際際滷

際際滷Share a Scribd company logo

Top Level Cyber Security Strategy

Download as PPTX, PDF
J
John Gilligan

This document outlines a top level cyber security strategy that involves assessing systems based on their sophistication, mission criticality, and threat level to determine the appropriate security controls. For less critical or threatened systems with unsophisticated users, it recommends implementing a comprehensive baseline of security controls. For more critical systems or those facing higher threats, it suggests deploying targeted advanced security controls or accepting some risk.

1 of 3
Downloaded 17 times
Top Level Cyber Security Strategy John M. Gilligan jgilligan@gilligangroupinc.com www.gilligangroupinc.com
Top Level Cyber Security Strategy Sophisticated Unsophisticated MISSION/FUNCTION CRITICALITY Implement Comprehensive Baseline of Security THREAT Low High Deploy Targeted Advanced Security Controls Accept Risk 2
Top Level Cyber Security Strategy Sophisticated Unsophisticated MISSION/FUNCTION CRITICALITY Comprehensive Baseline of Security (A well managed IT infrastructure) THREAT Low High Deploy Targeted Advanced Security Controls Accept Risk 3 TIC Training for Sys Admin 2-Factor Authentication 20 Critical Controls FDCC+ SCAP Result: Block 85% of attacks and provides foundation to address remaining/new attacks (Ref: Dick Schaeffer, NSA/IAD) DNSSEC, S-BGPThreat/Vul Collaboration

More Related Content

Top Level Cyber Security Strategy

  • 1. Top Level Cyber Security Strategy John M. Gilligan jgilligan@gilligangroupinc.com www.gilligangroupinc.com
  • 2. Top Level Cyber Security Strategy Sophisticated Unsophisticated MISSION/FUNCTION CRITICALITY Implement Comprehensive Baseline of Security THREAT Low High Deploy Targeted Advanced Security Controls Accept Risk 2
  • 3. Top Level Cyber Security Strategy Sophisticated Unsophisticated MISSION/FUNCTION CRITICALITY Comprehensive Baseline of Security (A well managed IT infrastructure) THREAT Low High Deploy Targeted Advanced Security Controls Accept Risk 3 TIC Training for Sys Admin 2-Factor Authentication 20 Critical Controls FDCC+ SCAP Result: Block 85% of attacks and provides foundation to address remaining/new attacks (Ref: Dick Schaeffer, NSA/IAD) DNSSEC, S-BGPThreat/Vul Collaboration