{"title":"Computer Network Defense: New Threats and Trends","authors":"A. Rigoni, Gustav Lindstrom","doi":"10.3233/978-1-61499-372-8-19","DOIUrl":"https://doi.org/10.3233/978-1-61499-372-8-19","url":null,"abstract":"","PeriodicalId":407780,"journal":{"name":"Best Practices in Computer Network Defense","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128338660","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Aligning National Cyber Security Strategies to International Guidance: A First Step Toward Improving Incident Response Capabilities Across NATO","authors":"Matthew W. Holt","doi":"10.3233/978-1-61499-372-8-65","DOIUrl":"https://doi.org/10.3233/978-1-61499-372-8-65","url":null,"abstract":"","PeriodicalId":407780,"journal":{"name":"Best Practices in Computer Network Defense","volume":"90 2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128009761","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Advanced Technologies/Tactics Techniques, Procedures: Closing the Attack Window, and Thresholds for Reporting and Containment","authors":"John N. Stewart","doi":"10.3233/978-1-61499-372-8-30","DOIUrl":"https://doi.org/10.3233/978-1-61499-372-8-30","url":null,"abstract":"New techniques, tactics, and procedures (TTPs) are now available to strengthen security postures and become more resilient to cyber threats. Most of these technologies are accessible and affordable, and they are showing promising results. This paper exemplifies eight specific advanced techniques, tactics, and procedures to counter cyber threats, including using moving target architectures to confuse the adversary, monitoring the dark space of the Internet, and using honey pots to detect adversaries and infected machines within an organization’s infrastructure. It also explains what is required to enable these techniques and what metrics should be used to measure their results. These advanced practices should become common security standards.","PeriodicalId":407780,"journal":{"name":"Best Practices in Computer Network Defense","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130927714","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Evolution of National and Corporate CERTs - Trust, the Key Factor","authors":"Olaf Kruidhof","doi":"10.3233/978-1-61499-372-8-81","DOIUrl":"https://doi.org/10.3233/978-1-61499-372-8-81","url":null,"abstract":"This paper discusses the evolution of Computer Emergency Response Teams (CERTs) due to trends in technology and society. It shows how these trends affect the selection of services a CERT can provide to its constituency, and the effects on its resources. The argument is that CERTs need to focus more and more on the specific services they can provide. The selection of these services must be driven by the objectives of their parent organization, the constituency they serve, and the urgency by which services must be provided. The paper further asserts that cyber security organizations (highly) specialized in a limited number of tasks should collaborate with others in order to effectively handle incidents. Trust among participants represents the basis for any successful collaboration. Trust, however, only exists between people. Thus, several other elements need to be in place in order to extend individual trust to organizations.","PeriodicalId":407780,"journal":{"name":"Best Practices in Computer Network Defense","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134643542","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A Model For Positive Change: Influencing Positive Change in Cyber Security Strategy, Human Factor, and Leadership","authors":"William Pelgrin","doi":"10.3233/978-1-61499-372-8-107","DOIUrl":"https://doi.org/10.3233/978-1-61499-372-8-107","url":null,"abstract":"Virtually every aspect of modern life is shaped by advancements in technology. While there are undeniable benefits to this ubiquitous use of technology and the Internet, we must also understand the security risks that come with them and take appropriate measures for preparedness. The challenges faced by government, industry, and academia continues to grow in volume and complexity as cyber security threats constantly evolve. The need to ensure that cyber security best practices are ingrained in everyone’s behavior and continue to be an essential component of business operations has never been greater. Good cyber security is built on layers – a defense in depth strategy. A critical component of this strategy is to improve our cyber hygiene through positive change in behavior. The paper explores innovative ways to influence long lasting outcomes in three areas: cyber security strategy, human factor, and leadership.","PeriodicalId":407780,"journal":{"name":"Best Practices in Computer Network Defense","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129732061","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Coordination and Cooperation in Cyber Network Defense: the Dutch Efforts to Prevent and Respond","authors":"E. V. D. Heuvel, Gerben Klein Baltink","doi":"10.3233/978-1-61499-372-8-118","DOIUrl":"https://doi.org/10.3233/978-1-61499-372-8-118","url":null,"abstract":"Effective Computer Network Defense requires close cooperation and collaboration between government and industry, science and education, national and international efforts. The Netherlands offers a concrete example of a successful public-private partnership aimed at improving overall cyber security for its society in general, including government, industry, and citizens. This requires more that a mere national cyber security strategy. Mutual trust between parties and close international cooperation and collaboration are essential. The Dutch approach has been successful so far, but it needs the constant attention and focus of all parties involved. The lessons learned from this approach can help build NATO’s non-traditional networks and enhance its overall cyber defense posture through cooperation with partner countries, organizations, and commercial entities.","PeriodicalId":407780,"journal":{"name":"Best Practices in Computer Network Defense","volume":"56 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114276822","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Standards for Cyber Security","authors":"Steve Purser","doi":"10.3233/978-1-61499-372-8-97","DOIUrl":"https://doi.org/10.3233/978-1-61499-372-8-97","url":null,"abstract":"Standards play a key role in improving cyber defense and cyber security across different geographical regions and communities. Standardizing processes and procedures is also essential to achieve effective cooperation in cross-border and cross-community environments. The number of standards development organizations and the number of published information security standards have increased in recent years, creating significant challenges. Nations are using standards to meet a variety of objectives, in some cases imposing standards that are competing and contradictory, or excessively restrictive and not interoperable. Other standards favor companies that are already dominant in their field. The European Union, with the support of ENISA, has started to include standards in its strategies and policies, but much remains to be done. The development and use of standards is necessary, timely, and requires the involvement of public and private sector actors working in tandem.","PeriodicalId":407780,"journal":{"name":"Best Practices in Computer Network Defense","volume":"142 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116616332","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Back to Basics: Beyond Network Hygiene","authors":"F. Lindner, Sandro Gaycken","doi":"10.3233/978-1-61499-372-8-54","DOIUrl":"https://doi.org/10.3233/978-1-61499-372-8-54","url":null,"abstract":"In the past, Computer Network Defense (CND) intended to be minimally intrusive to the other requirements of IT development, business, and operations. This paper outlines how different security paradigms have failed to become effective defense approaches, and what the root cause of the current situation is. Based on these observations, a different point of view is proposed: acknowledging the inherent composite nature of computer systems and software. Considering the problem space from the composite point of view, the paper offers ways to leverage composition for security, and concludes with a list of recommendations.","PeriodicalId":407780,"journal":{"name":"Best Practices in Computer Network Defense","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133251384","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}