Welcome to ISSA KC

The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. Through its membership, ISSA -Kansas City helps security professionals in the Kansas City area learn of information security issues and trends, which promote education, collaboration, and leadership, and further the information security profession.

Attributing the Problem with Attribution in Cyberspace

Posted by VP ISSA Thursday, May 24, 2018


Author: Elliott Lillard, ISSA Member
Date: May, 2018

This article provides an opinion on the Attribution problem, especially concerning the conflict between the United States and foreign adversaries like China or Russia. Acting within cyberspace especially during hostile times and dealing with rival nation states adds a lot of complexity in terms of determining risk and appropriate action. Attribution deals with the ability to thoroughly understand who is behind an attack. Attribution can be deciphered based on evidence provided from the action, previous facts of various actors at play in terms of victim and perpetrator, as well as the reward of  understanding the who and why behind a cyber-attack.

Derek S. Reveron, the author of Cyberspace and National Security provides insights behind the problem of attribution, especially so in terms of cyberspace and cyberwar. “The increasing Internet accessibility of secrets, money, and industry creates significant incentives for individuals, groups, and states to find ways to use offensive cyber capabilities. This motivation is heightened by the fact that attributing attacks from cyberspace is often impossible and the laws and social norms relating to cyber espionage, crime, and warfare are often weak or nonexistent...As a result, those who profit from cyber-attacks are unlikely to be apprehended and if caught seldom face punishment,” (Reveron, 91).

The underlying fact behind why various nation states, hacktivists, internal actors and rogue individuals pursue hostile acts that conducted anywhere else besides the cyberspace domain would be considered an act of aggression comes down to the fact that malicious actors feel that they can get away with the crime without any sort of negative consequence. It is also very difficult to understand the full extent of the damage behind a cyber-attack. “The opaque nature of actions in cyberspace makes it difficult for the defender to know how far the attacker has penetrated and, therefore, exactly where they are on the policy slope,” (Hare, 132). Cyberwar is a far different battleground than traditional boots on the ground combat. It is much easier to understand who is behind missile strikes when the trajectory of artillery can be traced back to a hostile regime and thus be responded with equal or elevated kinetic action as well as to fully understand the damage done by such an attack.

At the time of this writing, the United States faces a few rival nations that could benefit from a successful and damaging cyber-attack. Those nation states include but are not limited to Russia, China, North Korea, and Iran. Russia has been under the microscope recently as it came to surface that they had direct impact on the last U.S. presidential election which threatens our democracy and outcome of a fair and just election process. China has gained economic benefits from conducting clandestine operations seeking intellectual property, trade secrets, and classified government documents. Iran and North Korea are increasingly interested in our nation secrets related to nuclear arms production and storage. These rival nations have made actions to infiltrate our nation and extract sensitive materials. However, these actions are not limited to passive actions and could be a more direct and crippling attack if focused on disrupting our critical infrastructure.

“A nation can suffer an existential threat from attacks and infiltrations through cyberspace by either state or organized non-state actors to degrade or disrupt critical infrastructure systems, both privately and publicly owned,” (Hare, 127). The issue of attributing these hostile actions from these attacks back to the original actor is paramount to responding, mitigating and preventing future cyber-attacks.

Rival nation states will continue to ramp up their sophistication and frequency of these cyber-attacks to avoid detection. If not fearful of the consequence of their actions, there would be no reason to hesitate to issue further attacks against our democracy and way of life. “Deterring attacks has depended on convincing opponents that the costs of attacking would be greater than any benefits they might obtain,” (Reveron, 92).  The United States must ramp up the ability to catch cyber-attacks in action before damaging effects can be done and determine who is behind these attacks through attribution. Once an attack has been traced back to an actor there should be standards in place to understand and respond appropriately through direct action or forming a coalition of allies to freeze trade agreements, economic sanctions or bolster together to issue a reciprocating cyber-attack far worse than their original. “Inaction is easy to justify in a deterrence situation, as a would-be adversary can always claim other reasons for not conducting an action for which a victim threatens retaliation,” (Hare, 131). By doing nothing after an attack also does nothing to deter future cyber-attacks.

Preventing future attacks is vital in successful deterrence strategy. “In most cases of cyber conflict confronting developed nations today, the more pressing issue is not deterring an actor from choosing to conduct hostile intrusions in cyberspace but compelling them to stop conducting intrusions that already have been highly successful,” (Hare, 126).

Foreign adversaries such as Russia or China will continue to push boundaries, infiltrate our networks for secrets and potentially wreak havoc on our critical infrastructure and vital systems. Thus, emphasis will need to be made to not only prevent future zero-day attacks but also prevent repetitive intrusion attacks that have already been proven to be successful. “Attribution is central to deterrence [...] [and] retaliation requires knowing with full certainty who the attackers are,” (Hare, 128).  Fixing the attribution problem in cyberspace will prevent future attacks because attackers will be caught in their tracks, responded to with appropriate action, and other nations will view this activity and think twice before conducting hostile actions.

References
Hare, F. (n.d.). The Signifi cance of Attribution to Cyberspace Coercion: A Political Perspective [Scholarly project]. Retrieved April 22, 2018, from https://ccdcoe.org/sites/default/files/multimedia/pdf/2_5_Hare_TheSignificanceOfAttribution.pdf
Reveron, D. S. (2012). Cyber challenges and national security: Threats, opportunities, and power in a virtual world. Washington, D.C.: Georgetown University Press.

May 2018 Chapter Newsletter

Posted by Administrator Thursday, May 10, 2018

The May edition of the ISSA newsletter is now available.

May 2018 Chapter Meeting

Posted by Administrator Tuesday, May 8, 2018

On May 24, 2018 the ISSA-KC Chapter members, and other security professionals will hold a meeting at Lidia's Italy Restaurant in Kansas City, MO, to network and attend the monthly chapter meeting, with presentation topic

Speaker:  David Swift, Securonix - Principal Architect, CISSP, GSEC, GCIH, GCIA, GSNA, ACTP.  Mr. Swift is a leading security practitioner holding a variety of certifications including incident handling, intrusion analysis, and network auditing, has published multiple papers on SIEM, compliance and security strategies and has more than 25 years of experience.  He joined Securonix in March of 2014, leaving a thriving SIEM practice at Accuvant that he led having completed over 300 SIEM projects covering nearly every industry leading product (HP/ArcSight, McAfee/Nitro, IBM/QRadar, Splunk….).

“At times I feel like a dinosaur having worked on computers since before the invention of the PC. But the firsthand experience on nearly every operating system, and hardware platform since the industry began comes in handy.” LinkedIn Profile: www.linkedin.com/pub/david-swift/28/a1a/672/.

Topic:  Key Changes in Security and Why They Matter, AKA Data Swamps and Data Lakes

Location:

Lidia’s Italy Restaurant,
101 W. 22nd street,
Kansas City, MO. 64108

Agenda:

11:30 AM - 12:00 PM Greeting and Registration
12:00 PM - 1:00 PM - Meeting & Presentation
1:00 PM - 1:30 PM - Questions, Answers & Networking

Menu:

Pasta Tasting Trio - A sampling of three daily-made fresh and filled pastas.
Biscotti Platters - An assortment of house-made cookies & sweets to pass and share family style.
Soft drinks, Iced Tea, Coffee

*Vegetarian option available, please note at registration
**Menu subject to change. **

Price:

$25.00 for ISSA Members,
$35.00 for Guests/Non-Members

Maximum Reservation: 35
Credit(s): 1 CPE credit 

Registration Now!

We look forward to seeing you at the event. If you have any questions about the event or how to register, please email our RSVP email, or contact the venue for directions.

ISSA-Kansas City May 17, 2018 Chapter Networking

Posted by Administrator Monday, May 7, 2018

Please join ISSA chapter members and other security professionals for Networking Affair!

This networking affair/happy hour is held at Seasons 52 from 5:00 PM to 7:00 PM.  This event is a great opportunity to become acquainted and interact with ISSA chapter members and other professionals. Come along and join ISSA chapter members and other security professionals at Seasons 52 for a lively happy hour!

Also, this special event is free for ISSA Kansas City chapter members!!! Guests and spouses are surely welcome to attend. All guests in attendance will receive two drink tickets. 


Date: Thursday, May 17th,  from 5:00 PM to 7:00 PM

Location: Season 52
340 Ward Pkwy,
Kansas City, MO 64112
(816) 531-0052
http://www.seasons52.com/

Register Now!


April 2018 Chapter Newsletter

Posted by Administrator Thursday, April 12, 2018

The April edition of the ISSA newsletter is now available.

ISSA Kansas City Mentoring Program

Posted by NB Thursday, April 5, 2018



ISSA Kansas City Mentoring Program 

The Kansas City ISSA Chapter mentor program is designed to formalize relationships between more senior professional individuals in the chapter (Mentors) and security professionals seeking to learn from these people to gain skills or further their career (Mentees). 

How do I sign up?
You can find the application and expectations for the program below. A couple of things to note:
- To be a Mentee you have to be a current Denver ISSA chapter member! Non-members are encouraged to join in order to take advantage of this great career opportunity.
- Mentor/Mentee matches are made based on several factors including goals, geographic location and experience. Because we aim to make the best possible matches based on several criteria we cannot guarantee that everyone will be matched.

Why should I become a mentor?
·         Contribute to the professional development of the future workforce;
·         Help build stronger community fabric;
·         Impart the principles of an experienced security professional;
·         Gain a broader view of your own community; and
·         Give something back to the profession!

Why should I become a mentee?
·         Explore the world of work through interaction with professionals in the career of their choice;
·         Gain an experienced practitioner's perspective on applying concepts to real-life situations;
·         Familiarize yourself with success in a corporate environment;
·         Identify long-term professional development goals;
·         Grow as an information security professional;
·         Gain the capacity to translate values and strategies into productive actions;
·         Increase career development opportunities.

I’d like some more details on how the program will work and what is expected. Where can I find out more? (Link pdf)

Submit Applications

April 2018 Chapter Meeting

Posted by Administrator

On April 26, 2018 the ISSA-KC Chapter members, and other security professionals will hold a meeting at Hereford House in Leawood, KS, to network and attend the monthly chapter meeting, with presentation topic.

Speaker:  Tedrick Housh leads the Cybersecurity & Data Privacy Practice at Lathrop Gage, where he assists companies with legal issues related to data collection, storage, protection, use, transfer and disclosure.  He helps clients manage security incidents, and resolve the ensuing disputes and liabilities.  He works with clients to implement, assess and improve Information Security Policies, Incident Response Plans and other aspects of privacy and security programs.  Mr. Housh helps clients navigate issues concerning data subject consent, data vendor and transfer agreements, and terms of use and privacy statements for websites and apps.  He has been active in the firm’s work involving Block chain and other emerging tech platforms, and worked on ICO projects and token sales.  With more than two decades of experience in workplace law, he also counsels on employment-related matters and litigates covenants not to compete and trade secret misappropriation.

Topic:  “Hot Topics in Information Security Law, from GDPR to Data Breach Class Actions”

Abstract:   Information Security professionals lead the battle to address vulnerabilities and avoid data loss or disclosure, but no system is perfect.  Companies have to plan for what might go wrong, and the legal landscape, like security technology itself, changes quickly.  Tedrick Housh of Lathrop Gage will provide an update on the latest developments in the law of information security and data privacy, and answer your questions.

Location:
Hereford House, 5001 Town Center Dr, Leawood, KS 66211
Agenda:

11:30 AM - 12:00 PM Greeting and registration
12:00 PM - 1:00 PM - Meeting & Presentation
1:00 PM - 1:30 PM - Questions, Answers & Networking

Menu:

Lunch : Choice of one: Beef, Chicken, or Salmon,Salad, Potato, Vegetable, Drink
*Vegetarian option available, please note at registration at Hereford House*
*Menu subject to change*

Price:
$25.00 for ISSA Members,
$35.00 for Guests/Non-Members
Maximum Reservation: 35
Credit(s): 1 CPE credit

We look forward to seeing you at the event. If you have any questions about the event or how to register, please email our RSVP email, or contact the venue for directions.
Register Now!

Cheers!
ISSA KC Officers
ISSA-Kansas City Chapter

Upcoming Events

May 24th, 2018 - Chapter Meeting **** Register *** May 17th, 2018 - Happy Hour *** Register ***

Past events:

April 26th, 2018 - Chapter Meeting Mar 22nd, 2018 - Chapter MeetingFeb 22nd, 2018 - Chapter Meeting Jan 25th 2018 - Chapter Meeting Dec 15th - FBI Briefing

Questions about upcoming meetings? email VP

Join the ISSA Kansas City Chapter

ISSA KC Mentorship Program Program Details

Mentor form/Application Mentee form/Application


Join our mailing list to stay current on ISSA Kansas City!


For more information on how to join the Kansas City Chapter of ISSA click here. ** Join today! **


ISSA Member Login Page ISSA ** Login **


ISSA’s Special Interest Groups (SIG) and Webinars:SIG On-Demand Conf

SIG groups are:

Security Awareness

Women in Security

Healthcare

Financial

Social Media

Chapter meetings are a great way to get to know your peers here in KC. And, if you're currently looking to make a career change, it's an invaluable way to build relationships that can provide you with the "inside information" on open security positions.










Do you have any membership questions? email link


Sponsors





Cloud-Delivered Network Security and Threat Intelligence


Home





Image result for Tenable


Be a sponsor!!! Email us at president@kc.issa.org