5 October 2015

Computer network defence

http://www.nato.int/cps/en/natolive/news_109346.htm

NATO is advancing its efforts to both confront and address the wide range of cyber threats faced by Allies each day and this includes engaging industry, academia and public institutions in these efforts.

“Cyber security incidents are increasing in both scope and scale every day. Our defensive mechanisms have been outpaced by the scope and scale of malicious cyber activities and, as a result, this issue now sits as one of the most important emerging security challenges facing our countries today”, says Melissa Hathaway, Council of Experts, Global Cyber Security Centre (GCSEC), Rome, Italy.

She was speaking at a ‘Book Talk’ event held at NATO HQ on 10 February 2014, which discussed the conclusions drawn from a workshop that focused on exploring common interest issues for improving Allied and partner cyber defence practices.

The workshop, held end 2013, was supported by the NATO Science for Peace and Security (SPS) Programme and addressed cyber defence and NATO’s cyber defence policy implementation. It brought together a multi-disciplinary team of experts from 16 countries and three international institutions to share experience, knowledge and opinions. Together they generated 21 specific findings and 12 papers to help improve the cyber defence posture of NATO member countries and their partners.

The papers formed the basis of a book that was published as part of the NATO Science Series. The editor and co-directors of the project were invited to brief the relevant committee responsible for cyber defence at NATO on the findings of the workshop, and the publication was launched at this ‘Book Talk’ event.

The NATO Country Project Director and editor of the publication, Melissa Hathaway, said, “This demands that they collectively take action to reduce vulnerabilities of organisations’ information systems, assets, infrastructures and people. Accordingly, organisations are shifting their security approach toward monitoring ingress and egress routes, cataloguing the tactics, techniques, and procedures of adversary activity to better understand impacts and manage risk. Equally important, they are investing in advanced counter-measures to strengthen security postures and become more resistant to cyber threats. In the future, they will need to focus initiatives toward the protection, resilience, recovery, and restoration of services that transcend national boundaries, like electric power, navigation, and telecommunications. After all, defence does not stop at the corporate enterprise or sovereign border.”

The chapters of the publication ‘Best Practices in Computer Network Defense: Incident Detection and Response’ are available at each of the authors institutions as follows:

Chapter 1: Advanced Research Workshop Findings

Author: Melissa Hathaway, Council of Experts, Global Cyber Security Centre (GCSEC)

Link: http://belfercenter.ksg.harvard.edu/files/hathaway-findings-chapter.pdf

Chapter 2: Computer Network Defense: New Threats and Trends

Authors: Andrea Rigoni and Gustav Lindstrom, Geneva Centre for Security Policy (GSCP)

Link: http://www.gcsp.ch/Media/Files/Computer-Network-Defense-New-Threats-and-Trends

Chapter 3: Advanced Technologies/Tactics Techniques, Procedures: Closing the Attack Window, and Thresholds for Reporting and Containment

Author: John Stewart, Cisco Systems and Council of Experts, Global Cyber Security Center (GCSEC)

Link: http://www.cisco.com/web/about/security/intelligence/JNS_TTPs.pdf

Chapter 4: Beyond Perimeter Defense: Defense-in-Depth Leveraging Upstream Security

Author: Dave McMahon, The SecDev Group

Link: https://www.secdev.com/featured-publications#

Chapter 5: Back to Basics: Beyond Network Hygiene

Authors: Felix ‘FX’ Lindner (Recurity Labs GmbH, Germany) & Sandro Gaycken (Freie University of Berlin, Germany)

Link: http://recurity-labs.com/content/pub/Lindner_Gaycken-Back-to-Basics.pdf

Chapter 6: Aligning National Cyber Security Strategies to International Guidance: A First Step Toward Improving Incident Response Capabilities Across NATO

Author: Matt Holt, CEO, Intellium

Link: http://www.intelliumgroup.com/news/item/111-best-practices-in-computer-network-defense-cnd-incident-detection-and-response

Chapter 7: Evolution of National and Corporate CERTs – Trust, the Key Factor

Author: Olaf Kruidhof, Capgemini, The Netherlands

Link: http://www.nl.capgemini.com/sites/default/files/resource/pdf/olaf_kruidhof_-_evolution_of_national_and_corporate_certs.pdf

Chapter 8: Standards for Cyber Security

Author: Steve Purser, European Union Network and Information Security Agency (ENISA)

Link: https://www.enisa.europa.eu/publications/articles/standards-for-cyber-security

Chapter 9: A Model for Positive Change: Influencing Positive Change in Cyber Security Strategy, Human Factor, and Leadership

Author: Will Pelgrin

Link: http://www.cisecurity.org/documents/Pelgrin2014chapter.pdf
Chapter 10: Coordination and Cooperation in Cyber Network Defense: The Dutch Efforts to Prevent and Respond

Authors: Elly van den Heuvel (National Cyber Security Centre in The Hague, The Netherlands) and Gerben Klein Baltink (Dutch Cyber Security Council)

Link: https://www.ncsc.nl/english/current-topics/news/best-practices-in-computer-network-defense.html

The book is available at IOS publishers: http://ebooks.iospress.nl/volume/best-practices-in-computer-network-defense-incident-detection-and-response-2

No comments: