Adversary ROI: Why Spend $40B Developing It, When You Can Steal It for $1M?
|
|
- Alberta Patterson
- 8 years ago
- Views:
Transcription
1 Adversary ROI: Why Spend $40B Developing It, When You Can Steal It for $1M? Joshua Corman Akamai Technologies David Etue SafeNet Session ID: GRC-202 Session Classification: Intermediate
2 About Joshua Corman Director of Security Intelligence for Akamai Technologies Former Research Director, Enterprise Security [The 451 Group] Former Principal Security Strategist [IBM ISS] Industry: Expert Faculty: The Institute for Applied Network Security (IANS) 2009 NetworkWorld Top 10 Tech People to Know Co Founder of Rugged Software BLOG: Things I ve been researching: Compliance vs Security Disruptive Security for Disruptive Innovations Chaotic Actors Espionage Security Metrics 2
3 About David Etue Vice President, Corporate Development Strategy, SafeNet Former Cyber Security Practice Lead [PRTM Management Consultants] (now PwC) Former VP Products and Markets [Fidelis Security Systems] Former Manager, Information Security [General Electric Company] Industry: Expert Faculty: The Institute for Applied Network Security (IANS) Leads Washington Relations for Cyber Security Forum Initiative Certified Information Privacy Professional (CIPP/G) Cyber things that interest me: Adversary innovation Social media security Applying intelligence cycle / OODA loop in cyber Supply chain security 3
4 Agenda Why ROI and ROSI has failed us Adversary ROI Categorizing Threat Actors Application in the Real World
5 Why ROI and ROSI has failed us 5
6 How We Got Here A well managed Info/Cyber/Security/Assurance program requires intelligent allocation of scarce resources we can not protect everything Most organizations, especially large corporations, use Return on Investment (ROI) to make investment decisions ROI gave us a framework to talk to non-security people about the benefits of security investments 6
7 Why ROI failed ROI= Expected Returns Cost of Investment Cost of Investment at Net Present Value for an organization s required Rate of Return Seems simple, but how many people are experts in time value of money AND the OSI model? Typically applied in a vacuum Is a subscription or a perpetual license better? No actual gains the organization doesn t often profit from security investments Doesn t determine efficacy of security investment or commensurate investment levels 7
8 Does The Club have great ROI? No Help For Image from mroach on flickr Image from mlinksva on flickr 8
9 From the Failure of ROI comes ROSI Return on Security Investment (ROSI) created as a well intentioned way to apply risk metrics to ROI ROSI = ( Risk Exposure % Risk Mitigated ) Solution Cost Solution Cost Problems: Attack surface is approaching infinity (which is not a real number) Risk Mitigated can be both subjective and objective Practical application is: 9
10 Examples of Failures... 10
11 Thought Provoking Question: How Much Would You Spend To Protect This Bike? 11
12 The Adversary Doesn t Care About Your ROI/ROSI Adversaries don t care if you spend 4% or 12% of your IT budget on security Adversaries are object oriented Adversaries care if *they* can get a return on investment from an attack, not you 12
13 Adversary ROI 13
14 Why Adversary ROI Current approaches have too much focus on vulnerability Our attack surface is approaching infinity We cannot prioritize what to protect Adversaries have scarce resources too 14
15 Adversary ROI Came About By Looking at Risk A risk requires a threat and a vulnerability that results in a negative consequence Current State Proposed State? Threat Vulnerability Consequence We have finite resources, and must optimize the entire risk equation for our success!
16 Solely Managing Vulnerabilities Will Never Win New Vulnerability Vendor Starts Solution Development Technology Solution Available Declared Best Practice Added to Compliance Regulations Attacker Adoption Defender Adoption 0 Early Adopters Early Adopters Early Majority Late Majority Laggards Extensive Lag Between Attack, Innovation, Solution, and Adoption 16
17 What is a Threat? A Threat is an Actor with a Capability and a Motive Threats Are A Who, Not a What
18 Consequences: Value & Replaceability 18
19 Value Favors the Attacker Are you prepared to address a funded nation state targeting your highest value intellectual property? Attacker Gains Typical IT Security Budget (1-12% of IT Budget) Public Sensitive Highly Replicable Sensitive Irreplaceable Information Classification 19
20 The Adversary ROI Equation Adversary ROI = ( ( Value of Assets Compromised + ) Cost of ) Attack Value Adversary Value of Operational Impact - the Attack Cost of the Attack X Probability of Success - Deterrence Measures (% Chance of Getting Caught x Cost of Getting Caught)
21 How the Adversary Thinks About the Bike Top 10 Cities for Bike Theft According to Kryptonite OR 21
22 Why Adversary ROI In 2011, the single greatest factor in a the success of a breach was who was targeting you? 22
23 Categorizing Threat Actors 23
24 Dogma: You Don t Need To Be Faster Than the Bear 24
25 A Modern Pantheon of Adversary Classes Actors States Competitors Organized Crime Script Kiddies Terrorists Hactivists Insiders Auditors Motivations Financial Industrial Military Ideological Political Prestige Impacts Reputational Personal Confidentiality Integrity Availability Targets Credit Card #s Web Properties Intellectual Property PII / Identity Cyber Infrastructure Core Business Processes 25
26 Script Kiddies Skiddie Prestige/Profit Confidentially, Reputation CCN/Fungible 26
27 Organized Crime Organized Crime Profit Confidentially, Reputation CCN/Fungible 27
28 Espionage: Adaptive Persistent Adversaries State/Espionage Industrial/Military Confidentially, Reputation Intellectual Property Trade Secrets Infrastructure 28
29 Hactivists Chaotic Hactivist Ideological and/or LULZ Availability Reputation Personal Web Properties Personal/Family Exposure 29
30 Auditors Auditor QSA Profit Distraction Fines Credit Card #s 30
31 Compare and Contrast Threat Actors QSA Casual Attacker Chaotic Actor Org Crime State APT/APA Asset Focus CCNs CCNs Reputation, Dirty Laundry DDoS/Availabi lity CCNs Banking Fungible $ IP, Trade Secrets, National Security Data Timeframe Annual Anytime Flash Mobs Continuous Long Cons Target Stickiness NA LOW HIGH LOW HIGH Probability 100% MED? HIGH? Impact Annual $ 1 and done Relentless Varies Varies
32 Attacker Power - HD Moore s Law Moore s Law: Compute power doubles every 18 months HDMoore s Law: Casual Attacker Strength grows at the rate of MetaSploit
33 HDMoore s Law Success Rate (%) Adversary Classes Espionage Organized Crime APT/APA Chaotic Actors Organized Casual Crime Attacker Anon/Lulz Auditor/Assessor Casual QSA 10 x Defender SecureOns
34 HDMoore s Law (continued) HDMoore s Law Success Rate (%) Adversary Classes Espionage Organized Crime APT/APA Chaotic Actors Organized Casual Crime Attacker Anon/Lulz Auditor/Assessor Casual QSA 10 x Defender SecureOns
35 HDMoore s Law (continued) HDMoore s Law Success Rate (%) Adversary Classes Espionage Organized Crime APT/APA Chaotic Actors Organized Casual Crime Attacker Anon/Lulz Auditor/Assessor Casual QSA 10 x Defender SecureOns
36 HDMoore s Law (continued) HDMoore s Law Success Rate (%) Adversary Classes Espionage Organized Crime APT/APA Chaotic Actors Organized Casual Crime Attacker Anon/Lulz Auditor/Assessor Casual QSA 10 x Defender SecureOns
37 HDMoore s Law (continued) HDMoore s Law Success Rate (%) Adversary Classes Espionage Organized Crime APT/APA Chaotic Actors Organized Casual Crime Attacker Anon/Lulz Auditor/Assessor Casual QSA 10 x Defender SecureOns
38 HDMoore s Law (continued) HDMoore s Law Success Rate (%) Adversary Classes Espionage Organized Crime APT/APA Chaotic Actors Organized Casual Crime Attacker Anon/Lulz Auditor/Assessor Casual QSA 10 x Defender SecureOns
39 Situational Awareness 39
40 Does it Matter Who is Attacking? Was #18 in overall DBIR Top Threat Action Types used to steal INTELLECTUAL PROPERTY AND CLASSIFIED INFORMATION by number of breaches - (excludes breaches only involving payment card data, bank account information, personal information, etc)
41 Application in the Real World 41
42 Impacting Adversary ROI Adversary ROI = X - Probability of Success Deterrence Measures Ability to respond and recover key It is typically not desirable to make your assets less valuable ( ( Value of Assets Compromised + ) Cost of ) Attack Value Adversary Value of Operational Impact - the Attack Cost of the Attack Increase adversary Work Effort (% Chance of Getting Caught x Cost of Getting Caught) Impact of getting caught is typically a government issue
43 Who Are You Playing Against? 43
44 OODA Loop: A Great Fit With Adversary ROI Observe * Patterns of Conflict Act Orient Decide * 44
45 VZ DBIR Patching: Evolving Adversary TTPs Let s Patch Faster! % Patchable (not 90%) of 90 Patchable 6.66% 2010 ZERO Patchable [0] Barking up the wrong tree? 45
46 SQLi We spend under $500m 46
47 Attacks Density (4Realz DBIR Style) Only 55 of the 630 possible events have a value greater than 0 90% of the threat space was not in play at all 47
48 Mission Accomplished (no, not really) 2011 VZ DBIR Is Organized Crime Failing Online? Doubtful
49 VZ DBIR: Non CCN Asset Type Breakdown incidents incidents Delta Intellectual Property National Security Data Sensitive Organizational System Information ZERO
50 Think About Work Effort What Do You Look Like To Different Adversaries? 50
51 Real Life Example from a Defense Industrial Base Company Who Are The Threats? What Do They Want? What Are There TTPs? Deployed Specific Technology and Processes Forced Adversary to Change TTPs Or Target Other Organizations 51
52 Adversary ROI Getting Non-Security Executives Involved What protected or sensitive information do we have? What adversaries desire the information and why? What is the value of the information to the organization? How would the adversary value it? What are the adversaries capabilities? What controls protect the information? Slide 52
53 Apply Start with a blank slate! Engage non-security people Identify your most likely adversaries Obtain/share adversary centric intel Threat Intelligence ISACs Brand/chatter monitoring Simulate adversary-driven scenarios Table tops/roll playing (w/ Crisis Management) Adversary-Centric Penetration Testing 53
SOCIAL MEDIA: LEVERAGING VALUE WHILE MITIGATING RISK
SOCIAL MEDIA: LEVERAGING VALUE WHILE MITIGATING RISK Safeguarding Health Information: Building Assurance through HIPAA Security NIST / HHS OCR 2013 David Etue VP, Corporate Development Strategy May 21,
More informationCyber Threats Insights from history and current operations. Prepared by Cognitio May 5, 2015
Cyber Threats Insights from history and current operations Prepared by Cognitio May 5, 2015 About Cognitio Cognitio is a strategic consulting and engineering firm led by a team of former senior technology
More informationInformation Protection in Today s Changing Mobile and Cloud Environments
Information Protection in Today s Changing Mobile and Cloud Environments Art Gilliland, Sr. Vice President Symantec, Information Security Group Session ID: SPO1-107 Session Classification: Intermediate
More informationCybersecurity Awareness for Executives
SESSION ID: SOP-R04 Cybersecurity Awareness for Executives Rob Sloan Head of Cyber Content and Data Dow Jones @_rob_sloan Session Overview Aim: Provide a high level overview of an effective cybersecurity
More informationBusiness Continuity for Cyber Threat
Business Continuity for Cyber Threat April 1, 2014 Workshop Session #3 3:00 5:30 PM Susan Rogers, MBCP, MBCI Cyberwise CP S2 What happens when a computer program can activate physical machinery? Between
More informationCloud and Critical Infrastructures how Cloud services are factored in from a risk perspective
Cloud and Critical Infrastructures how Cloud services are factored in from a risk perspective Reaching the Cloud era in the EU Riga 16 June 2015 Jonathan Sage Government and Regulatory Affairs Cyber Security
More informationZak Khan Director, Advanced Cyber Defence
Securing your data, intellectual property and intangible assets from cybercrime Zak Khan Director, Advanced Cyber Defence Agenda (16 + optional video) Introduction (2) Context Global Trends Strategic Impacts
More informationALM Virtual Corporate Counsel Managing Cybersecurity Risks and Mitigating Data Breach Damage
ALM Virtual Corporate Counsel Managing Cybersecurity Risks and Mitigating Data Breach Damage VENABLE LLP Attorneys at Law Washington, DC/New York/San Francisco/Los Angeles/Baltimore/Virginia/Delaware November
More informationCYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS
CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS PREPARING FOR ADVANCED CYBER THREATS Cyber attacks are evolving faster than organizations
More informationAddress C-level Cybersecurity issues to enable and secure Digital transformation
Home Overview Challenges Global Resource Growth Impacting Industries Address C-level Cybersecurity issues to enable and secure Digital transformation We support cybersecurity transformations with assessments,
More informationThe FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED
The FBI Cyber Program Bauer Advising Symposium October 11, 2012 Today s Agenda What is the threat? Who are the adversaries? How are they attacking you? What can the FBI do to help? What can you do to stop
More informationCyber4sight TM Threat. Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats
Cyber4sight TM Threat Intelligence Services Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats Preparing for Advanced Cyber Threats Cyber attacks are evolving faster than organizations
More informationNational Security & Homeland Security Councils Review of National Cyber Security Policy. Submission of the Business Software Alliance March 19, 2009
National Security & Homeland Security Councils Review of National Cyber Security Policy Submission of the Business Software Alliance March 19, 2009 Question # 1: What is the federal government s role in
More informationEXTREME CYBER SCENARIO PLANNING & ATTACK TREE ANALYSIS
EXTREME CYBER SCENARIO PLANNING & ATTACK TREE ANALYSIS Ian Green Manager, Cybercrime & Intelligence Commonwealth Bank of Australia Session ID: GRC T17 Session Classification: ADVANCED WHY? What keeps you
More informationwww.pwc.com Developing a robust cyber security governance framework 16 April 2015
www.pwc.com Developing a robust cyber security governance framework 16 April 2015 Cyber attacks are ubiquitous Anonymous hacker group declares cyber war on Hong Kong government, police - SCMP, 2 October
More informationBest Practices for Threat & Vulnerability Management. Don t let vulnerabilities monopolize your organization.
Best Practices for Threat & Vulnerability Management Don t let vulnerabilities monopolize your organization. Table of Contents 1. Are You in the Lead? 2. A Winning Vulnerability Management Program 3. Vulnerability
More informationCyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties
Cyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties Pamela Passman President and CEO Center for Responsible Enterprise And Trade (CREATe.org)
More informationRisky Business. Is Your Cybersecurity in Cruise Control? ISACA Austin Chapter Meeting May 5, 2015
Risky Business Is Your Cybersecurity in Cruise Control? ISACA Austin Chapter Meeting May 5, 2015 What We ll Cover About Me Background The threat Risks to your organization What your organization can/should
More informationKeynote: FBI Wednesday, February 4 noon 1:10 p.m.
Keynote: FBI Wednesday, February 4 noon 1:10 p.m. Speaker: Leo Taddeo Special Agent in Change, Cyber/Special Operations Division Federal Bureau of Investigation Biography: Leo Taddeo Leo Taddeo is the
More informationASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES
ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES Leonard Levy PricewaterhouseCoopers LLP Session ID: SEC-W03 Session Classification: Intermediate Agenda The opportunity Assuming
More information12/11/15. Evolving Cybersecurity Risks. Agenda. The current cyber risk landscape Overview. Results on EY s Global Information Security Survey
Evolving Cybersecurity Risks Results on EY s Global Information Security Survey Agenda Market insights: What are we seeing? Factoring cybersecurity into your planning and risk appetite Marketplace response
More informationWorking with the FBI
Working with the FBI WMACCA Data Privacy & Security Conference September 17, 2014 Individuals Organized Crime Syndicates Hacktivist Groups Nation States Nation-States Individuals Industry Law Enforcement
More informationGregg Gerber. Strategic Engagement, Emerging Markets
Government of Mauritius Gregg Gerber Strategic Engagement, Emerging Markets 2 (Advanced) Persistent Targeted attacks 2010 2011 2012 Time 1986-1991 Era of Discovery 1992-1998 Era of Transition 1999-2005
More informationInformation Security Addressing Your Advanced Threats
Information Security Addressing Your Advanced Threats Where We are Going Information Security Landscape The Threats You Face How To Protect Yourself This Will Not Be Boring What Is Information Security?
More informationThreat Intelligence & Analytics Cyber Threat Intelligence and how to best understand the adversary s operations
Threat Intelligence & Analytics Cyber Threat Intelligence and how to best understand the adversary s operations September 2015 Copyright 2015 Deloitte Development LLC. All rights reserved. This presentation
More informationNine recommendations for alternative funds battling cyber crime. kpmg.ca/cybersecurity
Nine recommendations for alternative funds battling cyber crime kpmg.ca/cybersecurity Cyber criminals steal user names and passwords and use it to conduct financial trading activity illicitly. Hackers
More informationPrivilege Gone Wild: The State of Privileged Account Management in 2015
Privilege Gone Wild: The State of Privileged Account Management in 2015 March 2015 1 Table of Contents... 4 Survey Results... 5 1. Risk is Recognized, and Control is Viewed as a Cross-Functional Need...
More informationCybersecurity: What CFO s Need to Know
Cybersecurity: What CFO s Need to Know William J. Nowik, CISA, CISSP, QSA PCIP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2014 Wolf & Company, P.C. Today s Agenda Introduction
More informationPractical Steps To Securing Process Control Networks
Practical Steps To Securing Process Control Networks Villanova University Seminar Rich Mahler Director, Commercial Cyber Solutions Lockheed Martin Lockheed Martin Corporation 2014. All Rights Reserved.
More informationThe Cyber OODA Loop: How Your Attacker Should Help You Design Your Defense. Tony Sager The Center for Internet Security
The Cyber OODA Loop: How Your Attacker Should Help You Design Your Defense Tony Sager The Center for Internet Security Classic Risk Equation Risk = { Vulnerability, Threat, Consequence } countermeasures
More informationData Loss Prevention Program
Data Loss Prevention Program Safeguarding Intellectual Property Author: Powell Hamilton Senior Managing Consultant Foundstone Professional Services One of the major challenges for today s IT security professional
More informationApplication Security in the Software Development Lifecycle
Application Security in the Software Development Lifecycle Issues, Challenges and Solutions www.quotium.com 1/15 Table of Contents EXECUTIVE SUMMARY... 3 INTRODUCTION... 4 IMPACT OF SECURITY BREACHES TO
More informationCybersecurity: Considerations for Internal Audit. IIA Atlanta Chapter Meeting January 9, 2015
Cybersecurity: Considerations for Internal Audit IIA Atlanta Chapter Meeting January 9, 2015 Agenda Key Risks Incorporating Internal Audit Resources for Internal Auditors Questions 2 Key Risks 3 4 Key
More informationCyber Security Related Excerpts from the Global Risk Forum Berlin September 25-26, 2013 Draft 10/24/13
Cyber Security Related Excerpts from the Global Risk Forum Berlin September 25-26, 2013 Draft 10/24/13 Forwarding an International Public-Private Framework for Cyber Security & Resilience: With Increasing
More informationRisk Analytics for Cyber Security
Risk Analytics for Cyber Security Justin Coker, VP EMEA, Skybox Security IT Challenges 2015, Belgium 2nd October 2014 www.skyboxsecurity.com justin.coker@skyboxsecurity.com +44 (0) 7831 691498 Risk Analytics
More informationSupplier Vigilance: A Critical Layer of Defense
Supplier Vigilance: A Critical Layer of Defense Lockheed Martin Information Security 1 Supply Chain Cyber Security Lockheed Martin October 23, 2013 Debbie Stuckey Waide Jones, CISSP 2 Synopsis Lockheed
More informationManaging cyber risks with insurance
www.pwc.com.tr/cybersecurity Managing cyber risks with insurance Key factors to consider when evaluating how cyber insurance can enhance your security program June 2014 Managing cyber risks to sensitive
More informationData Security: Fight Insider Threats & Protect Your Sensitive Data
Data Security: Fight Insider Threats & Protect Your Sensitive Data Marco Ercolani Agenda Data is challenging to secure A look at security incidents Cost of a Data Breach Data Governance and Security Understand
More informationInternet Safety and Security: Strategies for Building an Internet Safety Wall
Internet Safety and Security: Strategies for Building an Internet Safety Wall Sylvanus A. EHIKIOYA, PhD Director, New Media & Information Security Nigerian Communications Commission Abuja, NIGERIA Internet
More informationSECURITY CONSIDERATIONS FOR LAW FIRMS
SECURITY CONSIDERATIONS FOR LAW FIRMS Enterprise Risk Management Professional consulting firm that specializes in cyber security Founded in 1998 in Miami, Florida Serves more than 150 clients, locally,
More informationCYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility
CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to
More informationCyber Warfare. Global Economic Crime Survey. Causes of Cyber Attacks. David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP. Why Cybercrime?
Cyber Warfare David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP Global Economic Crime Survey Cyber crime is the fastest growing economic crime up more than 2300% since 2009 1 in 10 companies
More informationWRITTEN TESTIMONY OF
WRITTEN TESTIMONY OF KEVIN MANDIA CHIEF EXECUTIVE OFFICER MANDIANT CORPORATION BEFORE THE SUBCOMMITTEE ON CRIME AND TERRORISM JUDICIARY COMMITTEE UNITED STATES SENATE May 8, 2013 Introduction Thank you
More informationDefending Against Cyber Attacks with SessionLevel Network Security
Defending Against Cyber Attacks with SessionLevel Network Security May 2010 PAGE 1 PAGE 1 Executive Summary Threat actors are determinedly focused on the theft / exfiltration of protected or sensitive
More informationCyber Adversary Characterization. Know thy enemy!
Cyber Adversary Characterization Know thy enemy! Brief History of Cyber Adversary Modeling Mostly Government Agencies. Some others internally. Workshops DARPA 2000 Other Adversaries, RAND 1999-2000 Insider
More informationA Primer on Cyber Threat Intelligence
A Primer on Cyber Threat Intelligence AS ADVERTISED 2 BUZZWORD BINGO! 3 TODAY S CYBER SECURITY CHALLENGES CISOs finding it difficult to define security ROI to executives Short shelf life for CISOs Vastly
More informationJanuary IIA / ISACA Joint Meeting Pre-meeting. Cybersecurity Update for Internal Auditors. Matt Wilson, PwC Risk Assurance Director
January IIA / ISACA Joint Meeting Pre-meeting Cybersecurity Update for Internal Auditors Matt Wilson, Risk Assurance Director Introduction and agenda Themes from The Global State of Information Security
More informationC DIG COMMITTED TO EXCELLENCE IN CYBER DEFENCE. ONE MISSION. ONE GROUP. CSCSS / DEFENCE INTELLIGENCE GROUP
C DIG CSCSS / DEFENCE INTELLIGENCE GROUP COMMITTED TO EXCELLENCE IN CYBER DEFENCE. ONE MISSION. ONE GROUP. CENTRE FOR STRATEGIC CSCSS CYBERSPACE + SECURITY SCIENCE C DIG CSCSS / DEFENCE INTELLIGENCE GROUP
More informationData Breaches and Trade Secrets: What to Do When Your Client Gets Hacked
Data Breaches and Trade Secrets: What to Do When Your Client Gets Hacked R. Mark Halligan, FisherBroyles, LLP Andreas Kaltsounis, Stroz Friedberg Amy L. Carlson, Stoel Rives LLP Moderated by David A. Bateman,
More informationSECURITY RISK MANAGEMENT
SECURITY RISK MANAGEMENT ISACA Atlanta Chapter, Geek Week August 20, 2013 Scott Ritchie, Manager, HA&W Information Assurance Services Scott Ritchie CISSP, CISA, PCI QSA, ISO 27001 Auditor Manager, HA&W
More informationIs security awareness a waste of time?
Is security awareness a waste of time? New York State Cyber Security Conference June 5, 2013 Scott Gréaux Vice President Product Management and Services, PhishMe, Inc. They are exploiting human vulnerabilities
More informationBig Data and Security: At the Edge of Prediction
Big Data and Security: At the Edge of Prediction Mark Seward Splunk Inc. Fred Wilmot Splunk Inc. Session ID: Session Classification: SPO2-T17 Intermediate The Way Cyber Adversaries Think Where is the most
More informationDefending yesterday. Financial Services. Key findings from The Global State of Information Security Survey 2014
www.pwc.com/security Defending yesterday While organizations have made significant security improvements, they have not kept pace with today s determined adversaries. As a result, many rely on yesterday
More informationAccenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges
Accenture Intelligent Security for the Digital Enterprise Archer s important role in solving today's pressing security challenges The opportunity to improve cyber security has never been greater 229 2,287
More informationSponsored by. A REPORT BY HARVARD BUSINESS REVIEW ANALYTIC SERVICES Aggressive and Persistent: Using Frameworks to Defend Against Cyber Attacks
A REPORT BY HARVARD BUSINESS REVIEW ANALYTIC SERVICES Aggressive and Persistent: Using Frameworks to Defend Against Cyber Attacks Sponsored by Copyright 2014 Harvard Business School Publishing. All rights
More informationInto the cybersecurity breach
Into the cybersecurity breach Tim Sanouvong State Sector Cyber Risk Services Deloitte & Touche LLP April 3, 2015 Agenda Setting the stage Cyber risks in state governments Cyber attack vectors Preparing
More informationPROMOTION // TECHNOLOGY. The Economics Of Cyber Security
PROMOTION // TECHNOLOGY The Economics Of Cyber Security Written by Peter Mills Malicious cyber activity, from hacking and identity fraud to intellectual property theft, is a growing problem within the
More informationMalware isn t The only Threat on Your Endpoints
Malware isn t The only Threat on Your Endpoints Key Themes The cyber-threat landscape has Overview Cybersecurity has gained a much higher profile over the changed, and so have the past few years, thanks
More informationCLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY
CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY CLOSING THE DOOR TO CYBER ATTACKS Cybersecurity and information security have become key challenges for
More informationPenetration Testing Is A Bad Idea. Anton Aylward, CISSP, CISA System Integrity
Penetration Testing Is A Bad Idea Anton Aylward, CISSP, CISA System Integrity What are you trying to test? Can hackers break in? You can t prove a -ve Your firewall works? But is it configured? Your IDS
More informationNetwork Security Landscape
Cole p01.tex V3-07/28/2009 3:46pm Page 1 Network Security Landscape COPYRIGHTED MATERIAL IN THIS PART Chapter 1 State of Network Security Chapter 2 New Approaches to Cyber Security Chapter 3 Interfacing
More informationAlways Worry About Cyber Security. Always. Track 4 Session 8
Always Worry About Cyber Security. Always. Track 4 Session 8 Mark Stevens SVP, Global Services and Support Digital Guardian MStevens@DigitalGuardian.com 781-902-7818 www.digitalguardian.com 2 Abstract
More informationHealthcare Security: Improving Network Defenses While Serving Patients
White Paper Healthcare Security: Improving Network Defenses While Serving Patients What You Will Learn Safeguarding the privacy of patient information is critical for healthcare providers. However, Cisco
More informationCybersecurity and internal audit. August 15, 2014
Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices
More informationAgenda. Introduction to SCADA. Importance of SCADA security. Recommended steps
Agenda Introduction to SCADA Importance of SCADA security Recommended steps SCADA systems are usually highly complex and SCADA systems are used to control complex industries Yet.SCADA systems are actually
More informationProtecting against cyber threats and security breaches
Protecting against cyber threats and security breaches IBM APT Survival Kit Alberto Benavente Martínez abenaventem@es.ibm.com IBM Security Services Jun 11, 2015 (Madrid, Spain) 12015 IBM Corporation So
More informationThe Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco.
The Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco. 1 Calling All CEOs Are You Ready to Defend the Battlefield of the 21st Century? It is not the norm for corporations to be
More informationCyber/IT Risk: Threat Intelligence Countering Advanced Adversaries Jeff Lunglhofer, Principal, Booz Allen. 14th Annual Risk Management Convention
Cyber/IT Risk: Threat Intelligence Countering Advanced Adversaries Jeff Lunglhofer, Principal, Booz Allen 14th Annual Risk Management Convention New York, New York March 13, 2013 Today s Presentation 1)
More informationwww.pwc.com Cybersecurity and Privacy Hot Topics 2015
www.pwc.com Cybersecurity and Privacy Hot Topics 2015 Table of Contents Cybersecurity and Privacy Incidents are on the rise Executives and Boards are focused on Emerging Risks Banking & Capital Markets
More informationIT@Intel. Measuring the Return on IT Security Investments. White Paper Intel Information Technology Computer Manufacturing Information Security
White Paper Intel Information Technology Computer Manufacturing Information Security Measuring the Return on IT Security Investments Intel IT developed a model for measuring return on security investment
More informationAPPLICATION SECURITY RESPONSE: WHEN HACKERS COME A-KNOCKING
APPLICATION SECURITY RESPONSE: WHEN HACKERS COME A-KNOCKING Katie Moussouris Senior Security Strategist Microsoft Security Response Center http://twitter.com/k8em0 (that s a zero) Session ID: ASEC-T18
More informationINFOCUS. Five Questions to Guide Cybersecurity Risk Management BY EARL CRANE
promontory.com INFOCUS JUNE 3, 2015 BY EARL CRANE Five Questions to Guide Cybersecurity Risk Management The quick transformation of cybersecurity risk management from obscure specialty to top-of-thehouse
More informationPlan of Attack 5 Step Plan
Plan of Attack 5 Step Plan Naming those Digital Assets Practicing Digital Doomsday Training + Policies and Procedures Technology Tuning Security in the Supply Chain Next Steps Sample Plan 0 to 30 Days
More informationThe Changing IT Risk Landscape Understanding and managing existing and emerging risks
The Changing IT Risk Landscape Understanding and managing existing and emerging risks IIA @ Noon Kareem Sadek Senior Manager, Deloitte Canada Chris Close Senior Manager, Deloitte Canada December 2, 2015
More informationSeptember 20, 2013 Senior IT Examiner Gene Lilienthal
Cyber Crime September 20, 2013 Senior IT Examiner Gene Lilienthal The following presentation are views and opinions of the speaker and does not necessarily reflect the views of the Federal Reserve Bank
More informationCYBER SECURITY INFORMATION SHARING & COLLABORATION
Corporate Information Security CYBER SECURITY INFORMATION SHARING & COLLABORATION David N. Saul Senior Vice President & Chief Scientist 28 June 2013 Discussion Flow The Evolving Threat Environment Drivers
More informationTraining Employees to Recognise & Avoid Advanced Threats
Training Employees to Recognise & Avoid Advanced Threats Joe Ferrara, President & CEO, Wombat Security Technologies Rashmi Knowles, Chief Security Architect EMEA, RSA The Security Division of EMC Session
More informationNational Cyber Security Policy -2013
National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information
More informationCyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte
Cyber security Time for a new paradigm Stéphane Hurtaud Partner Information & Technology Risk Deloitte 90 More than ever, cyberspace is a land of opportunity but also a dangerous world. As public and private
More informationVulnerability management lifecycle: defining vulnerability management
Framework for building a vulnerability management lifecycle program http://searchsecurity.techtarget.com/magazinecontent/framework-for-building-avulnerability-management-lifecycle-program August 2011 By
More informationSecurity Risk Management Strategy in a Mobile and Consumerised World
Security Risk Management Strategy in a Mobile and Consumerised World RYAN RUBIN (Msc, CISSP, CISM, QSA, CHFI) PROTIVITI Session ID: GRC-308 Session Classification: Intermediate AGENDA Current State Key
More informationCORE Security and the Payment Card Industry Data Security Standard (PCI DSS)
CORE Security and the Payment Card Industry Data Security Standard (PCI DSS) Addressing the PCI DSS with Predictive Security Intelligence Solutions from CORE Security CORE Security +1 617.399-6980 info@coresecurity.com
More informationA Wake-Up Call? Fight Back Against Cybercrime. Prepared for: Ricky Link Managing Director, Southwest Region May 15, 2014
A Wake-Up Call? Fight Back Against Cybercrime Prepared for: Ricky Link Managing Director, Southwest Region May 15, 2014 1 Coalfire Background Leading Information Security Consulting Firm Offices: Atlanta,
More informationCYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS
CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS 1 As regulators around the world move to tighten compliance requirements for financial institutions, improvement in cyber security controls will become
More information2010 Data Breach Investigations Report
2010 Data Breach Investigations Report Matthijs van de Wel Managing Principal Forensics EMEA 2010 Verizon. All Rights Reserved. PTE14626 07/10 PROPRIETARY STATEMENT This document and any attached materials
More informationRisk Considerations for Internal Audit
Risk Considerations for Internal Audit Cecile Galvez, Deloitte & Touche LLP Enterprise Risk Services Director Traci Mizoguchi, Deloitte & Touche LLP Enterprise Risk Services Senior Manager February 2013
More informationLogging In: Auditing Cybersecurity in an Unsecure World
About This Course Logging In: Auditing Cybersecurity in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that
More informationREQUEST FOR INFORMATION
Department of Management Services REQUEST FOR INFORMATION Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services 3 September 2015 6506 Loisdale Rd, Ste 325
More informationINDUSTRY OVERVIEW: HEALTHCARE
ii IBM MSS INDUSTRY OVERVIEW: HEALTHCARE RESEARCH AND INTELLIGENCE REPORT RELEASE DATE: OCTOBER 7, 2014 BY: JOHN KUHN, SENIOR THREAT RESEARCHER iii TABLE OF CONTENTS EXECUTIVE OVERVIEW/KEY FINDINGS...
More informationBy: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015
Community Bank Auditors Group Cybersecurity What you need to do now June 9, 2015 By: Gerald Gagne MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C. Cybersecurity
More informationAdvanced Threat Protection with Dell SecureWorks Security Services
Advanced Threat Protection with Dell SecureWorks Security Services Table of Contents Summary... 2 What are Advanced Threats?... 3 How do advanced threat actors operate?... 3 Addressing the Threat... 5
More informationCybersecurity: A View from the Boardroom
An Executive Brief from Cisco Cybersecurity: A View from the Boardroom In the modern economy, every company runs on IT. That makes security the business of every person in the organization, from the chief
More informationCyber Security Solutions Integrated. Proactive. Resilient.
Cyber Security Solutions Integrated. Proactive. Resilient. Between defending against cyber attacks and ensuring mission resilience, there is one important word: HOW Cyber attacks never stop coming. Intrusions
More informationGetting real about cyber threats: where are you headed?
Getting real about cyber threats: where are you headed? Energy, utilities and power generation companies that understand today s cyber threats will be in the best position to defeat them June 2011 At a
More informationItaly. EY s Global Information Security Survey 2013
Italy EY s Global Information Security Survey 2013 EY s Global Information Security Survey 2013 This year s survey our 16th edition captures the responses of 1,909 C-suite and senior level IT and information
More informationCORE Security and GLBA
CORE Security and GLBA Addressing the Graham-Leach-Bliley Act with Predictive Security Intelligence Solutions from CORE Security CORE Security +1 617.399-6980 info@coresecurity.com www.coresecurity.com
More information2011 Cyber Security and the Advanced Persistent Threat A Holistic View
2011 Cyber and the Advanced Persistent Threat A Holistic View Thomas Varney Cybersecurity & Privacy BM Global Business Services 1 31/10/11 Agenda The Threat We Face A View to Addressing the Four Big Problem
More informationIANS Information Security Forum. 2015 Curriculum
2015 IANS Information Security Forum 2015 Curriculum IANS Forums: A Unique Experience This is not your typical industry or technology event. IANS Information Security Forums deliver a unique experience
More informationITAR Compliance Best Practices Guide
ITAR Compliance Best Practices Guide 1 Table of Contents Executive Summary & Overview 3 Data Security Best Practices 4 About Aurora 10 2 Executive Summary & Overview: International Traffic in Arms Regulations
More informationNext-Generation Penetration Testing. Benjamin Mossé, MD, Mossé Security
Next-Generation Penetration Testing Benjamin Mossé, MD, Mossé Security About Me Managing Director of Mossé Security Creator of an Mossé Cyber Security Institute - in Melbourne +30,000 machines compromised
More information