Enhancing Resilience Through Effective Planning, Detection, and Response

25 January 2022 | Free CS Hub Online Event 

Jonathan Reiber

Senior Director, Cybersecurity Strategy and Policy AttackIQ

Jonathan Reiber is a writer and security strategist based in Oakland, California. From serving in senior positions in the Department of Defense in Barack Obama’s administration to leading cybersecurity strategy for companies in Silicon Valley, his work focuses on building resilience to socio-political disruptions. He advises governments and organizations on the risks of digitization—from online extremism to influence operations to cybersecurity—and the political, policy, and technical solutions required to mitigate them.

A former Chief Strategy Officer for Cyber Policy in the Office of the Secretary of Defense, Jonathan has served as Special Assistant and Speechwriter to the United States’ Deputy Secretary of Defense, Dr. Ashton B. Carter, and previously as Special Assistant to the United States' Principal Deputy Under Secretary of Defense for Policy, Dr. James N. Miller. In both positions he focused his work on foreign and defense policy, strategy, Middle East and Asia-Pacific affairs, and cybersecurity. He campaigned full-time for Barack Obama in 2007-2008.

Prior to U.S. government service, he worked for the United Nations Peacekeeping Mission in Sudan, as a Research Manager at a geological intelligence firm, and as a political and communications advisor to the Episcopal Church. He is a graduate of Middlebury College, where he studied religion and creative writing, and The Fletcher School of Law and Diplomacy, where he studied International Security Policy and U.S. Diplomatic History and served as Editor-in-Chief of The Fletcher Forum of World Affairs.

Agenda Day 1: 25th January 2022

10:00 Executing a Threat-Informed Defense: Cyberspace Operations, MITRE ATT&CK, and The Gray Space of Digital Conflict

The cybersecurity community is evolving from a fortress mentality of “network defense” to a “threat-informed defense” approach. Over the last decade, the U.S. military has been at the forefront in this transition, first in the intelligence-operations bond that developed between analysts and warfighters during the conflicts in Afghanistan and Iraq and against al-Qaeda, and then in cybersecurity. Traditionally in cybersecurity, “blue” team defenders focused their strategies on meeting baseline cybersecurity best-practices: correcting misconfigurations, administering patches, and deploying commercial products. Red teams were smaller and testing occurred periodically and not at the requisite scale to validate the blue team’s defense effectiveness. If blue teams fail to orient towards the most important threats, resources are often wasted; absent effective testing, security controls likely fail. Three lessons emerge from the evolution of threat-informed defense in the U.S. military. It is important to (1) understand the adversary’s approach; (2) identify high-value assets and defense capabilities required to defend them; (3) build tight bonds between teams to focus on known threats and exercise your defenses. A leader also needs to be appointed to manage threat-informed defense across an organization, similar to the dual-hat of the Director of the NSA and Commander, U.S. Cyber Command. In this webinar, participants will discuss lessons-learned from implementing a threat-informed defense strategy in the U.S. Defense Department, public-private combined operations, and the private sector and leave better equipped to effect positive change in their organization. 

This session will address:

·       Understand an adversary’s attack mindset through the lens of a threat-informed defense 

·       Discover the benefits of building collaboration between red and blue teams via a purple teaming

approach to cybersecurity 

·       Identify high-value assets and defense capabilities required to thwart attacks 

·       Get practical information on how to implement these strategies in your own organization in

2022