The document discusses the intersection of cybersecurity and data management, with a focus on the data dependencies of the NIST Cybersecurity Framework. It describes how cybersecurity involves data protection, encryption, continuity of operations, and forensics/analytics. The NIST Cybersecurity Framework recommends a defense-in-depth strategy targeting data at all levels. Properly implementing the Cybersecurity Framework requires increasing data infrastructure capabilities across on-premise, private, hybrid, and public cloud environments.

1. The Intersec+on of
Cybersecurity and Data Management:
Data Dependencies of the NIST
Cybersecurity Framework
David Rubal, CISSP
May 11, 2017

2. • David Rubal, CISSP
– DLT Solu)ons
– Chief Technologist, Data & Analy)cs
– Principal Data Scien)st
o 25+ years in Government Cyber and Informa)on Security
• Data Scien)st, Big Data Architect
• Cloud Migra)on and IoT Strategist
2
Backup/Recovery Data Science

3. “Cybersecurity” is:
3
• Applica)on, Informa)on, Opera)ons, Network, Internet/Web Security
(appsec, cloudsec, infosec, netsec, opsec – mobilesec, IoTsec, etc)
• Data Protec)on (Backup, Restore, Disaster Recovery)
• Encryp)on (Data-at-Rest/ In-transit)
• Con)nuity of Opera)ons (COOP)
• Forensics and Analy)cs

4. Cybersecurity is Defense-in-Depth
4
• Cybersecurity is a new ‘mash-up’ blending structured and unstructured data to
arrive at risk measurements, forensics and pa[ern or user behavioral analysis.
• While cybersecurity is a journey, a defense-in-depth strategy is the suggested
method of dealing with Zero-Day threats, Targeted a[acks, DDOS a[acks,
Advanced Persistent Threats (APTs), advanced malware, ransomware and data
the_ targe)ng the source, access, processing, storage and transfer of data at all
data center infrastructure levels.
• The recommended defense-in-depth strategy for all government agencies is the
NIST Cybersecurity Framework

5. Encryp)on for the Modern Agency Data Center
5
• Architect to protect data at all levels and stages (silicon-to-applica)on)
• Limit ‘open/clear’ data within the data center
• SSL ‘break and inspect’ at ingress/egress to detect known threats
• On-Premise (Private Cloud), Hybrid Cloud and Public Cloud

6. NIST Cyber Security Framework
6

7. The Cyber Security Threat Con)nuum
Opera)onalizing the NIST Cyber Security Framework
7
The Cyber Security Threat Con+nuum is:
• A ‘best prac)ce’ opera)onal workflow/methodology of data security processes aligned with the NIST Cybersecurity
Framework
• Con)nuously running func)ons and process, applying to all user traffic (inbound and outbound)
• Cri)cal to ongoing agency cyber opera)ons

8. Cyber Security Threat Con)nuum Requirements
8
Data Plahorm/Infrastructure
Storage, Compute, OS, Database, Apps
Public/
Community
Cloud
On
Premise
Private
Cloud
Hybrid
Cloud

9. Key Rela)onship: Enterprise Security & The Data Plahorm
9
Enterprise Security Architecture
Firewalls, Proxies, SSL/Malware Inspec)on,
Logs, Policy Management, Sensors, Forensics/Analy)cs
Data Plahorm/Infrastructure
Storage, Compute, OS, Database, Apps
Structured
Data
Unstructured
Data
Semi-structured
Data
Modern Cyber Opera+ons

10. 10
NIST Cybersecurity
Framework & IT
Infrastructure
- Every level of the NIST
Cybersecurity Framework
requires increasing data
infrastructure capabili)es
- Relevant for on premise,
private, hybrid or public
cloud scenarios

11. Thank You!
David Rubal, CISSP
TwiRer: @DaveRubal