August 21, 2012 at 6:30 PM
ISSA National Capital Chapter August meeting topic:
Advanced Persistent Threats (APT’s)
A Balanced Approach for Survivability and Sustainability in the Cyber Realm
by Curtis Levinson
United States Cyber Defense Liaison to NATO
Abstract
Advanced Persistent Threat (APT): APTs are attacks on US information technology and telecommunications infrastructure by known nation-state and other bad actors. These attacks are currently taking the form of Phishing and Spear Phishing attacks on US assets both government and industry. Phishing attacks are extremely difficult to detect and it appears from public sources that a portion of the attacks are coming from (spoofed) trusted domains, which makes filtering even more difficult. The primary remedy to such attacks is a combination of extreme user education/training and comprehensive Business Continuity Planning and Disaster Recovery (BCP/DR/COOP) implementation. Users need to be educated as to what acceptable practices are for eMail messages with embedded URLs and the urgent need to NOT CLICK on embedded URLs. Any questions as to the nature of the destination of the embedded URL MUST be directed to the message author, NOT acted upon in the eMail note itself. Since bad things can, do and will continue to happen, recovery plans, programs and techniques must be up to the task of restoring critical functions as soon as possible. The quicker we can recover, the more ineffective the attack.
About the Speaker
Curtis Levinson has over 25 years of focused experience in Cyber Security and Information Assurance. He is a highly experienced risk assessor and technology architect specializing in all phases of the security engineering process including regulatory compliance, policy formulation, cyber attribution and forensics, risk analysis, network/system hardening and resilience, implementation, testing, certification and accreditation, operations, training and managing the security of information and telecommunications systems in a wide variety of environments.
Mr. Levinson was selected by NATO (North Atlantic Treaty Organization) to represent the United States as an advisory subject matter expert on Cyber Defense for the IRCSG (Industrial Resources and Communications Services Group). This group falls under NATO’s Civil-Military Planning and Support Section, which is essential to the Alliance’s common defense and security.
Mr. Levinson's professional certifications include: Master Business Continuity Planner, Certified Data Professional, Certified Information Systems Security Professional, Certified Business Continuity Planner and Certified Homeland Security Professional. He is a graduate of the American University in Washington, DC and the London School of Economics in London, England. He has also completed post graduate course-work at the National War College, Columbia University, and the Wharton School of Business.
Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.
Tuesday, August 21, 2012 6:30 PM
Government Printing Office
Room A138
732 N. Capitol St.
Washington, DC, 20401
Click here for details