Rough and Ready: Frameworks to Measure Persistent Engagement and Deterrence

Presented at Black Hat USA 2019, Aug. 8, 2019, 9:45 a.m. (50 minutes)

The US is in the midst of its most dramatic shift in policy, emphasizing forward defense and deterrence and to "intercept and halt" adversary cyber operations. Supporters believe these actions should significantly reduce attacks against the United States, while critics worry they may incite more adversary activity. There is no standard methodology to measure which is the case. This talk details recent research to introduce transparent frameworks to better assess whether the new U.S. policy and actions are suppressing or encouraging attacks.

Presenters:

• Neil Jenkins - Chief Analytic Officer, Cyber Threat Alliance
  Neil Jenkins leads the CTA's analytic efforts, focusing on the development of threat profiles, adversary playbooks, and other analysis using the threat intelligence in the CTA Platform. Previously, he served in various roles within the Department of Homeland Security, Department of Defense, and Center for Naval Analyses, where he spearheaded numerous initiatives tied to cybersecurity strategy, policy, and operational planning for both the public and private sectors.
• Jason Healey - Senior Research Scholar, Columbia University SIPA
  Jason Healey is a Senior Research Scholar at Columbia University's School for International and Public Affairs specializing in cyber conflict, competition and cooperation. Prior to this, he was the founding director of the Cyber Statecraft Initiative of the Atlantic Council where he remains a Senior Fellow. He is the editor of the first history of conflict in cyberspace, A Fierce Domain: Cyber Conflict, 1986 to 2012. A frequent speaker on these issues, he is rated as a "top-rated" speaker for the RSA Conference and won the inaugural "Best of Briefing Award" at Black Hat. He helped the world's first cyber command in 1998, the Joint Task Force for Computer Network Defense, where he was one of the early pioneers of cyber threat intelligence. During his time in the White House, he was a director for cyber policy, coordinating efforts to secure US cyberspace and critical infrastructure. He created Goldman Sachs' first cyber incident response team and later oversaw the bank's crisis management and business continuity in Asia. He served as the vice chair of the Financial Services Information Sharing and Analysis Center (FS-ISAC). He is on the review board of DEF CON hacker conference and served on the Defense Science Board task force on cyber deterrence. He started his career as a US Air Force intelligence officer with jobs at the Pentagon and National Security Agency and is president of the Cyber Conflict Studies Association.

Links:

• https://www.blackhat.com/us-19/briefings/schedule/#rough-and-ready-frameworks-to-measure-persistent-engagement-and-deterrence-15140
• https://infocon.org/cons/Black Hat/Black Hat USA/Black Hat USA 2019/Rough and Ready Frameworks to Measure Persistent Engagement and Deterrence.mp4
• https://infocon.org/cons/Black Hat/Black Hat USA/Black Hat USA 2019/Rough and Ready Frameworks to Measure Persistent Engagement and Deterrence.en.transcribed.srt (subtitles)
• https://www.youtube.com/watch?v=sEN3NipF_FY

Similar Presentations:

• ShmooCon 2022 Rescheduled / “She doesn’t even go here!” Using Denial, Deception, and Adversary Engagement for Defense
• Black Hat USA 2010 / Policy, Privacy, Deterrence and Cyber War