The Sliding Scale of Cyber Security

  • Webcast Aired Wednesday, 22 Jul 2015 11:00AM EDT (22 Jul 2015 15:00 UTC)
  • Speaker: Robert M. Lee

Cyber security lacks nuance. Meaningful terms get reduced to buzz terms, useful terminology gets abused by marketing pitches, and 'cyber talk' takes the place of real discussions about security. The Sliding Scale of Cyber Security adds nuance to what it means to do security by presenting five categories that contribute to cyber security as a guide for resource allocation, actions, and skill development. Those five categories are Architecture, Passive Defense, Active Defense, Intelligence, and Offense. The framework presented can be used to analyze case-studies, explain technical matters to non-technical folks, act as a measuring stick of security maturity in an organization's resource investments, and help defenders understand the big picture root cause of security issues. In this webcast, Robert M. Lee, the author of SANS ICS515 - Active Defense and Incident Response and the co-author of FOR578 - Cyber Threat Intelligence will explain the framework and some examples of how he uses it to deconstruct high profile cyber attacks.