Mr. Dick Bussiere is Tenable Network Security’s Technical Director for the Asia Pacific Region. In this multifaceted role, Mr. Bussiere is responsible for evangelizing the criticality of vulnerability assessment, vulnerability management, and comprehensive security monitoring strategies as part of an organizations enhanced cybersecurity posture. Mr. Bussiere is a frequent public speaker on these and other security and networking matters.
Mr. Bussiere frequently assists Financial Services Organizations, Governments, and Managed Security Service Providers in adopting a regimen of aggressive monitoring for vulnerabilities and breaches to help significantly improve their cybersecurity position.
Prior to Tenable, Mr. Bussiere was Arbor Network’s Solution Architect for Asia Pacific. In this role, Mr. Bussiere assisted organizations in assessing their risk exposure to Distributed Denial of Service attacks. He has advised several regulatory bodies on recommended legislation to protect critical infrastructure against DDoS attacks.
Mr. Bussiere is the holder of five patents related to computer networking and network security. He was also an active participant in the IEEE and IETF working groups.
Applying Critical Security Framework to Critical Infrastructure
Critical infrastructures both in Singapore and worldwide continue to be aggressively targeted by cybercriminals and nation states. One need only review the events that occurred against the Ukrainian power grid in December 2015 to confirm the reality of the threat.
What steps can we take to uniformly measure
the effectiveness of our Cybersecurity programs at protecting our critical infrastructures?
This session will examine the use of the NIST Cybersecurity Framework (CSF) as a vehicle towards effectively measuring how adequate your Cybersecurity implementation really is and if there are gaps that need to be filled. CSF can be easily applied to existing Cybersecurity frameworks such as ISO 27001 and others.
We will overlay CSF on top of the three layers of a typical critical infrastructure environment to show you how it may be effectively applied. We will then present some strategies that allow you to actively measure the effectiveness of your CSF implementation so that you can continuously identify gaps and weaknesses in your security.
There are two key takeaways from this session. First, a consistent methodology is necessary to understand how secure any given critical infrastructure environment is at any time. The second takeaway is that continuous measurement and monitoring off the infrastructure is an absolute necessity to ensure that any cyber attacks are detected early in their lifecycle.