CONNECTING WITH CONFIDENCE: OPTIMISING AUSTRALIA S DIGITAL FUTURE. AIIA Response
|
|
- Christine Norman
- 8 years ago
- Views:
Transcription
1 CONNECTING WITH CONFIDENCE: OPTIMISING AUSTRALIA S DIGITAL FUTURE AIIA Response 14 November 2011
2 INTRODUCTION The Australian Information Industry Association (AIIA) is the peak national body representing suppliers and providers of a wide range of information technology and communications (ICT) products and services. Its membership comprises approximately 400 of the top international corporations as well as small to medium enterprises currently supplying innovative online applications supporting the Australian economy and enhancing the citizen engagement. AIIA s National Board of Directors includes all the major corporations currently involved in developments of high-speed broadband installations across global jurisdictions, such as Telstra, Google, IBM, Intel and Fujitsu, as well as small business organisations. AIIA's role is to lead and represent the ICT industry in Australia to maximise the potential of the Australian economy and society. AIIA is acutely aware of the cyber-security risks to ongoing safe use and exploitation of digital infrastructure, and the possible loss of confidence by users if those risks are not appropriately managed. Our members participate in all relevant government programs aimed at user education and awareness, information sharing among critical infrastructure owners and real-time cyber-safety exercises involving cross-jurisdictional and international stakeholders. In addition they are constantly involved in development of tools and services aimed at educating consumers about online risks, while at the same time enhancing the user experience. Overview It is safe to anticipate that in all aspects of society the use of and reliance on information and communication technologies (ICT) will be more pervasive in the future. It is also reasonable to expect that today s ICT technologies will continue to evolve into a model that more critically depends on services hosted on the internet using interconnected technologies. The pervasiveness and advancements in mobile technology and the demands of consumers will dictate that almost 2
3 every new electronic device will have some form of anywhere access capacity. 1 This recognition combined with the rapid convergence of content, technologies and delivery channels, will add to the possible threat of cybercrime in the future. Safe and confident use of digital infrastructure poses one of the most serious economic and security challenges for modern governments. The genesis of our current digital environment was born out of considerations of interoperability and efficiency, not security. Increased productivity growth and related economic advantages across sectors are now well accepted by commentators. 2 So the secure and safe use of all the potential benefits delivered by digital means must be assured by governments concerned with enhancing their nations GDP for the benefit of citizens. This frequently involves a fine balance between maintaining an eco-environment for digital activities that promotes safety, security, privacy and liberties, while meeting increasing consumer demands for innovative service delivery, efficiency, prosperity and fast, free commercial intercourse. AIIA commends the government and other stakeholders for taking an ongoing and vigilant approach to all these issues. That said, it must be acknowledged that cybercrime knows no borders and detection of perpetrators is notoriously difficult; the nature of many platforms used by criminals in the digital space facilitates anonymity. Criminologists have long argued that certainty of detection, not severity of punishment, is the true deterrent for would-be criminals. So any efforts to send clear signals to cybercriminals that the national and international community is working seriously towards reducing opportunities for nefarious activities will assist. AIIA is pleased the Discussion Paper recognises that fact. Information and communications technologies (ICT) have become an integral part of almost every facet of modern, developed economies, underpinning their civil infrastructure, public safety, energy supply and management, financial networks and national security. This development has led to productivity increases and enhanced efficiencies across many economic sectors such as the financial, manufacturing and retail sectors. 1 Microsoft Australia, E-Security Review 2008, page 4. 2 Access Economics, The Economic Benefits of Intelligent Technologies, April Commissioned by IBM Australia 3
4 But it has also resulted in opportunities for existing crimes such as fraud, forgery and impersonation to be carried out by the ill-intentioned in new and more detection-proof ways. A new lexicon has entered the public discourse reflecting the myriad models of behaviour now open to those intent on crime: cyberstalking, cyberbullying, phishing and spamming to name a few. If the undoubted benefits of online and digital economic transactions are to be further realised, all users must have confidence that information is secure, commerce is not compromised and critical infrastructure is not infiltrated. This confidence will only be assured through constant political vigilance, enhanced governance, application of technology, new delivery platforms such as cloud computing, education and awareness programs. Cybercrime can be understood by reference to its eco-environment, cyberspace. The US has defined cyberspace as the interdependent network of information technology infrastructures, and includes the internet, telecommunications networks, computer systems and embedded processors and controllers in critical industries. Common usage of the term also refers to the virtual environment of information and interactions between people. 3 By this definition, cyberspace is not just the internet; so cybercrime can occur in a much wider environment than the internet. Available Data? On the basis that governments cannot manage or regulate what they cannot measure, AIIA sees a threshold issue as the lack of credible data in this area. Credible data on the nature and prevalence of e-security risks and subsequent cybercrimes is notoriously difficult to obtain, due to a variety of reasons, including under-reporting. Victims of cybercrime under-report either through ignorance (as to what crime has occurred) or desire not to signal their organisation s poor security and so reduce their customers confidence. Banks are generally thought to fall into this group of underreporters. Under-reporting also occurs in cases of phishing and financial scams because victims do not wish to appear ignorant or gullible. 3 Cyberspace Policy Review, 4
5 In relation to theft of personal information (identity data), it is equally difficult to be definitive about nature and prevalence because in many cases victims do not know their personal data has been assumed or stolen until a subsequent crime is perpetrated against them, such as credit card fraud or some other financial incident. In this regard, estimates of the type provided by the AFP in the Discussion Paper (the risk to our economy is more than one billion dollars a year ) do not inspire confidence in our ability to come to terms with the size of the issue we face; AIIA suggests the government facilitate a more forensic analysis of the economic impact of cybercrime in Australia. Response Structure AIIA s response does not address all the questions posed in the Paper. We will instead comment on specific questions which have prompted member feedback. As a preliminary comment, AIIA members see great potential for security and privacy enhancements (and thus perhaps risk diminution) through adoption of newer delivery platforms such as cloud computing. In addition, education and awareness programs for all users at every engagement level should be enhanced by all governments. Pp 10: Issue: A growing portion of our lives and civic experience is conducted in the online environment. This environment has a unique set of characteristics, including anonymity, and allows people to interact socially unhindered by geographic distance. Question: How can we promote a concept of digital citizenship, reach agreement on acceptable online behaviour and encourage people to assume greater responsibility for that behaviour? 5
6 Answer: Governments can partner with the online industry to create and promote awareness programs for online risks and responsibilities; there are many examples in Australia and the US of this. Pp 11: Issue: Governments are progressively implementing online services in response to community expectations. However, many individuals do not trust their private data will be appropriately managed. Question: How can governments improve citizens and businesses trust that their private data will be secured and only used for agreed purposes? Answer: Trust comes through providing verifiable competence in securing data. In the move to online providers, governments have the opportunity to select providers with effective security, and to require those providers to be accountable for that security. Done correctly, with the right degree of certification, this approach would improve security over in-house systems and controls. Private industry is migrating to cloud delivery platforms because they realise that security is a feature of leading cloud providers product offerings it is applied throughout their environments and tested and audited regularly. Cloud delivery can focus on security as a competitive requirement, in comparison to diverse and geographically dispersed organisations, such as governments or large corporations, for whom security is often a localised effort with limitations based on awareness, system design, and available technical and personnel resources. Cloud architectures can be more sustainable from a security perspective. Corporations struggle with patch management and technology currency. Both of these issues lead to vulnerabilities that are at the root of many data security breaches. Cloud delivery offers a modern and sustainable security stack that enables corporations to focus on higher level data protection initiatives and not on low value added security maintenance activities. Pp 16: Issue: The digital economy presents both wide-ranging opportunities for increased productivity and innovation across the Australian economy and the risk of the loss of sensitive commercial data. 6
7 Question: How can small business awareness of commercial online opportunities be balanced with awareness of potential online risks and mitigation strategies? Small to mid-sized companies are the ones that can benefit the most from moving to the cloud. They lack the skill-set and budgets to manage complicated security issues. By moving to competent cloud offerings they lower their overall risk profile since the cloud provider assumes many of the security accountabilities. Issue: One of the primary impediments to e-commerce is consumers fear their financial or personal details may be at risk when conducting business online. Anonymity will remain a key part of the Internet, but trust and confidence in the digital economy may be undermined if people s financial and personal details remain at risk of being stolen by criminals. Question: What options are there for increasing consumers trust in conducting business online? Question: How can consumers be encouraged to take more responsibility to protect their information? Question: What are the options for broadening industry s efforts to provide customers with a greater level of trust and confidence in the security and privacy of their online transactions? Question: What information would help consumers and small businesses better protect themselves and enhance their trust and confidence online? Government agencies and industry can provide better education and awareness and ensuring that all providers meet the highest standards of data security. Industry should be required to meet a certain level of security certifications (e.g. ISO 27001). Online enterprises can contribute by posting their privacy and security statements, and by presenting awareness content for their customers and the general public. Both customers and the public should know how to contact those businesses regarding security concerns (e.g, potential abuse). Other helpful information can include evidence of security certifications (e.g. ISO 27001). 7
8 Pp 19: Issue: Much of the public discussion on cyber threats and risks to date has focused on national security issues. This important dimension has inadvertently hidden the reality that at its most basic level, security and safety online is reliant on the awareness of individuals. As a result, many businesses and consumers are not as mindful of cyber threats as they could be. Question: How can the Commonwealth, states and territories and industry effectively communicate the interdependent nature of individual and national cyber security? How can the importance of individual behaviour be highlighted in creating a secure, trusted and resilient online environment for all Australians? End-user security awareness is the most difficult message to deliver effectively, such that it makes behavioral changes that result in good security practice. Online service providers should have a Security Awareness program for their employees, and customer-facing security information that is accessible and useful. Much like a public health or safety program, government can take a role in developing basic skills, promoting secure online behaviors in schools and public service announcements. 8
E-SECURITY REVIEW 2008 DISCUSSION PAPER FOR PUBLIC CONSULTATION
1. Introduction E-SECURITY REVIEW 2008 DISCUSSION PAPER FOR PUBLIC CONSULTATION Australia s national security and economic and social well-being rely upon the use and availability of a range of Information
More informationCommonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation
Commonwealth Approach to Cybergovernance and Cybersecurity By the Commonwealth Telecommunications Organisation Trends in Cyberspace Cyberspace provides access to ICT Bridging the digital divide and influencing
More informationCyber Security Strategy
NEW ZEALAND S Cyber Security Strategy 2015 A secure, resilient and prosperous online New Zealand Ministerial Foreword The internet and technology have become a fundamental element in our lives. We use
More informationNSW GOVERNMENT DRAFT ICT STRATEGY PLAN. AIIA Response
NSW GOVERNMENT DRAFT ICT STRATEGY PLAN AIIA Response 22 December 2011 INTRODUCTION The Australian Information Industry Association (AIIA) is the peak national body representing suppliers and providers
More informationTechnology Strategy April 2014
Technology Strategy April 2014 Contents Overview 1 Our environment 1 Why change? 2 Our vision for technology what success looks like 3 Our approach 7 Transformation shifts how will we know we have been
More informationRationale for a Cloud Services Framework
Rationale for a Cloud Services Framework AIIA response to Draft Paper for Consultation January 2015 T 61 2 6281 9400 E W info@aiia.com.au www.aiia.comau About AIIA The Australian Information Industry Association
More informationA NEW APPROACH TO CYBER SECURITY
A NEW APPROACH TO CYBER SECURITY We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward. Positively
More informationNEW ZEALAND S CYBER SECURITY STRATEGY
Appendix 1 NEW ZEALAND S CYBER SECURITY STRATEGY June 2011 New Zealand Government 7 June 2011 ISBN: 978-0-478-38200-6 www.med.govt.nz/cyberstrategy MED11 Foreword from the Minister The Internet and digital
More informationElectronic Health Records and Healthcare Identifiers: Legislation Discussion Paper
Electronic Health Records and Healthcare Identifiers: Legislation Discussion Paper AIIA response July 2015 Ground Suite B 7-11 Barry Drive Turner ACT 2612 GPO Box 573 Canberra ACT 2601 T 61 2 6281 9400
More informationCYBER SECURITY STRATEGY AN OVERVIEW
CYBER SECURITY STRATEGY AN OVERVIEW Commonwealth of Australia 2009 This work is copyright. Apart from any use as permitted under the Copyright Act 1968, no part may be reproduced by any process without
More informationNATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA
NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA JOÃO MANUEL ASSIS BARBAS Coronel de Artilharia. Assessor de Estudos do IDN INTRODUCTION Globalization and information and communication technologies
More informationEvolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance
Evolving Threats and Attacks: A Cloud Service Provider s viewpoint John Howie Senior Director Online Services Security and Compliance Introduction Microsoft s Cloud Infrastructure Evolution of Threats
More informationTUSKEGEE CYBER SECURITY PATH FORWARD
TUSKEGEE CYBER SECURITY PATH FORWARD Preface Tuskegee University is very aware of the ever-escalating cybersecurity threat, which consumes continually more of our societies resources to counter these threats,
More informationACE European Risk Briefing 2012
#5 ACE European Risk Briefing 2012 IT and cyber risk respondent profiles The research was carried out between 13 April and 3 May 2012. The sample comprised 606 European risk managers, CROs, CFOs, COOs
More informationThe UK cyber security strategy: Landscape review. Cross-government
REPORT BY THE COMPTROLLER AND AUDITOR GENERAL HC 890 SESSION 2012-13 12 FEBRUARY 2013 Cross-government The UK cyber security strategy: Landscape review 4 Key facts The UK cyber security strategy: Landscape
More informationReport to the Council of Australian Governments. A Review of the National Identity Security Strategy
Report to the Council of Australian Governments A Review of the National Identity Security Strategy 2012 Report to COAG - Review of the National Identity Security Strategy 2012 P a g e i Table of contents
More information(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework
(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework (U//FOUO) The United States lacks a comprehensive strategic international policy framework and coordinated engagement
More informationBusiness Plan 2012/13
Business Plan 2012/13 Contents Introduction 3 About the NFA..4 Priorities for 2012/13 4 Resources.6 Reporting Arrangements.6 Objective 1 7 To raise the profile and awareness of fraud among individuals,
More informationGood morning. It s a pleasure to be here this morning, talking with the NZISF. Thank you for this opportunity.
Speech Notes for New Zealand Information Security Forum 11 April 2013 Paul Ash, Manager National Cyber Policy Office Department of Prime Minister and Cabinet CYBERSECURITY: WHY IT MATTERS FOR NEW ZEALAND
More informationCyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis
Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis An analogue approach to a digital world What foundations is CDCAT built on?
More informationTHE AUSTRALIAN PUBLIC SERVICE BIG DATA STRATEGY. Comments from AIIA
THE AUSTRALIAN PUBLIC SERVICE BIG DATA STRATEGY Comments from AIIA JULY 2013 INTRODUCTION The Australian Information Industry Association (AIIA) is the peak national body representing multinational and
More informationGUERNSEY CYBER SECURITY REVIEW
GUERNSEY CYBER SECURITY REVIEW EXECUTIVE SUMMARY FOREWORD I am delighted that the States of Guernsey has completed a detailed cyber-security review which looks at government, businesses and individuals.
More informationCyber Security Strategy
Cyber Security Strategy 2015 Action Plan A LIVING ACTION PLAN WITH ANNUAL REVIEWS New Zealand s Cyber Security Strategy provides a single cohesive framework to ensure that New Zealand is secure, resilient
More informationwww.pwc.co.uk Cyber security Building confidence in your digital future
www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in
More informationCompliance Guide: ASD ISM OVERVIEW
Compliance Guide: ASD ISM OVERVIEW Australian Information Security Manual Mapping to the Principles using Huntsman INTRODUCTION In June 2010, The Australian Government Protective Security Policy Framework
More informationS. ll IN THE SENATE OF THE UNITED STATES
OLL0 TH CONGRESS ST SESSION S. ll To secure the United States against cyber attack, to improve communication and collaboration between the private sector and the Federal Government, to enhance American
More informationtechuk Cloud 2020 Vision Keeping the UK at the forefront of cloud adoption
techuk Cloud 2020 Vision Keeping the UK at the forefront of cloud adoption Introduction Cloud computing is fundamental to the UK s digital future. The next wave of the digital revolution is being powered
More informationSOMEBODY'S WATCHING YOU! Maritime Cyber Security White Paper. Safeguarding data through increased awareness
SOMEBODY'S WATCHING YOU! Maritime Cyber Security White Paper Safeguarding data through increased awareness November 2015 1 Contents Executive Summary 3 Introduction 4 Martime Security 5 Perimeters Breached
More informationSENATE STANDING COMMITTEE ON LEGAL AND CONSTITUTIONAL AFFAIRS AUSTRALIAN FEDERAL POLICE. Question No. 100
SENATE STANDING COMMITTEE ON LEGAL AND CONSTITUTIONAL AFFAIRS AUSTRALIAN FEDERAL POLICE Question No. 100 Senator McKenzie asked the following question at the hearing on 24 May 2012: a) How do you define
More informationPromoting a cyber security culture and demand compliance with minimum security standards;
Input by Dr. S.C. Cwele Minister of State Security, Republic of South Africa Cyber Security Meeting, Johannesburg 27 March 2014 I would like to thank the Wits School of Governance for inviting us to contribute
More informationCyber Security - What Would a Breach Really Mean for your Business?
Cyber Security - What Would a Breach Really Mean for your Business? August 2014 v1.0 As the internet has become increasingly important across every aspect of business, the risks posed by breaches to cyber
More informationService and anonymisation.
THE INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2014 9 EXECUTIVE SUMMARY The Internet Organised Crime Threat Assessment (iocta) informs decision makers at strategic, policy and tactical levels about
More informationCertified Cyber Security Analyst VS-1160
VS-1160 Certified Cyber Security Analyst Certification Code VS-1160 Vskills certification for Cyber Security Analyst assesses the candidate as per the company s need for cyber security and forensics. The
More informationAn Overview of Cybersecurity and Cybercrime in Taiwan
An Overview of Cybersecurity and Cybercrime in Taiwan I. Introduction To strengthen Taiwan's capability to deal with information and communication security issues, the National Information and Communication
More informationFostering Incident Response and Digital Forensics Research
Fostering Incident Response and Digital Forensics Research Bruce J. Nikkel bruce.nikkel@ubs.com September 8, 2014 Abstract This article highlights different incident response topics with a focus on digital
More informationCyber Threat Intelligence Move to an intelligencedriven cybersecurity model
Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Stéphane Hurtaud Partner Governance Risk & Compliance Deloitte Laurent De La Vaissière Director Governance Risk & Compliance
More informationNational Plan to Address Cybercrime
National Plan to Address Cybercrime 2015 Improving our ability to prevent, investigate and respond to cybercrime Contents INTRODUCTION 3 Purpose of the Plan 3 What is cybercrime? 4 The nature of the cybercrime
More informationNAPCAN s strategy is to bring about the changes necessary in individual and community behaviour to stop child abuse and neglect before it starts by:
The Director Cyber Safety Policy and Programs Department of Communications GPO Box 2154 CANBERRA ACT 2601 Dear Director, Re: Discussion Paper on Enhancing Online Safety for Children NAPCAN (National Association
More informationAdvanced Biometric Technology
INC Internet Biometric Security Systems Internet Biometric Security System,Inc.White Papers Advanced Biometric Technology THE SIMPLE SOLUTION FOR IMPROVING ONLINE SECURITY Biometric Superiority Over Traditional
More informationHow To Write An Article On The European Cyberspace Policy And Security Strategy
EU Cybersecurity Policy & Legislation ENISA s Contribution Steve Purser Head of Core Operations Oslo 26 May 2015 European Union Agency for Network and Information Security Agenda 01 Introduction to ENISA
More informationNational Cyber Security Policy -2013
National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information
More informationSecuring the Nation: Creating cyber security, resilience and readiness
NZTech Developing a National Technology Strategy NZTech Developing a National Technology Strategy A Cyber-Secure New Zealand The Role of Government Procurement B R I E F I N G P A P E R Securing the Nation:
More informationHow To Protect Your Information Security From Cyber Threats
2015 Australian Government Information Security Manual PRINCIPLES 2015 Australian Government Information Security Manual PRINCIPLES Commonwealth of Australia 2015 All material presented in this publication
More informationCloud Computing in the Victorian Public Sector
Cloud Computing in the Victorian Public Sector AIIA response July 2015 39 Torrens St Braddon ACT 2612 Australia T 61 2 6281 9400 E info@aiia.com.au W www.aiia.comau Page 1 of 9 17 July 2015 Contents 1.
More informationCyber-safety for Senior Australians. Inquiry Submission
SUBMISSION NO. 32 Cyber-safety for Senior Australians Inquiry Submission The AISA Response to the Parliament s Joint Select Committee s call for submissions Date 23 March 2012 Page 1 Executive Summary:
More informationTHE PERFECT STORM WEATHERING CYBER THREATS IN THE HEALTHCARE INDUSTRY
THE PERFECT STORM WEATHERING CYBER THREATS IN THE HEALTHCARE INDUSTRY BY DR. BRIAN MCELYEA AND DR. EMILY DARRAJ Approved for Public Release: Case # 16-0276 NORTHROP GRUMMAN WHITE PAPER 2016 Northrop Grumman
More informationKeeping out of harm s way in cyberspace
Keeping out of harm s way in cyberspace Martin Smith MBE FSyI Chairman and Founder The Security Company (International) Limited The Security Awareness Special Interest Group What is Cybercrime? Criminal
More informationITU Global Cybersecurity Agenda (GCA)
International Telecommunication Union ITU Global Cybersecurity Agenda (GCA) Framework for International Cooperation in Cybersecurity ITU 2007 All rights reserved. No part of this publication may be reproduced,
More informationCommonwealth Organised Crime Strategic Framework: Overview
Commonwealth Organised Crime Strategic Framework: Overview Commonwealth Organised Crime Strategic Framework: Overview ISBN: 978-1-921241-94-9 Commonwealth of Australia 2009 This work is copyright. Apart
More informationCyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte
Cyber security Time for a new paradigm Stéphane Hurtaud Partner Information & Technology Risk Deloitte 90 More than ever, cyberspace is a land of opportunity but also a dangerous world. As public and private
More informationAustralian Government Cyber Security Review
Australian Government Cyber Security Review The Cisco Response Today, governments are almost universally pursuing a development and modernisation agenda to nurture their society into the digital age, and
More informationData Privacy and Cybersecurity Task Force
Data Privacy and Cybersecurity Task Force key contact Josephine Cicchetti Shareholder T: 202.965.8162 F: 202.965.8104 email We provide clients across industries with comprehensive counsel on complex, evolving,
More informationHow To Understand And Understand The European Priorities In Information Security
European priorities in information security Graeme Cooper Head of Public Affairs Unit, ENISA 12th International InfoSec and Data Storage Conference, 26th September 2013, Sheraton Hotel, Sofia, Bulgaria
More informationProtecting Malaysia in the Connected world
Protecting Malaysia in the Connected world cyber Security Company of the Year (Cybersecurity Malaysia, 2014) Most innovative information security company in Malaysia (Cybersecurity Malaysia, 2012) BAE
More informationAustralian Government Information Security Manual EXECUTIVE COMPANION
2015 Australian Government Information Security Manual EXECUTIVE COMPANION 2015 Australian Government Information Security Manual EXECUTIVE COMPANION Commonwealth of Australia 2015 All material presented
More informationNational Cyber Security Strategy 2015-2017
National Cyber Security Strategy 2015-2017 Table of Contents Table of Contents...i Executive Summary... 1 1. Introduction... 2 2. Context - People, Economy, and State... 4 3. Guiding Principles... 10 4.
More informationCYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES
POINT OF VIEW CYBERSECURITY IN FINANCIAL SERVICES Financial services institutions are globally challenged to keep pace with changing and covert cybersecurity threats while relying on traditional response
More informationWRITTEN TESTIMONY BEFORE THE HEARING ON FEBRUARY 4, 2014 TESTIMONY OF JOHN MULLIGAN TARGET
WRITTEN TESTIMONY BEFORE THE SENATE COMMITTEE ON THE JUDICIARY HEARING ON PRIVACY IN THE DIGITAL AGE: PREVENTING DATA BREACHES AND COMBATING CYBERCRIME FEBRUARY 4, 2014 TESTIMONY OF JOHN MULLIGAN EXECUTIVE
More informationInternet Safety and Security: Strategies for Building an Internet Safety Wall
Internet Safety and Security: Strategies for Building an Internet Safety Wall Sylvanus A. EHIKIOYA, PhD Director, New Media & Information Security Nigerian Communications Commission Abuja, NIGERIA Internet
More informationINFORMATION SECURITY AWARENESS & TRAINING PROGRAM
INFORMATION SECURITY AWARENESS & TRAINING PROGRAM By Serah Francis MSc Student, Gjøvik University, Norway ISES Member IFIP TC3 ISES Project INTRODUCTION Africa has 167 million Internet Users and is estimated
More informationEmerging risks for internet users
Sabeena Oberoi Assistant Secretary, Cyber Security and Asia Pacific Branch Department of Broadband, Communications and the Digital Economy Government s role - DBCDE The new Australian Government Cyber
More informationCIO, CISO and Practitioner Guidance IT Security Governance
June 2006 (Revision 1, August 2007) () 1 CIO, CISO and Practitioner Guidance Whatever your business, security and privacy are key matters that affect your enterprise and those dependent upon you. There
More informationCYBER-ATLAS A COMPLETE CYBER RISK MANAGEMENT SOLUTION
CYBER-ATLAS A COMPLETE CYBER RISK MANAGEMENT SOLUTION CYBER-ATLAS A COMPLETE CYBER RISK MANAGEMENT SOLUTION In the ever-evolving technological landscape which we all inhabit, our lives are dominated by
More informationCYBERSECURITY BEST PRACTICES FOR SMALL AND MEDIUM PENNSYLVANIA UTILITIES
CYBERSECURITY BEST PRACTICES FOR SMALL AND MEDIUM PENNSYLVANIA UTILITIES The information provided in this document is presented as a courtesy to be used for informational purposes only. This information
More informationSecurity in the Cloud an end to end Problem
ID WORLD Abu Dhabi 18-19 March 2012 Cloud Computing & Mobile Applications Dr. Andrew Jones Programme Chair for Information Security Khalifa University of Science, Technology and Research, Abu Dhabi Security
More informationInto the cybersecurity breach
Into the cybersecurity breach Tim Sanouvong State Sector Cyber Risk Services Deloitte & Touche LLP April 3, 2015 Agenda Setting the stage Cyber risks in state governments Cyber attack vectors Preparing
More informationTerms of Reference for the Review of the OECD Guidelines for the Security of Information Systems and Networks
Please cite this paper as: OECD (2012), Terms of Reference for the Review of the OECD Guidelines for the Security of Information Systems and Networks, OECD Digital Economy Papers, No. 210, OECD Publishing.
More informationTHE WHITE HOUSE Office of the Press Secretary
FOR IMMEDIATE RELEASE February 13, 2015 THE WHITE HOUSE Office of the Press Secretary FACT SHEET: White House Summit on Cybersecurity and Consumer Protection As a nation, the United States has become highly
More informationCyber Security Strategy
Cyber Security Strategy MINISTER S FOREWORD Australians have been quick to embrace the Internet in their lives and businesses. For most of us it is now part of our daily routine for talking to our friends
More informationAISA NATIONAL CONFERENCE 2015 TRUST IN INFORMATION SECURITY. 14 October 2015 OPENING ADDRESS LYNWEN CONNICK
1 AISA NATIONAL CONFERENCE 2015 TRUST IN INFORMATION SECURITY 14 October 2015 OPENING ADDRESS LYNWEN CONNICK Thanks Arno, and good morning everyone. Welcome to Australian Information Security Association
More informationCyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown
Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available
More informationThe Australian Public Service Big Data Strategy
The Australian Public Service Big Data Strategy Improved understanding through enhanced data-analytics capability AIIA response March 2014 Contact for this submission: Suzanne Roche 39 Torrens St Braddon
More informationMass Marketing Fraud Affecting Canadian Businesses 2015-10-30
Mass Marketing Fraud Affecting Canadian Businesses 2015-10-30 About The CAFC The Canadian Anti-Fraud Centre (CAFC) is an international call centre specializing in central sourcing complaints on mass marketing
More informationARCHITECTURE SERVICES. G-CLOUD SERVICE DEFINITION.
ARCHITECTURE SERVICES. G-CLOUD SERVICE DEFINITION. Table of contents 1 Introduction...3 2 Architecture Services...4 2.1 Enterprise Architecture Services...5 2.2 Solution Architecture Services...6 2.3 Service
More informationEnhancing Online Safety for Children
Enhancing Online Safety for Children Public consultation on key election commitments AIIA response March 2014 Contact for this submission: Sharon Kennard 39 Torrens St Braddon ACT 2612 Australia T 61 2
More informationPublic Policy Meeting, Legal Issues on Cyber Security in Africa Dakar, Senegal 21-27 November 2009
Public Policy Meeting, Legal Issues on Cyber Security in Africa Dakar, Senegal 21-27 November 2009 Presenter Adam Mambi,(Advocate of High Court) -Deputy Executive Secretary, Law Reform Commission Tanzania
More informationOECD PROJECT ON CYBER RISK INSURANCE
OECD PROJECT ON CYBER RISK INSURANCE Introduction 1. Cyber risks pose a real threat to society and the economy, the recognition of which has been given increasingly wide media coverage in recent years.
More informationKnowing Your Enemy How Your Business is Attacked. Andrew Rogoyski June 2014
Knowing Your Enemy How Your Business is Attacked Andrew Rogoyski June 2014 Why Cyber is the New Security 1986: Lawrence Berkeley NL discovers attempt to copy US Government Information on Arpanet 1988:
More informationCybersecurity MORE THAN A GOOD HEADLINE. Protect more
Cybersecurity MORE THAN A GOOD HEADLINE Protect more Contents 2 Introduction 3 What is Cybersecurity? 4 Thought model 5 Social, Economic, Political, and IT Alignment 8 ICT Infrastructure 10 National Projects
More informationCOMMISSION OF THE EUROPEAN COMMUNITIES
EN EN EN COMMISSION OF THE EUROPEAN COMMUNITIES Brussels, [ ] COM(2006) 251 COMMUNICATION FROM THE COMMISSION TO THE COUNCIL, THE EUROPEAN PARLIAMENT, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE
More informationCyber Security Research and Development a Homeland Security Perspective
FBI ----------------------------------------- INFRAGARD National Conference ----------------------------------------- 2005 Cyber Security Research and Development a Homeland Security Perspective Annabelle
More informationPacific Islands Telecommunications Association
Pacific Islands Telecommunications Association 8 th Fl, Dominion Hse PHONE : (679) 331 1638 PO BOX 2027, Govt Bldg FAX : (679) 330 8750 SUVA, FIJI Islands E-mail: pita@connect.com.fj www.pita.org.fj INVITATION
More informationAssessing the strength of your security operating model
www.pwc.com Assessing the strength of your security operating model May 2014 Assessing the strength of your security operating model Retail stores, software companies, the U.S. Federal Reserve it seems
More informationAs global mobile internet penetration increases the cybercrime and cyberterrorism vector is extended
As global mobile internet penetration increases the cybercrime and cyberterrorism vector is extended Global Cybercrime has an estimated cost of US$ 110 Billion per year Every second, 18 adults become a
More informationRole Description Director ICT Governance, Security and Risk
Role Description Director ICT Governance, Security and Risk Classification/Grade/Band Band 1 Senior Executive Work Level Standards ANZSCO Code 262112 PCAT Code 1226892 Date of Approval 03 March 2014 Work
More informationACS CLOUD COMPUTING CONSUMER PROTOCOL. Response from AIIA
ACS CLOUD COMPUTING CONSUMER PROTOCOL Response from AIIA AUGUST 2013 INTRODUCTION The Australian Information Industry Association (AIIA) is the peak national body representing multinational and domestic
More informationof firms with remote users say Web-borne attacks impacted company financials.
Introduction As the number of users working from outside of the enterprise perimeter increases, the need for more efficient methods of securing the corporate network grows exponentially. In Part 1 of this
More informationCyber Security Evolved
Cyber Security Evolved Aware Cyber threats are many, varied and always evolving Being aware is knowing what is going on so you can figure out what to do. The challenge is to know which cyber threats are
More informationCYBERSECURITY HOT TOPICS
1 CYBERSECURITY HOT TOPICS Secure Banking Solutions 2 Presenter Chad Knutson VP SBS Institute Senior Information Security Consultant Masters in Information Assurance CISSP, CISA, CRISC www.protectmybank.com
More informationDeveloping National Frameworks & Engaging the Private Sector
www.pwc.com Developing National Frameworks & Engaging the Private Sector Focus on Information/Cyber Security Risk Management American Red Cross Disaster Preparedness Summit Chicago, IL September 19, 2012
More informationSpecific recommendations
Background OpenSSL is an open source project which provides a Secure Socket Layer (SSL) V2/V3 and Transport Layer Security (TLS) V1 implementation along with a general purpose cryptographic library. It
More informationCYBER SECURITY DASHBOARD: MONITOR, ANALYSE AND TAKE CONTROL OF CYBER SECURITY
CYBER SECURITY DASHBOARD: MONITOR, ANALYSE AND TAKE CONTROL OF CYBER SECURITY INTRODUCTION Information security has evolved. As the landscape of threats increases and cyber security 1 management becomes
More informationCyber security the facts
Cyber security the facts By Dr Carolyn Patteson, Executive Manager, CERT Australia The cyber threat is real and ever present and every business is at risk. Australia s security and intelligence agencies
More informationCOMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY,
COMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY, 28-29 JUNE 2011 The Seoul Declaration on the Future of the Internet Economy adopted at the 2008 OECD
More informationTop 10 Anti-fraud Tips: The Cybersecurity Breach Aftermath
ebook Top 10 Anti-fraud Tips: The Cybersecurity Breach Aftermath Protecting against downstream fraud attacks in the wake of large-scale security breaches. Digital companies can no longer trust static login
More informationHow To Protect Yourself From Cyber Crime
The Global Polity Cybercrime, Cybersecurity and the Future of the Internet The Challenges Cybercrime is now the fastest growing sector of cross-border organized crime. In 2009, reported losses in the US
More informationRESPONSIBLE CARE SECURITY CODE OF MANAGEMENT PRACTICES
RESPONSIBLE CARE SECURITY CODE OF MANAGEMENT PRACTICES Purpose and Scope The purpose of the Security Code of Management Practices is to help protect people, property, products, processes, information and
More informationwww.pwc.nl/cybersecurity Cyber security Building confidence in your digital future
www.pwc.nl/cybersecurity Cyber security Building confidence in your digital future 2015 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence
More informationHOW WILL FRANCHISORS IN EUROPE MEET THE CHALLENGES EU PROPOSED CYBERCRIME DIRECTIVE
HOW WILL FRANCHISORS IN EUROPE MEET THE CHALLENGES OF THE PROPOSED CYBERCRIME DIRECTIVE? Dr Mark Abell, Graeme Payne and Joseph Jackson, Bird & Bird, London, UK Cybersecurity is arguably receiving more
More informationExecutive Order 13636: The Healthcare Sector and the Cybersecurity Framework. September 23, 2014
Executive Order 13636: The Healthcare Sector and the Cybersecurity Framework September 23, 2014 Executive Order: Improving Critical Infrastructure Cybersecurity It is the policy of the United States to
More information