Keith Filzen - The Security Network

Cubic Corporation
Who We Are
 Founded in 1951 in San Diego, Calif.
 Public since 1959 – NYSE: CUB
 Employs more than 7,400 people
 $1.0+ billion annual revenue (FY 2009)
 $2.2 billion total backlog (FY End 2009)
 Business Segments:
 Defense
 Transportation
Global Presence
Systems and services provided
to more than 50 nations/territories
Cyber Competencies
Full Spectrum Information Assurance
• Compliance, Risk Management, SATE (Security Awareness, Training, and Education), Cryptography & Key Management,
Network Security, Vulnerability Assessment, Organization Security Programs (Governance, Policy, Strategy), Continuity Of
Operations, Data Lifecycle Management/Data Loss Prevention
Life Cycle System Security Engineering
• System Security Architecture, Design, Engineering, Development, Integration, Disposition, with emphasis on Cross Domain
Advanced Analytics & Forensics
• Network & Disk Forensics, Network, Host, Application Analytics, Security Metrics, Data & Intelligence Analysis, Open Source
Intelligence, Malware Research
Controlled Interfaces
• XD products are hardware/software-based cyber product necessary for Accredited Cross-Domain LOW2HIGH™ and HIGH2LOW™ solutions. Next
generation will have 40GB throughput speeds.
Platform Integrity
• Secure software development, Software assurance (kernal, compiler, hypervisor), Software Quality, Accredited Testing &
Evaluation Labs, Hardware Encapsulation & Acceleration, Microcode/Microprocessor assurance, Virtualization
Cross-Domain Solutions
• Common Cross-Domain Framework (CCDF) that can span all security domains while providing network transparency to the user(s) and applications at
various security and caveat levels. Solution takes current best-of-breed, commercially available technologies and applies them to solving traditional cross
domain collaboration challenges by implementing technology that is intermediary and provides the foundation for merging legacy applications. Leverages
world class products like XD2500 and XD1000
Logical and Physical Access Control
• Access Control Systems to include installation, and management. Hybrid logical and physical access control integration.
Identity management solutions.
Cubic Proprietary
Data Integrity
 Which is worse (you don’t know what you
don’t know)
 External Threats
 Internal Threats
 Where do you spend you security budget
 Hard outer shell
 Gooey Inside
 What type, how critical is it (CIA Triangle)
 IP, Short term, Long Term, …
 How much money and resources do you
want to apply
 Do you have a key management strategy
 Need-to-Know
 Role based access – Do your administrators
have the ability to grant but not access data
 Structured and Unstructured
 Databases, Files, Audi, Video
Data in the Enterprise
 Do you have a key management strategy
 What Real Estate do you own, lease, outsource
Ever thought about Key management
What about Meta Data
Global Name Spaces
Are we really just talking Need-to-Know
Can I recover it
Things can get ridiculous
Integrity - Transit
 What real estate do you own
 Point to point Ipsec
 Harder, easily detected, $$$
 Universal access
 Can I recover it
 Who do I trust, and is it different based
upon where I am and what events are
What We do – Trust Boundary
 Common Cross Domain Framework
 Provides the front end access in / out
 Location and Identity based access
 Internal vs. External
 Inbound vs. Outbound
 Differing security connections based up who, what, when,
 Obscurity
 Virtualization separation from the client
 XD Cross Domain Products
One-Way Transfer Guards
Fips Connections
Virus, Malware, and content filtering
One-Way proxy for data, application and streaming content
Publishing / Subscribing concept, allowing flow vcontrol on
need-to-know information
Keith Filzen, CTO