and analysis center
play

and Analysis Center DHS Hunt and Incident Response Team September - PowerPoint PPT Presentation

Jul 18, 2023 •247 likes •429 views

SUPERCHARGE YOUR SECURITY Water Information Sharing and Analysis Center DHS Hunt and Incident Response Team September 12, 2018 SUPERCHARGE YOUR SECURITY Presenter Brian Draper, DHS NCCIC HIRT Slides and recording will be posted by

  1. SUPERCHARGE YOUR SECURITY Water Information Sharing and Analysis Center DHS Hunt and Incident Response Team September 12, 2018

  2. SUPERCHARGE YOUR SECURITY Presenter  Brian Draper, DHS NCCIC HIRT Slides and recording will be posted by Thursday.

  3. National Cybersecurity & Communications Integration Center (NCCIC) HUNT AND INCIDENT RESPONSE TEAM (HIRT) Brian Draper Sr. Incident Response Analyst NCCIC Hunt and Incident Response Team (HIRT)

  4. 5 UNCLASSIFIED

  5. Agenda nda HIRT Overview w HIRT Service ce Offerings gs Proacti tive Hunt vs. Incide ident nt Respons nse Incide ident nt Respons nse Life ifecycl cle Prio ioritizi zing ng Incide idents nts Enga gagement nt Types Enga gagement nt Workflo low How ow to Contac act t HIRT UNCLASSIFIED

  6. Hunt & Incident The National Cybersecurity Communications and Integration Center (NCCIC) Hunt and Incident Response Team Response Team (HIRT) provides expert intrusion analysis and (HIRT) mitigation guidance to clients who lack the in-house capability or require additional assistance with responding to a cyber incident. HIRT’s clients include: Uniquely positioned to provide Federal departments and agencies comprehensive State, Local, Tribal and Territorial (SLTT) analysis governments Classified and unclassified tactics, Private Sector (Industry & Critical techniques and procedures (tips) Infrastructure) Public and private sector partners Academia Established relationships with International Organizations Law Enforcement, Intelligence Community and International Partners 7 UNCLASSIFIED

  7. HIRT RT Servic ice e Offerin ings gs  Incide dent t Triage ge  Hunt Analysis  Network ork Topol olog ogy y Re Review  Mitigati tion on  Infras astr truc ucture ure Configurat guration on Malwar ware Analys ysis  Re Review  Log Analysis  Digital Media Analys ysis  Incide dent t Specific Risk  Control rol Syste tem m Incide dent t Overview w Analys ysis UNCLASSIFIED

  8. Proac oactive tive Hun unt Incident cident Res espo ponse nse A search for malicious activity through HIRT takes action to respond to a the examination of a network reported incident and to address the environment for exploitation tools, increased risks generated by the tactics, procedures, and associated incident artifacts Asset owners and trusted third parties report information to NCCIC. An asset owner-driven request Trusted reporters include FBI, Information Sharing and Analysis Centers (ISACs), and Uses a risk review to scope the breadth other government agencies of the Proactive Hunt Uses a risk review to scope the breadth If malicious activity is observed during a of the Incident Response hunt, move to Incident Response UNCLASSIFIED

  9. HIR IRT T In Incident ent Response sponse Lifec ecycle ycle UNCLASSIFIED

  10. NCISS S Solution ion NCCIC Cyber Incident nt Scori oring ng System em (NCISS) Based ed on NIST T 800-61 Rev Revision 2 • Functional Impact • Information Impact • Recoverability • Adds Actor Characterization • Adds Observed Activity • Adds Location of Observed Activity • Adds Cross Sector Dependency • Adds Potential Impact Uses a weighted average (math) of the above criteria for a repeatable process UNCLASSIFIED

  11. En Engageme gement nt Typ ypes es Providing assistance without being physically Re Remot ote Assistance nce onsite Advising for mitigation onsite but technical Advisory y Deploym yment nt analysis capabilities not deployed Deploying Equipment, remotely conducting Re Remot ote Deploym yment nt analysis Deployment of equipment and personal onsite to Onsite te Deploym yment nt conduct technical analysis UNCLASSIFIED

  12. Inci cident dent Re Respon onse se Workflow rkflow UNCLASSIFIED

  13. Onsit ite e Deplo loym yment ent Tea eam m Composit positio ion UNCLASSIFIED

  14. Engag gagement ment Timeli meline ne UNCLASSIFIED

  15. How to Contact ntact NCCIC IC for Hun unt and Inci cident dent Re Respon onse se Services vices OPERATIONS : ncciccustomerservice@hq.dhs.gov Emai ail: : 888-282-0870 Phone ne: UNCLASSIFIED

  17. SUPERCHARGE YOUR SECURITY Upcoming WaterISAC Events and Opportunities  Monthly Water Sector Cyber Threat Web Briefing  Wednesday, September 26, 2018; 2:00 – 3:00 PM ET

  18. SUPERCHARGE YOUR SECURITY Thank You WaterISAC Contact Information: 1-866-H2O-ISAC Michael Arceneaux Paul Laporte Managing Director Member Relations Manager arceneaux@waterisac.org laporte@waterisac.org Chuck Egli Jennifer Walker Lead Analyst Cybersecurity Risk Analyst egli@waterisac.org walker@waterisac.org

Recommend

Joint Physics Analysis Center (JPAC) The Joint Physics Analysis Center (JPAC) formed in

Joint Physics Analysis Center (JPAC) The Joint Physics Analysis Center (JPAC) formed in

Amplitude analysis of / 0 0 Alessandro Pilloni Joint Physics Analysis Center Krakow, June 6 th , 2016 Joint Physics Analysis Center (JPAC) The Joint Physics Analysis Center (JPAC) formed in October 2013 We

873 views • 17 slides
ANALYSIS Ray Campbell January 10, 2019 CENTER FOR HEALTH INFORMATION AND ANALYSIS CHIAs

ANALYSIS Ray Campbell January 10, 2019 CENTER FOR HEALTH INFORMATION AND ANALYSIS CHIAs

OVERVIEW OF THE CENTER FOR HEALTH INFORMATION AND ANALYSIS Ray Campbell January 10, 2019 CENTER FOR HEALTH INFORMATION AND ANALYSIS CHIAs Mission and Vision CHIA has extensive authority to compel the submission of data from

515 views • 12 slides
CAPR CENTER FOR THE ANALYSIS OF POSTSECONDARY READINESS Student Assessment and Placement

CAPR CENTER FOR THE ANALYSIS OF POSTSECONDARY READINESS Student Assessment and Placement

CAPR CENTER FOR THE ANALYSIS OF POSTSECONDARY READINESS Student Assessment and Placement Systems Using Multiple Measures Elisabeth Barnett, CCRC NYS Student Success Center November 2018 CAPR CENTER FOR THE ANALYSIS OF POSTSECONDARY

808 views • 51 slides
MANAGEMENT AND ANALYSIS OF NATIONAL MULTISITE PROGRAM EVALUATION DATA: CENTER FOR SUBSTANCE ABUSE

MANAGEMENT AND ANALYSIS OF NATIONAL MULTISITE PROGRAM EVALUATION DATA: CENTER FOR SUBSTANCE ABUSE

MANAGEMENT AND ANALYSIS OF NATIONAL MULTISITE PROGRAM EVALUATION DATA: CENTER FOR SUBSTANCE ABUSE PREVENTIONS DATA ANALYSIS COORDINATION AND CONSOLIDATION CENTER SESSION CHAIR AND DISCUSSANT: Beverlie Fallik, Ph.D. Center for Substance

638 views • 40 slides
Old Dominion University Virginia Modeling, Analysis & Simulation Center Enterprise Center,

Old Dominion University Virginia Modeling, Analysis & Simulation Center Enterprise Center,

Old Dominion University Virginia Modeling, Analysis & Simulation Center Enterprise Center, College of Engineering & Technology Established July 1997 by the Commonwealth of Virginia Locations in Suffolk (TCC-Portsmouth) and

751 views • 12 slides
Poles in the SAID NN analysis Ron Workman Data Analysis Center Institute for Nuclear Studies

Poles in the SAID NN analysis Ron Workman Data Analysis Center Institute for Nuclear Studies

Poles in the SAID NN analysis Ron Workman Data Analysis Center Institute for Nuclear Studies George Washington University GW/DAC/SAID group W.J. Briscoe (M. Dring) D. Schott I. Strakovsky MESON 2014 13 th International Workshop on Meson

389 views • 19 slides
Moving on Maternal Depression Webinar Series Sponsored by Schuyler Center for Analysis &

Moving on Maternal Depression Webinar Series Sponsored by Schuyler Center for Analysis &

Moving on Maternal Depression Webinar Series Sponsored by Schuyler Center for Analysis & Advocacy & the Postpartum Resource Center of New York October 21, 2020 Who We Are 2 Schuyler Center for Analysis & Postpartum Resource

405 views • 4 slides
Seeking for a fingerprint: analysis of point processes in actigraphy recordings Ewa

Seeking for a fingerprint: analysis of point processes in actigraphy recordings Ewa

Seeking for a fingerprint: analysis of point processes in actigraphy recordings Ewa Gudowska-Nowak Plus ratio quam vis M. Kac Center Complex Systems Research Center, M. Smoluchowski Institute of Physics and Malopolska Center of Biotechnology

622 views • 17 slides
Report Presentation Market & Feasibility Analysis Wisconsin Center Expansion May 14, 2014

Report Presentation Market & Feasibility Analysis Wisconsin Center Expansion May 14, 2014

Report Presentation Market & Feasibility Analysis Wisconsin Center Expansion May 14, 2014 DRAFT Wisconsin Center Expansion Study Process The Wisconsin Center District and Visit Milwaukee engaged HVS Convention, Sports & Entertainment

507 views • 29 slides
Naval Center for Cost Analysis (NCCA ) Validation and Improvement of the Rayleigh Curve Method

Naval Center for Cost Analysis (NCCA ) Validation and Improvement of the Rayleigh Curve Method

UNCLASSIFIED (FOR OFFICIAL USE ONLY) Naval Center for Cost Analysis (NCCA ) Validation and Improvement of the Rayleigh Curve Method 10-13 JUN 2014 POC: Mr. Jake Mender Ship & Ship Weapons Branch Naval Center for Cost Analysis

1.16k views • 38 slides
Naval Center for Cost Analysis Software Resource Data Report (SRDR) Analysis August 2013 Dataset

Naval Center for Cost Analysis Software Resource Data Report (SRDR) Analysis August 2013 Dataset

Naval Center for Cost Analysis Software Resource Data Report (SRDR) Analysis August 2013 Dataset Presented by: Nicholas Lanham June 10-13, 2014 1 Purpose To analyze software productivity and growth relationships when compared to several

511 views • 21 slides
Recent Advances in Software for Space-Time Data Analysis Sergio J. Rey GeoDa Center for

Recent Advances in Software for Space-Time Data Analysis Sergio J. Rey GeoDa Center for

Recent Advances in Software for Space-Time Data Analysis Sergio J. Rey GeoDa Center for Geospatial Analysis and Computation School of Geographical Sciences and Urban Planning Arizona State University Future Directions in Spatial Demography

849 views • 55 slides
FSU Center for Economic Forecasting and Analysis (CEFA) The Tallahassee Economy Project By:

FSU Center for Economic Forecasting and Analysis (CEFA) The Tallahassee Economy Project By:

FSU Center for Economic Forecasting and Analysis (CEFA) The Tallahassee Economy Project By: Julie Harrington, Ph.D. Director of the Center for Economic Forecasting and Analysis (CEFA) Florida State University For: The Tallahassee Economy

529 views • 39 slides
Data analysis for science Lee Samuel Finn Center for Gravitational Wave Physics 28 October 2002

Data analysis for science Lee Samuel Finn Center for Gravitational Wave Physics 28 October 2002

Data analysis for science Lee Samuel Finn Center for Gravitational Wave Physics 28 October 2002 Grav. Wave Source Simulation & 1 Data Analysis Workshop Overview Data analysis goals Distinguishing signal from noise:

299 views • 17 slides
Objectives Case Study Background & Data Text as a Network Refresher Hands on

Objectives Case Study Background & Data Text as a Network Refresher Hands on

<Your Name> Text as a Network: Analysis of COVID-19 related Tweets J.D. Moffitt jdmoffit@cs.cmu.edu CASOS Center, Institute for Software Research Carnegie Mellon University CASOS Summer Institute 2020 Center for Computational Analysis

316 views • 10 slides
Reproducibility in Data Science Juliana Freire Visualization, Imaging and Data Analysis Center

Reproducibility in Data Science Juliana Freire Visualization, Imaging and Data Analysis Center

Reproducibility in Data Science Juliana Freire Visualization, Imaging and Data Analysis Center (VIDA) Computer Science & Engineering Center for Data Science (CDS) VISUALIZATION IMAGING AND DATA ANALYSIS CENTER Data-Driven Exploration

557 views • 34 slides
BATTLEFIELD PARK & COMMUNITY EDUCATION CENTER Space Analysis & Concept Diagrams Made

BATTLEFIELD PARK & COMMUNITY EDUCATION CENTER Space Analysis & Concept Diagrams Made

RIVER RAISIN NATIONAL BATTLEFIELD PARK & COMMUNITY EDUCATION CENTER Space Analysis & Concept Diagrams Made possible through funding and support provided by: Goals: Conduct a space analysis of the Monroe Multi-Sports Complex for

542 views • 15 slides
Integrated City Operation Center : An Architecture Case Study with ADD & Data Flow Analysis

Integrated City Operation Center : An Architecture Case Study with ADD & Data Flow Analysis

Integrated City Operation Center : An Architecture Case Study with ADD & Data Flow Analysis SATURN, 2007 Changhyun, Baek Software Architect Eng. Methodology Team IT Engineering Center Samsung SDS, South Korea Introduction Introduction

455 views • 17 slides
Economic Analysis at the Environmental Protection Agency Al McGartland, Director National Center

Economic Analysis at the Environmental Protection Agency Al McGartland, Director National Center

Economic Analysis at the Environmental Protection Agency Al McGartland, Director National Center for Environmental Economics (NCEE) U.S EPA September 11, 2012 Nuclear Regulatory Commission Meeting 1 Economic Analysis is One Among Many

480 views • 16 slides
Data Integration and Analysis Center (IABIN DIAC) Version 2: A Pilot Application for the

Data Integration and Analysis Center (IABIN DIAC) Version 2: A Pilot Application for the

Data Integration and Analysis Center (IABIN DIAC) Version 2: A Pilot Application for the Integration, Visualization, Query, Analysis and Sharing of IABIN Thematic Network Data Goals for Day 2 presentation Dispel myths Cost There

81 views • 6 slides
Virtualized HPC infrastructure of the Novosibirsk Scientific Center for HEP data analysis D.

Virtualized HPC infrastructure of the Novosibirsk Scientific Center for HEP data analysis D.

Virtualized HPC infrastructure of the Novosibirsk Scientific Center for HEP data analysis D. Maximov on behalf of NSC/SCN consortium International Workshop on Antiproton Physics and Technology at FAIR Budker INP, Novosibirsk, Russia 19

873 views • 28 slides
Regression Analysis Scott Richter UNCG-Statistical Consulting Center Department of Mathematics

Regression Analysis Scott Richter UNCG-Statistical Consulting Center Department of Mathematics

Regression Analysis Scott Richter UNCG-Statistical Consulting Center Department of Mathematics and Statistics UNCG Quantitative Methodology Series Regression Analysis Summer 2015 I. Simple linear regression i. Motivating example-runtime 3

1.31k views • 96 slides
GROUND SOURCE HEAT PUMP ANALYSIS FOR THE LOONGWOOD AT OAKMONT HEALTHCARE CENTER TYLER LOBB AE

GROUND SOURCE HEAT PUMP ANALYSIS FOR THE LOONGWOOD AT OAKMONT HEALTHCARE CENTER TYLER LOBB AE

LONGWOOD AT OAKMONT HEALTHCARE CENTER GROUND SOURCE HEAT PUMP ANALYSIS FOR THE LOONGWOOD AT OAKMONT HEALTHCARE CENTER TYLER LOBB AE SENIOR THESIS SPRING 2008 MECHANICAL OPTION THE PENNSYLVANIA STATE UNIVERSITY Presentation Outline

458 views • 28 slides
Web Dynamics L3S Research Center Hannover, Germany Analysis and Implications from Dr.

Web Dynamics L3S Research Center Hannover, Germany Analysis and Implications from Dr.

August 6-10, 2012 Lecturers Dr. Ismail Sengr Altingvde Senior researcher Web Dynamics L3S Research Center Hannover, Germany Analysis and Implications from Dr. Nattiya Kanhabua Search Perspective Postdoctoral researcher

1.02k views • 77 slides

More recommend