CounterMeasures Risk Analysis and Management - PowerPoint PPT Presentation

1 / 16
About This Presentation
Title:

CounterMeasures Risk Analysis and Management

Description:

Military. Ports. NIST 800-26. General. Slide 14. Analysis of ... Alion Science and Technology, Inc. 1701 N. Beauregard St. Suite 600. Alexandria, VA 22311 ... – PowerPoint PPT presentation

Number of Views:618
Avg rating:3.0/5.0
Slides: 17
Provided by: cljo
Category:

less

Transcript and Presenter's Notes

Title: CounterMeasures Risk Analysis and Management


1
CounterMeasures Risk Analysis and Management
  • May 2005

2
Mission of Risk Management Division
To support commercial and governmental risk
mitigation programs for facilities, assets,
missions, and infrastructure by providing
policies, processes, tools and architectures that
integrate strategic, operational, and tactical
components across multiple domains.
3
CounterMeasures is a software data engine that
is currently used to
  • Automate Standardize Risk Assessments for
  • Information Assurance
  • RF and IT communication
  • Physical Security
  • Facilities, Seaports, Airports, Bases
  • Anti-Terrorism Construction Standards
  • UFC-Anti Terrorism Construction Standards
  • Critical Infrastructure Protection
  • Road, Rail, Power, POL, Dams
  • Generates automated comparison / summary reports
  • Leverages NIPRNET or even WWW for data collection
  • Can generate customized graphic, textual or data
    outputs
  • Can be integrated with existing GOTS-based or
    COTS-based databases or programs.

4
Commercial Clients Domains
Physical Security
Anti-Terrorism
Info Assurance
Port Security
O.S.H.A.
A.D.A
  • Banks
  • Gas/Oil
  • Insurance
  • Ports
  • Universities
  • States / Municipalities
  • Security Firms

O.S.H.A Occupational Safety and Health Admin
compliance A.D.A. Americans with
Disabilities Act compliance
5
Federal Clients Domains
Physical Security
Anti-Terrorism
Info Assurance
Port Security
C.I.P.
M.A
  • U.S. Marines
  • Defense Program Off.
  • U.S. Army
  • U.S. Coast Guard
  • F.D.I.C.
  • U.S. Trans. Command
  • Other Federal

C.I.P. Critical Infrastructure Protection
M.A. Mission Assurance Analysis
6
CounterMeasures is a data-driven Program that
  • Standardizes the data collected during an
    assessment
  • Calculates vulnerabilities indexes based on
    security controls
  • Evaluates risk based on vulnerability index,
    threat template, and facility value/criticality
  • Threat template includes applicability
    relationships as well as severity and frequency
  • Facilitates what-if effects of posture
    improvements
  • Can performs Cost/Benefit analysis of proposed
    changes for POM purposes
  • Exports data to other vulnerability management
    tools
  • Determines compliance with rules policies
  • Manages implementation of changes and
    automatically updates posture

7
Detail of a Survey Screen
8
Browser-based survey/data collection capability
  • Browser-based tools allow for pre-assessment
    surveys.
  • For some sites, the same tools can be used to
    perform self-assessments.
  • Data Collection.
  • Running on
  • WWW
  • LAN
  • WAN

9
Vulnerability Analysis / Mission Confidence Output
  • Each bar represents an identified vulnerability
    or assigned mission
  • Green bar Current vulnerability (or mission
    confidence) index
  • Yellow bar Projected posture adjustments
  • Red Un-addressed (residual ) vulnerability
  • Screen also tracks any changes to security posture

10
Analysis Screen for Posture Modification
  • For areas of concern, managers can review
    in-place and required countermeasures. They can
    also propose difference solutions to arrive at a
    desirable proposed posture.
  • The analysis module also tracks the status of
    security posture as conditions change.

11
Common Risk-Based methodology proven across all
domains
  • Diagram below is a simplified relationship
    schematic
  • Actual relational nature of data is a
    many-to-many correlation
  • All items and metrics can be adjusted to fit
    client environment

Enemy/Environmental Threat(s) w/ anticipated
frequency
Countermeasures with weighting metrics


Countermeasure to Vulnerability Coefficient
Vulnerabilities
Threat vs. Vulnerability Effectiveness
Coefficient
Environmental / Role Filter
Asset Type(s) and value
Asset Attributes
12
Graphic Output examples
  • 70 Reports depicting aspects of Risk
    Understanding
  • Reports also include cost-benefit and
    return-on-investment

13
Configurable Pre-formatted reports (MS Word)
  • Custom reports, tailored to specific
    organizations, can be generated in MS Word using
    flexible custom report generating interfaces
  • Military
  • Ports
  • NIST 800-26
  • General

14
Analysis of Compliance Issues
  • Compliance with laws, rules, policy, and
    guidance is evaluated to determine compliance
    gaps, as well as to document due-diligence.

15
Example of custom output Integration w/ map
program
16
Point of Contact
  • Caleb L. Jones
  • Program Manger, Vulnerability / Risk Management
  • Alion Science and Technology, Inc.
  • 1701 N. Beauregard St. Suite 600
  • Alexandria, VA 22311
  • (V) 703.998.1620
  • (F) 703.998.1624
  • Toll Free 1.800.754.4204
  • risk_mgt_at_alionscience.com
  • www.alionscience.com
  • www.CounterMeasures.com
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "CounterMeasures Risk Analysis and Management" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!