240 likes | 354 Views
Our People Deliver Fantastic Results that Matter. Information Assurance Education in South Carolina. Bob Bush, President bbush@barlingbay.com (843) 725-6834 (office) (843) 725-6831 (fax). Rob Ashworth, CISO rashworth@barlingbay.com (843) 725-6836 (office) (843) 725-6831 (fax).
E N D
Our People Deliver Fantastic Results that Matter Information Assurance Education in South Carolina Bob Bush, President bbush@barlingbay.com (843) 725-6834 (office) (843) 725-6831 (fax) Rob Ashworth, CISO rashworth@barlingbay.com (843) 725-6836 (office) (843) 725-6831 (fax) 1101 Remount Rd, Suite 100 Charleston, SC 29406 January 8, 2010
Our Locations • Headquartered in Anchorage, AK • Corporate Office in Charleston, SC • Field Offices • Washington DC/Northern Virginia/Maryland • San Diego, CA • Pensacola, FL • Norfolk, VA • Jacksonville, FL • Bremerton, WA • Camp Lejeune, NC • Lemoore, CA • Houston, TX
Our people • Highly Skilled Technical Workforce of 120 professionals • Over 60% with Bachelors or Advanced Degrees Professional Certifications: • Project Management • Information Assurance • Systems Engineering • Software Engineering
Capabilities Management & Administration • Contracts & Acquisition Support • Human Resource Services Support • Financial Analysis & Management • Administrative Support • Case Management Support • Document & Records Management • Training & Program Development Technology • Information Assurance & Cyber Security • Research & Development • Software Development and Engineering • Systems Architecture and Integration • C4ISR Systems Engineering • Data entry and Statistical Analysis • Network Engineering and Security • Database Development and Management • Information Management • Logistics and Material Management
Local IA initiative Advanced Security Technology Research Alliance (ASTRA) • New Carolina-South Carolina’s Council on Competitiveness Initiative • With nearly all U.S. Department of Defense and Department of Homeland Security agencies represented in the Lowcountry, coupled with one of the nation's largest ocean ports and a growing medical research center, Charleston has become a hub of research & development, practical testing and pilot initiatives for a wide range of security solutions • ASTRA is structured with a number of cluster focus groups, where our responsibilities reside within the Connected Information Assurance and Cyber Security Labs Focus Group • Our mission focus is to: Establish world class, fully connected Information Assurance and Cyber Security laboratories and facilities • Barling Bay has established a partnership with the University of South Carolina to determine programs, facilities, interests and potential for collaboration with Industry/SPAWAR. • It is Barling Bay’s intention to continue to grow these relationships allowing students and researchers of these schools to participate with Barling Bay, other industry partners, and Government agencies in Research and Development projects
Examples of our Customers • Department of Defense • U.S. Navy Space & Naval Warfare Systems Command - Atlantic • (USN, USAF, DISA, Combatant Commands, Joint Services) • Department of Justice • Drug Enforcement Agency: Office of Acquisition Management • Drug Enforcement Agency: Science & Technology, Lorton • Department of Labor • Bureau Labor Statistics: Division of Human Resources & Organizational Management • Department of Commerce • Office of the CIO: Networking & Telecommunications Ops • Commerce Business Systems, Gaithersburg • Department of the Interior • Bureau of Indian Affairs: Office of the CIO • Department of Homeland Security (DHS) • Immigration & Customs Enforcement: Office of the CIO
Local IA initiative Advanced Security Technology Research Alliance (ASTRA) • New Carolina-South Carolina’s Council on Competitiveness Initiative • With nearly all U.S. Department of Defense and Department of Homeland Security agencies represented in the Lowcountry, coupled with one of the nation's largest ocean ports and a growing medical research center, Charleston has become a hub of research & development, practical testing and pilot initiatives for a wide range of security solutions • ASTRA is structured with a number of cluster focus groups, where our responsibilities reside within the Connected Information Assurance and Cyber Security Labs Focus Group • Our mission focus is to: Establish world class, fully connected Information Assurance and Cyber Security laboratories and facilities • Barling Bay works with both USC and Clemson through entities with established relationships with the universities to determine programs, facilities, interests and potential for collaboration with Industry/SPAWAR • It is Barling Bay’s intention to continue to grow these relationships allowing students and researchers of these schools to participate with Barling Bay, other industry partners, and Government agencies in Research and Development projects
Our goal Purpose: Confidentiality Integrity Authentication Non-Repudiation Availability Full security is achieved through: physical, administrative, and technical safeguards AND common sense
IA Threats/Threat agents • Natural threats • Storm, tornado, earthquake, mud-slide, snow, lightning, heat, etc. • Outsider threat sources • Competitors, vandals, terrorists, activists, arsonists, thieves, etc. • Insider threat sources • Employees, partners, authorized users, maintenance workers, etc. • Threat Agents cause a threat event to exploit vulnerabilities that results in detrimental impact to one or more of our IT assets.
Applying safeguards Captured from Figure 7.1 of NIST SP800-12.
University needs Among Others… • Strong Student and Faculty Awareness Training • System Administrator Security Training and Certification • Strong security curriculum to educate workforce • Planned Security Architecture • University Network Risk Management Analyses & Regular Scanning • Malware protections for student, faculty, and University equipment • “DMZ” segregation, protections, and monitoring (including Wireless). • Perimeter and subnet protections and monitoring • Trained Incident Responders • Virtual Private Network technology • Virtual Local Area Networks • Use of Virtual machines • Public Key Infrastructure
DoD IA Certifications • SANS/GIAC • Security Certified Program • (ISC)2 • ISACA • CompTIA DoD 8570.01-M CH-1
Government & Commercial • Formal IT/IA-related Education and Training • Experience and/or Certifications similar to DoD • Strong Analytical Skills • Strong Communication Skills • Strong Technical Skills
consulting needs • Adherance to Customer and Corporate Cultures • Meet Customer Educational Requirements • Meet Customer Experience Requirements • Meet Customer Training & Certification Needs
Sources for help • CERT Coordination Center • http://www.us-cert.gov/reading_room/ • SANS Reading Room • http://www.sans.org/reading_room/ • TechRepublic Papers • http://whitepapers.techrepublic.com.com/Security/Security+Administration/Security+Tools/ • CyberWarfare News • http://staff.washington.edu/dittrich/cyberwarfare.html • Foundstone (Tools) • http://www.foundstone.com/us/resources-free-tools.asp • Top 100 Security Tools • http://sectools.org/ & dc214.defcon.org/notes/sectools.ppt
Questions Bob Bush, President bbush@barlingbay.com (843) 725-6834 (office) Rob Ashworth, CISO rashworth@barlingbay.com (843) 725-6836 (office)
Backup slides OUR CORPORATE CREED Do what’s right; It’s right to be honest. Do your very best in all things, in all ways, at all times; Hold a passion and commitment to excellence and innovation in everything you do. Treat people fairly; With dignity & respect. Have fun; And enjoy the journey. 24