Keith Filzen - The Security Network
Download
Report
Transcript Keith Filzen - The Security Network
©
CUBIC
CYBERSOLUTIONS
Cubic Corporation
Who We Are
Founded in 1951 in San Diego, Calif.
Public since 1959 – NYSE: CUB
Employs more than 7,400 people
worldwide
$1.0+ billion annual revenue (FY 2009)
$2.2 billion total backlog (FY End 2009)
Business Segments:
Defense
Transportation
Global Presence
Systems and services provided
to more than 50 nations/territories
Cyber Competencies
Full Spectrum Information Assurance
• Compliance, Risk Management, SATE (Security Awareness, Training, and Education), Cryptography & Key Management,
Network Security, Vulnerability Assessment, Organization Security Programs (Governance, Policy, Strategy), Continuity Of
Operations, Data Lifecycle Management/Data Loss Prevention
Life Cycle System Security Engineering
• System Security Architecture, Design, Engineering, Development, Integration, Disposition, with emphasis on Cross Domain
Technologies
Advanced Analytics & Forensics
• Network & Disk Forensics, Network, Host, Application Analytics, Security Metrics, Data & Intelligence Analysis, Open Source
Intelligence, Malware Research
Controlled Interfaces
• XD products are hardware/software-based cyber product necessary for Accredited Cross-Domain LOW2HIGH™ and HIGH2LOW™ solutions. Next
generation will have 40GB throughput speeds.
Platform Integrity
• Secure software development, Software assurance (kernal, compiler, hypervisor), Software Quality, Accredited Testing &
Evaluation Labs, Hardware Encapsulation & Acceleration, Microcode/Microprocessor assurance, Virtualization
Cross-Domain Solutions
• Common Cross-Domain Framework (CCDF) that can span all security domains while providing network transparency to the user(s) and applications at
various security and caveat levels. Solution takes current best-of-breed, commercially available technologies and applies them to solving traditional cross
domain collaboration challenges by implementing technology that is intermediary and provides the foundation for merging legacy applications. Leverages
world class products like XD2500 and XD1000
Logical and Physical Access Control
• Access Control Systems to include installation, and management. Hybrid logical and physical access control integration.
Identity management solutions.
Cubic Proprietary
4
Data Integrity
Which is worse (you don’t know what you
don’t know)
External Threats
Internal Threats
Where do you spend you security budget
Hard outer shell
Gooey Inside
Data
What type, how critical is it (CIA Triangle)
IP, Short term, Long Term, …
How much money and resources do you
want to apply
Do you have a key management strategy
Need-to-Know
Role based access – Do your administrators
have the ability to grant but not access data
Structured and Unstructured
Databases, Files, Audi, Video
Data in the Enterprise
Do you have a key management strategy
What Real Estate do you own, lease, outsource
Cloud
Backups
Ever thought about Key management
What about Meta Data
HSM
Global Name Spaces
Are we really just talking Need-to-Know
Can I recover it
Things can get ridiculous
Integrity - Transit
What real estate do you own
Point to point Ipsec
Harder, easily detected, $$$
SSL
Universal access
Can I recover it
Who do I trust, and is it different based
upon where I am and what events are
happening
What We do – Trust Boundary
Common Cross Domain Framework
Provides the front end access in / out
Location and Identity based access
Internal vs. External
Inbound vs. Outbound
Differing security connections based up who, what, when,
where
Obscurity
Virtualization separation from the client
XD Cross Domain Products
One-Way Transfer Guards
Fips Connections
Virus, Malware, and content filtering
One-Way proxy for data, application and streaming content
Publishing / Subscribing concept, allowing flow vcontrol on
need-to-know information
Keith Filzen, CTO
[email protected]
703-821-1518