February 1, 2017 Abstract and optional full paper submission begins
May 26, 2017 Exhibit & Supporter registration opens
June 15, 2017 Abstract and optional extended abstract submission ends
June 29, 2017 Acceptance notifications sent
July 24, 2017 Submit final abstracts and presenter biographies
August 28, 2017 Submit final presentations and optional full papers

Abstract Details

<< Back to Schedule

9/26/2017  |   10:25 AM - 11:10 AM   |  

Cyber Threat Event Notification Challenges – A Reusable Design and Implementation Approach

Due to the continual increased sophistication and quantity of cyber-attacks, implementing and maintaining a robust cybersecurity architecture into a system is essential. One critical feature of all cybersecurity architectures that does not often get the necessary attention is effective cyber threat event notifications. All too frequently, the default configurations of event notification tools currently available do not provide the critical element of adequate suspicious cyber event notifications. These tools can come with either 1,000s of preconfigured rules, alerts and reports that must all be reviewed for relevance and adequacy or must all be manually created from scratch. Both common scenarios require extremely time consuming and costly engineering in order to produce useful and timely event reporting. To rectify these expensive and time consuming configuration challenges, it is critically necessary to create a reusable and customizable cyber threat event reporting reference implementation framework coupled with a set of initial cyber event notification guidelines. This presentation will first provide a brief overview of the governing policies that require cyber event collection and notification. Next, the presentation will provide a roadmap for key high level event reporting focal areas. The presentation will then discuss specific cyber event notification patterns to implement. Then, the presentation will detail a reusable and flexible cyber threat event reporting reference implementation framework that can be quickly tailored for use in most environments. The presentation will conclude with a set of reference materials that can be used for additional notification enhancements.

This presentation has not yet been uploaded.

No handouts have been uploaded.

Dan Kahn (Primary Presenter), ISC2,;
Dan Kahn is a security architect who has a combined 17 years of system and software security engineering experience. He holds an undergraduate degree in Computer Science from Drew University and a Masters in Business Administration from Loyola University of Maryland. His certifications include an ISC2 CISSP-ISSEP, ISC2 CSSLP and INCOSE ASEP. Dan has given multiple cybersecurity presentations at software and system symposiums and conferences. He has published multiple cybersecurity articles.

2017 Sponsors: IEEE and IEEE Computer Society