Accelerating Cybersecurity Intelligence presented at TexasTechnologySummit 2019

by Luke Worrall,

Summary : Industries such as Oil & Gas are adopting the NIST Cybersecurity Framework (CSF) as the official blueprint for cybersecurity. However, the blueprint does not address cybersecurity architectural considerations to optimize the time, effort and resources necessary to move information or generate actions between NIST categories. Nor does it consider how to shrink manual processes associated with many of the subcategories with in the NIST CSF, many which have interdependencies. This presentation will discuss cybersecurity architecture considerations that couple automation with cybersecurity data and the entire network infrastructure to simplify processes, reduce time and raise the security intelligence of those focused on cybersecurity. This presentation supports the fundamental criteria that no network is hundred percent safe a hundred percent of the time. Therefore, architectures that can enable and support automation leveraging threat feeds should be considered and examined to understand the enhancements to reaction time, security accuracy and process time to move between Identify, Protection, Detection, Response and Recovery NIST categories. It will also show how these architectural considerations can extend automation and enhanced security intelligence across both IT and OT domains using the same blueprint for different applications. Oil & Gas and other industries with critical infrastructure have leveraged automation for decades to supervise and control critical assets, locally and remote centralized remote locations. This presentation will also address other intangible benefits of cybersecurity automation as it relates multitenancy, error avoidance, risk mitigation of manual operations that can have negative impacts to unaffected applications, or end users. The intended audience is CISOs, security architects and analysts, and networking professionals. Intermediate to expert level.