SlideShare uma empresa Scribd logo

20101012 isa larry_clinton

CIONET
CIONET
Tecnologia
1 de 42
Baixar para ler offline
Larry Clinton President & CEO Internet Security Alliance lclinton@isalliance.org 703-907-7028 202-236-0001
Board of Directors Ty Sagalow, Esq. Chair President, Innovation Division, Zurich J. Michael Hickey, 1st Vice Chair VP Government Affairs, Verizon Tim McKnight Second V Chair CSO, Northrop Grumman • Joe Buonomo, President, DCR • Jeff Brown, CISO/Director IT Infrastructure, Raytheon •  Lt. Gen. Charlie Croom (Ret.) VP Cyber Security, Lockheed Martin • Paul Davis, CTO, NJVC • Eric Guerrino, SVP/CIO, Bank of New York/Mellon Financial • Pradeep Khosla, Dean Carnegie Mellon School of Computer Sciences • Bruno Mahlmann, VP Cyber Security, Dell • Gary McAlum, CSO, USAA •  Kevin Meehan, VP & CISO, Boeing • Andy Purdy, Chief Cybersecurity Strategist, CSC • Ken Silva, CSO, VeriSign • Justin Somaini, CISO Symantec
ISAlliance Mission Statement ISA seeks to integrate advancements in technology with pragmatic business needs and enlightened public policy to create a sustainable system of cyber security.
ISA Priority Programs •  Security standards for VOIP-Smart Phones CCP •  Securing the Global IT Supply Chain •  New Model for information sharing •  Navigating Compliance with advanced technology and multiple jurisdictions •  The Cyber Security Social Contract (Partnership model for industry and govt. based on market principles •  Corporate financial risk management of cyber security
The Past
The Present Source: http://cm.bell-labs.com/who/ches/map/gallery/index.html
Growth in Incidents Reported to the CERT/CC
History of Cyber Security •  The computer Revolution •  The desktop Revolution •  The broadband/digital revolution •  Y2K •  Attacks for grins and giggles •  The perimeter defense/resiliency model •  The information sharing approach
Faces of Attackers… Then Joseph McElroy Hacked US Dept of Energy Chen-Ing Hau CIH Virus Jeffrey Lee Parson Blaster-B Copycat
Faces of Attackers… Now Jay Echouafni Jeremy Jaynes Andrew Schwarmkoff $24M SPAM KING Russian Mob Phisher Competitive DDoS
The Threat Landscape is Changing Early Attacks New Era Attacks Defense: Reactive AV Multi-layer pre-emptive and behavioral signatures systems Recovery: Scan & remove System wide, sometimes impossible without re-image of system Type: Virus, worm, spyware Targeted malware, root kits, spear phishing, ransom ware, denial of service, back door taps, trojans, IW
The Internet Now •  Vulnerabilities are on client-side applications word, spreadsheets, printers, etc. •  Today, attackers perpetrate fraud, gather intelligence, or conduct blackmail •  The number of new threats to the Internet jumped 500% between 2006 and 2007 and doubled again between 2007 and 2008---1000% increase---- Symantec
Characteristics of the New Attackers •  Shift to profit motive •  Zero day exploits •  Increased investment and innovation in malcode •  Increased use of stealth techniques
The Internet Changes Everything •  Concepts of Privacy •  Concepts of National Defense •  Concepts of Self •  Concepts of Economics •  We have been focused on the HOW cyber attacks we need to focus on the WHY ($) •  Cyber security is an economic/strategic issue as much operational/technical one
How Series a problem do we have? •  Vulnerabilities and attacks increasing at a pace too difficult to count •  Loss estimates are between billions and a trillion •  The National Intelligence Estimate •  The APT •  Suxtnet •  We don’t know what we don’t know---it could be worse…
Advanced Persistent Threat (APT) “We have seen a dramatic change in info security incidents. Superbly capable teams of attackers have successfully expanded their attacks…These intrusions are well funded and organized. They are not hackers. Their motivations and techniques are different. They are professionals and their success rate is impressive. They successfully evade antivirus & network intrusion and remain inside the targets network while the target believes they have been eradicated. Their motive is to steal data & establish a way to come back later and steal more.”
The Insider Threat This year marks the first time "employees" beat out "hackers" as the most likely source of a security incident. Executives in the security field, with the most visibility into incidents, were even more likely to name employees as the source. ----PricewaterhouseCoopers 2010 Global Information Security Survey
Cyber Security and the Economy The state of Internet security is eroding quickly. Trust in online transactions is evaporating, and it will require strong security leadership for that trust to be restored. For the Internet to remain the juggernaut of commerce and productivity it has become will require more, not less, input from security. ----PWC Global Cyber Security Survey
CSIS Global Info Security Study 2010 •  Critical infrastructure operators report their IT networks are under repeated cyber attacks by high level adversaries (including foreign govts) The impact is severe the costs high and borne widely. •  Oil and Gas had the highest degree of penetration at 71% (compared with 54% overall) with potential for large scale power outages or man made environmental disasters •  Costs from attacks up to $6 million a day w/ considerable variation in expectation as to who will bear the costs.
Cyber Economics is not well understood •  Costs for bad behavior are not transparent and always born by the bad actor •  Attacks on the edge of the network (w/out incentive to secure) are used to steal from the core of the network (where security investment is undermined) •  Industry is on the front lines to defend vs. cyber attacks and is expected to pay for this government function •  Industry and Govt. economics are very different
CURRENT ECONOMIC INCENTIVES FAVOR ATTACKERS •  Attacks are cheap and easy •  Vulnerabilities are almost infinite •  Profits from attacks are enormous ($ 1 TRILLION in 08) •  Defense is costly (Usually no ROI) •  Defense is often futile •  Costs of Attacks are distributed
Digital Growth? Sure •  “Companies have built into their business models the efficiencies of digital technologies such as real time tracking of supply lines, inventory management and on- line commerce. The continued expansion of the digital lifestyle is already built into almost every company’s assumptions for growth.” ---Stanford University Study, July 2006
Cost Issues: CSIS 2010 Overall, cost was most frequently cited as “the biggest obstacle to ensuring the security of critical networks. p14 Making the business case for cybersecurity remains a major challenge, because management often does not understand either the scale of the threat or the requirements for a solutions. p14 The number one barrier is the security folks who haven’t been able to communicate the urgency well enough and they haven’t actually been able to persuade the decision makers of the reality of the threat. p14 Making the business case for security could be a challenge – no one wants to pay their insurance bill until the building burns down. p15
Cost Issues PWC 2011 •  “Executives worldwide have been reluctant to release funding to support Info security. •  “As spending constraint continues “block and tackle” security capabilities that took decades to build up are degrading creating new levels of risk’ •  “Increased risk elevates the importance of security & ongoing cost reduction makes adequate security difficult to achieve.” •  47% reported decreasing info security spending in 2010, same as in 2009”
We are not cyber structured •  In 85% of companies the CFO is not directly involved in information security •  2/3 of companies don’t have a risk plan •  83% of companies don’t have a cross organizational privacy/security team •  Less than ½ have a formal risk management plan —1/3 of the ones who do don’t consider cyber in the plan •  In 2010 50%-66% of companies are deferring or reducing investment in cyber security
The Good News: We know (mostly)what to do! •  PWC/Gl Information Study 2006--- best practices 100% •  CIA 2007---90% can be stopped •  Verizon 2008—87% can be stopped •  NSA 2009---80% can be prevented •  Secret Service/Verizon 2010---94% can be stopped or mitigated by adopting inexpensive best practices and standards already existing
Are We doing it? CIOnet •  84% have analyzed cyber liabilities (very good) •  82 %have audits (1/5 do not audit) •  72% training (28% do not train) •  68% discipline policy (32% do not) •  80% assess biggest vulnerability at least 1 a year •  65% update incident response plans 1 a year •  40% Crisis management & enhanced tech know •  0 % Monetary incentives
WARNING !!!!!!!!!!!!!!!!! THIS IS NOT MY DATA
Baseline: How is Europe Doing? (PWC data) “With confidence, persistence and momentum, Asia lines up on the runway to become the new global leader in information security. With more caution and restraint and without the same promise of growth that Asia expects—North America idles its engines. South America presses the gas pedal and the breaks at the same time, while Europe displays a marked lack of direction and urgency” ----Global Info Security Study 2010
More on How Europe is Doing (PWC data) Europe now trails other regions in maturity across most security capabilities. Europe continues to suffer poor visibility into security events and as a result may be unaware of the true impact of events on business. And while 68% or European respondents say their organization places a high level of importance on protecting sensitive customer information, the responses from other global regions (Asia 80%, N American 80% and S America (76%) reflect more conviction and urgency. -----Global Info Security Survey 2010
We need a total risk management approach The security discipline has so far been skewed toward technology—firewalls, ID management, intrusion detection—instead of risk analysis and proactive intelligence gathering. PWC Global Cyber Security Survey We have to shift our focus from considering cybersecurity as a technical-operational issue to a economic-strategic issue
Obama: What We Need to Do It is not enough for the information technology workforce to understand the importance of cybersecurity; leaders at all levels of government and industry need to be able to make business and investment decisions based on knowledge of risks and potential impacts. Obama Administration Cyber Space Policy Review May 30, 2009 page 15
What Role for CIO? •  “There is a significant shift in the ongoing evolution of the CISOs reporting channel away from the CIO in favor of the companies senior business decision makers” (PWC 2011 Global Survey) •  Reporting Relationships of the CISO 2007-2010 To CIO--------------------- 23% (down 39%) To CEO --------------------36 % (up 13%) To CFO --------------------15% (up 36%) To COO--------------------15% (up 67%)
ANSI-ISA Program •  Outlines an enterprise wide process to attack cyber security broadly and economically •  CFO strategies •  HR strategies •  Legal/compliance strategies •  Operations/technology strategies •  Communications strategies •  Risk Management/insurance strategies
What CFO needs to do •  Own the problem •  Appoint an enterprise wide cyber risk team •  Meet regularly •  Develop an enterprise wide cyber risk management plan •  Develop an enterprise wide cyber risk budget •  Implement the plan, analyze it regularly, test and reform based on EW feedback
Human Resources •  Recruitment •  Awareness •  Remote Access •  Compensate for cyber security •  Discipline for bad behavior •  Manage social networking •  Beware of vulnerability especially from IT and former employees
Legal/Compliance Cyber Issues •  What rules/regulations apply to us and partners? •  Exposure to theft of our trade secrets? •  Exposure to shareholder and class action suits? •  Are we prepared for govt. investigations? •  Are we prepared for suits by customers and suppliers? •  Are our contracts up to date and protecting us?
Operations/IT •  What are our biggest vulnerabilities? Re-evaluate? •  What is the maturity of our information classification systems? •  Are we complying with best practices/standards •  How good is our physical security? •  Do we have an incident response plan? •  How long till we are back up?---do we want that? •  Continuity Plan? Vendors/partners/providers plan?
Communications •  Do we have a plan for multiple audiences? --general public --shareholders --government/regulators --affected clients --employees --press
Insurance— Risk Management •  Are we covered?----Are we sure????????? •  What can be covered •  How do we measure cyber losses? •  D and O exposure? •  Who sells cyber insurance & what does it cost? •  How do we evaluate insurance coverage?
Larry Clinton President & CEO Internet Security Alliance lclinton@isalliance.org 703-907-7028 202-236-0001 www.isalliance.org

Recomendados

20101012 CIOnet Cyber Security Final Results
20101012 CIOnet Cyber Security Final Results20101012 CIOnet Cyber Security Final Results
20101012 CIOnet Cyber Security Final ResultsCIONET
 
20101116 deckers
20101116 deckers20101116 deckers
20101116 deckersCIONET
 
Top 10 leading fraud detection and prevention solution providers
Top 10 leading fraud detection and prevention solution providersTop 10 leading fraud detection and prevention solution providers
Top 10 leading fraud detection and prevention solution providersMerry D'souza
 
Federal IT Initiatives - BDPA Conference Executive Panel
Federal IT Initiatives - BDPA Conference Executive PanelFederal IT Initiatives - BDPA Conference Executive Panel
Federal IT Initiatives - BDPA Conference Executive PanelBDPA Education and Technology Foundation
 
Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Don Grauel
 
White Paper: Mobile Security
White Paper: Mobile SecurityWhite Paper: Mobile Security
White Paper: Mobile SecurityRogers Communications
 
Ensuring Cyber Security Resilience with a Skilled Workforce
Ensuring Cyber Security Resilience with a Skilled Workforce Ensuring Cyber Security Resilience with a Skilled Workforce
Ensuring Cyber Security Resilience with a Skilled Workforce Zeshan Sattar
 
Cybersecurity & the Board of Directors
Cybersecurity & the Board of DirectorsCybersecurity & the Board of Directors
Cybersecurity & the Board of DirectorsAbdul-Hakeem Ajijola
 

Recomendados

20101012 CIOnet Cyber Security Final Results
20101012 CIOnet Cyber Security Final Results20101012 CIOnet Cyber Security Final Results
20101012 CIOnet Cyber Security Final ResultsCIONET
 
20101116 deckers
20101116 deckers20101116 deckers
20101116 deckersCIONET
 
Top 10 leading fraud detection and prevention solution providers
Top 10 leading fraud detection and prevention solution providersTop 10 leading fraud detection and prevention solution providers
Top 10 leading fraud detection and prevention solution providersMerry D'souza
 
Federal IT Initiatives - BDPA Conference Executive Panel
Federal IT Initiatives - BDPA Conference Executive PanelFederal IT Initiatives - BDPA Conference Executive Panel
Federal IT Initiatives - BDPA Conference Executive PanelBDPA Education and Technology Foundation
 
Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Don Grauel
 
White Paper: Mobile Security
White Paper: Mobile SecurityWhite Paper: Mobile Security
White Paper: Mobile SecurityRogers Communications
 
Ensuring Cyber Security Resilience with a Skilled Workforce
Ensuring Cyber Security Resilience with a Skilled Workforce Ensuring Cyber Security Resilience with a Skilled Workforce
Ensuring Cyber Security Resilience with a Skilled Workforce Zeshan Sattar
 
Cybersecurity & the Board of Directors
Cybersecurity & the Board of DirectorsCybersecurity & the Board of Directors
Cybersecurity & the Board of DirectorsAbdul-Hakeem Ajijola
 
Security annual report_mid2010
Security annual report_mid2010Security annual report_mid2010
Security annual report_mid2010thaiantivirus
 
Omlis Data Breaches Report - An Inside Perspective
Omlis Data Breaches Report - An Inside Perspective Omlis Data Breaches Report - An Inside Perspective
Omlis Data Breaches Report - An Inside Perspective Omlis
 
The Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseThe Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseReadWrite
 
Cyber Security - Things you need to know
Cyber Security - Things you need to knowCyber Security - Things you need to know
Cyber Security - Things you need to knowNathan Desfontaines
 
Raise The Cybersecurity Curtain! Be The Voice!
Raise The Cybersecurity Curtain! Be The Voice!Raise The Cybersecurity Curtain! Be The Voice!
Raise The Cybersecurity Curtain! Be The Voice!Ludmila Morozova-Buss
 
CCIAOR Cyber Security Forum
CCIAOR Cyber Security ForumCCIAOR Cyber Security Forum
CCIAOR Cyber Security ForumCCIAOR
 
GCC eGov Cyberwar, Cybercrime Risks and Defences 2010
GCC eGov Cyberwar, Cybercrime Risks and Defences 2010GCC eGov Cyberwar, Cybercrime Risks and Defences 2010
GCC eGov Cyberwar, Cybercrime Risks and Defences 2010Jorge Sebastiao
 
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared CarstensenCyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensenjaredcarst
 
Webinar: Understanding the Cyber Threat Landscape for Nonprofits
Webinar: Understanding the Cyber Threat Landscape for NonprofitsWebinar: Understanding the Cyber Threat Landscape for Nonprofits
Webinar: Understanding the Cyber Threat Landscape for NonprofitsWithum
 
Norman Broadbent Cybersecurity Report - How should boards respond
Norman Broadbent Cybersecurity Report - How should boards respondNorman Broadbent Cybersecurity Report - How should boards respond
Norman Broadbent Cybersecurity Report - How should boards respondLydia Shepherd
 
Raise The Cybersecurity Curtain. Predictions 2021
Raise The Cybersecurity Curtain. Predictions 2021Raise The Cybersecurity Curtain. Predictions 2021
Raise The Cybersecurity Curtain. Predictions 2021Ludmila Morozova-Buss
 
Ten Security Essentials for CIOs
Ten Security Essentials for CIOsTen Security Essentials for CIOs
Ten Security Essentials for CIOsIBM Security
 
Cybersecurity and The Board
Cybersecurity and The BoardCybersecurity and The Board
Cybersecurity and The BoardPaul Melson
 
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...Withum
 
THE 5 CHALLENGES
THE 5 CHALLENGESTHE 5 CHALLENGES
THE 5 CHALLENGESMartin Andenmatten
 
Protecting Your Business From Cyber Risks
Protecting Your Business From Cyber RisksProtecting Your Business From Cyber Risks
Protecting Your Business From Cyber RisksThis account is closed
 
NACD Directorship Article - Cyber July:Aug 2015 published
NACD Directorship Article - Cyber July:Aug 2015 publishedNACD Directorship Article - Cyber July:Aug 2015 published
NACD Directorship Article - Cyber July:Aug 2015 publishedPrista Corporation
 
Spotlight on Technology 2017
Spotlight on Technology 2017Spotlight on Technology 2017
Spotlight on Technology 2017Craig Devlin
 
The ever increasing threat of cyber crime
The ever increasing threat of cyber crimeThe ever increasing threat of cyber crime
The ever increasing threat of cyber crimeNathan Desfontaines
 
News letter oct 12
News letter oct 12News letter oct 12
News letter oct 12Capt SB Tyagi, COAC'CC*,FISM,CSC,
 
European services outsourcing trends
European services outsourcing trendsEuropean services outsourcing trends
European services outsourcing trendsCIONET
 
European IT trends 2014 (Chinese)
European IT trends 2014 (Chinese)European IT trends 2014 (Chinese)
European IT trends 2014 (Chinese)CIONET
 

Mais conteúdo relacionado

Mais procurados

Security annual report_mid2010
Security annual report_mid2010Security annual report_mid2010
Security annual report_mid2010thaiantivirus
 
Omlis Data Breaches Report - An Inside Perspective
Omlis Data Breaches Report - An Inside Perspective Omlis Data Breaches Report - An Inside Perspective
Omlis Data Breaches Report - An Inside Perspective Omlis
 
The Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseThe Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseReadWrite
 
Cyber Security - Things you need to know
Cyber Security - Things you need to knowCyber Security - Things you need to know
Cyber Security - Things you need to knowNathan Desfontaines
 
Raise The Cybersecurity Curtain! Be The Voice!
Raise The Cybersecurity Curtain! Be The Voice!Raise The Cybersecurity Curtain! Be The Voice!
Raise The Cybersecurity Curtain! Be The Voice!Ludmila Morozova-Buss
 
CCIAOR Cyber Security Forum
CCIAOR Cyber Security ForumCCIAOR Cyber Security Forum
CCIAOR Cyber Security ForumCCIAOR
 
GCC eGov Cyberwar, Cybercrime Risks and Defences 2010
GCC eGov Cyberwar, Cybercrime Risks and Defences 2010GCC eGov Cyberwar, Cybercrime Risks and Defences 2010
GCC eGov Cyberwar, Cybercrime Risks and Defences 2010Jorge Sebastiao
 
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared CarstensenCyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensenjaredcarst
 
Webinar: Understanding the Cyber Threat Landscape for Nonprofits
Webinar: Understanding the Cyber Threat Landscape for NonprofitsWebinar: Understanding the Cyber Threat Landscape for Nonprofits
Webinar: Understanding the Cyber Threat Landscape for NonprofitsWithum
 
Norman Broadbent Cybersecurity Report - How should boards respond
Norman Broadbent Cybersecurity Report - How should boards respondNorman Broadbent Cybersecurity Report - How should boards respond
Norman Broadbent Cybersecurity Report - How should boards respondLydia Shepherd
 
Raise The Cybersecurity Curtain. Predictions 2021
Raise The Cybersecurity Curtain. Predictions 2021Raise The Cybersecurity Curtain. Predictions 2021
Raise The Cybersecurity Curtain. Predictions 2021Ludmila Morozova-Buss
 
Ten Security Essentials for CIOs
Ten Security Essentials for CIOsTen Security Essentials for CIOs
Ten Security Essentials for CIOsIBM Security
 
Cybersecurity and The Board
Cybersecurity and The BoardCybersecurity and The Board
Cybersecurity and The BoardPaul Melson
 
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...Withum
 
Protecting Your Business From Cyber Risks
Protecting Your Business From Cyber RisksProtecting Your Business From Cyber Risks
Protecting Your Business From Cyber RisksThis account is closed
 
NACD Directorship Article - Cyber July:Aug 2015 published
NACD Directorship Article - Cyber July:Aug 2015 publishedNACD Directorship Article - Cyber July:Aug 2015 published
NACD Directorship Article - Cyber July:Aug 2015 publishedPrista Corporation
 
Spotlight on Technology 2017
Spotlight on Technology 2017Spotlight on Technology 2017
Spotlight on Technology 2017Craig Devlin
 
The ever increasing threat of cyber crime
The ever increasing threat of cyber crimeThe ever increasing threat of cyber crime
The ever increasing threat of cyber crimeNathan Desfontaines
 

Mais procurados (20)

Security annual report_mid2010
Security annual report_mid2010Security annual report_mid2010
Security annual report_mid2010
 
Omlis Data Breaches Report - An Inside Perspective
Omlis Data Breaches Report - An Inside Perspective Omlis Data Breaches Report - An Inside Perspective
Omlis Data Breaches Report - An Inside Perspective
 
The Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseThe Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's Enterprise
 
Cyber Security - Things you need to know
Cyber Security - Things you need to knowCyber Security - Things you need to know
Cyber Security - Things you need to know
 
Raise The Cybersecurity Curtain! Be The Voice!
Raise The Cybersecurity Curtain! Be The Voice!Raise The Cybersecurity Curtain! Be The Voice!
Raise The Cybersecurity Curtain! Be The Voice!
 
CCIAOR Cyber Security Forum
CCIAOR Cyber Security ForumCCIAOR Cyber Security Forum
CCIAOR Cyber Security Forum
 
GCC eGov Cyberwar, Cybercrime Risks and Defences 2010
GCC eGov Cyberwar, Cybercrime Risks and Defences 2010GCC eGov Cyberwar, Cybercrime Risks and Defences 2010
GCC eGov Cyberwar, Cybercrime Risks and Defences 2010
 
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared CarstensenCyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
 
Webinar: Understanding the Cyber Threat Landscape for Nonprofits
Webinar: Understanding the Cyber Threat Landscape for NonprofitsWebinar: Understanding the Cyber Threat Landscape for Nonprofits
Webinar: Understanding the Cyber Threat Landscape for Nonprofits
 
Norman Broadbent Cybersecurity Report - How should boards respond
Norman Broadbent Cybersecurity Report - How should boards respondNorman Broadbent Cybersecurity Report - How should boards respond
Norman Broadbent Cybersecurity Report - How should boards respond
 
Raise The Cybersecurity Curtain. Predictions 2021
Raise The Cybersecurity Curtain. Predictions 2021Raise The Cybersecurity Curtain. Predictions 2021
Raise The Cybersecurity Curtain. Predictions 2021
 
Ten Security Essentials for CIOs
Ten Security Essentials for CIOsTen Security Essentials for CIOs
Ten Security Essentials for CIOs
 
Cybersecurity and The Board
Cybersecurity and The BoardCybersecurity and The Board
Cybersecurity and The Board
 
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
 
THE 5 CHALLENGES
THE 5 CHALLENGESTHE 5 CHALLENGES
THE 5 CHALLENGES
 
Protecting Your Business From Cyber Risks
Protecting Your Business From Cyber RisksProtecting Your Business From Cyber Risks
Protecting Your Business From Cyber Risks
 
NACD Directorship Article - Cyber July:Aug 2015 published
NACD Directorship Article - Cyber July:Aug 2015 publishedNACD Directorship Article - Cyber July:Aug 2015 published
NACD Directorship Article - Cyber July:Aug 2015 published
 
Spotlight on Technology 2017
Spotlight on Technology 2017Spotlight on Technology 2017
Spotlight on Technology 2017
 
The ever increasing threat of cyber crime
The ever increasing threat of cyber crimeThe ever increasing threat of cyber crime
The ever increasing threat of cyber crime
 
News letter oct 12
News letter oct 12News letter oct 12
News letter oct 12
 

Destaque

European services outsourcing trends
European services outsourcing trendsEuropean services outsourcing trends
European services outsourcing trendsCIONET
 
European IT trends 2014 (Chinese)
European IT trends 2014 (Chinese)European IT trends 2014 (Chinese)
European IT trends 2014 (Chinese)CIONET
 
Digital Agenda Scoreboard 2013: Italy
Digital Agenda Scoreboard 2013: ItalyDigital Agenda Scoreboard 2013: Italy
Digital Agenda Scoreboard 2013: ItalyCIONET
 
The Changing Role of the CIO by CIONET Luxembourg Dec. 17th | agenda
The Changing Role of the CIO by CIONET Luxembourg Dec. 17th | agendaThe Changing Role of the CIO by CIONET Luxembourg Dec. 17th | agenda
The Changing Role of the CIO by CIONET Luxembourg Dec. 17th | agendaCIONET
 
European IT Services outsourcing market (Chinese)
European IT Services outsourcing market (Chinese)European IT Services outsourcing market (Chinese)
European IT Services outsourcing market (Chinese)CIONET
 
European IT trends 2014 (Japanese)
European IT trends 2014 (Japanese)European IT trends 2014 (Japanese)
European IT trends 2014 (Japanese)CIONET
 
The future of IT
The future of ITThe future of IT
The future of ITCIONET
 

Destaque (7)

European services outsourcing trends
European services outsourcing trendsEuropean services outsourcing trends
European services outsourcing trends
 
European IT trends 2014 (Chinese)
European IT trends 2014 (Chinese)European IT trends 2014 (Chinese)
European IT trends 2014 (Chinese)
 
Digital Agenda Scoreboard 2013: Italy
Digital Agenda Scoreboard 2013: ItalyDigital Agenda Scoreboard 2013: Italy
Digital Agenda Scoreboard 2013: Italy
 
The Changing Role of the CIO by CIONET Luxembourg Dec. 17th | agenda
The Changing Role of the CIO by CIONET Luxembourg Dec. 17th | agendaThe Changing Role of the CIO by CIONET Luxembourg Dec. 17th | agenda
The Changing Role of the CIO by CIONET Luxembourg Dec. 17th | agenda
 
European IT Services outsourcing market (Chinese)
European IT Services outsourcing market (Chinese)European IT Services outsourcing market (Chinese)
European IT Services outsourcing market (Chinese)
 
European IT trends 2014 (Japanese)
European IT trends 2014 (Japanese)European IT trends 2014 (Japanese)
European IT trends 2014 (Japanese)
 
The future of IT
The future of ITThe future of IT
The future of IT
 

Semelhante a 20101012 isa larry_clinton

Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...PECB
 
Cyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber ShocksCyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber ShocksPhil Huggins FBCS CITP
 
Guarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptx
Guarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptxGuarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptx
Guarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptxANA Cyber Security Forensic Pvt. Ltd.
 
Airport security 2013 john mc carthy
Airport security 2013 john mc carthyAirport security 2013 john mc carthy
Airport security 2013 john mc carthyRussell Publishing
 
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and AdaptabilityPat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptabilityitnewsafrica
 
December ISSA Meeting Executive Security Presentation
December ISSA Meeting Executive Security PresentationDecember ISSA Meeting Executive Security Presentation
December ISSA Meeting Executive Security Presentationwhmillerjr
 
Cyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxCyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxRambilashTudu
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)Sarah Jarvis
 
SOD-Presentation-Des-Moines-10.19.21-v2.pptx
SOD-Presentation-Des-Moines-10.19.21-v2.pptxSOD-Presentation-Des-Moines-10.19.21-v2.pptx
SOD-Presentation-Des-Moines-10.19.21-v2.pptxTamaOlan1
 
MT 117 Key Innovations in Cybersecurity
MT 117 Key Innovations in CybersecurityMT 117 Key Innovations in Cybersecurity
MT 117 Key Innovations in CybersecurityDell EMC World
 
Module 1 (legality)
Module 1 (legality)Module 1 (legality)
Module 1 (legality)Wail Hassan
 
2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurityMatthew Rosenquist
 
Trending it security threats in the public sector
Trending it security threats in the public sectorTrending it security threats in the public sector
Trending it security threats in the public sectorCore Security
 
Dell Technologies Cyber Security playbook
Dell Technologies Cyber Security playbookDell Technologies Cyber Security playbook
Dell Technologies Cyber Security playbookMargarete McGrath
 
Steel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. Hawkins
Steel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. HawkinsSteel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. Hawkins
Steel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. Hawkinslthawkins
 
Cyber security by Gaurav Singh
Cyber security by Gaurav SinghCyber security by Gaurav Singh
Cyber security by Gaurav SinghGaurav Singh
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...Citrin Cooperman
 

Semelhante a 20101012 isa larry_clinton (20)

Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
 
Cyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber ShocksCyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber Shocks
 
Guarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptx
Guarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptxGuarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptx
Guarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptx
 
Airport security 2013 john mc carthy
Airport security 2013 john mc carthyAirport security 2013 john mc carthy
Airport security 2013 john mc carthy
 
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and AdaptabilityPat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
 
December ISSA Meeting Executive Security Presentation
December ISSA Meeting Executive Security PresentationDecember ISSA Meeting Executive Security Presentation
December ISSA Meeting Executive Security Presentation
 
Cyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxCyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptx
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
 
SOD-Presentation-Des-Moines-10.19.21-v2.pptx
SOD-Presentation-Des-Moines-10.19.21-v2.pptxSOD-Presentation-Des-Moines-10.19.21-v2.pptx
SOD-Presentation-Des-Moines-10.19.21-v2.pptx
 
MT 117 Key Innovations in Cybersecurity
MT 117 Key Innovations in CybersecurityMT 117 Key Innovations in Cybersecurity
MT 117 Key Innovations in Cybersecurity
 
Module 1 (legality)
Module 1 (legality)Module 1 (legality)
Module 1 (legality)
 
File000119
File000119File000119
File000119
 
2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity
 
Trending it security threats in the public sector
Trending it security threats in the public sectorTrending it security threats in the public sector
Trending it security threats in the public sector
 
Dell Technologies Cyber Security playbook
Dell Technologies Cyber Security playbookDell Technologies Cyber Security playbook
Dell Technologies Cyber Security playbook
 
Cybersecurity - Sam Maccherola
Cybersecurity - Sam MaccherolaCybersecurity - Sam Maccherola
Cybersecurity - Sam Maccherola
 
Steel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. Hawkins
Steel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. HawkinsSteel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. Hawkins
Steel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. Hawkins
 
Resilience in the Cyber Era
Resilience in the Cyber EraResilience in the Cyber Era
Resilience in the Cyber Era
 
Cyber security by Gaurav Singh
Cyber security by Gaurav SinghCyber security by Gaurav Singh
Cyber security by Gaurav Singh
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
 

Mais de CIONET

European services outsourcing trends 2014
European services outsourcing trends 2014European services outsourcing trends 2014
European services outsourcing trends 2014CIONET
 
European IT Services Outsourcing market (Japanese)
European IT Services Outsourcing market (Japanese)European IT Services Outsourcing market (Japanese)
European IT Services Outsourcing market (Japanese)CIONET
 
Présentation "big data" Philippe Nieuwbourg
Présentation "big data" Philippe Nieuwbourg Présentation "big data" Philippe Nieuwbourg
Présentation "big data" Philippe NieuwbourgCIONET
 
CIONET 2
CIONET 2CIONET 2
CIONET 2CIONET
 
Agenda Evento CIOnet - Agenda Digital europea
Agenda Evento CIOnet - Agenda Digital europeaAgenda Evento CIOnet - Agenda Digital europea
Agenda Evento CIOnet - Agenda Digital europeaCIONET
 
Joaquín Reyes-CEPSA
Joaquín Reyes-CEPSAJoaquín Reyes-CEPSA
Joaquín Reyes-CEPSACIONET
 
Ppt Samuel Ronquillo-Cemex.pptx
Ppt Samuel Ronquillo-Cemex.pptxPpt Samuel Ronquillo-Cemex.pptx
Ppt Samuel Ronquillo-Cemex.pptxCIONET
 
CIOnet Spain Annual Event_Javier Gómez Guillamón
CIOnet Spain Annual Event_Javier Gómez GuillamónCIOnet Spain Annual Event_Javier Gómez Guillamón
CIOnet Spain Annual Event_Javier Gómez GuillamónCIONET
 
20090210 Ci Onet Belgium Plans 2009
20090210 Ci Onet Belgium Plans 200920090210 Ci Onet Belgium Plans 2009
20090210 Ci Onet Belgium Plans 2009CIONET
 

Mais de CIONET (9)

European services outsourcing trends 2014
European services outsourcing trends 2014European services outsourcing trends 2014
European services outsourcing trends 2014
 
European IT Services Outsourcing market (Japanese)
European IT Services Outsourcing market (Japanese)European IT Services Outsourcing market (Japanese)
European IT Services Outsourcing market (Japanese)
 
Présentation "big data" Philippe Nieuwbourg
Présentation "big data" Philippe Nieuwbourg Présentation "big data" Philippe Nieuwbourg
Présentation "big data" Philippe Nieuwbourg
 
CIONET 2
CIONET 2CIONET 2
CIONET 2
 
Agenda Evento CIOnet - Agenda Digital europea
Agenda Evento CIOnet - Agenda Digital europeaAgenda Evento CIOnet - Agenda Digital europea
Agenda Evento CIOnet - Agenda Digital europea
 
Joaquín Reyes-CEPSA
Joaquín Reyes-CEPSAJoaquín Reyes-CEPSA
Joaquín Reyes-CEPSA
 
Ppt Samuel Ronquillo-Cemex.pptx
Ppt Samuel Ronquillo-Cemex.pptxPpt Samuel Ronquillo-Cemex.pptx
Ppt Samuel Ronquillo-Cemex.pptx
 
CIOnet Spain Annual Event_Javier Gómez Guillamón
CIOnet Spain Annual Event_Javier Gómez GuillamónCIOnet Spain Annual Event_Javier Gómez Guillamón
CIOnet Spain Annual Event_Javier Gómez Guillamón
 
20090210 Ci Onet Belgium Plans 2009
20090210 Ci Onet Belgium Plans 200920090210 Ci Onet Belgium Plans 2009
20090210 Ci Onet Belgium Plans 2009
 

Último

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 

Último (20)

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 

20101012 isa larry_clinton

  • 1. Larry Clinton President & CEO Internet Security Alliance lclinton@isalliance.org 703-907-7028 202-236-0001
  • 2. Board of Directors Ty Sagalow, Esq. Chair President, Innovation Division, Zurich J. Michael Hickey, 1st Vice Chair VP Government Affairs, Verizon Tim McKnight Second V Chair CSO, Northrop Grumman • Joe Buonomo, President, DCR • Jeff Brown, CISO/Director IT Infrastructure, Raytheon •  Lt. Gen. Charlie Croom (Ret.) VP Cyber Security, Lockheed Martin • Paul Davis, CTO, NJVC • Eric Guerrino, SVP/CIO, Bank of New York/Mellon Financial • Pradeep Khosla, Dean Carnegie Mellon School of Computer Sciences • Bruno Mahlmann, VP Cyber Security, Dell • Gary McAlum, CSO, USAA •  Kevin Meehan, VP & CISO, Boeing • Andy Purdy, Chief Cybersecurity Strategist, CSC • Ken Silva, CSO, VeriSign • Justin Somaini, CISO Symantec
  • 3.
  • 4. ISAlliance Mission Statement ISA seeks to integrate advancements in technology with pragmatic business needs and enlightened public policy to create a sustainable system of cyber security.
  • 5. ISA Priority Programs •  Security standards for VOIP-Smart Phones CCP •  Securing the Global IT Supply Chain •  New Model for information sharing •  Navigating Compliance with advanced technology and multiple jurisdictions •  The Cyber Security Social Contract (Partnership model for industry and govt. based on market principles •  Corporate financial risk management of cyber security
  • 8. Growth in Incidents Reported to the CERT/CC
  • 9. History of Cyber Security •  The computer Revolution •  The desktop Revolution •  The broadband/digital revolution •  Y2K •  Attacks for grins and giggles •  The perimeter defense/resiliency model •  The information sharing approach
  • 10. Faces of Attackers… Then Joseph McElroy Hacked US Dept of Energy Chen-Ing Hau CIH Virus Jeffrey Lee Parson Blaster-B Copycat
  • 11. Faces of Attackers… Now Jay Echouafni Jeremy Jaynes Andrew Schwarmkoff $24M SPAM KING Russian Mob Phisher Competitive DDoS
  • 12. The Threat Landscape is Changing Early Attacks New Era Attacks Defense: Reactive AV Multi-layer pre-emptive and behavioral signatures systems Recovery: Scan & remove System wide, sometimes impossible without re-image of system Type: Virus, worm, spyware Targeted malware, root kits, spear phishing, ransom ware, denial of service, back door taps, trojans, IW
  • 13. The Internet Now •  Vulnerabilities are on client-side applications word, spreadsheets, printers, etc. •  Today, attackers perpetrate fraud, gather intelligence, or conduct blackmail •  The number of new threats to the Internet jumped 500% between 2006 and 2007 and doubled again between 2007 and 2008---1000% increase---- Symantec
  • 14. Characteristics of the New Attackers •  Shift to profit motive •  Zero day exploits •  Increased investment and innovation in malcode •  Increased use of stealth techniques
  • 15. The Internet Changes Everything •  Concepts of Privacy •  Concepts of National Defense •  Concepts of Self •  Concepts of Economics •  We have been focused on the HOW cyber attacks we need to focus on the WHY ($) •  Cyber security is an economic/strategic issue as much operational/technical one
  • 16. How Series a problem do we have? •  Vulnerabilities and attacks increasing at a pace too difficult to count •  Loss estimates are between billions and a trillion •  The National Intelligence Estimate •  The APT •  Suxtnet •  We don’t know what we don’t know---it could be worse…
  • 17. Advanced Persistent Threat (APT) “We have seen a dramatic change in info security incidents. Superbly capable teams of attackers have successfully expanded their attacks…These intrusions are well funded and organized. They are not hackers. Their motivations and techniques are different. They are professionals and their success rate is impressive. They successfully evade antivirus & network intrusion and remain inside the targets network while the target believes they have been eradicated. Their motive is to steal data & establish a way to come back later and steal more.”
  • 18. The Insider Threat This year marks the first time "employees" beat out "hackers" as the most likely source of a security incident. Executives in the security field, with the most visibility into incidents, were even more likely to name employees as the source. ----PricewaterhouseCoopers 2010 Global Information Security Survey
  • 19. Cyber Security and the Economy The state of Internet security is eroding quickly. Trust in online transactions is evaporating, and it will require strong security leadership for that trust to be restored. For the Internet to remain the juggernaut of commerce and productivity it has become will require more, not less, input from security. ----PWC Global Cyber Security Survey
  • 20. CSIS Global Info Security Study 2010 •  Critical infrastructure operators report their IT networks are under repeated cyber attacks by high level adversaries (including foreign govts) The impact is severe the costs high and borne widely. •  Oil and Gas had the highest degree of penetration at 71% (compared with 54% overall) with potential for large scale power outages or man made environmental disasters •  Costs from attacks up to $6 million a day w/ considerable variation in expectation as to who will bear the costs.
  • 21. Cyber Economics is not well understood •  Costs for bad behavior are not transparent and always born by the bad actor •  Attacks on the edge of the network (w/out incentive to secure) are used to steal from the core of the network (where security investment is undermined) •  Industry is on the front lines to defend vs. cyber attacks and is expected to pay for this government function •  Industry and Govt. economics are very different
  • 22. CURRENT ECONOMIC INCENTIVES FAVOR ATTACKERS •  Attacks are cheap and easy •  Vulnerabilities are almost infinite •  Profits from attacks are enormous ($ 1 TRILLION in 08) •  Defense is costly (Usually no ROI) •  Defense is often futile •  Costs of Attacks are distributed
  • 23. Digital Growth? Sure •  “Companies have built into their business models the efficiencies of digital technologies such as real time tracking of supply lines, inventory management and on- line commerce. The continued expansion of the digital lifestyle is already built into almost every company’s assumptions for growth.” ---Stanford University Study, July 2006
  • 24. Cost Issues: CSIS 2010 Overall, cost was most frequently cited as “the biggest obstacle to ensuring the security of critical networks. p14 Making the business case for cybersecurity remains a major challenge, because management often does not understand either the scale of the threat or the requirements for a solutions. p14 The number one barrier is the security folks who haven’t been able to communicate the urgency well enough and they haven’t actually been able to persuade the decision makers of the reality of the threat. p14 Making the business case for security could be a challenge – no one wants to pay their insurance bill until the building burns down. p15
  • 25. Cost Issues PWC 2011 •  “Executives worldwide have been reluctant to release funding to support Info security. •  “As spending constraint continues “block and tackle” security capabilities that took decades to build up are degrading creating new levels of risk’ •  “Increased risk elevates the importance of security & ongoing cost reduction makes adequate security difficult to achieve.” •  47% reported decreasing info security spending in 2010, same as in 2009”
  • 26. We are not cyber structured •  In 85% of companies the CFO is not directly involved in information security •  2/3 of companies don’t have a risk plan •  83% of companies don’t have a cross organizational privacy/security team •  Less than ½ have a formal risk management plan —1/3 of the ones who do don’t consider cyber in the plan •  In 2010 50%-66% of companies are deferring or reducing investment in cyber security
  • 27. The Good News: We know (mostly)what to do! •  PWC/Gl Information Study 2006--- best practices 100% •  CIA 2007---90% can be stopped •  Verizon 2008—87% can be stopped •  NSA 2009---80% can be prevented •  Secret Service/Verizon 2010---94% can be stopped or mitigated by adopting inexpensive best practices and standards already existing
  • 28. Are We doing it? CIOnet •  84% have analyzed cyber liabilities (very good) •  82 %have audits (1/5 do not audit) •  72% training (28% do not train) •  68% discipline policy (32% do not) •  80% assess biggest vulnerability at least 1 a year •  65% update incident response plans 1 a year •  40% Crisis management & enhanced tech know •  0 % Monetary incentives
  • 30. Baseline: How is Europe Doing? (PWC data) “With confidence, persistence and momentum, Asia lines up on the runway to become the new global leader in information security. With more caution and restraint and without the same promise of growth that Asia expects—North America idles its engines. South America presses the gas pedal and the breaks at the same time, while Europe displays a marked lack of direction and urgency” ----Global Info Security Study 2010
  • 31. More on How Europe is Doing (PWC data) Europe now trails other regions in maturity across most security capabilities. Europe continues to suffer poor visibility into security events and as a result may be unaware of the true impact of events on business. And while 68% or European respondents say their organization places a high level of importance on protecting sensitive customer information, the responses from other global regions (Asia 80%, N American 80% and S America (76%) reflect more conviction and urgency. -----Global Info Security Survey 2010
  • 32. We need a total risk management approach The security discipline has so far been skewed toward technology—firewalls, ID management, intrusion detection—instead of risk analysis and proactive intelligence gathering. PWC Global Cyber Security Survey We have to shift our focus from considering cybersecurity as a technical-operational issue to a economic-strategic issue
  • 33. Obama: What We Need to Do It is not enough for the information technology workforce to understand the importance of cybersecurity; leaders at all levels of government and industry need to be able to make business and investment decisions based on knowledge of risks and potential impacts. Obama Administration Cyber Space Policy Review May 30, 2009 page 15
  • 34. What Role for CIO? •  “There is a significant shift in the ongoing evolution of the CISOs reporting channel away from the CIO in favor of the companies senior business decision makers” (PWC 2011 Global Survey) •  Reporting Relationships of the CISO 2007-2010 To CIO--------------------- 23% (down 39%) To CEO --------------------36 % (up 13%) To CFO --------------------15% (up 36%) To COO--------------------15% (up 67%)
  • 35. ANSI-ISA Program •  Outlines an enterprise wide process to attack cyber security broadly and economically •  CFO strategies •  HR strategies •  Legal/compliance strategies •  Operations/technology strategies •  Communications strategies •  Risk Management/insurance strategies
  • 36. What CFO needs to do •  Own the problem •  Appoint an enterprise wide cyber risk team •  Meet regularly •  Develop an enterprise wide cyber risk management plan •  Develop an enterprise wide cyber risk budget •  Implement the plan, analyze it regularly, test and reform based on EW feedback
  • 37. Human Resources •  Recruitment •  Awareness •  Remote Access •  Compensate for cyber security •  Discipline for bad behavior •  Manage social networking •  Beware of vulnerability especially from IT and former employees
  • 38. Legal/Compliance Cyber Issues •  What rules/regulations apply to us and partners? •  Exposure to theft of our trade secrets? •  Exposure to shareholder and class action suits? •  Are we prepared for govt. investigations? •  Are we prepared for suits by customers and suppliers? •  Are our contracts up to date and protecting us?
  • 39. Operations/IT •  What are our biggest vulnerabilities? Re-evaluate? •  What is the maturity of our information classification systems? •  Are we complying with best practices/standards •  How good is our physical security? •  Do we have an incident response plan? •  How long till we are back up?---do we want that? •  Continuity Plan? Vendors/partners/providers plan?
  • 40. Communications •  Do we have a plan for multiple audiences? --general public --shareholders --government/regulators --affected clients --employees --press
  • 41. Insurance— Risk Management •  Are we covered?----Are we sure????????? •  What can be covered •  How do we measure cyber losses? •  D and O exposure? •  Who sells cyber insurance & what does it cost? •  How do we evaluate insurance coverage?
  • 42. Larry Clinton President & CEO Internet Security Alliance lclinton@isalliance.org 703-907-7028 202-236-0001 www.isalliance.org