System Intrusion Tolerance / Balancing Privacy, Organizational Risk, and Information Sharing
Title: System Intrusion Tolerance Speaker: Mike Fisk, Los Alamos National Laboratory
A great deal of effort is spent trying to prevent cyber intrusions and yet commodity systems continue to be penetrable. Even when software is kept patched, social engineering, zero-day vulnerabilities, and supply chain risks continue to provide would-be intruders with ample opportunities. Our work is geared at maintaining some degree of system security after a system has been compromised. We will present an overview of our work on anomalous change detection within networks, and on quantitative measures of intrusion tolerance for authentication technologies.
Title: Balancing Privacy, Organizational Risk, and Information Sharing Speaker: Gina Fisk, Los Alamos National Laboratory
Sharing cybersecurity data across organizational boundaries brings both privacy risks in the exposure of personal information and data, and organizational risk in disclosing internal information. These risks occur as information leaks in network traffic or logs, and also in queries made across organizations. They are also complicated by trade-offs in privacy preservation and utility present in anonymization to manage disclosure. In this presentation we will present three principles that we use to guide sharing security information across organizations, and then will discuss engineering techniques that apply these principles to a distributed security system. Application of these principles can reduce the risk of data exposure and help manage trust requirements for data sharing, helping to meet our goals of balancing privacy, organizational risk, and the ability to better respond to security threats with shared information.