Zero day exploits, APTs, social engineering, insufficiently patched systems, insiders, human errors or simply headless clicking users enable attackers equipped with enough time, resources and/or dedication to succeed in circumventing the preventive security measures that are in place. This leads to the assumption that, despite all state-of-the-art defense mechanisms , it is still possible to break into the corporate network (=breakable security).
Even though there is no silver bullet solution to the problem, this presentation will outline the consequences deriving from this paradigm and outline a practical strategy and approach to deal with it.
Call it "World Wide Web", "Wild Wild West" or "World War Web", the "CyberSpace" cannot be used for any professional collaboration without additional security.
In the complexity of the Aerospace and Defence (A&D) Extended Enterprise world where thousands of companies are collaborating together to build "best of class" planes, satellites, helicopters and other A&D products, most of all information exchange rely on the usage of Internet.
The Aerospace and Defense sector has been one of the pioneers in defining the IAM standards to allow secure collaboration. Based on those standards, the European A&D industry launched in 2009 the BoostAeroSpace program with the final aim to increase the competitiveness of its industry.
But what happened since this launch? BoostAeroSpace security officer will present what is now the private cloud of the European A&D industry, what choices have been made to adapt initial "IAM ivory towers" principals to allow instant secure collaboration driven by business.