GLOBAL CYBER INTELLIGENCE – CONSECRATED
Global Cyber Intelligence Consecrated . This Video Presentation is rededicated to the International Cyber Defense Umbrella comprising of Military Alliance Cyber Commands , Government and Federal Cyber Defense Agencies , Private CTI Defense Corporations , Security Operations Centre , Computer Emergency Response Teams , Transnational Independent Cyber Threat Intelligence Analysts & Specialists.
KEY HIGHLIGHTS –
UN , US , NATO , INDIA , Federal Security Agencies , Military Cyber Force and Commands , Private CTI Agencies and Corporations.
Two invaluable book recommendations from UN and suggestions to UN . My recent reads .
“The Basic facts about UN” is a mini encyclopaedia. Not just about UN but Copernican World Events and Crisis/Conflict response at the Macro Level including the development and progress of ICT’s and the ICT task force. The historical significance and evolution on a chronological linear timeline. Also quite significant was the section on Peaceful use of outer space – Relevant Treaties and Agreements. UNISPACE conferences , cooperation with European Space Agency (ESA) , NASA , International Astronautical Federation (IAF) , Committee on Earth observation satellites (CEOS) , Committee on Space Research (COSPAR) etc.
The other Book uncommon opportunities – Agenda for Peace and Equitable development
The Report of the International Commission on Peace and Food by International Center for Peace and Development USA and M.S. Swaminathan Research Foundation Chennai India .
Highlights are the sections on the “Peace Imperative” – Information Superhighways , War as an instrument of Policy , Nuclear Weapons (START 1 , START 2 , NPT , CTBT , Ballistic Missiles) , Confidential Studies by NATO , Cooperative Security, MAD doctrine , World Army Proposition and Hypothesis etc . Alacritous rise of India and China in the Global Order and what made it possible.
US Cyber Policy for Deterrence. Executive Order 14028 Improving the Nation’s cybersecurity. This EO Mandates endpoint protection , defining logging requirements , implementing audit logging in a unified way and enhancing the capabilities to provide further insight into system and account actions. The EO responds to an increase in Cyberattacks that use ransomware to cripple critical infrastructure components related to National Security and the public . Enhancing existing information assurance security controls as a part of a Risk management framework is a suitable mechanism to facilitate compliance and justify funding based on these Presidential requirements.
White House Cyber Physical Resilience Initiative (ISSA SIG) – Cyber Resilience refers to the ability to protect electronic data and systems from cyberattacks as well as to resume business operations quickly in case of a successful attack. In times of increasing damage and sophistication of attacks it is of paramount importance to develop critical cyber resilience capabilities in each organisation. Yet cyber resilience is currently understood differently by various organisations despite the fact that NIST had published clear guidelines(800-160) then followed by other valuable publications and initiatives from MITRE , CERT -US , CISA etc.
NATO CCDCOE Locked Shields Livefire Exercise 2023 – a unique international Cyberdefence Exercise offering the most complex technical live fire challenge in the World. From a Strategic perspective the exercise offers training and practice in effective decision making and crisis coordination when facing large scale cyber attacks targeting the critical sectors and it’s infrastructure. NATO Cyber Commanders Handbook 2.0 at stakeholders meeting in Tallinn Estonia – leveraging a cooperative approach for Cyber Defence.
India’s meteoric rise in United Nations Specialised Agency for Information and Communication Technologies – International Telecommunication Union (ITU) ranking for everything Cybersec . Ranked at 10th from the 47th Spot with an overall Score of 97.49. 4th Spot in Asia Pacific Region.
USA and UK ranked First and Second respectively. Saudi Arabia and Estonia was ranked third. South Korea , Singapore , Spain shared the fourth spot . Russia , UAE , Malaysia shared the Fifth Spot . Lithuania came in sixth followed by Japan , Canada , France at seventh , eight and ninth respectively.
Also 3 Indian Leaders have been named in Global Hall of Fame report that identified “CLOUD SECURITY AS THE BIGGEST CHALLENGE” – Indian Govt once said that they want to make INDIA the Global hub for Cybersecurity. And India is indeed making some good progress in that much needed direction . As a fast growing “World Class Digital Payment Ecosystem” economy – Cybersecurity and Cyber Resiliency become of paramount importance mechanically.
Open Source Software is India’s inherent Strength . A Quick analysis of the Internet and YouTube will reveal India’s talent in Open Source OS Linux distros – Ubuntu , Fedora , Kali Linux , Elementary OS , Debian etc . DIY’s and How 2 Do’s across the length and breadth of the Internet unveil this hidden untapped and unorganised skill set that needs to be developed and promoted further . The Beauty of OSS are the following.
- Right to use study change distribute the software and its source code to anyone for any purpose.
- Development in Collaborative Public Manner.
- Examine the Code thereby facilitating public trust in the Software.
Linux has the largest installed base of all general purpose operating systems ( including AOSP and ChromeOS) . From running the terminals at the International Space Station to some of the fastest supercomputers..OSS is everywhere.
The Chromebook, which runs the Linux kernel-based ChromeOS, dominates the US K–12 education market and represents nearly 20 percent of sub-$300 notebook sales in the US. Linux is the leading operating system on servers (over 96.4% of the top 1 million web servers’ operating systems are Linux), leads other big iron systems such as mainframe computers, and is the only OS used on TOP500 supercomputers (since November 2017, having gradually eliminated all competitors).
Linux also runs on embedded systems, i.e. devices whose operating system is typically built into the firmware and is highly tailored to the system. This includes routers, automation controls, smart home devices, video game consoles, televisions (Samsung and LG Smart TVs use Tizen and WebOS, respectively), automobiles (Tesla, Audi, Mercedes-Benz, Hyundai, and Toyota all rely on Linux), spacecraft (Falcon 9’s and Dragon 2’s avionics use a customized version
More Snapshots in the above video presentation.
Future of the Intelligence Community Workforce – Enabling a Secure Hybrid Work Environment – CIA and MITRE Corp.
US Cert (Computer Emergency Response Teams) , Cybersecurity and Infrastructure Security Agency (CISA) National Security Agency (NSA) Events .
Intelligence and National Security Alliance (INSA) and ISSA (Information Systems Security Association) Brainstorms Webinars Seminars .
. EU Cyber Defence Innovation Program.
European Cyber Agora.
National Cyber Strategies to Defend Critical Infrastructure.
Global Annual Cybersecurity Summits and National Cybersecurity Alliance endeavours.
UKCSA UKSec – Challenges faced by Governments and International Law Enforcement.
. Cybersecurity Projections and Predictions.
Cyber Task Force – FBI Criminal Cyber Squad .
Cyber World Congress – 24 hr Virtual Events.
. Cyber Threat Intelligence Talks.
. CyberAI and its impact on OSINT.
Cyber Intelligence Units Quarterly Updates (Infoblox)
CYBERWARFARE PREPAREDNESS by Allen Ari Dziwa.
Military Cyber Commands and Cyber Force (SoC- Trident Jaguar)
Assessing the risk and Protecting the Supply Chain.
. Podcast on Cyberweapons.
. Future of Cybersecurity and Risk Analysis.
Cyber Threat Intelligence and Incident Response.
Cybersecurity Advanced Persistent threat Defenders Overview.
. Virtual Intelligent Automation Exchange – Director of AI Defense Intelligence Agency (DIA)
. Small Business National Security Showcase (Directorate of Digital Innovation CIA)
. CISO perspective – Delta Airlines.
. Cyber Strategies for a World at War (Open Source Aggregation and Analysis).
. WEF and INTERPOLs Global Risk Annual Assessments and SOC – Cyber Ploygon.
Google Cloud Security talks and threat Analysis Group.
Digital Risk Management e-learning platform for mediators. UN DPPA and Cyberpeace Institute.
1PowerCyber @ Easytech4all CTI Research & Analysis consultancy focuses it’s energies on Military Cyber Commands and Global Federal Agencies CTI reports , webinars , brainstorms , bright talks by global industry and Agency experts to build a threat Intel knowledge pool . The Cyber Threat Intel Knowledge pool in turn takes shape of mindmaps , infographics and video content presentations to be used for Blogs , Digital Magazines , Newsletters and CMS .
This Knowledge pool also facilitates analysis and benchmarking of EDR/NDR , Siem , SOAR solutions available for different ecosystems . This coupled with OSINT research conducted through different search engine Algorithms facilitates proactive Cyber Threat Intelligence Projections incorporating various Geopolitical , Strategic and Policy inputs. Eventually this threat Intel gets included on Collaborative CMS & services integration platform.
Cyber Strategic Communication based on OSINT and Global Cyber Policy Analysis also remains an area of Major interest as it is indispensable for future Cyber threat projections.
OS Hardening – Mapping Desktop / Mobile OS and Application Security with every successive firmware and security patch is continuous work in progress at the Threat Intel Research Consultancy.
This Video Presentation is a succinct snapshot of some Preliminary and detailed experience with Global Cyber Intelligence Think Tanks , Organizations and Associations .
From Researching Analysing Cybersecurity and CTI Products/Services to functioning as a Cyber Threat Intel Provider for Governments , Global Agencies and CTI Organisations. The Scope for Transnational Cyber Alliance remains stupendous.
1Power Easytech4all Cyber threat Intelligence Solution primarily relies on the Cyber Prudence and Strategic Insights of Global Experts from UN Cyber Policy Assessments and Debates on ICT’s , White House Cyber Policy EO’s , Risk Assessments , White House Cyber Resilience Initiatives through various organisational SIGs etc . Also ISSA , INSA ,NATO , UNIDIR , European Defence Agency (EDA) , National Security Agency (NSA) , Cybersecurity and Infrastructure Security Agency (CISA ), Federal Bureau of Investigation (FBI) , World Economic Forums (WEF) Annual Critical Risk Assessments and Cyber Polygons (SOCs) in addition to Pvt Agency Security Operations Centers findings plus CTI analysis.
They are the Cyber beacons for the World shaping Global Cyber Policy and Cyber Deterrence Countermeasures plus standards .
1PowerCyber @ easytech4all.net
- The policy challenges presented by
cyberspace are not solely technological
in nature. The cyber domain is a human-
made environment and is fundamentally
shaped by human behaviour. It amplifies
such behaviours for better or worse,
the impacts of which are usually also
felt in the physical world. Cyberspace
is owned and operated by private
companies, governments, non-profit
organisations, individual citizens and
even criminals. This means that any
strategic response to this context must
link geostrategy and national security,
criminal justice and civil regulation,
economic and industrial policy and
requires a deep understanding of the
different cultural or social contexts and
value systems interacting online. - Cyberspace also transcends
national borders. Technology supply
chains and critical dependencies are
increasingly global, cyber criminals
and state-based actors operate from
around the world, powerful technology
companies export products and set
their standards, and the rules and
norms governing cyberspace and the
internet are decided in international fora.
Cyberspace is also continually evolving
as technology and the ways people use
it change, requiring us to adopt an agile
and responsive approach.
What is cyberspace?
To many of us, cyberspace is the
virtual world we experience when
we go online to communicate, work
and conduct everyday tasks. In
technical terms, cyberspace is the
interdependent network of information
technology that includes the internet,
telecommunications networks,
computer systems and internet-
connected devices. For the military,
and when considering our efforts to
counter threats in cyberspace, it is an
operational domain, along with land,
sea, air and space.
How is cyberspace experienced?
Cyberspace is, by definition, a ‘shared’
space and its scale and complexity
means that every person’s experience of
it is unique. Citizens access cyberspace
when they check their bank accounts
online or stream a film at home.
Businesses use cyberspace to connect
their staff with the resources they need,
whether this is access to information or
control over a manufacturing process.
Governments provide public services to
their citizens using online portals. Cyber
professionals look ‘under the hood’ at
the technology, standards and protocols
that make it all ‘just work’ for users. All
these groups use cyberspace in different
ways and for different purposes, and we
are all making an ever-greater use of it.
Cyberspace can be described in terms of three layers:
Virtual
The part of cyberspace most people experience. It consists of
representations of people and organisations through a virtual identity
in a shared virtual space. Virtual representations could be an email
address, user identification, a social media account or an alias.
One person or one organisation can have multiple identities online.
Conversely, multiple people or organisations could also create just a
single, shared identity.
Logical
The part of cyberspace made up of code or data, such as
operating systems, protocols, applications and other software.
The logical layer cannot function without the physical layer and
information flows through wired networks or the electromagnetic
spectrum. The logical layer, along with the physical layer, allows
virtual identities to communicate and act.
Physical
The physical layer of cyberspace includes all the hardware on which
data is transmitted, from the routers, wires and hubs that you have in
your home, to large complex telecommunications systems operated
by big tech companies. As well as physical infrastructure it includes
the electromagnetic spectrum on which data is transmitted, such as
WiFi and radio.
Cyber attacks can have devastating consequences for both companies and their customers. Network compromise can lead to unauthorized access to and theft of both business and customer data. In 2022 in the US alone, there were 1,802 recorded data compromises, with 422.14 million people affected by said compromises.
Manage cyber
security risk
- In order to manage cyber
security risk, government
organisations must be able
to identify, assess and understand them.
The foundation of this lies in the visibility and
understanding of assets, their vulnerabilities,
and the threat to them – whether internal
to an organisation or emanating from its
supply chain. Clear accountability and
robust assurance will ensure that risk
owners are aware of the risks they have the
responsibility to manage, and that they are
doing so appropriately. - Information about vulnerabilities must be
shared across governments to provide a
central view of critical vulnerabilities that
will enable cross-government risks to be
identified and managed, facilitating rapid
assessment, coordination and mitigation
at scale.
Protect against
cyber attack
- The protective stance of
individual government
organisations will be
inextricably linked to their assessment and
management of risk. While it will never be
possible to protect against all attacks, those
accountable must be able to demonstrate that
they have appropriately considered those
risks and responded accordingly. - Proportionate cyber security measures must
be embedded in the technology government
uses, and technology and digital services
will be correctly designed, configured and
managed. Crucially, governments must develop
its shared capabilities, tools and services
to address common cyber security issues
at scale, improving cyber security across
the whole of government as well as driving
efficiency and value for money.
3.At the heart of any government’s
responsibility must be to protect the data it handles.
As well as appropriately classifying
information, governments must handle and
share it in a way that is commensurate with
the risks it presents, using the appropriate IT Systems.
Detect cyber
security events
- Building on the foundation
of risk management and
commensurate protective
measures, governments must develop its
capability to detect cyber security events
across every part of its estate to ensure that
risks can be mitigated before they critically
impact government functions and services. - This means having the capability to monitor
systems, networks and services to detect
cyber security events before they become
incidents. Enhanced coordination will enable
governments to have the agility to use these
data inputs to detect at pace and scale,
facilitating coherent responses as well as
providing the capabilities to detect more
sophisticated attacks.
Minimise the impact of
cyber security incidents
- While effective risk
management, appropriate
and proportionate
protective measures and
enhanced detection capability will make
governments a considerably hardened
target, government organisations will still be
impacted by cyber security incidents. - Governments must therefore be fully prepared
and able to respond to cyber incidents with
the capability to restore affected systems
and assets and resume the operation of
its functions and services with minimal
disruption. A critical component of this will
be establishing the mechanisms to test
and exercise incident response plans, both
organisationally and across government,
as well as the ability to learn lessons from
incidents and ‘near misses’.
Cyber Critical Infrastructure | Nuclear impingement
CCI | Nuclear Reimagined
CCI Infra – Nuclear Landscape | NCAM 2022
Role of Dynamic Multidimensional Security Approach Zero Trust Network Access on Critical Infrastructure.
Cyber Attacks on Critical Infrastructure | NATO
Zero Trust Architectured Networks – US Cybersecurity and Infrastructure Security Agency . Department of Homeland Security
US Intelligence and National Security Alliance
Protecting Critical Infrastructure: Key Elements of the New National Cybersecurity Strategy
Tuesday, May 2 | 1:00 – 2:30 PM ET | Virtual – two-part program!
Panelists:
Brian Scott, Deputy Assistant National Cyber Director for Cyber Policy and Programs, Office of the National Cyber Director, Executive Office of the President
Speaker from CISA (Invited)
Chris Boyer, Executive Committee Member, Communications Sector Coordinating Council, and VP, Global Security and Technology Policy, AT&T
Amanda Craig, Executive Committee Member, IT Sector Coordinating Council and Senior Director, Global Cybersecurity Policy, Microsoft
Matthew Eggers, VP for Cybersecurity Policy, U.S. Chamber of Commerce
Cyber Council – New White Paper
Industry Contributions to Offensive Cyber Operations, outlines the importance of public/private collaboration in cybersecurity and provides five key recommendations that can help strengthen U.S. critical infrastructure.
Key Highlights of
Google Cloud Security – 2023 Outlook
https://cloudonair.withgoogle.com/events/2023-emea-security-talks?talk=na-talk-1
Frontline Threat Intel Panel
https://cloudonair.withgoogle.com/events/2023-emea-security-talks?talk=na-talk-2
Cyber Crime Metamorphosis: A Case Study Examining How Criminals Adapt to Chaos
https://cloudonair.withgoogle.com/events/2023-emea-security-talks?talk=na-talk-3
Managing Open Source Software Security
https://cloudonair.withgoogle.com/events/2023-emea-security-talks?talk=na-talk-4
DDoS Trends at US Elections and What’s New with Cloud Armor
https://cloudonair.withgoogle.com/events/2023-emea-security-talks?talk=na-talk-5
Defeating Cryptomining Attacks with Native Security Controls
https://cloudonair.withgoogle.com/events/2023-emea-security-talks?talk=na-talk-6
Cloud Detection & Response Survey: Challenges and Insights
https://cloudonair.withgoogle.com/events/2023-emea-security-talks?talk=na-talk-7
Office of the CISO
RESOURCES
Improve Decision Making with Automated Contextual Awareness
https://cloudonair.withgoogle.com/events/2023-emea-security-talks?talk=na-talk-8
Quick recap of Global Cyber Threat Intelligence brainstorms (2019-2022) by https://1Power.substack.com and https://easytech4all.net
US Federal Agencies. Security Organisations
US Cyber Command.NSA.US Dept of Homeland Security.Department of Defense . Secret Service CID. CISA.FBI
UN Security Council Cyber Threats Debate –
UNIDIR Cyber Stability Conference 2021 & AI Disruption Peace Security (innovations dialogue) 2022
https://1powercyber.substack.com/p/unidir-cyber-stability-conference
Importance of Information and Communication technologies .
NATO Locked Shields 2022
https://1powercyber.substack.com/p/nato-locked-shields-2022?utm_source=pocket_mylist
Cyber Polygon with World Economic Forum and INTERPOL
https://1powercyber.substack.com/p/wef-and-interpol-cybersecurity-mega?utm_source=pocket_mylist
White House National Cybersecurity Strategy
Countering Ransomware with Department of Homeland Security , Cybersecurity and infrastructure Security Agency , Federal Bureau of Investigation , SecretService Criminal Investigation Department
Cyber Essentials by Cybersecurity and Infrastructure Security Agency and Department of Homeland Security.
Ransomware Attackers Defenders – FBI’s perspective
US Cyberspace Solarium Commission
UK Cybersecurity Association with Digital Police Center.
Fourth Annual Cybersecurity Summit by Cybersecurity and Infrastructure Security Agency .
Fourth CEO Summit – USA
State of American Business 2023
Challenges faced by Government and international LAW Enforcement
Intelligence and National Security Alliance (INSA) 2022 UPDATE
What is Advanced Cyber Threat Intelligence ?
Accreditations Webinars LMS – Cybersec CTI
Google Cloud Security Summit with Chris Inglis (National Cyber Director , Executive office of the US President)
https://1powercyber.substack.com/p/google-cloud-security-summit-with
Security information and event management (SIEM) is a field within the field of computer security, where software products and services combine security information management (SIM) and security event management (SEM). They provide real-time analysis of security alerts generated by applications and network hardware. Vendors sell SIEM as software, as appliances, or as managed services; these products are also used to log security data and generate reports for compliance purposes. The term and the initialism SIEM was coined by Mark Nicolett and Amrit Williams of Gartner in 2005.
Zero Trust Architectured Networks by Cybersecurity and Infrastructure Security Agency
1PowerCyber and Easytech4all Global CTI Research & Analysis.
Mapping Global CTI Landscape and Visual Trends
International Cyber Threat Intelligence Brainstorms
Safe and Secure Digital Ecosystem for Schools by US Department of Homeland Security and Department of Justice
Global Cyber Threat Landscape
CyberKinetic and 5G
https://1powercyber.substack.com/p/cyber-kinetic-warfare?utm_source=pocket_mylist
Cyber Independence and Freedom
Cyberattacks and Critical Infrastructure (Reading & Resources)
Space Threats and Satellite Navigation Systems
https://1powercyber.substack.com/p/space-threats-satellite-navigation?utm_source=pocket_mylist
Comsec Protocols and Paradigms
https://1powercyber.substack.com/p/comsec-protocols-and-paradigms?utm_source=pocket_mylist
Advanced Cyber Threat Intelligence Landscape and Updates via Digital Magazine by 1PowerCyber for Easytech4all.net
Advanced Cyber Threat Intelligence Research Analysis Assessment and Projections . Video Playlist .
Advanced Cyber Defense Threat Intelligence Blog in Progress
https://easytech4all.net/author/easytechonline/
https://1powercyber.substack.com
https://1powercyber.blogspot.com
https://easytech4all.tumblr.com/
References
Clarke R.A, K. R. (2010). Cyber war: the next threat to national. eCCO.
Clarke, R. (2011). Cyber War: The Next Threat to National Security and What to Do About It. Harper Collins.
Cybersecurity and Infrastructure Agency. (2021, October 15). CISA HOME. Retrieved October 14, 2021, from https://www.cisa.gov/about-cisa
Gazula, M. B. (2017). Cyber Warfare Conflict Analysis and Case Studies. Massachusetts Institute of Technology .
Jeremy Rabkin, A. R. (2016). Hacking Back Without Cracking Up. Aegis Paper Series No. 1606.
Kukuh Ugie Sembodho, A. T. (2021). The Limitation of United States Deterrence Strategy Towards North Korean Cyber . Global Strategis, p. 150.
Libicki, M. (2009). Cyberdeterrence and cyberwar. Santa Monica: The Rand Corporation.
M, T. (2012). An analysis for a just cyber warfare in Cyber Conflict (CY-CON). , 2012 4th International Conference on,, (pp. 1-10).
National Security Agency. (2021, October
14). NSA Home.
Parks R, D. D. (2011). Principles of cyberwarfare, security privacy. IEEE, 30-35.
Rid, T. (2012, March). Think Again: Cyberwar. Foreign Policy , pp. 80-84.
Sanger, D. (n.d.). The Perfect Weapon: War, Sabatoge, and Fear in the Cyber Age. New York: Crown Publishers.
Schmitt, M. (2014). The Law of Cyber Warfare: Quo Vadis? Stanford Law & Policy Review, 269-270.
Tallin Mannual. (2017). Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations.
The White House. (2011, April). National Strategy for Trusted Identities in
Cyberspace.
The White House. (2021). Improving the Nation’s Cybersecurity. Federal Register Vol. 86.
Trautman, L. J. (2016, April). Cybersecurity: What About US Policy? Journal of Law, Technology & Policy, p. 344.
US Cyber Command. (2021). US Cyber Command Mission. Retrieved from https://www.cybercom.mil/About/Mission-and-Vision/
Global Cyber Defence Intelligence | Strategic Communications - CyberSpace AI | OS Hardening | Adv Integrated Modular Battlefield Management System | Research & Analysis 