Practical Cybersecurity Frameworks Applied to Real World Problems – Washington D.C. – March 10-11, 2015

EnergySec Members receive a 30% discount. Click here or send an email to info@energysec.org for your special code.

SEATS ARE LIMITED TO THE FIRST 30 REGISTRATIONS

We have group rates! * Please click here or call 877-267-4732 to receive a group rate code.

Group Size Discount
4-7 5%
8-11 10%
12 or more 15%

* Does not apply to already discounted options such as the EnergySec Member discount.

Venue:
Crystal Gateway Marriott
1700 Jefferson Davis Highway
Arlington, VA, 22202
Phone: (703) 920-3230

Marriott has a special group rate for attendees of the NERC CSF Training at the Crystal Gateway Marriott of 249.00 USD per night. Below you will find the reservation links you can use to make online reservations.

There are a limited amount of rooms available at the group rate, on a first-come, first-served basis. The last day to book your room at the group rate is February 2, 2015. After the cut off date, the Crystal Gateway Marriott will accept reservations for the EnergySec CIP Training group rate, on a space and rate available basis.

Book your group rate: EnergySec Room Block >>


Overview: This 2-day class – the first of several throughout the U.S. in 2015 – is intended for those leaders, decisions makers, and technologists who feel that they are lacking a usable bridge between the technology and business aspects of cybersecurity and wish to do more than simply build a standard security program and hope for the best.

A three-part class, students will begin by exploring the theory behind using structured information to create value and the theory behind cybersecurity as a business problem and discipline.

With that theory as a foundation, the class will then use two existing frameworks – the new NIST-Facilitated Cybersecurity Framework and the Department of Energy’s Cybersecurity Capability Maturity Model (C2M2) – as foils for discussing how best to build framework bridges between “Security Programs,” “Risk Management,” and “Business Value Management.”

The final day of the class will be used as a facilitated workshop in which the class will either solve “conceptualized” real world problems or, if appropriate, bring student’s own existing problems to the table to work through.

We hope that students will, at the end, feel they have gained a deeper understanding of cybersecurity and frameworks as they pertain to their own fields than they would have received in more traditional “Training” in products, technologies, and frameworks and will be able to apply these new perspectives to enhance the job they do in the real world. More than anything else, we hope students will find value in spending two days considering cybersecurity in ways they might not have before.

Students should also be aware that, despite some use of jargon, no technical experience or security expertise is assumed and each class will be tailored to the experience levels of those in attendance wherever possible.

Audience: The material presented should be of value to anyone in an organization whose job affects or may be affected by cybersecurity and security framework implementations. Executives, in particular, are encouraged to attend.

Class Outline:

  1. WELCOME AND INTRODUCTION
    1. Ice Breaking Exercise
  2. FRAMEWORK THEORY: Structuring Information to Enhance Value
    1. Defining Frameworks
    2. Four Framework Design Principles
      1. Label Awareness: Types of words and meanings
      2. Protocol Stacks: Using Layers to Abstract Common Framings
      3. Model/View/Controller: Humans are Systems, Too
      4. Stages of Value: The Means Can Be As Important as the End
  3. SECURITY THEORY: Creating a Consensus Model
    1. Defining Cybersecurity as a Problem: A Parasitic Model
    2. Scoping Cybersecurity as a Discipline: Contrasting Perspectives
      1. COMPARISON #1: VULNERABILITY INTRODUCTION VS. EXPLOITATION
      2. COMPARISON #2: QUALITY MANAGEMENT VS. RISK RESPONSE
      3. COMPARISON #3: HUMANS VS. TECHNOLOGY
      4. COMPARISON #4: STRATEGY VS. TACTICS
      5. COMPARISON #5: RISKS FROM VS. RISKS TO (CIA)
      6. COMPARISON #6: ENABLEMENT VS. PROTECTION
      7. COMPARISON #7: DEFENDING VS. IMPROVING
      8. COMPARISON #8: ONE-TIME VS. CONSISTENT BEHAVIOR
      9. COMPARISON #9: INCIDENT VS. EXPOSURE MANAGEMENT
      10. COMPARISON #10: ERROR VS. DEFAULT HANDLING
      11. COMPARISON #11: PERCEPTION VS. FACT
      12. COMPARISON #12: EMERGENT VS. PREDICTABLE STATE
      13. COMPARISON #13: CYBER VS. PHYSICAL SPACE
      14. COMPARISON #14: EFFICACY VS. COMPLIANCE
  4. FURTHER STRUCTURAL CONSIDERATIONS: Helpful Linking Concepts
    1. Common Terms and Parenthetical Comparisons
    2. Kill Chains
    3. Metrics Defined
    4. Control Convergence
    5. Development Lifecycles
    6. “Capabilities” Defined
    7. Risk Management
    8. Others
  5. CONNECTING FRAMEWORK THEORY TO SECURITY THEORY
    1. Demonstrate a <Model> containing elements of both the framework and security discussions to be used as a Reasoning Aid throughout the remainder of the class
    2. Adjust the Model
  6. EVALUATING THE NIST FRAMEWORK AND C2M2
    1. Using the domain models discussed earlier, the class will evaluate the structure and content of both the NIST Framework and the C2M2. We will describe use cases, dependencies, how they can be linked together, and how our own class models can be used to fill the shared gaps in both frameworks. The intent of this section is not to critique other work, but to understand the concepts and work needed to build custom integration approaches and frameworks that will help students more effectively utilize existing work to reduce overall risk in their own environments.
  7. DAY-LONG FACILITATED WORKSHOP
    1. We will scope a theoretically-real security problem, use framework design principles, and eventually (hopefully!) arrive at successful risk reduction approaches over the course of the day. This workshop may flex according to student need and desire.

Instructor Biographies

Jack WhitsittJack Whitsitt | EnergySec

Jack Whitsitt, recently identified by Tripwire as one of the top 10 Rising Stars and Hidden Gems in security education, and winner of TSAs “Honorary Award” – the highest award given by the agency – brings a breadth of cyber security knowledge and thought leadership to any project he is involved with.

Currently a Principal Analyst for Energysec, his unusual combination of hard technical, public/private partnership development, facilitation, and national risk management experience allow him to provide particular insight into and leadership of strategic organizational, sector, and national cyber security initiatives and educational endeavors.

A participant in the national critical infrastructure protection dialogue for seven years, Jack has provided regular advice, insight, and thought leadership to all levels of government and industry and has been responsible for several successful sector-level initiatives. His background includes facilitation, cutting-edge technical research & development, national control systems cyber incident response (as a member of ICS-CERT via Idaho National Lab at the NCCIC), community building, large scale data analysis, Sector Specific Agency program development & execution (as a GS-14 at TSA), sales & marketing, and more.

Further, Mr. Whitsitt’s experience and skill at developing and providing targeted training and education opportunities to a variety of audiences allows him to effectively communicate his knowledge and to positively affect behavior, culture, and outcomes within organizations.

Recently, Mr. Whitsitt was also cited as an author in a NATO-sponsored report to develop Cybersecurity Confidence Building Measures intended to help nations avoid unintentional conflict escalation in cyberspace and was invited by name to a related MIT-sponsored “Cyber Norms Workshop 3.0” discussing sources of instability in cyberspace, cyberwar, deterrence, and related topics.

CANCELLATION

Any cancellations received more than one month before the start of the session will be refunded 50% of the tuition of the course registered.  Any cancellations that are received less than one month before the start of the session, will not be eligible for a refund.  The cancellation must be sent in writing to info@energysec.org or to EnergySec, 8440 SE Sunnybrook Blvd Suite 206, Clackamas OR 97015.

POSTPONEMENT

One postponement without a penalty fee is permitted. Any further request for postponement will receive a refund of 50% of the course tuition and new registration will be mandatory at a session date in the same calendar year.

 

Tags: , , , , , , , , , , , , ,

No comments yet.

Leave a Reply