NEDAS Boston Workshop Presentations - July 15, 2015
-
Upload
ilissa-miller -
Category
Presentations & Public Speaking
-
view
73 -
download
0
Transcript of NEDAS Boston Workshop Presentations - July 15, 2015
![Page 1: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/1.jpg)
NEDAS Boston Workshops & Social District Hall
Wednesday, July 15, 2015
#NEDASBoston
![Page 2: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/2.jpg)
Interference HunCng: Tools and Service SoluCons
Presenters
Marc Nguessan SeeWave Product Manager
James Zik Vice President, Product
Management and Management
Presented by PCTEL
![Page 3: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/3.jpg)
3
James Zik, VP Product Management Marc Nguessan, Product Manager
July 15, 2015
NEDAS Interference Hun8ng Workshop
![Page 4: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/4.jpg)
❑ Introduction ❑ Why is Interference a Problem? ❑ Six Case Studies
❑ Interference Mechanisms ❑ Important Considerations ❑ Summary
4
Agenda
![Page 5: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/5.jpg)
5
PCTEL delivers Performance CriCcal Telecom soluCons for public and private wireless networks. Connected Solu8ons™ designs and delivers performance criCcal
antennas and site soluCons for wireless networks globally. Our antennas support evolving wireless standards for cellular, private, and broadband networks. RF Solu8ons develops and provides test equipment, soPware, and engineering services for wireless networks. The industry relies upon PCTEL to benchmark network performance, analyze trends, and opCmize wireless networks.
Performance Critical Telecom:
![Page 6: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/6.jpg)
6
Network Engineering Services Expert Knowledge, Exceptional Tools Provides wireless network services with an emphasis on in-building DAS. ✓ Network Benchmarking ✓ Baseline Testing ✓ CW Testing ✓ Design ✓ Commissioning ✓ Optimization ✓ Acceptance ✓ Interference Mitigation ✓ Consulting
![Page 7: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/7.jpg)
Carriers
Neutral Host
OEMs
Integrators
PCTEL Customers
![Page 8: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/8.jpg)
Why is Interference a Problem?
![Page 9: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/9.jpg)
9
What is interference? ❑ Interference is an unwanted RF signal (in the cellular frequencies) caused by numerous electronic sources (including harmonics) that negaCvely affect mobile communicaCon What frequencies are most affected by interference? ❑ Interference can affect all mobile bands, but is a larger issue at the lower frequencies (300 to 900 MHz) due to the RF propagaCon of these frequencies. Higher frequencies (approx. >1700 MHz) are disposed to be more line-‐of-‐sight and more easily reflected with low penetraCon into buildings
Why is LTE more affected by interference? ❑ LTE is more affected by interference since LTE networks offer higher spectral efficiency in bits per second per Hz, but require higher levels of SINR to achieve that performance
vs
2600 MHz 700 MHz
Interference
![Page 10: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/10.jpg)
LTE Networks Effects – Signal to Interference/Noise Ratio (SINR) ❑ SINR: Critical Measurement quantifying the relationship between RF conditions and throughput ‒ VoLTE requires high SINR (target >12 dB) or will result in dropped calls or uses high percentage of network bandwidth ‒ MIMO is ineffective with low SINR levels, requires high SINR (10-20 dB)
Customer Experience Effects
❑ Video Pixilation ❑ Poor voice quality ❑ Dropped calls/sessions ❑ Low data throughput ❑ Latency due to retransmission
Business Effects (Lost Revenue)
❑ Poor quality-of-service ❑ Customer churn
10
Problems Interference Causes
![Page 11: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/11.jpg)
❑ US Mobile Operator Customer Attrition*
❑ Low network quality/speed of services is largest reason for attrition (12% in the previous year of the study i.e. normalized to a full yr: 6%) ➢ (100M customers * 6% churn (normalized) * 35% low QoS * $600/ARPU/year *
90% RAN issues) = $1.1B problem (year 1)
30%
35%
26%
*Ovum Report “Who Cares Wins” commissioned by Tektronix - Feb. 2014.
Why is Interference Abatement Important?
![Page 12: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/12.jpg)
❑ Spectrum clearing when new or re-farmed spectrum becomes available ‒ Mobile operators must clear both uplink and downlink interference sources before network turn-up for any band
❑ DAS Verification, DAS Commissioning ❑ In-service interference that is affecting the quality-of-service of the network (uplink)
12
When do You Test for Interference?
![Page 13: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/13.jpg)
Uplink In-service Interference ❑ Mobile operators search for uplink interference when base station Received Total Wideband Power (RTWP) reports a quality affecting level at base station (LTE) ❑ Customers report problems in an area ❑ Uplink more sensitive to interference due to mobile transmission restrictions (+23 dBm UE i.e. 0.2 Watts)
Downlink In-service Interference
❑ Downlink QoS issues are not as common from external interference sources, unless interferer is extremely powerful (sometimes with passive intermodulation), since the high powered signal from tower typically masks downlink interference sources
13
LTE eNB Tx Power: +45 dBm Rx Sensitivity: -123 dBm -102 to -105 dBm causes interference
LTE UE Tx Power: +23 dBm Rx Sensitivity: -95 dBm
Mobile Networks In-service Sensitivity
![Page 14: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/14.jpg)
Six Case Studies
14
![Page 15: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/15.jpg)
15
Lights Out (700, 1900 and AWS bands) Extremely high uplink noise levels discovered during DAS Commissioning
Interference found to occur only during day time and early evening
Case Study #1 – Newark, DE Sept 2014
![Page 16: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/16.jpg)
16
SeeWave pointing away from interference source
SeeWave pointing toward the interference source
Interference locating in one particular section of the mall ❑ Interferer not found during DAS System Verification since done in the middle of
the night ❑ Building owner agreed to replace 50 halogen light bulbs
Interferer: Halogen Light Bulbs
Case Study #1 – Newark, DE Sept 2014
![Page 17: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/17.jpg)
17
Work in Progress (700, 850 bands) Extremely high uplink noise levels discovered during DAS System Verification (-95 to -85 dBm)
Interference found to occur only during day time and early evening in a small section of the mall
Case Study #2 – Denver, CO July 2015
![Page 18: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/18.jpg)
18
Spectrum Analyzer near Source
Awaiting permission to enter OshKosh B’gosh Store to test lights or other potential sources
Suspected Interferer: Lighting
Case Study #2 – Denver, CO July 2015
![Page 19: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/19.jpg)
19
Uber Boomer (1900 band) Tier One operator reports intermittent -75 dBm Received Total Wideband Power KPI on uplink and customer complaints on uplink (both in-building and outdoors)
SeeWave pointing away from interference source
SeeWave pointing toward the interference source
Case Study #3 – Maryland Suburbs (near Washington DC) June 2015
![Page 20: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/20.jpg)
20
DoD representa8ve claimed to have recently installed a DAS system ❑ Unusual for DAS system to cause outside interference of -‐75 dBm, 1 mile away ❑ Classified buildings oPen don’t allow cell phone usage ❑ DAS systems are always on, not only for 5 hours a day, a couple Cmes a week ❑ Immediately agreed to permanently turn of their “DAS System”
Conclusion of Interferer type: Military Experiment
Interference Source: Classified Defense Contractor Building
Case Study #3 - Maryland Suburbs (near Washington DC) June 2015
![Page 21: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/21.jpg)
The Pope is Calling (and we listened) (850 band) Tier One installs Cellular on Wheels (COWs) at Quito Airport to cover increased Cellular traffic for the Pope’s visit (both indoor and outdoor) and the system was barely useable due to high noise floor
Mobile Operator’s COW (the one working with PCTEL) turned off for test
Competitor Mobile Operator’s COW (powered on)
Case Study #4 – Quito, Ecuador July 2015
![Page 22: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/22.jpg)
22
SeeWave poin8ng away from interference source Low Noise floor
SeeWave poin8ng towards interference source High Noise floor
Compe8tor’s COW was interfering with uplink in the -‐95 to -‐100 dBm ❑ Adjustments needed to be made on compe8tors COWs ❑ Only authorized to place COWs in this loca8on
Interferer: COW
Case Study #4 – Quito, Ecuador July 2015
![Page 23: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/23.jpg)
SeeWave poin8ng away from interference source
Case Study #5 - San Francisco, CA Oct 2014
23
SeeWave poin8ng toward interference source
Lost my Signal in San Francisco Tier One operator reports quality affecCng Received Total Wideband Power KPI on uplink
Case Study #5 -‐ San Francisco, CA Oct 2014
![Page 24: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/24.jpg)
BTS signal leaking into another carrier’s spectrum Conclusion on Interferer type: Faulty BTS/BTS infrastructure 24
Case Study #5 - San Francisco, CA Oct 2014
![Page 25: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/25.jpg)
25
Billboard Torture (700 band) Tier One optimization engineer finds very low SINR from drive test analysis
SeeWave pointing away from interference source
SeeWave pointing towards interference source
Case Study #6 – Nashville, TN Nov 2014
![Page 26: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/26.jpg)
26 Digital Billboard employs wireless radio device for upda8ng billboard
Interferer type: Wireless Radio Device on Digital Billboard
Case Study #6 – Nashville, TN Nov 2014
![Page 27: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/27.jpg)
Interference Mechanisms
27
![Page 28: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/28.jpg)
❑ Modulated Sources ❑ Un-modulated Sources ❑ Harmonics ❑ Passive intermodulation (PIM) ❑ Repeaters/BDAs ❑ Intentional Interference
28
Interference Types
![Page 29: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/29.jpg)
❑ Devices intended to transmit RF signals ❑ Unwanted interference occurs when these devices are malfunctioning or are operated improperly (usually narrowband signals) ❑ Compliant RF transmitters may create interference from harmonics, intermodulation, etc. ❑ Common sources of modulated interferers include: ‒ Unplugged Cable TV Output
29
Modulated Sources
![Page 30: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/30.jpg)
❑ Un-‐modulated sources of interference are created from electric devices that unintenConally create RF signals ‒ ConCnuous Noise ‒ Impulse Noise
❑ Common sources of conCnuous noise include: ‒ Electric Motors ‒ Ballast in neon lighCng ‒ Faulty transformers ‒ Security and infrared Cameras ‒ Vehicle igniCon systems ‒ Baby Monitors
30
LTE Noise floor raised by electric
motor
Un-Modulated Sources
![Page 31: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/31.jpg)
❑ Impulse Noise from un-‐modulated sources are created when the electricity flow is turned on and off
❑ Common sources of impulse noise include:
‒ Electric Motors (elevators, manufacturing plants, farms, etc.)
‒ Electric Fences ‒ Welding
‒ Parking Gates ‒ Wireless Speakers
‒ Arcing power lines ‒ Light dimmers
‒ Lightning suppression devices ‒ Commercial baking ovens
‒ Beacons on top of cell towers ‒ Garage door openers ‒ TV remotes
31
Un-Modulated Sources
![Page 32: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/32.jpg)
❑ A harmonic is a mulCple of the RF carrier (fundamental frequency) ‒ A 750 MHz frequency can produce harmonics at 1500 MHz, 2250 MHz, 3000 MHz, etc.
❑ Legal large powered transmikers (megawak) can produce a 1 Wak third harmonic ‒ TV transmikers of 570 to 585 MHz (channels 30 – 33) can cause problems on E-‐UTRA 4 (AWS) uplink (1710 – 1755 MHz) band if the AWS sector is close to the TV transmiker
32
925 MHz harmonic from a 462.5 MHz 2-way
radio
Harmonics
![Page 33: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/33.jpg)
❑ Cellular repeater or bidirectional amplifiers ‒ Used to extend in-building cellular coverage or coverage in areas with marginal coverage ‒ Interference caused by malfunctioning BDAs or retransmission of undesirable signals at the BDA’s input
‒ Common source of interference, but difficult to locate
33 BDA
Amplifier
Dome Antenna
In-Building Repeater
Repeaters/BDAs
![Page 34: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/34.jpg)
❑ Two or more strong signals combine appearing as a nonlinear transmimng device ‒ Can cause numerous interferers from the addiCon and subtracCon of fundamental frequencies with harmonics
❑ OPen called the “rusty bolt” effect ‒ MaCng of 2 metal objects can create a recCfier effect when corrosion is present ‒ Generates spurious signals that are radiated by the connected metal objects
❑ Common sources Rusty bolts, fences or barn roofs ‒ Corroded rooPop air condiConers ‒ Improperly connected or loose/dirty connectors in the cell tower antenna feed line ‒ Cell tower guy lines ‒ UClity poles or wires, rain gukers 34
Passive Intermodula8on
![Page 35: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/35.jpg)
❑ OPen located in shopping malls, restaurants, schools, military bases
❑ Sources can be mobile (cars, trains, etc.)
❑ Civilian use is illegal ❑ Typically easy to idenCfy ‒ Strong constantly-‐on signal ❑ Usually raises noise floor
35
Jammer
Inten8onal Interference
![Page 36: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/36.jpg)
Important Considera8ons
36
![Page 37: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/37.jpg)
37
Scan Setup
Dual Scan Spectrum Analysis with Playback • Scan uplink and downlink for spectrum
clearing simultaneously • Set up separate scans for looking at harmonics
Spectrogram Waterfall Isolates Intermiaent Interferers
Map with Triangula8on Locates Source of Interference
-‐ Ergonomics -‐ Use of COTS Antennas (n-‐type conn.)
Spectrum Analysis Considera8ons
![Page 38: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/38.jpg)
DF Antenna Radiation Patterns (typical) ❑ Many users tilt antenna on a 45 deg angle
38 Elevation (Vertical) Azimuth (Horizontal)
Antenna Angle
![Page 39: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/39.jpg)
39
Mul8path ❑ MulCpath occurs when radio signals from one source reach the
receiving antenna via two or more paths ‒ Caused by reflecCons or refracCons off of bodies of water or
objects including building and mountains ‒ Very common in urban canyons
Mi8ga8on ❑ Find a locaCon away from buildings and metal objects
‒ Building roof ‒ Away from metal objects including vehicles
❑ When finding a good locaCon is not possible ‒ Go to an intersecCon and point antenna in each the direcCon of
each intersecCng street ‒ Follow the street with the highest signal from the interferer Mul8path can severely complicate loca8ng the source of the interferer
Radio Wave Mul8path
![Page 40: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/40.jpg)
Summary
40
![Page 41: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/41.jpg)
41
❑ Verizon 700 MHz LTE cell site is latest vicCm of interference from fluorescent lights
❑ Time Warner Cable Experience Verizon LTE Interference in N.C. ‒ Time Warner Cable didn't take the steps to properly shield its boxes and/or cable system
❑ Florida teacher uses cellphone jammer to stop students’ texCng, draws a suspension
‒
Interference References
![Page 42: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/42.jpg)
42
– Interference can be a significant source of customer dissaCsfacCon of a mobile network resulCng in customer churn and lost revenue
– External interference negaCvely affects LTE networks at lower signal levels than 2G and 3G technologies
– Interference hunCng is an on-‐going process since new interferers are conCnually created
Summary
![Page 43: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/43.jpg)
43
http://rfsolutions.pctel.com
[email protected] [email protected]
For free LTE and Interference posters, please visit PCTEL RF Solutions website:
Questions?
Thank you!
![Page 44: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/44.jpg)
RF Data CollecCon & Remote Control/Monitoring Using WINd© SoluCon
Presenters
Nikhil Gogaté Senior Director of Global
Business Strategy
Luis Najera Product Support Specialist
Presented by Solutelia
![Page 45: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/45.jpg)
![Page 46: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/46.jpg)
![Page 47: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/47.jpg)
![Page 48: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/48.jpg)
![Page 49: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/49.jpg)
![Page 50: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/50.jpg)
![Page 51: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/51.jpg)
![Page 52: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/52.jpg)
![Page 53: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/53.jpg)
![Page 54: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/54.jpg)
![Page 55: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/55.jpg)
Connect via Bluetooth to the PCTel ibFLex Scanner Perform: TopN, RSSI, CW or Blind Scan
![Page 56: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/56.jpg)
WINd App
Seamless Integra8on
ibWave Mobile Planner
Integrated ibWave Mobile Planner support:
RF Data collec8on and Site Survey in one
![Page 57: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/57.jpg)
WINd App
WINd Console Real Time
Console Remote View allows Real-‐Time Access and Control: live data stream
![Page 58: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/58.jpg)
WINd Console Report Manager
KPI and Interval Reports
Summary with Indoor or Outdoor Plots
Console Reports allows near Instant:
Real-‐Time KPI, Interval and On-‐Site Post Reports
![Page 59: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/59.jpg)
![Page 60: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/60.jpg)
Achieving Confidence in Cyberspace: It’s All about Risk Management
Presenter
John Holmblad Cyber Security OperaIons specialist with the US
Senate and Professor at the University of Maryland University College
![Page 61: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/61.jpg)
Achieving Confidence In Cyberspace => Its All About Risk Management
NEDAS Summer Social - Training
John B. Holmblad [email protected]
703 407 2278
![Page 62: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/62.jpg)
➢ About You ➢ About your Instructor, that is me
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 62
Introductions
Company Size (Employees)
Number of you Today’s Audience
1 2-10 11-100 101-1,000 1,001-10,000 >10,000
![Page 63: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/63.jpg)
➢ 1. Goals of information security ➢ 2. The Threat, Vulnerability, Risk, and
Countermeasure Model ➢ 3. Threats ➢ 4. Vulnerabilities ➢ 5. Security policies and security mechanisms ➢ 6. Specific Countermeasures ➢ 7. The role of trust ➢ 8. Assurance ➢ 9. Operational Issues ➢ 10. Human Issues ➢ 11. Sources of Additional Information
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 63
Today’s Agenda
![Page 64: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/64.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 64
1. Goals of Information Security
![Page 65: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/65.jpg)
➢ Prevention ➢ Prevent attackers from violating security policy ➢ A potential negative side-effect is that elaborate prevention can
hamper legitimate use (e.g. DRM)
➢ Detection ➢ Detect attackers’ violation of security policy ➢ Typically required because prevention is not always successful
➢ Recovery ➢ Stop attack, assess and repair/remediate damage ➢ Continue to function correctly even if attack succeeds (a kind of fault
tolerance)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 65
What are the Goals of Information Security
![Page 66: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/66.jpg)
➢ Our lives are dominated by information. ➢ We want that information to be ➢ Available to us when we want it ➢ Correct with respect to what it purports to be ➢ Denied to those to whom it should not be available
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 66
We are an Information Driven Society
![Page 67: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/67.jpg)
➢ Information ➢ Protecting information that is stored, transmitted or
viewed on or by means of a computer. ➢ Protecting information resources
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 67
What are we interested in protecting?
![Page 68: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/68.jpg)
In short, Yes! ➢ Organizations are under attack from both inside and outside the
company ➢ A wide range of attacks are extant (“in the wild”) ➢ Cyber attacks result in serious financial loss and, in some cases,
complete failure of the enterprise ➢ The appropriate level of defense requires more than information
security technologies
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 68
Is there A Problem that Needs Solving?
![Page 69: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/69.jpg)
➢ Our entire information infrastructure is rife with vulnerabilities at both the design and at the implementation level ➢ Design: e.g. BGP, 802.11 WEP ➢ Implementation: e.g. Adobe Flash, Internet Explorer
➢ Vulnerabilities are being routinely exploited ➢ We most often aren’t aware of the exploitation until it is too
late.
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 69
What are the Key Issues?
![Page 70: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/70.jpg)
➢ What is the problem. ➢ Why we have a problem. ➢ What solutions are available to us.
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 70
To achieve/maintain security of our Information We Must Understand
![Page 71: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/71.jpg)
➢ Confidentiality ➢ Keeping data and resources hidden
➢ Integrity ➢ Data integrity (integrity) ➢ Origin integrity (authentication)
➢ Availability ➢ having access to data and resources
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 71
Information Security Services - Basic Components
![Page 72: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/72.jpg)
➢ Lets consider these security services from the perspective of :
➢ P: A Physician ➢ S: A Student ➢ C: A Consumer
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 72
Information Security Services - Basic Components
![Page 73: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/73.jpg)
➢ P: Passers-by must not see the medical record; it is only for the physician
➢ S: Student grades are a private matter
between the instructor and the student. ➢ C: Only Amazon’s billing organization
should be able to see the consumer’s credit card number
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 73
Readable ONLY by those who are authorized to receive/view /process it
![Page 74: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/74.jpg)
➢ Confidentiality may apply to the properties of information as well as the
information itself: ➢ not how many with H1N1 Flu in the neighborhood, but is there H1N1 Flu at all ➢ why does this employee want to know about jobs at other places? ➢ does a government agency maintain information on a particular citizen?
➢ Confidentiality of resources for storing/maintaining information
➢ what computer systems are used, what configurations, what high-end equipment is available
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 74
Confidentiality of Information Properties (aka Metadata)
![Page 75: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/75.jpg)
➢ Interception: Secret voice communication between two parties that is intercepted
➢ Ex-filtration: Product cost data that is supposed to remain within
the enterprise but which is ex-filtrated to a competitor ➢ Theft: User credentials (e.g. passwords) which are stolen
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 75
Examples of Confidentiality Violation
![Page 76: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/76.jpg)
➢ P: The physician’s understanding of the patient's BP, allergies, prescribed drugs, etc. must all be correct and up to date for this patient.
➢ S: The student wants historically accurate information from primary sources where possible.
➢ C: The consumer wants the description and price of the book to be accurate
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 76
Integrity means that Information is Correct with respect to what it purports to be
![Page 77: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/77.jpg)
➢ When personal information is maintained incorrectly by a service
provider (for example, a loan has been repaid but this is not noted in the customer’s credit rating)
➢ When information is changed by an entity that does not have the
authority to do so – can be malicious (thus constituting an origin and data integrity violation)
➢ Libel/defamation ➢ Incorrect source citation ➢ Integrity violations can be prevented but that is more difficult than
simply detecting them.
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 77
Examples of Integrity Violation
![Page 78: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/78.jpg)
➢ P: A physician might look up a patient record prior to an examination. She needs the record now.
➢ S: A student wants information about the
holocaust for a research paper. Since he waited until the last minute it is important that the web sites are “up”.
➢ C: A consumer wants to purchase a book on
Amazon.com
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 78
Availability means that Information is Available to the user when the user wants it
![Page 79: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/79.jpg)
➢ Denial of Service (DOS) attacks in: ➢ E-commerce, News sites, Government information, Remote
electronic voting
➢ DOS Attacks can occur at one of several points ➢ At the origin (preventing server from accessing resources
required to send info.) ➢ At the destination (blocking communication from server) ➢ At an intermediate path (by dropping communication from
either origin or destination) ➢ DOS attacks can be difficult to detect because system behavior
might be due to genuine system overload
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 79
Examples of Availability Violation
![Page 80: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/80.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 80
2. Threat, Vulnerability, Risk, and Countermeasure Model
![Page 81: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/81.jpg)
➢ A threat agent attacks a vulnerability resulting in a risk of loss. ➢ Threats, Vulnerabilities and Countermeasures all interact to
affect the level of risk ➢ Countermeasure should mitigate (reduce) the Risk of Loss, by, eg:
➢ Eliminating the threat (Kill all the wolves) ➢ Eliminating the vulnerability (Build a brick house) ➢ Increasing the cost of attack (Make yourself poisonous to
wolves)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 81
Threats, Vulnerabilities, Risks and Countermeasures
![Page 82: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/82.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 82
Threat
And Countermeasures
Vulnerability
Vulnerability Risk
![Page 83: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/83.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 83
Threat: An intent to do harm
➢ May refer to the threat agent (e.g., a terrorist, a fire, a tornado)
➢ Sometimes the word “threat” is mixed with ➢ The risk: e.g., Threat of financial loss ➢ The mechanism: e.g., threat of denial of service or threat of message interception
➢ A threat consists of : ➢ Threat Agent (individual or group) ➢ Means (e.g. resources and organization) ➢ Intent (plan to carry out attack)
![Page 84: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/84.jpg)
➢ Risk represents the negative consequence of a threat acting on a vulnerability
➢ A company loses $100k due to online bank fraud ➢ A company loses $1M in sales because its web site is unavailable ➢ A company’s common shares lose $1b because of the negative
publicity as a consequence of its ineffective response to a security breach
➢ A Virus wipes out a student’s thesis and the student does not have a
backup disc and thus learns the lesson “to backup is divine”.
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 84
Risks to Information Security
![Page 85: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/85.jpg)
➢ Information Security is ultimately about risk management.
➢ Understand what information is important to yourself or your organization and what is its value
➢ Understand the who-what-when –where of access to the information
➢ Make and informed decision about how much to invest to protect the assets based on their value and the financial risk associated with their loss.
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 85
Enterprise Risk Management
![Page 86: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/86.jpg)
➢ What assets need protection
➢ What financial risk the enterprise will incur if it fails to protect the asset adequately
➢ How much it will cost to protect the asset
➢ What is the “residual risk”, that is the risk that remains after performing mitigation actions?
NEDAS Summer Social Training
Event July 15, 2015 ©2015 Televerage International 86
Risk Analysis is a process that helps the Enterprise to understand
![Page 87: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/87.jpg)
➢ Government institutions and regulated business (e.g., financial and healthcare) are required by law (many laws actually!) to implement some security (e.g. PCI DSS for credit cards, HIPAA for healthcare, etc.)
➢ Many parts of the private sector have fewer regulatory and
legal mandates for cybersecurity although that is changing ➢ Driven by shareholder value/stock price ➢ Security is viewed as an expense with no clear revenue gain.
➢ Implementing security must always balance the cost with the benefit.
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 87
Cost vs. Benefits
![Page 88: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/88.jpg)
➢ Examples of Resource Mis-allocation
➢ Purchasing an alarm system for $500,000 to protect a $100,000 town house
➢ Spending $200,000 on a Security Event Management System to
protect information assets that are worth only $50,000 ➢ Spending $500,000 on a state of the art Intrusion Prevention System
but failing to invest opex in training and ongoing operation and maintenance
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 88
It is Possible to Overspend/Misspend
![Page 89: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/89.jpg)
➢ Identify the threats to enterprise assets ➢ Identify the vulnerabilities that are exploitable by the
threats ➢ Measure/assess the risk of the threat exploiting the
vulnerability ➢ Identify countermeasures and the corresponding
amount of risk mitigation as a consequence of the application of those countermeasures
➢ Measure the residual risk to the enterprise after risk mitigation
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 89
The Process For Risk Assessment
![Page 90: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/90.jpg)
➢ Can you really determine the degree and source of the threat?
➢ Can you find all the vulnerabilities?
➢ How do you measure risk?
➢ What does the countermeasure cost and how much risk will it remove?
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 90
Problem Areas for Risk Management
![Page 91: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/91.jpg)
➢ Risk = Expected Value of Loss.
➢ Given threats t, vulnerabilities v and random variable N(t, v)
that t exploits v N times during some defined time frame, for example over a one year period and the probabilistic mean of N is E(N(t,v))
and
➢ Given that the financial loss L resulting from t exploiting v is L(t, v), then
Risk = Σ E(N(t, v))*L(t, v)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 91
Measuring Risk
(t, v)
![Page 92: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/92.jpg)
➢ Annual Rate of Occurrence (ARO) ➢ E(N(t,v)) = 12 times per year
and
➢ Single Loss Expectancy (SLE) ➢ L(t, v) = $50,000
then
Annual Risk = Σ E(N(t, v))*L(t, v) = 12*$50,000 = $600,000 This is Annual Risk also referred to as the Annual Loss
Expectancy (ALE) NEDAS Summer Social Training
Event July 15, 2015 ©2015 Televerage International 92
Measuring Risk - An Example with some additional definitions
(t, v)
![Page 93: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/93.jpg)
➢ Historically, risk estimators thought they could do this ➢ Annualized Loss Expectancy ➢ FIPSPUB31 Guidelines for Automatic Data Processing Physical Security
and Risk Management, 1974.
➢ In reality, however, It is often very difficult to assign meaningful values for P(t, v) and L(t, v). ➢ What is the true value of information? ➢ How do you determine the frequency of occurrence of a successfully
exploited vulnerability?
➢ Providers of cyber-risk insurance are developing/improving actuarial information bases to quantify cyber-risks
➢ As the Cyber-risk insurance market matures risk models will become more accurate in their predictive capability
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 93
This is not so easy to quantify
![Page 94: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/94.jpg)
➢ Not necessarily ➢ Some entity has to exploit the vulnerabilities
➢ Are there any threats?
➢ What are threats and vulnerabilities anyway?
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 94
Does the presence of Vulnerabilities imply that there is a material risk?
![Page 95: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/95.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 95
3. Threats
![Page 96: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/96.jpg)
➢ Disclosure ➢ Snooping
➢ Deception ➢ Modification, spoofing (masquerading, identity theft),
repudiation of origin, denial of receipt ➢ Disruption ➢ Modification
➢ Usurpation: unauthorized control ➢ Modification, spoofing, delay, denial of service
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 96
Threats Classified by Potential Security Violation
![Page 97: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/97.jpg)
➢ Delay of access ➢ Denial of access ➢ Destruction ➢ Disclosure ➢ Modification
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 97
Threat Impacts on Information
➢ Threat types are not mutually exclusive and they can be natural or man-made. ➢ Managers must act to mitigate risks no matter what the source.
![Page 98: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/98.jpg)
➢ The threat agent somehow acts to delay the delivery or execution of information services ➢ A natural disaster cutting power or damaging a facility ➢ A malicious hacker interfering with the network ➢ A disgruntled employee deliberately slowing a critical
enterprise workload thereby reducing throughput
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 98
Delay
![Page 99: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/99.jpg)
➢ An extreme form of Delay, where information services are unavailable for an extended period of time ➢ A “Distributed Denial of Service” (DDOS) Attack ➢ An animal falling into electrical equipment and thereby
taking out a part of the power grid ➢ An earthquake
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 99
Denial
![Page 100: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/100.jpg)
➢ Information or resources are completely destroyed. ➢ A Catastrophic fire, earthquake, tornado, etc. ➢ A computer virus reformatting the hard drive ➢ A hacker deleting files.
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 10
0
Destruction
![Page 101: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/101.jpg)
➢ The classic INFOSEC threat. Exposing sensitive information to unauthorized persons ➢ Military context: “Loose lips sink ships” ➢ An actor’s medical data exposed to the National Enquirer ➢ Consumer credit card numbers exposed to criminal
hackers ➢ Information ex-filtration
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 10
1
Disclosure
![Page 102: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/102.jpg)
➢ The unauthorized changing of information. ➢ Possibly one of the more insidious problems as you may
not be aware of it as it is happening. ➢ A medical record incorrectly changed to show no penicillin
allergy. ➢ Geographic data subtly changed resulting in mission failure.
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 10
2
Modification
![Page 103: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/103.jpg)
➢ Insiders used to be considered the primary threat. This is changing
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 10
3
Insider Threat
![Page 104: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/104.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 10
4
4. Vulnerabilities
![Page 105: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/105.jpg)
➢ Vulnerabilities are “weaknesses” in the target that allow the threat agent to act
➢ Software flaws (e.g. buffer overflow)
➢ Weak or no passwords
➢ Incorrectly configured perimeter protection (firewalls)
➢ Poorly trained staff
➢ Human susceptibility to Social Engineering
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 10
5
Vulnerabilities to Computers and Networks
![Page 106: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/106.jpg)
➢ Most common is the “buffer overflow” flaw
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 10
6
Software Flaws
1…………….………….1024 1010100101…1010………1
Programmer expected 1024 input bits but fails to design the software to incorporate a safety (bounds) check.
Code contained in this area
Buffer
![Page 107: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/107.jpg)
➢ Most common is the “buffer overflow”
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 10
7
Software Flaws
1…………….………….1024 1010100101…1010………111011101010010110000100010101001000100100111110101010100101000001111010110100101110101000111101010101011101001111000000000000110100011111110101010100001011010010000101001000101111110101010010101010101
Attacker feeds >>> 1024 input bits
And fills this area with attacker’s own executable code
Buffer Overflow
![Page 108: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/108.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 10
8
5. Security Policies and Security Mechanisms
![Page 109: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/109.jpg)
➢ A Security policy says what is, and is not, allowed ➢ This defines “security” for the site/system/etc. ➢ Can be in natural/machine-readable language, or within
a mathematical framework ➢ A Security mechanism (technical or procedural,
can use crypto) enforces policies. Also referred to as Controls.
➢ Composition of security policies ➢ If policies conflict, discrepancies may create security
vulnerabilities NEDAS Summer Social Training
Event July 15, 2015 ©2015 Televerage International
109
Policies and Mechanisms
![Page 110: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/110.jpg)
➢ It is important to understand the difference between the two concepts. ➢ Policy -> What ➢ Mechanism -> How
➢ An example ➢ Assuring Confidentiality is a policy statement
➢ Alternative mechanisms to support confidentiality ➢ Encryption of the information ➢ Physical protection of the information
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 11
0
Policy vs. Mechanism
![Page 111: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/111.jpg)
➢ In the real world most security mechanisms are broad
➢ The desired goal is for the collection of all the
mechanisms in a system to define a “precise” overall mechanism
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 11
1
How about Security Mechanisms in the Real World?
![Page 112: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/112.jpg)
➢ Each mechanism should be designed to implement a part or parts of the policy
➢ The union of all the mechanisms should implement all of the
policy ➢ The mechanisms must be implemented correctly ➢ The mechanisms must be installed, configured and
administrated correctly
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 11
2
In order To Trust Security Mechanisms:
![Page 113: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/113.jpg)
➢ Monitoring and management systems and tools ➢ Intrusion detection systems and tools, ➢ Encryption of data ➢ Anti-tamper mechanisms (e.g. cryptographic hash) ➢ Identification and authentication ➢ Firewalls and proxy servers ➢ Software virus detection tools ➢ Fault tolerant networks and components ➢ Vulnerability scanning tools ➢ Security policies procedures ➢ Secure software development tools
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 11
3
Examples of Security Mechanisms
![Page 114: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/114.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 11
4
6. Specific Countermeasures
![Page 115: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/115.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 11
5
Conceptual Foundations for Infosec Best Practice =>Defense In Depth
115
![Page 116: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/116.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 11
6
Defense in Depth
Internet WAN
LAN
Workstation
Workstation
LAN
Protect the OS
Protect the Communications
Protect the Interface
Protect the Physical Environment
➢ Need to protect ➢ Information in transit ➢ Information at rest
![Page 117: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/117.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 11
7
Mobility vs Security ➢ User mobility significantly increases the complexity of securing information assets
![Page 118: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/118.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 11
8
Lockheed-Martin Cyber Kill Chain Model
Remediation Cost
Lowest
Highest
![Page 119: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/119.jpg)
➢ Monitoring and management systems ➢ Intrusion and misuse detection systems ➢ Identification and authentication systems ➢ Firewalls and proxy servers (for both inbound AND outbound
connection activity) ➢ Software virus detection systems ➢ Fault/failure tolerant network design ➢ Application gateways ➢ Email spam filtering systems
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 11
9
Systems, Technologies, and Protocols for Protecting the Enterprise Boundary
![Page 120: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/120.jpg)
➢ Monitoring and management systems and tools ➢ Intrusion detection systems ➢ Encryption of data (at rest and in transit) ➢ Anti-tamper mechanisms (cryptographic hashes) ➢ Fault tolerant network design (e.g. Hot Standby Router
Protocol – HSRP) ➢ Virtual LAN (VLAN) isolation ➢ Microsoft AD Domain isolation
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 12
0
Systems, Technologies, and Protocols for Protecting the Network Infrastructure
![Page 121: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/121.jpg)
➢ Monitoring and management systems ➢ Intrusion and misuse detection systems ➢ Identification and authentication ➢ Software virus detection tools ➢ Vulnerability scanning tools ➢ Security procedures ➢ Secure software development tools ➢ Fault tolerant components
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 12
1
Systems, Technologies, and Protocols for Protecting the Computer Environment
![Page 122: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/122.jpg)
01: Inventory of Authorized and Unauthorized Devices
02: Inventory of Authorized and Unauthorized Software
03: Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
04: Continuous Vulnerability Assessment and Remediation
05: Malware Defenses
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 12
2
Council on Cybersecurity - Critical Security Controls - Version 5
![Page 123: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/123.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 12
3
Council on Cybersecurity - Critical Security Controls - Version 5 06: Application Software Security
07: Wireless Access Control
08: Data Recovery Capability
09: Security Skills Assessment and Appropriate Training to Fill Gaps
10: Secure Configurations for Network Devices such as Firewalls, Routers, and Switches
![Page 124: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/124.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 12
4
Council on Cybersecurity - Critical Security Controls - Version 5
11: Limitation and Control of Network Ports, Protocols, and Services
12: Controlled Use of Administrative Privileges
13: Boundary Defense
14: Maintenance, Monitoring, and Analysis of Audit Logs
15: Controlled Access Based on the Need to Know
![Page 125: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/125.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 12
5
Council on Cybersecurity - Critical Security Controls - Version 5
16: Account Monitoring and Control
17: Data Protection
18: Incident Response and Management
19: Secure Network Engineering
20: Penetration Tests and Red Team Exercises
![Page 126: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/126.jpg)
Against ➢ Confidentiality ➢ Integrity ➢ Availability ➢ Proof of Origin/Receipt
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 12
6
Summarizing – A View from 30,000 feet Mechanisms (AKA Countermeasures)
➢ Encryption ➢ Authentication ➢ Physical Security ➢ Hardware Protection ➢ Software Protection ➢ Administrative Protection
![Page 127: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/127.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 12
7
7. The role of trust in Information Security
![Page 128: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/128.jpg)
➢ We Really can’t do that precisely. ➢ We talk about assurance as a measure of trust,
but that only transfers the problem ➢ Consider food product safety where trust is
achieved by means of a collection of methods, practices, etc.: ➢ Testing and certification ➢ Manufacturing standards ➢ Safety seals
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 12
8
How do we measure trust?
![Page 129: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/129.jpg)
➢ All security policies and mechanisms have assumptions ➢ Sometimes these are explicit ➢ Sometimes these are implicit
➢ Example: Locks and picks
➢ Universal assumptions ➢ The policy can correctly and unambiguously partition the policy
universe into “secure” and “non-secure” states. ➢ The mechanism can enforce the policy
Neither of these assumptions are necessarily valid in every case
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 12
9
Trust Assumptions
![Page 130: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/130.jpg)
Underlie all aspects of security, we assume that:
➢ Policies ➢ Unambiguously partition system states into those which are
secure and nonsecure
➢ Correctly capture security requirements
➢ Mechanisms ➢ Together enforce/implement policy (i.e. prevent entry into a
nonsecure state)
➢ Are implemented, installed and administered correctly
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 13
0
Trust Assumptions
![Page 131: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/131.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 13
1
8. Assurance
![Page 132: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/132.jpg)
What assurance doe we have that a system can be trusted? ➢ First: The specification
➢ Arises from a requirements analysis ➢ Is a statement of desired functionality
➢ Second: The design ➢ How system will meet specification?
➢ Third: The implementation ➢ Programs/systems that carry out design ➢ Difficult to prove correctness of implementation
All of the above affect the level of trust we will have in the system
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 13
2
Assurance
![Page 133: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/133.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 13
3
9. Operational Issues
![Page 134: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/134.jpg)
➢ Cost-Benefit Analysis ➢ Is it cheaper to prevent or recover?
➢ Risk Analysis ➢ Should we protect something? ➢ How much should we protect this thing? (What is the
likelihood of a successful attack?)
➢ Laws and Customs ➢ Are the desired security measures illegal or unethical thereby
limiting their utility? ➢ Will the enforcers perform them?
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 13
4
Operational Issues
![Page 135: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/135.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 13
5
10.Human Issues
![Page 136: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/136.jpg)
➢ Organizational Problems ➢ Power and responsibility ➢ Financial benefits
➢ People problems ➢ Outsiders and insiders ➢ Social engineering attacks
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 13
6
Human Issues
![Page 137: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/137.jpg)
➢ Sharing passwords
➢ “Social engineering”
➢ Maintenance ➢ Failure to update computer virus signatures ➢ Failure to install patches
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 13
7
The People Problem
![Page 138: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/138.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 13
8
11. Sources of Additional Information
![Page 139: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/139.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 13
9
Sources of Additional Information ➢ SANS Institute - Internet Storm Center
http://isc.sans.org/diary.html?storyid=7027
➢ SANS Institute – Critical Security Controls
https://www.sans.org/critical-security-controls/ ➢ US Computer Emergency Response Team (US-CERT)
https://www.us-cert.gov/ ➢ Krebs on Security http://krebsonsecurity.com/
![Page 140: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/140.jpg)
NEDAS Summer Social Training Event July 15, 2015
©2015 Televerage International 14
0
Thank You!
![Page 141: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/141.jpg)
The EvoluCon of DAS Ownership
Panelists
Dennis Rigney Vice President of Sales
SOLiD
Presented by SOLiD
Chief Alan Perdue ExecuIve Director
Safer Building CoaliIon Mike Collado
Vice President of MarkeIng SOLiD
Pete Dawson Strategy, Research and Design
Engineering Sprint
David Fox Director of Business Development
American Tower
Moderator
![Page 142: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/142.jpg)
NEDAS Toronto: The Art of Development
September 29th
What’s Up Next?
![Page 143: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/143.jpg)
LocaCon
• Venue – 2nd Floor Events 461 King St w Toronto, ON M5V 1K4
• Hotel Room Block
– Toronto Marriok Eaton Centre Hotel
![Page 144: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/144.jpg)
Who Should Akend?
Public Safety
Construction Engineer Manufacturing Engineer
Legal Telecommunications Vendors
Finance Real Estate
Government & City Officials Architects
Carriers
Engineer
![Page 145: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/145.jpg)
• Create new opportuniCes • RelaConship and business development • New tools and resources to enhance business opportuniCes
Theme: The Art of Development
![Page 146: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/146.jpg)
• 125+ Akendees • Half-‐day full of panel discussions • Meet and greet networking recepCon • Exhibits and Table Top Displays • NEDASConnect App *NEW*
What Can You Expect?
![Page 147: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/147.jpg)
• Reach over 4,000+ industry connecCons • Limited sponsorship opportuniCes include:
– *Exclusive NEDASconnect App – MarkeCng tabletop/exhibits – Charging staCon – And more!
• Contact: [email protected]
Sponsorship OpportuniCes
![Page 148: NEDAS Boston Workshop Presentations - July 15, 2015](https://reader034.fdocuments.net/reader034/viewer/2022042717/55d37f97bb61ebe4378b47d6/html5/thumbnails/148.jpg)
For more informa8on visit: www.nedas.com
#NEDASBoston and now
#NEDASToronto