&psig=AFQjCNFERO4haa110pAXRy8eMHoX28NeBA&ust=1378821577107978

http://www.google.co.il/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=hQBYZ9J_S1tFQM&tbnid=OvxMbJbk9jQXQM:&ved=0CAUQjRw&url=http://www.outsystems.com/blog/2011/03/&ei=psYtUuf9NYHBtQavuICQBQ&psig=AFQjCNEGCRr9Q1hTHMDOoUZIVuzVAJ5g1g&ust=1378818056060456

Deployment Timeline

Change Control Boards can study the water and take a stair-step approach

to implementing change

Enforcement is Limited to a Small Number of Policy

Violators Level of Non- Compliance

Control Network Access at Anytime

Questions?

Thank you!

Questions?

Thank you!

CDM….Where do you start? (OA Cyber Summit)

Technology

Transcript of CDM….Where do you start? (OA Cyber Summit)

CDM 2015 - tuv-sud.co.uk · CDM 2015 Awareness Training Aid the transition between CDM 2007 and CDM 2015 TÜV SÜD PMSS will continue to support clients in

Oa presentatie oa week 2013 av

CDM: CDM-Home

Continuous Diagnostics and Mitigation (CDM) - US-CERT · Continuous Diagnostics and Mitigation (CDM) ... cyber, physical, and ... defect types and mitigation options for SWAM*:

CDM-MR-FORM Monitoring report form for CDM project ...

BOOKLET - CDM: CDM-Home

6. Airport CDM@FRA Forum 15. Oktober 2014 Airport CDM FRA ...cdm.frankfurt-airport.com/content/fraport-ag-cdm/en/misc/binaer/documents/06_forum... · 04.07.2005 · Airport CDM@FRA

PROJECT DESIGN DOCUMENT FORM (CDM PDD) - … · PROJECT DESIGN DOCUMENT FORM (CDM PDD) ... PROJECT DESIGN DOCUMENT FORM (CDM PDD) - Version 03.1. CDM ... Power Transmission …

Adopting Continuous Diagnostics and Mitigation (CDM… · Adopting Continuous Diagnostics and Mitigation (CDM) in the Health Care Industry To More Effectively Manage Cyber Security

Evaluation of CDM project proposals by CDM Executive Board

Clean Development Mechanism (CDM) - World Banksiteresources.worldbank.org/INTCARFINASS/Resources/... · Clean Development Mechanism (CDM) Overview, ... CDM Executive Board (EB) ...

Modernizing Cyber Defense: Embracing CDM · Modernizing Cyber Defense: Embracing CDM Okta Inc. 301 Brannan Street, Suite 300 San Francisco, CA 94107 info@okta.com 1-888-722-7871

Federal Cyber Uncertainty - KVM XYZ · Federal Cyber Uncertainty - KVM XYZ Federal agency CISOs are already focusing hard on CDM, FISMA, HSPD 12, and TIC – but it’s time to throw

Seminario de Implementación de A-CDM / A-CDM ... · Seminario de Implementación de A-CDM / A-CDM Implementation Seminar Lima, Peru, 25 – 28 August 2015 A-CDM Basic Principles

PROJECT DESIGN DOCUMENT FORM (CDM PDD) - Version 03 CDM

Mini300 CDM-TD70W/150W/CDM-T250W

Utilizing cyber intelligence to combat cyber adversaries (OA Cyber Summit)

Products and Quotients: 3.OA.1, 3.OA .2, 3.OA .4, 3.OA .6 ... · Multiplication and Division: 3.OA.3-1, 3.OA.3-2, 3.OA.3-3, 3.OA.3-4 Uses multiplication and division within 100 to

UNESCO Open StrategyOA Training curriculum OA Self‐Directed learning content OA Impact analysis tool OA Convention GOAP OA Community NOASIR OA Chairs OA Trend report OUTPUTS OUTPUTS

Overview of the CDM and the CDM project Cycle