1 / 43

Michigan Cyber Range

Michigan Cyber Range. Introduction. Introduction. Dr. Joe Adams Vice President of Research and Cyber Security 26 years Army Signal Corps Associate Professor at US Military Academy 3 time winner of the NSA’s Inter-Service Academy CDX Senior Member IEEE. Agenda. Who am I?

minerva-english
Download Presentation

Michigan Cyber Range

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Michigan Cyber Range

  2. Introduction

  3. Introduction • Dr. Joe Adams • Vice President of Research and Cyber Security • 26 years Army Signal Corps • Associate Professor at US Military Academy • 3 time winner of the NSA’s Inter-Service Academy CDX • Senior Member IEEE

  4. Agenda • Who am I? • Where is the Threat? • How am I at risk? • How to prepare?

  5. Attack Surface

  6. Attack Surface

  7. Attack Surface

  8. Attack Surface

  9. Attack Surface

  10. Why is this so hard?

  11. Plans

  12. The Price of Doing Business

  13. Security Theater

  14. An Example of Why

  15. What can we do?

  16. What has to be protected?

  17. What can we monitor?

  18. What is on its own?

  19. Make a plan

  20. Policy

  21. Education and Awareness

  22. The Result

  23. But then…

  24. Practice the plan

  25. Communication

  26. Fight complacency

  27. Internal Audits

  28. Build Habits

  29. It only takes once

  30. What we’ve talked about

  31. What we’ve talked about

  32. What we’ve talked about

  33. What we’ve talked about

  34. Using the Cyber Range • Skills training & maintenance • Classes • Events • Networking • Accessible • Persistent

  35. Classes • 17 Certifications • Pen Testing, Incident Handling, Ethical Hacking • Forensics • Leadership • Disaster Recovery • Classes held: • At Merit or at the customer’s location • Online • Cost includes: • Tuition • Certification Exam • http://www.merit.edu/cyberrange/courses.php

  36. Capture the Flag • Self-Paced • Threads of flags to find • Individual skills • Penetration testing • Forensics • SCADA • Scoring engine • Encourages competition

  37. Force on Force • Paintball • Multiple teams; everyone for themselves • Penetrate system, plant a flag, secure the system • Red vs Blue • Focus on system &service security and continuity • Force on Force • Incident Response • Asynchronous • Red team creates havoc • Blue team diagnoses andrecovers

  38. Welcome to Alphaville

  39. Alphaville

  40. Alphaville • A persistent training environment • A Network of Things • More realistic than an IP range • Every exercise is a separate, customizable copy of the town and its infrastructure • Heterogeneous environment • Wide variety of operating systems and services • Residents of Alphaville provide “background noise” • Bot nets, rootkits, and backdoors

  41. Using the Cyber Range • Flexible terms & pricing • Pay for what you use • Voucher/Credit system

  42. Questions? • http://www.merit.edu/cyberrange/

More Related