Download as PDF, PPTX
Uploaded byEnergySec
How to Build Your Own Cyber Security Framework using a Balanced Scorecard
The document discusses building a cybersecurity framework using a balanced scorecard, emphasizing the importance of 'cyber security performance' as systematic improvements in an organization's ability to handle dynamic threats. It outlines dimensions such as effective threat intelligence, quality of protections, and agile learning, all crucial for enhancing cybersecurity capabilities. The emphasis is on continuous improvement and accountability to ensure resilience in an ever-evolving cyber landscape.
More Related Content
Similar to How to Build Your Own Cyber Security Framework using a Balanced Scorecard
![[cb22] Keynote: Underwhelmed: Making Sense of the Overwhelming Challenge of C...](https://cdn.slidesharecdn.com/ss_thumbnails/cb22keynoteunderwhelmedmakingsenseoftheoverwhelmingchallengeofcybersecurity-230101083039-ff0c756e-thumbnail.jpg?width=640&height=640&fit=bounds)
![Governance, Deployment & Methodologies for Agentic Automation [2/3]](https://cdn.slidesharecdn.com/ss_thumbnails/agenticcommunityseries-day2-251112135038-a386476d-thumbnail.jpg?width=640&height=640&fit=bounds)
How to Build Your Own Cyber Security Framework using a Balanced Scorecard
- 1. How to BuildYour Own Cyber Security Framework using a Balanced Scorecard" Russell Cameron Thomas! EnergySec 9th Annual Security Summit! September 18, 2013! Twitter: @MrMeritology! Blog: Exploring Possibility Space!
- 2. Who here lovesframeworks?!
- 3. Who here lovesframeworks?! NIST Cyber Security Framework?! Other?!
- 4. Frameworks can matter(a lot)
- 5. Frameworks can matter(a lot) if they are instrumental in driving new levels of Cyber Security Performance
- 6. What the hellis “Cyber Security Performance”?!
- 7.
- 8. Yes, “Cyber”! Confluence of…! • Information Security! • Privacy! • IP Protection! • Critical Infrastructure Protection & Resilience! • Digital Rights! • Homeland & National Security! • Digital Civil Liberties!
- 9. What the hellis “Cyber Security Performance”?!
- 10. “Cyber security performance”is… " … systematic improvements in an organization's dynamic posture and capabilities relative to its rapidly-changing and uncertain adversarial environment.”!
- 11. “Cyber security performance”is… " …Management By Objectives! (Drucker)!
- 12. “Cyber security performance”is… " …Management By Objectives! …Performance Mgt, incentives!
- 13. “Cyber security performance”is… " …Management By Objectives! …Performance Mgt, incentives! …Staffing, training, organizing!
- 14. “Cyber security performance”is… " …Management By Objectives! …Performance Mgt, incentives! …Staffing, training, organizing! …Organization learning, agility!
- 15. “Cyber security performance”is… " …Management By Objectives! …Performance Mgt, incentives! …Staffing, training, organizing! …Organization learning, agility! … and good practices!
- 16.
- 17. Using the UniversalLanguage of Executives….
- 18. Using the UniversalLanguage of Executives….
- 20.
- 21.
- 22. Keep your head still “Keep your arm straight” “Swingon one plane”
- 23. Keep your head still “Keep your arm straight” “Swingon one plane” “Swing easy”
- 24. Keep your head still “Grip it andrip it! “Keep your arm straight” “Swing on one plane” “Swing easy”
- 25. Best practices arelike golf tips…
- 26. Best practices arelike golf tips… Golf tips alone don't make good golfers
- 27. Why Agility? WhyRapid Innovation?!
- 29.
- 30. Time for somedrama!
- 31. Time for somedrama! Set in the Summer of 2017!
- 32. “ I in centralTexas.” t was another long heat wave
- 33. Spare generating capacitywas dangerously low!
- 34. You run informationsecurity! at a large industrial company! that includes several and cogeneration.!
- 35. Thanks to deregulation and incentives, microgrids havetaken off, especially in Texas = 10+ microgrids Microgrid Adoption, 2017
- 36. In recent days, insteadof selling its excess power, your firm was buying at peak spot prices. This was strange.!
- 37. 18 months earlier YouEnergy Ops Manager Business Continuity Manager
- 38. Effective Response, Recovery Resilience
- 39. Your Microgrid Automation hosted auto-configuring software reporting/trending! systemconfig! diagnostics! Internet Microgrid Supervisory Controller 12 months earlier
- 40. Spot trading waslargely automated via microgrid automation software. 12 months earlier
- 41.
- 42.
- 43. Our New Capability: Attack-drivenDefense 1. Raise cost to attackers 2. Increase odds of detection 3. Iterate defense based on real attack patterns 24 months earlier source: Etsy h7p://www.slideshare.net/zanelackey/a7ackdriven-‐defense
- 44.
- 45.
- 46. Sensors PatternDetection for Anomalous User Behavior 24 months earlier Any Non- Tech. Tech. source: Etsy h7p://www.slideshare.net/zanelackey/a7ackdriven-‐defense User Class
- 47.
- 48. Quality of Protections Controls
- 49.
- 50.
- 51.
- 52.
- 53. The Crime: ArDficially Congested Subsided Generators Manipulation of Wholesale Market Subsidies Conges'on pa+erns, July 14, 2017
- 54. Losers: You andhundreds of other microgrids forced to generate spot market bids during price spikes. (Botnet-style. Each loses a little $$) Scam: Generate losing trades in one market to make money in another market
- 55. Attack: Compromised Hosted Auto-ConfigurationSoftware hosted auto-configuring software reporting/trending! system config! diagnostics! Internet Microgrid Supervisory Controller
- 56. The Attackers Insider: Contractor atweb application software company Outsider: Hedge fund manager bribed contractor with profit sharing
- 57. Gold Man HacksBid Probe 2017 2017 Gold Man Hacks Faces Record Fine Over Energy
- 58. Over the last 24 months Adap've Threat Intelligence A+ack-‐ driven Defense Expanded External Engagement Expanded Detec'on Response Metrics
- 59.
- 60. Over the last 24 months
- 61.
- 62. Over the last 24 months
- 63. Optimize Cost ofRisk
- 64. Over the last 24 months
- 65.
- 66.
- 67. Summary: The Ten Dimensionsof Cyber Security Performance!
- 68. Actors Systems The Organiza7on Events Context
- 69. Actors Systems 1. Exposure Events Dimension 1: Optimize Exposure
- 70. Actors Systems 1. Exposure 2. Threats Events Dimension 2: Effective Threat Intelligence
- 71. Actors Systems 1. Exposure 3. Design Dev. 2. Threats Events Dimension 3: Effective Design Development
- 72. Actors Systems 1. Exposure 2. Threats 3. Design Dev. 4. Protec'ons Controls Events Dimension 4: Quality of Protection Controls
- 73. Actors Systems 1. Exposure 2. Threats 3. Design Dev. 4. ProtecDons Controls 5. Execu'on Opera'ons Events Dimension 5: Effective/Efficient Execution Operations
- 74. Events Actors Systems 1. Exposure 2. Threats 3. Design Dev. 4. ProtecDons Controls 5. ExecuDon OperaDons 6. Response, Recovery Resilience Dimension 6: Effective Response, Recovery Resilience
- 75. Opera7onal Cyber Security Dimensions 1 – 6 Measure Core Performance Events Actors Systems 1. Exposure 2. Threats 3. Design Dev. 4. ProtecDons Controls 5. ExecuDon OperaDons 6. Response, Recovery Resilience
- 76. First Loop Learning “First Loop Learning” is Continuous Improvement in Daily Operations
- 77. Events Systems 1. Exposure 2. Threats 3. Design Dev. 4. ProtecDons Controls 5. ExecuDon OperaDons Actors 7. External Engagement The Organiza7on Other Organiza7ons Government Law Enforcement Dimension 7: Effective External Engagement 6. Response, Recovery Resilience
- 78. Events Systems 1. Exposure 2. Threats 3. Design Dev. 4. ProtecDons Controls 5. ExecuDon OperaDons Actors 7. External Engagement Other Organiza7ons Government Law Enforcement 8. Agility Learning Dimension 8: Effective Agility Learning 6. Response, Recovery Resilience
- 79. Events Systems 1. Exposure 2. Threats 3. Design Dev. 4. ProtecDons Controls 5. ExecuDon OperaDons Actors 7. External Engagement 8. Agility Learning 9. Total Cost of Risk Other Organiza7ons Government Law Enforcement Dimension 9: Optimize Total Cost of Risk 6. Response, Recovery Resilience
- 80. Events Systems 1. Exposure 2. Threats 3. Design Dev. 4. ProtecDons Controls 5. ExecuDon OperaDons Actors 7. External Engagement Total Cost of Risk 10. Accountability Responsibility Stakeholders 9. Total Cost of Risk 8. Agility Learning Other Organiza7ons Government Law Enforcement Dimension 10: Accountability Responsibility 6. Response, Recovery Resilience
- 81. Dynamic Capabili7es Dimensions7 – 10 Measure Systemic Agility Events Systems 1. Exposure 2. Threats 3. Design Dev. 4. ProtecDons Controls 5. ExecuDon OperaDons Actors Total Cost of Risk 10. Accountability Responsibility Stakeholders 9. Total Cost of Risk 8. Agility Learning Other Organiza7ons Government Law Enforcement 7. External Engagement 6. Response, Recovery Resilience
- 82. Second Loop Learning “Second Loop Learning” is Innovation and Reinvention* * Individual and CollecDve
- 83. Events Systems 1. Exposure 2. Threats 3. Design Dev. 4. Protec'ons Controls 5. Execu'on Opera'ons Actors 7. External Engagement Stakeholders 10. Accountability Responsibility 9. Total Cost of Risk 8. Agility Learning Other Organiza7ons Government Law Enforcement Ten Dimensions of Cyber Security Performance 6. Response, Recovery Resilience
- 84.
- 85. “Can’t you makeit simpler?”!
- 86. “Can’t you makeit simpler?”! “We need a crayon version for executives and other business and policy types”!
- 87.
- 88. Sure! • “Transcendental numbershurt my head”!
- 89. Sure! • “Transcendental numbershurt my head”! • Declare π = 3.0!
- 90. Sure! • “Transcendental numbershurt my head”! • Declare π = 3.0! • But we lose something essential! “Circle”
- 91.