Capability Development Programme

Size: px
Start display at page:

Download "Capability Development Programme"

Transcription

1 KPMG Cyber Security Centre Capability Development Programme March KPMG International Cooperative ( KPMG International ). KPMG International provides no client services and is a Swiss entity with which the independent member firms of the KPMG network are affiliated.

2 KPMG Cyber Security Centre Contents Introduction... 3 Cyber Security Landscape... 3 Key Cyber Security Indicators in Singapore... 4 The KPMG Cyber Security Centre (CSC)... 5 Overview... 5 KPMG Cyber Security Framework... 5 Capability Development Programme Overview... 6 Overview... 6 Programme Structure... 6 Key Programme Components... 7 Who should participate?... 7 Programme Tracks... 8 Programme Fee... 8 Application Closing Date... 8 Programme Component Details... 9 Overview... 9 Programme Schedule Capability Maturity Assessment (Lite) Cyber Security Conference Structured Classroom Learning Knowledge Sharing Forum Proof-Of-Concept (POC) Programme Partners Overview Programme Partners Information Registration Form Capability Development Programme 2

3 Introduction The focus on Cyber Security is growing rapidly as a result of high profile security breaches threatening damages to critical infrastructures and data loss. It is no longer a question whether your organisation will be breached, but when. Cyber Security Landscape Organisations are increasingly subjected to increasing amounts of legislative, corporate and regulatory requirements which require them to show that they are managing and protecting their information appropriately. At the same time, changing work patterns involving remote access, big data, cloud computing, services on demand and mobile technology are increasing your organisation s exposure to cyber threats. While these threats are not new and some have been with us since the early 1990s, the focus on cyber security is growing rapidly as a result of high profile security breaches. These breaches have threatened financial systems and in some instances, damaged physical infrastructure across critical national and corporate infrastructures. It is no longer a question of whether your systems will be breached, but when. KPMG s analysis of the current technology and security landscape reveals three key megatrends and parameter shifts being: Loss of control over computing environment Consumerisation of information technology (IT) increases the attack breadth and thus, straining existing defences. The rapid adoption of disruptive technologies with limited consideration of risk implications has also resulted in the lost of control over the computing environment. State of continuous compromise Rise of sophisticated, determined, organised and well-funded attackers performing advanced targeted attacks capable of bypassing traditional protection mechanisms and in some instances, the threats persist undetected for extended periods. Right-spending and capabilities With the pressure to optimise capital and operational spend on already constrained IT and security budgets, organisations are forced to make assumptions that existing security measures are sufficient to mitigate against today s advanced security threats. This has challenged the ability of many organisations in acquiring, retaining and enhancing relevant talent in their workforce. Escalating cyber risks Cyber risk ranks 3 rd among 50 risks globally among 588 senior and board level executives polled in Lloyd s Risk Index 2013 Named in the Top 5 global risks by the World Economic Forum since 2012 Cost per breached record ranges from US$78 to US$233 based on the Ponemon Institute Cost of Data Breach Study: Global Analysis 2013 Growth of mobile malware tripled 2012 numbers at more than 120,000 samples Kaspersky Lab IT Threat Evolution 2013 Capability Development Programme 3

4 Key Cyber Security Indicators in Singapore With the increasing focus on critical infrastructure protection, organisations are subjected to additional regulatory requirements requiring them to have measures in place for managing and protecting their sensitive information. In Singapore, there are a few key indicators for cyber security focus areas being: National Cyber Security Masterplan 2018 (July 2013) The masterplan led by Infocommunications Development Authority of Singapore (IDA) under the guidance of the National Infocomm Security Committee (NISC) aims to strengthen resiliency against cyber threats which includes the enhancement of critical infrastructure such as Cyber Watch Centre (CWC) and Threat Analysis Centre (TAC). Monetary Authority of Singapore (MAS) Technology Risk Management (TRM) Guidelines and Notices (June 2013) MAS TRM is a mandate for financial institutions (FIs) to ensure monitoring and swift detection of IT incidents. FIs are also expected to report discovery of any IT security incidents within one hour to MAS. Computer Misuse and Cybersecurity Act (March 2013) Computer Misuse Act has been renamed as Computer Misuse and Cybersecurity Act to allow the Singapore Government to take more effective, timely and proactive measures against cyber security threats. Capability Development Programme 4

5 The KPMG Cyber Security Centre (CSC) The threats posed by cybercriminals and hacktivists are growing in scale and sophistication. Is your organisation becoming increasingly vulnerable as technology advances and working practices evolve? Overview The KPMG Cyber Security Centre (CSC) serves as a platform for thought leadership, capability development and innovation for cyber security. It seeks to gather companies, institutes of higher learning and security technology vendors into a collaborative environment. Together, these industry players will work towards enhancing organisational defences against evolving cyber threats. Our initiatives are based on three key thrusts: Empower, Transform and Innovate. KPMG Cyber Security Framework KPMG Cyber Security Framework is developed based on the guiding principles that no matter how good your defences are, there still is a risk of a successful attack. Our framework is purposely intelligence-led to build understanding of the diverse threat landscape and put this insight at the heart of cyber security decision-making. This overarching framework helps our clients take a holistic approach to cyber security and to be more prepared and more resilient to threats. Threat Intelligence Sits at the heart of the framework and implement the building blocks of intelligence and, in mature organisations, use intelligence as a springboard for delivering effective cyber security. Prepare Understand vulnerabilities and improve preparedness against cyber attack. Protect Design and implement cyber defence infrastructure. Detect and Respond Respond to and investigate cyber attacks. Integrate Embed cyber security in the culture and decision making of organisations. Transformation Design and deliver a wholesale program of change to improve cyber security capability. Capability Development Programme 5

6 Capability Development Programme Overview Do you know how mature your organisation s cyber security capability is? KPMG can work with you to help increase your organisation s preparedness against cyber threats and to achieve capabilities in early threat detection, rapid response and robust recovery. Overview The first programme to be rolled out under the CSC is the Capability Development Programme. Through this six-month programme, KPMG in Singapore will help participating organisations enhance their cyber security preparedness by: implementing framework and architecture for early detection of cyber threats and robust incident response; acquiring expertise in discovery, analysis, containment and eradication of malware threats; and developing cyber security intelligence capabilities so that organisations are keenly aware of the cyber environment and are ready to defend themselves against cyber attacks. The programme is structured to provide participating organisations with critical skillsets and a holistic view of cyber defence in the face of today s cyber threats. Programme Structure Participating organisations will be challenged to upgrade their skills, engage in cyber war gaming exercises as well as develop and implement proof-of concepts. Through a structured series of classroom learning and hands-on implementation, participating organisations will: gain foundational knowledge of cyber security from globally recognised cyber security professionals and learn to tackle today s urgent cyber security issues sharpen cyber threat detection and incident response capabilities through exercises in Singapore Polytechnic s Cyber Wargame Centre. Participating organisations will be exposed to real-world tactics employed by attackers and learn how to handle crisis while maintaining regular business and operational processes. develop proof-of-concept frameworks and solution architectures targeted at specific industry problem statements customised to their organisation s environment. KPMG cyber security specialists and our security technology vendors will work with participating organisations on these projects. Capability Development Programme 6

7 Key Programme Components Programme Component Cyber Security Conference Description Outcome Duration Industry cyber security specialists will be invited to share their insights Obtained insights on how to on the latest trends and mitigation transform their cyber security. approaches against cyber threats. 1 day Cyber Maturity Assessment (Lite) Assess participating organisation s preparedness against cyber attacks. Established roadmap for cyber security preparedness. Up to 5 days Structured Classroom Learning Four critical cyber security areas below will be covered by trainers: Cyber Defense Cyber Intelligence and Threat Detection Cyber Response and Recovery Malware Analysis and Digital Forensics Acquired critical cyber defence skillsets to detect and respond to cyber threats. 12 days (3 days per session) Cyber War Game Exercise Cyber war games will be conducted in a state-of-the-art cyber range at Singapore Polytechnic s Cyber Wargame Centre using simulated scenarios to drill participating organisations on concepts learned. Improved awareness of cyber risk and response capabilities. 3 days Proof-of-Concept (POC) Approved POC will be defined and implemented in the participating organisation s operating environment with the support of our Programme Partners. Obtained hands-on experience relevant to participating organisation s Up to 4 months Knowledge Sharing Forum Platform to share and obtain insights on the outcome of POCs implemented by participating organisations. Obtained further insights from lessons learnt 1 day Who should participate? Organisations embarking on cyber security initiatives to enhance their preparedness and resiliency should consider nominating employees with the following job roles aligned to the National Infocomm Competency Framework (NICF) for participation: Information Security Consultant Security Administrator Security Engineer Capability Development Programme 7

8 Programme Tracks Under the programme, KPMG is offering two tracks to cater for different organisations needs: Full Programme Partial Programme (without POC) Note: IDA ilead Expanded Grant is not applicable for the Partial Programme without POC track. Programme Fee The fee for both the Full and Partial Programme is S$3,000 per person from each participating organisation (programme components may not be shared by more than one individual except the registered participant or substitute), excluding the prevailing GST rate. IDA ilead Expanded Grant This programme is part of the Infocomm Development Authority of Singapore (IDA) Infocomm Leadership and Development Programme (ilead) Expanded. It aims to help Singapore s infocomm manpower keep pace with technology changes. Eligible organisations may submit an application to IDA for the ilead Expanded grant subject to IDA s approval. Application Closing Date 26 March 2014, 5:00 pm.

9 Programme Component Details KPMG has designed our capability development programme to empower your organisation to know your cyber risks linked to business outcomes; understand the latest approaches and best practices; identify fit for purpose solutions; and to develop your cyber security transformation roadmap. Overview Our programme starts with working together with the participating organisation on a Cyber Maturity Assessment (Lite) to quickly assess the maturity in cyber security defence and preparedness in cyber security response. This will be followed by structured classroom learning and cyber exercises scheduled across the programme duration. Participants in the programme will also undertake a POC implementation to further enhance their capability through hands-on implementation. While the above is the recommended programme structure, participating organisations have the flexibility to conduct the CMA based on a suitable schedule within the six months programme duration. Additionally, participating organisations may embark on the POC programme component based on a suitable schedule but must be completed within 12 months of programme commencement. Capability Development Programme 9

10 Programme Schedule Date Time Programme Component 01 Apr Cyber Security Conference Apr Structured Classroom Learning Apr Structured Classroom Learning May Structured Classroom Learning Jun Structured Classroom Learning Jul Structured Classroom Learning 12 Sep Industry Sharing Cyber Security Conference Cyber Defense Foundation Training Cyber Intelligence and Threat Detection Cyber Incident Response Malware Analysis and Digital Forensics Cyber Wargame Exercise Knowledge Sharing Forum Cyber Maturity Assessment (Lite) The program will start with a Cyber Maturity Assessment (Lite) to assess participating organisations preparedness against cyber attacks. The high level gaps identified will help participating organisations in prioritising their cyber security efforts and allocation of resources. The programme participant will work with KPMG as part of the assessment team. Senior executive sponsorship is required to ensure management support and commitment for the success of the assessment. Cyber Maturity Assessment (Lite) CMA1 CMA2 Cyber Maturity Assessment (Lite) Early Signup Cyber Maturity Assessment (Lite) Signup Objective Duration Outline Learning Outcomes Assess organisation s ability to protect its information assets and its preparedness against cyber attack. 3-5 days The Cyber Maturity Assessment (CMA) benchmarks an organisation against a cyber maturity model and provides a rounded view of people, process and technology to: Understand areas of vulnerability; Identify and prioritise areas for remediation; and Demonstrate both corporate and operational compliance. KPMG Security Consultants together with Participants will assess the cyber maturity level through a combination of questionnaires, interviews and workshops to address the following six key dimensions: Executed using Leadership and Governance Information Risk Management Human Factors Operations and Technology Business Continuity and Crisis Management Legal Compliance Analyse the cyber threat environment and advise management on the organisation s cyber defence effectiveness. Understanding of organisation s cyber maturity level and prioritised areas for management action plan. Capability Development Programme 10

11 Cyber Security Conference The Cyber Security Conference brings together industry experts to share their insights on the latest cyber security trends allowing participating organisations to plan for and cater to emerging threats, as well as, understanding how similar organisations are transforming their cyber defences. The conference for 2014 is themed Transforming Your Cyber Security. Non-participants in the Capability Development Programme may attend at a fee. Cyber Security Conference SC Cyber Security Conference Objective Duration Hear from industry cyber security specialists on their insights of the latest trends and mitigation approaches against cyber threats. 1 day Confirmed speakers for the Transforming Your Cyber Security conference: Freddy Tan Member, Board of Directors, (ISC) 2 Craig Stires Research Director, IDC Pierre Noel Chief Security Officer (Asia), Microsoft Justin Harvey Chief Solutions Strategist, FireEye Outline Stephen McCombie Senior Manager for Advanced Cyber Defense Practice (APJ), RSA Roy Katmor Director for Security Strategy, Akamai Nishant Ranjan Solution Architect, McAfee Nicholas Percoco Director, KPMG in Chicago Stan Hegt Manager, KPMG in Netherlands Learning Outcomes Obtain insights on latest trends and mitigation approaches against cyber threats. Capability Development Programme 11

12 Structured Classroom Learning The Structured Classroom Learning will be conducted by cyber security practitioners on the frontline of the battle against cyber threats, focusing on the following four critical cyber security areas: Cyber Defense Foundation Cyber Intelligence and Threat Detection Cyber Response and Recovery Malware Analysis and Digital Forensics Structured Classroom Learning Objective Duration Outline Learning Outcomes C1 Cyber Defense Foundation Training Understand the fundamentals of cyber threat detection and response frameworks and techniques. 3 days Focus on understanding fundamentals of cyber threat detection and response through lectures, case studies and exercises: Cyber intelligence threat and vulnerability Threat detection - traffic analysis, correlation of indicators Cyber response preparation, identification, containment, eradication and recovery Malware analysis methods and techniques for identification, containment and eradication Digital forensics preservation of evidence and analysis Understand the key areas of focus to design, implement and manage a cyber defense framework and architecture. Structured Classroom Learning Objective Duration Outline Learning Outcomes C2 Cyber Intelligence and Threat Detection Develop capability to research, develop and implement advanced technologies based on algorithms and data models to detect, analyse and mitigate security attacks. Focused on building a situational aware architecture through use of large security data sets and integration with external threat intelligence sources. 3 days Focus on understanding adversarial threats, detection methods and security intelligence approaches through lectures, case studies and exercises: Fundamentals of traffic analysis and tools Understanding the Kill Chain Common attack vectors and different classes of attacks Understanding the adversary and their evasion techniques Intrusion detection methodologies and techniques Network forensics and correlation of indicators Technologies and algorithms in security intelligence and analytics Open source intelligence (OSINT) and intersections of data, information and intelligence Role and value of cyber intelligence threat and vulnerability Collection and analysis methods for actionable intelligence Integration techniques to preventive cyber defence measures Analyse cyber attack methods to determine capabilities, propagation characteristics, and detection signatures. Manage cyber intelligence framework and architecture in terms of organisational teams, governance processes and security technology solutions Capability Development Programme 12

13 Structured Classroom Learning Objective Duration Outline Learning Outcomes C3 Cyber Response Develop capability to design, implement and manage a cyber response framework and architecture to handle and rapidly respond to cyber incidents. 3 days Focus on understanding cyber response framework and architectures required to rapidly respond to an identified breach through lectures, case studies and exercises: Incident response organisation and team structure Incident response and handling fundamentals Handling network, malicious code and insider incidents Key tools, techniques, and procedures to properly respond to intrusions Proper incident scoping and detection of all compromised systems Analysis methods to identify exactly how the breach occurred and what was taken Key approaches to eradicate a current incident Use of threat intelligence to determine if the same adversary returns to the enterprise Incident reporting and recovery Manage cyber response framework and architectures to support organisations in performing situational analysis, planning a course of action and coordinating the response plan to narrow the breach window and rapidly contain and eradicate the problem. Structured Classroom Learning Objective Duration Outline Learning Outcomes C4 Malware Analysis and Digital Forensics Develop capability to design, implement and manage a malware analysis and digital forensics framework and architecture to contain, eradicate and recover from malware attacks. 3 days Focus on understanding malware analysis digital forensics processes and techniques through lectures, case studies and exercises: Configuration of the malware analysis lab Malware analysis toolkit Basic static, dynamic and behavioral analysis of malicious code Automated malware analysis Forensic toolkit Chain of evidence and custody Methods of forensic imaging process Preservation of evidence Forensic analysis methods Forensic reporting Design and implement security technology environment and process frameworks to contain, eradicate and recover from malware attacks. Capability Development Programme 13

14 Structured Classroom Learning Objective Duration Outline Learning Outcomes C5 Cyber Wargame Exercise Employ security intelligence, malware analysis and cyber response techniques in a cyber exercise with war gaming scenarios conducted in a cyber range. 3 days Focus on participant s ability to use relevant techniques to defend against cyber attacks, whilst keeping the production environment and internal procedures up and running: Preparation of team roles and environment for blue and red team exercise Handling of crisis situations Evaluate how people and teams work in stressful situations Manage roles, tasks and delegation during large scale cyber attack Manage business processes while in crisis mode Debriefing on outcome of cyber exercise Integrate security intelligence, malware analysis and cyber response techniques in a cyber defense scenario Knowledge Sharing Forum The Knowledge Sharing Forum serves as a platform for the participating organisations to share their lessons learnt based on their POC implementation. The objective is to enhance cooperation and increase participant s knowledge across critical cyber defence skillsets. KPMG will facilitate and moderate the session to ensure learning outcomes and maintain confidentiality of participating organisation s information. Industry Sharing SF Knowledge Sharing Forum Objective Duration Outline Learning Outcomes Foster a more collaborative cyber security community among user enterprises, institutes of higher learning and security technology vendors. 1 day Participants to share the details of POCs implemented in terms of: Problem statements to be solved Implementation approach POC results and lessons learnt Obtain further insights from the outcomes of POCs implemented. Capability Development Programme 14

15 Proof-Of-Concept (POC) After going through the Cyber Maturity Assessment, the participating organisations should have a high level understanding on cyber defence areas that require improvements. KPMG will work with the participating organisations to define a POC to evaluate governance frameworks and technology solutions to address a specific area of improvement. Participating organisations may work with selected Programme Partners (see page 16) for technology driven improvements. Such technology POCs will be conducted on-site within participating organisation s operating environment and KPMG will assist to facilitate the arrangements with the Programme Partners. Our KPMG Cyber Security Team will directly support participating organisations for non-technology focused POCs. A critical objective of the POC is to enable experiential learning by the programme s participants who will be expected to play a key role in the definition, development and implementation of the project. Proof-of-Concept P1 Project Definition P2 Concept Development P3 Concept Feasibility Study P4 Project Implementation P5 Project Reporting Objective Co-develop proof-of-concept (POC) frameworks or solution architectures to solve specific problem statements and implement these POC projects into their user enterprise operational environment. Duration 4 months Outline Participants will work with KPMG specialists who will provide cyber security subject matter guidance, facilitate the POC development and implementation, and coordinate with solution vendors (as required). Projects may include but not limited to the following problem statements: Faced with today s advanced security threats, most enterprises do not have a clear strategic plan and implementation roadmap aligned to a Cyber Defence Maturity Model. What are the capabilities that define such a model and the building blocks to achieve the desired state of maturity? Enterprises are taking weeks to months from compromise to discovery and eventually containment. How do we build a framework and architecture for early threat detection and rapid incident response? Enterprises are not effectively leveraging security data for predictive threat detection. What is the data that matters and how do we make use of the collected data effectively and efficiently to identify indicators of compromise? Threat detection today is reliant on reactive security monitoring. How do we implement a practical exploration-driven threat detection framework to identify the unknown unknowns? Malware is by far the most effective means for an attacker to infiltrate an organisation, persist undetected for long periods of time and exfiltrate data from the compromised environment. What is the framework and architecture required for identification, analysis, containment and eradication of the malware threat? Learning Outcomes Further enhance lessons learnt from the structured learning component of the programme. Capability Development Programme 15

16 Programme Partners KPMG recognises that capability development of the ecosystem requires greater collaboration between user enterprises, technology solution vendors and institutes of higher learning. Our Programme Partners bring to the platform, market leading solutions and learning environments to support participants on their cyber defence roadmap. Overview KPMG has lined up the following Programme Partners that address different aspects of the KPMG s Cyber Security Framework: Singapore Polytechnic (SP) Cyber Wargame Centre provides a well-equipped environment for conducting simulated cyber war games. FireEye Malware protection against advanced cyber threats such as Advanced Persistent Threats (APT) RSA A combination of Security Incident Event Management (SIEM), network forensics, big data analytics and threat intelligence to monitor, detect and response to cyber threats. McAfee Connect industry-leading security solutions to their enterprise infrastructure to increase visibility, gain efficiencies, and strengthen protection against cyber threats. Akamai Provide cloud computing security, prevent data theft/downtime and mitigate Denial of Service (DoS) attacks by extending the security perimeter outside the data center. Programme Partners Information In this section, we will provide more information on KPMG s programme partners such as their company profile, overview of solutions relevant to cyber security, resources committed to the POC, as well as, the pre-requisites for POC implementing their solutions. Singapore Polytechnic Singapore Polytechnic (SP) is one of the established polytechnic in Singapore setup in 1954 to train technologists and professionals to support the industrialisation and economic development of Singapore. To date, it has more than 16,000 full-time and part-time students whom are pursuing a total of 68 diploma courses. SP has recently launched the Cyber Wargame Centre to provide students from the School of Digital Media & Infocomm Technology with hands-on experience of a security professional. The SP Cyber Wargame Centre consists of several labs which are setup for various purposes such as launching attacks, setting up network defences, conducting forensics investigation and performing malware analysis. Programme Support KPMG CSC Capability Development Programme will be using the SP Cyber Wargame Centre for conducting the Cyber Exercise as part of the Structured Classroom Learning. Participating organisations will play the role of the blue team in responding to cyber attacks by the red team in this stimulated environment. Capability Development Programme 16

17 FireEye FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, Intrusion Prevention System (IPS), anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organisation across the primary threat vectors, including Web, , and files and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 1,100 customers across more than 40 countries, including over 100 of the Fortune 500. With the acquisition of Mandiant, the leader in endpoint security, incident response, and remediation; FireEye now offers the most complete library of actionable threat intelligence on advanced threats and a product suite that can apply that intelligence to detect and prevent attacks on both the network and on endpoints. RSA RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. We help the world s leading organisations (including 90 percent of the Fortune 500) succeed by solving their most complex and sensitive security challenges. These challenges include managing organisational risk, safeguarding mobile access and collaboration, providing compliance and securing virtual and cloud environments. Combining business-critical controls in identity assurance, encryption and key management, SIEM, Data Loss Prevention and Fraud Protection with industry-leading enterprise Governance, Risk and Compliance (egrc) capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. Programme Support Relevant hardware appliances, software licenses and technical engineer support will be provided. Capability Development Programme 17

18 McAfee McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), is the world's largest dedicated security technology company. McAfee delivers proactive and proven solutions and services that help secure systems, networks, and mobile devices around the world, allowing users to safely connect to the Internet, browse, and shop the web more securely. Backed by its unrivaled global threat intelligence, McAfee creates innovative products that empower home users, businesses, the public sector, and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. McAfee is relentlessly focused on constantly finding new ways to keep our customers safe. Programme Support Relevant hardware appliances, software licenses and technical engineer support will be provided. Akamai Akamai is the leading provider of cloud services for helping enterprises provide secure, high-performing user experiences on any device, anywhere. If you've ever shopped online, downloaded music, watched a web video or connected to work remotely, you've probably used Akamai's cloud platform. Akamai helps enterprises accelerate innovation in the hyperconnected world by removing the complexities of technology so you can focus on driving your business faster forward. We enable enterprises to capitalize on market opportunities presented by trends like mobile and cloud while overcoming the challenges presented by security threats and the need to reach users globally. The Akamai Intelligent Platform reaches globally and delivers locally, providing unmatched reliability, security and visibility into your online business. Programme Support Relevant hardware appliances, software licenses and technical engineer support will be provided. Capability Development Programme 18

19 KPMG Cyber Security Centre Capability Development Programme Registration Form Please complete the following and *Delete where inapplicable 1. Registration Details Company Name: <Please indicate the legal entity name> Registered Address: Contact Person Salutation: Last Name: Designation: Contact Number: Dr / Mr / Mrs / Mdm / Ms / Others: * First Name: Fax Number: Programme Participants No. Salutation Last Name First Name Designation Contact Number Address Programme Option: Full Programme / Partial Programme (without POC) * 2. Programme Fee (applicable for both programme options) Programme Fee: S$3,000 (excluding Goods and Services Tax) per participant 3. Payment and Billing Information For programme fee, please make cheque or bank draft payable to KPMG Services Pte. Ltd. ( KPMG ), 16 Raffles Quay, #22-00 Hong Leong Building, Singapore KPMG will provide a tax invoice upon clearance of your cheque. We seek your understanding that there will be no refunds upon confirmation of registration. Please inform KPMG of substitution(s) prior to the start of the programme to avoid inconvenience. In circumstances beyond our control, we reserve the right to cancel the programme, or make changes to the schedules, venue and speaker(s)/trainer(s). Photography, audio, and/or video recording are not permitted during the programme activities unless authorised by KPMG. Capability Development Programme 19

20 Billing Address: <Please indicate if different from Registered Address > Attention Invoice To Last Name: Designation: Contact Number: First Name: Fax Number: 4. Disclaimers and Request for Consent The participating organisation agrees to allow KPMG to contact participants for future KPMG initiatives or mailer. Yes / No * The participating organisation agrees to allow KPMG to generate content for use from the interviews conducted. Yes / No * Acknowledged by the Participating Organisation Signature Date Name: Designation: Company Name: Contact us If you need further assistance, please contact: Chionh Hui Ming Tel: Jestina Pang Tel: Capability Development Programme 20

CYBER SECURITY TRAINING SAFE AND SECURE

CYBER SECURITY TRAINING SAFE AND SECURE CYBER SECURITY TRAINING KEEPING YOU SAFE AND SECURE Experts in Cyber Security training. Hardly a day goes by without a cyber attack being reported. With this ever-increasing threat there is a growing need

More information

Advanced Threat Protection with Dell SecureWorks Security Services

Advanced Threat Protection with Dell SecureWorks Security Services Advanced Threat Protection with Dell SecureWorks Security Services Table of Contents Summary... 2 What are Advanced Threats?... 3 How do advanced threat actors operate?... 3 Addressing the Threat... 5

More information

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE Solution Brief SUMMARY New security threats demand a new approach to security management. Security teams need a security analytics architecture that can handle

More information

CYBER SECURITY INFORMATION SHARING & COLLABORATION

CYBER SECURITY INFORMATION SHARING & COLLABORATION Corporate Information Security CYBER SECURITY INFORMATION SHARING & COLLABORATION David N. Saul Senior Vice President & Chief Scientist 28 June 2013 Discussion Flow The Evolving Threat Environment Drivers

More information

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES POINT OF VIEW CYBERSECURITY IN FINANCIAL SERVICES Financial services institutions are globally challenged to keep pace with changing and covert cybersecurity threats while relying on traditional response

More information

McAfee Acquires NitroSecurity

McAfee Acquires NitroSecurity McAfee Acquires NitroSecurity McAfee announced that it has closed the acquisition of privately owned NitroSecurity. 1. Who is NitroSecurity? What do they do? NitroSecurity develops high-performance security

More information

National Cyber Security Policy -2013

National Cyber Security Policy -2013 National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information

More information

Legislative Council Panel on Information Technology and Broadcasting. Information Security

Legislative Council Panel on Information Technology and Broadcasting. Information Security For Information on 8 July 2013 LC Paper No. CB(4)834/12-13(05) Legislative Council Panel on Information Technology and Broadcasting Information Security Purpose This paper updates Members on the latest

More information

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security

More information

Advanced Threats: The New World Order

Advanced Threats: The New World Order Advanced Threats: The New World Order Gary Lau Technology Consulting Manager Greater China gary.lau@rsa.com 1 Agenda Change of Threat Landscape and Business Impact Case Sharing Korean Incidents EMC CIRC

More information

Microsoft s cybersecurity commitment

Microsoft s cybersecurity commitment Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade

More information

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Stéphane Hurtaud Partner Governance Risk & Compliance Deloitte Laurent De La Vaissière Director Governance Risk & Compliance

More information

Security Assessment and Compliance Services

Security Assessment and Compliance Services Security Assessment and Compliance Services Despite the best efforts of IT security teams, hackers and malicious code continue to find their way into corporate networks. Adding to the pressure is the fact

More information

Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program

Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program Cyber: The Catalyst to Transform the Security Program Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA A Common Language? Hyper Connected World Rapid IT Evolution Agile Targeted Threat

More information

Infocomm Security Masterplan 2

Infocomm Security Masterplan 2 INFOCOMM DEVELOPMENT AUTHORITY OF SINGAPORE 8 Temasek Boulevard #14-00 Suntec Tower 3 Singapore 038988 Tel : 65-62110888 Fax : 65-62112222 www.ida.gov.sg April 2009 Infocomm Security Masterplan 2 The Infocomm

More information

ASEAN Regional Forum Cyber Incident Response Workshop Republic of Singapore 6-7 September 2012. Co-Chair s Summary Report

ASEAN Regional Forum Cyber Incident Response Workshop Republic of Singapore 6-7 September 2012. Co-Chair s Summary Report ASEAN Regional Forum Cyber Incident Response Workshop Republic of Singapore 6-7 September 2012 Co-Chair s Summary Report 1. Pursuant to the 18 th ASEAN Regional Forum (ARF) Ministerial meeting in Bali,

More information

CyberSecurity Solutions. Delivering

CyberSecurity Solutions. Delivering CyberSecurity Solutions Delivering Confidence Staying One Step Ahead Cyber attacks pose a real and growing threat to nations, corporations and individuals globally. As a trusted leader in cyber solutions

More information

A NEW APPROACH TO CYBER SECURITY

A NEW APPROACH TO CYBER SECURITY A NEW APPROACH TO CYBER SECURITY We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward. Positively

More information

www.pwc.co.uk Cyber security Building confidence in your digital future

www.pwc.co.uk Cyber security Building confidence in your digital future www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in

More information

Cyber Security Operations Associate

Cyber Security Operations Associate ST Electronics (Info-Security) Pte Ltd ST Electronics (Info-Security) Page 1 Cyber Security Operations Essentials: Live cyber security training to build Detection, Response & Recovery capability In today

More information

Programme. 8.30am. 10.40am

Programme. 8.30am. 10.40am 8.30am 9.00am 9.15am 9.35am 9.40am 8.30am 10.10am 10.40am 11.10am 11.35am 12.00pm 12.25pm 1.40pm 2.05pm 2.30pm 2.55pm 3.25pm 3.50pm 4.15pm Programme Registration Welcome Address Mr Lau Thiam Beng Deputy

More information

Managed Security Services

Managed Security Services Proactive Real-Time Monitoring and Risk Management Managed Security Services NCS Group Offices Australia Bahrain Brunei China Dubai Hong Kong SAR Korea Malaysia Philippines Singapore Sri Lanka Understanding

More information

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to

More information

Cybersecurity The role of Internal Audit

Cybersecurity The role of Internal Audit Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government

More information

Cisco Security Services

Cisco Security Services Cisco Security Services Cisco Security Services help you defend your business from evolving security threats, enhance the efficiency of your internal staff and processes, and increase the return on your

More information

Requirements When Considering a Next- Generation Firewall

Requirements When Considering a Next- Generation Firewall White Paper Requirements When Considering a Next- Generation Firewall What You Will Learn The checklist provided in this document details six must-have capabilities to look for when evaluating a nextgeneration

More information

Into the cybersecurity breach

Into the cybersecurity breach Into the cybersecurity breach Tim Sanouvong State Sector Cyber Risk Services Deloitte & Touche LLP April 3, 2015 Agenda Setting the stage Cyber risks in state governments Cyber attack vectors Preparing

More information

SID Current Topic Series

SID Current Topic Series SID Current Topic Series Forum: The Secrets and Art of Cyber Security Organised by : Singapore Institute of Directors in collaboration with PwC & Quann Date : Friday, 29 th July 2016 Time : 9.00 am to

More information

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available

More information

Protecting critical infrastructure from Cyber-attack

Protecting critical infrastructure from Cyber-attack Protecting critical infrastructure from Cyber-attack ACI-NA BIT Workshop, Session 6 (Cybersecurity) Long Beach, California October 4, 2015 Ben Trethowan Aviation Systems & Security Architect The scale

More information

CYBERSECURITY. PROGRAMME 14 April 2015. 13.00 14.00 Lunch / Delegates Registration

CYBERSECURITY. PROGRAMME 14 April 2015. 13.00 14.00 Lunch / Delegates Registration PROGRAMME 14 April 2015 13.00 14.00 Lunch / Delegates Registration 14.00 14.10 Opening and Keynote by Panel Chair Getting Ahead of the Threat: Building Cybersecurity Dr Madan Oberoi Director, Cyber Innovation

More information

McAfee Security Architectures for the Public Sector

McAfee Security Architectures for the Public Sector White Paper McAfee Security Architectures for the Public Sector End-User Device Security Framework Table of Contents Business Value 3 Agility 3 Assurance 3 Cost reduction 4 Trust 4 Technology Value 4 Speed

More information

Cybersecurity Enhancement Account. FY 2017 President s Budget

Cybersecurity Enhancement Account. FY 2017 President s Budget Cybersecurity Enhancement Account FY 2017 President s Budget February 9, 2016 Table of Contents Section 1 Purpose... 3 1A Mission Statement... 3 1.1 Appropriations Detail Table... 3 1B Vision, Priorities

More information

It s critical to be able to correlate threats pre-emptively and respond to them immediately.

It s critical to be able to correlate threats pre-emptively and respond to them immediately. Security has become a much deeper executive discussion because of the modern diversity of channels through which businesses can be attacked. Mobility, bring your own device, virtualisation, the cloud,

More information

Simplify Your Network Security with All-In-One Unified Threat Management

Simplify Your Network Security with All-In-One Unified Threat Management Singtel Business Product Factsheet Brochure Managed Defense Unified Services Management Simplify Your Network Security with All-In-One Unified Management Singtel Managed Unified Management (UTM) Services,

More information

Cisco Security Optimization Service

Cisco Security Optimization Service Cisco Security Optimization Service Proactively strengthen your network to better respond to evolving security threats and planned and unplanned events. Service Overview Optimize Your Network for Borderless

More information

CYBER SECURITY, A GROWING CIO PRIORITY

CYBER SECURITY, A GROWING CIO PRIORITY www.wipro.com CYBER SECURITY, A GROWING CIO PRIORITY Bivin John Verghese, Practitioner - Managed Security Services, Wipro Ltd. Contents 03 ------------------------------------- Abstract 03 -------------------------------------

More information

Malware isn t The only Threat on Your Endpoints

Malware isn t The only Threat on Your Endpoints Malware isn t The only Threat on Your Endpoints Key Themes The cyber-threat landscape has Overview Cybersecurity has gained a much higher profile over the changed, and so have the past few years, thanks

More information

IBM Security re-defines enterprise endpoint protection against advanced malware

IBM Security re-defines enterprise endpoint protection against advanced malware IBM Security re-defines enterprise endpoint protection against advanced malware Break the cyber attack chain to stop advanced persistent threats and targeted attacks Highlights IBM Security Trusteer Apex

More information

Top 5 Global Bank Selects Resolution1 for Cyber Incident Response.

Top 5 Global Bank Selects Resolution1 for Cyber Incident Response. MAJOR FINANCIAL SERVICES LEADER Top 5 Global Bank Selects Resolution1 for Cyber Incident Response. Automation and remote endpoint remediation reduce incident response (IR) times from 10 days to 5 hours.

More information

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored. It takes an average

More information

Cyber Security Market by Solution - Global Forecast to 2020

Cyber Security Market by Solution - Global Forecast to 2020 Brochure More information from http://www.researchandmarkets.com/reports/3287011/ Cyber Security Market by Solution - Global Forecast to 2020 Description: 'Cyber Security Market by Solution (IAM, Encryption,

More information

IT Security. Securing Your Business Investments

IT Security. Securing Your Business Investments Securing Your Business Investments IT Security NCS GROUP OFFICES Australia Bahrain China Hong Kong SAR India Korea Malaysia Philippines Singapore Sri Lanka Securing Your Business Investments! Information

More information

Close the security gap with a unified approach. Detect, block and remediate risks faster with end-to-end visibility of the security cycle

Close the security gap with a unified approach. Detect, block and remediate risks faster with end-to-end visibility of the security cycle Close the security gap with a unified approach Detect, block and remediate risks faster with end-to-end visibility of the security cycle Events are not correlated. Tools are not integrated. Teams are not

More information

Cyber threat intelligence and the lessons from law enforcement. kpmg.com.au

Cyber threat intelligence and the lessons from law enforcement. kpmg.com.au Cyber threat intelligence and the lessons from law enforcement kpmg.com.au Introduction Cyber security breaches are rarely out of the media s eye. As adversary sophistication increases, many organisations

More information

Addressing Cyber Risk Building robust cyber governance

Addressing Cyber Risk Building robust cyber governance Addressing Cyber Risk Building robust cyber governance Mike Maddison Partner Head of Cyber Risk Services The future of security The business environment is changing The IT environment is changing The cyber

More information

Cybersecurity and internal audit. August 15, 2014

Cybersecurity and internal audit. August 15, 2014 Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices

More information

GEARS Cyber-Security Services

GEARS Cyber-Security Services Florida Department of Management Services Division of State Purchasing Table of Contents Introduction... 1 About GEARS... 2 1. Pre-Incident Services... 3 1.1 Incident Response Agreements... 3 1.2 Assessments

More information

CONSULTING IMAGE PLACEHOLDER

CONSULTING IMAGE PLACEHOLDER CONSULTING IMAGE PLACEHOLDER KUDELSKI SECURITY CONSULTING SERVICES CYBERCRIME MACHINE LEARNING ECOSYSTEM & INTRUSION DETECTION: CYBERCRIME OR REALITY? ECOSYSTEM COSTS BENEFITS BIG BOSS Criminal Organization

More information

Cyber threat intelligence and the lessons from law enforcement. kpmg.com/cybersecurity

Cyber threat intelligence and the lessons from law enforcement. kpmg.com/cybersecurity Cyber threat intelligence and the lessons from law enforcement kpmg.com/cybersecurity Introduction Cyber security breaches are rarely out of the media s eye. As adversary sophistication increases, many

More information

Brochure More information from http://www.researchandmarkets.com/reports/3493712/

Brochure More information from http://www.researchandmarkets.com/reports/3493712/ Brochure More information from http://www.researchandmarkets.com/reports/3493712/ Security Analytics Market by Application (Network Security, Application Security, Data and Information Security, Endpoint

More information

Professional Certificate in Ethics and Anti-Corruption Compliance

Professional Certificate in Ethics and Anti-Corruption Compliance in partnership with Professional Certificate in Ethics and Anti-Corruption Compliance Maxwell Chambers, Singapore, November 18th & 19th 2015 Enhance & develop your understanding of Ethics & Compliance

More information

Developing a Mature Security Operations Center

Developing a Mature Security Operations Center Developing a Mature Security Operations Center Introduction Cybersecurity in the federal government is at a crossroads. Each month, there are more than 1.8 billion attacks on federal agency networks, and

More information

Managed Service for IP Telephony. Enabling organisations to focus on core revenue generating activities

Managed Service for IP Telephony. Enabling organisations to focus on core revenue generating activities Enabling organisations to focus on core revenue generating activities Your business needs reliable, flexible and secure communication tools to enable better connectivity and collaboration with your employees,

More information

ISACA S CYBERSECURITY NEXUS (CSX) October 2015

ISACA S CYBERSECURITY NEXUS (CSX) October 2015 ISACA S CYBERSECURITY NEXUS (CSX) October 2015 DO2 EXECUTIVE OVERVIEW Will you be a Cyber defender? ISACA launched the Cybersecurity Nexus (CSX) program earlier this year. CSX, developed in collaboration

More information

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES Leonard Levy PricewaterhouseCoopers LLP Session ID: SEC-W03 Session Classification: Intermediate Agenda The opportunity Assuming

More information

Cybersecurity on a Global Scale

Cybersecurity on a Global Scale Cybersecurity on a Global Scale Time-tested Leadership A global leader for more than a century with customers in 80 nations supported by offices in 19 countries worldwide, Raytheon recognizes that shared

More information

Professional Services Overview

Professional Services Overview Professional Services Overview INFORMATION SECURITY ASSESSMENT AND ADVISORY NETWORK APPLICATION MOBILE CLOUD IOT Praetorian Company Overview HISTORY Founded in 2010 Headquartered in Austin, TX Self-funded

More information

Oil & Gas Cybersecurity

Oil & Gas Cybersecurity COurse Oil & Gas Cybersecurity Best Practices & Future Trends Sheraton Pentagon City Hotel Supporting Organization is authorized by IACET to offer 0.6 CEUs for the course. 1 Overview The energy industry

More information

Testimony of Dan Nutkis CEO of HITRUST Alliance. Before the Oversight and Government Reform Committee, Subcommittee on Information Technology

Testimony of Dan Nutkis CEO of HITRUST Alliance. Before the Oversight and Government Reform Committee, Subcommittee on Information Technology Testimony of Dan Nutkis CEO of HITRUST Alliance Before the Oversight and Government Reform Committee, Subcommittee on Information Technology Hearing entitled: Cybersecurity: The Evolving Nature of Cyber

More information

7 Things All CFOs Should Know About Cyber Security

7 Things All CFOs Should Know About Cyber Security Insero & Company s Accounting & Finance Education Series Presents 7 Things All CFOs Should Know About Cyber Security September 23, 2014 Michael Montagliano Chief Technologist, IV4. Inc. CERTIFIED PUBLIC

More information

Addressing the Full Attack Continuum: Before, During, and After an Attack. It s Time for a New Security Model

Addressing the Full Attack Continuum: Before, During, and After an Attack. It s Time for a New Security Model White Paper Addressing the Full Attack Continuum: Before, During, and After an Attack It s Time for a New Security Model Today s threat landscape is nothing like that of just 10 years ago. Simple attacks

More information

www.pwc.nl/cybersecurity Cyber security Building confidence in your digital future

www.pwc.nl/cybersecurity Cyber security Building confidence in your digital future www.pwc.nl/cybersecurity Cyber security Building confidence in your digital future 2015 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence

More information

ProtectWise: Shifting Network Security to the Cloud Date: March 2015 Author: Tony Palmer, Senior Lab Analyst and Aviv Kaufmann, Lab Analyst

ProtectWise: Shifting Network Security to the Cloud Date: March 2015 Author: Tony Palmer, Senior Lab Analyst and Aviv Kaufmann, Lab Analyst ESG Lab Spotlight ProtectWise: Shifting Network Security to the Cloud Date: March 2015 Author: Tony Palmer, Senior Lab Analyst and Aviv Kaufmann, Lab Analyst Abstract: This ESG Lab Spotlight examines the

More information

2015 GLOBAL THREAT INTELLIGENCE REPORT EXECUTIVE SUMMARY

2015 GLOBAL THREAT INTELLIGENCE REPORT EXECUTIVE SUMMARY 2015 GLOBAL THREAT INTELLIGENCE REPORT EXECUTIVE SUMMARY 1 EXECUTIVE SUMMARY INTRODUCING THE 2015 GLOBAL THREAT INTELLIGENCE REPORT Over the last several years, there has been significant security industry

More information

Trends in Malware DRAFT OUTLINE. Wednesday, October 10, 12

Trends in Malware DRAFT OUTLINE. Wednesday, October 10, 12 Trends in Malware DRAFT OUTLINE Presentation Synopsis Security is often a game of cat and mouse as security professionals and attackers each vie to stay one step ahead of the other. In this race for dominance,

More information

Protecting Your Data, Intellectual Property, and Brand from Cyber Attacks

Protecting Your Data, Intellectual Property, and Brand from Cyber Attacks White Paper Protecting Your Data, Intellectual Property, and Brand from Cyber Attacks A Guide for CIOs, CFOs, and CISOs White Paper Contents The Problem 3 Why You Should Care 4 What You Can Do About It

More information

Cyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things

Cyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things Cyber security Digital Customer Experience Digital Employee Experience Digital Insight Internet of Things Payments IP Solutions Cyber Security Cloud 2015 CGI IT UK Ltd Contents... Securing organisations

More information

Defending yesterday. Financial Services. Key findings from The Global State of Information Security Survey 2014

Defending yesterday. Financial Services. Key findings from The Global State of Information Security Survey 2014 www.pwc.com/security Defending yesterday While organizations have made significant security improvements, they have not kept pace with today s determined adversaries. As a result, many rely on yesterday

More information

ITU-IMPACT Training and Skills Development Course Catalogue

ITU-IMPACT Training and Skills Development Course Catalogue ITU-IMPACT Training and Skills Development Course Catalogue Management Track Technical Track Course Area Management Incident Response Digital Forensics Network Application Law Enforcement Foundation Management

More information

developing your potential Cyber Security Training

developing your potential Cyber Security Training developing your potential Cyber Security Training The benefits of cyber security awareness The cost of a single cyber security incident can easily reach six-figure sums and any damage or loss to a company

More information

Security and intelligence postgraduate 2015

Security and intelligence postgraduate 2015 Security and intelligence postgraduate 2015 INNOVATIVE AND CUTTING-EDGE PROFESSIONAL DEGREES THAT COMBINE THEORY WITH POLICY AND PRACTICE IN COUNTER TERRORISM, INTELLIGENCE, SECURITY AND STRATEGIC POLICING.

More information

Cybersecurity Converged Resilience :

Cybersecurity Converged Resilience : Cybersecurity Converged Resilience : The cybersecurity of critical infrastructure 2 AECOM Port Authority of New York and New Jersey (PANYNJ), New York, New York, United States. AECOM, working with the

More information

The Shifting Datacentre Landscape. Sally Parker, Research Director Enterprise Systems, Software and Services

The Shifting Datacentre Landscape. Sally Parker, Research Director Enterprise Systems, Software and Services The Shifting Datacentre Landscape Sally Parker, Research Director Enterprise Systems, Software and Services And Business The 3 rd Platform for IT Innovation and Growth >90% of all IT growth 2013-2020 will

More information

Be a Business Intelligence Professional. Deliver Business Insights.

Be a Business Intelligence Professional. Deliver Business Insights. Be a Business Professional. Deliver Business Insights. 01 " My job is to give timely and relevant information that leads to faster and better business decisions. I collect, classify and analyse and interpret

More information

WRITTEN TESTIMONY OF

WRITTEN TESTIMONY OF WRITTEN TESTIMONY OF KEVIN MANDIA CHIEF EXECUTIVE OFFICER MANDIANT CORPORATION BEFORE THE SUBCOMMITTEE ON CRIME AND TERRORISM JUDICIARY COMMITTEE UNITED STATES SENATE May 8, 2013 Introduction Thank you

More information

CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS

CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS PREPARING FOR ADVANCED CYBER THREATS Cyber attacks are evolving faster than organizations

More information

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems U.S. Office of Personnel Management Actions to Strengthen Cybersecurity and Protect Critical IT Systems June 2015 1 I. Introduction The recent intrusions into U.S. Office of Personnel Management (OPM)

More information

Cyber Security Operations Centre Reveal Their Secrets - Protect Our Own Defence Signals Directorate

Cyber Security Operations Centre Reveal Their Secrets - Protect Our Own Defence Signals Directorate Cyber Security Operations Centre Reveal Their Secrets - Protect Our Own Defence Signals Directorate Contents Message from the Director 3 Cyber Security Operations Centre 5 Cyber Security Strategy 7 Conversation

More information

2012 North American Managed Security Service Providers Growth Leadership Award

2012 North American Managed Security Service Providers Growth Leadership Award 2011 South African Data Centre Green Excellence Award in Technology Innovation Cybernest 2012 2012 North American Managed Security Service Providers Growth Leadership Award 2011 Frost & Sullivan 1 We Accelerate

More information

Visualization, Modeling and Predictive Analysis of Internet Attacks. Thermopylae Sciences + Technology, LLC

Visualization, Modeling and Predictive Analysis of Internet Attacks. Thermopylae Sciences + Technology, LLC Visualization, Modeling and Predictive Analysis of Internet Attacks Thermopylae Sciences + Technology, LLC Administrative POC: Ms. Jeannine Feasel, jfeasel@t-sciences.com Technical POC: George Romas, gromas@t-sciences.com

More information

e-discovery Forensics Incident Response

e-discovery Forensics Incident Response e-discovery Forensics Incident Response NetSecurity Corporation 21351 Gentry Drive Suite 230 Dulles, VA 20166 VA DCJS # 11-5605 Phone: 703.444.9009 Toll Free: 1.866.664.6986 Web: www.netsecurity.com Email:

More information

Cyber/IT Risk: Threat Intelligence Countering Advanced Adversaries Jeff Lunglhofer, Principal, Booz Allen. 14th Annual Risk Management Convention

Cyber/IT Risk: Threat Intelligence Countering Advanced Adversaries Jeff Lunglhofer, Principal, Booz Allen. 14th Annual Risk Management Convention Cyber/IT Risk: Threat Intelligence Countering Advanced Adversaries Jeff Lunglhofer, Principal, Booz Allen 14th Annual Risk Management Convention New York, New York March 13, 2013 Today s Presentation 1)

More information

2 Gabi Siboni, 1 Senior Research Fellow and Director,

2 Gabi Siboni, 1 Senior Research Fellow and Director, Cyber Security Build-up of India s National Force 2 Gabi Siboni, 1 Senior Research Fellow and Director, Military and Strategic Affairs and Cyber Security Programs, Institute for National Security Studies,

More information

Defending Against Data Beaches: Internal Controls for Cybersecurity

Defending Against Data Beaches: Internal Controls for Cybersecurity Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity

More information

Cyber Security Evolved

Cyber Security Evolved Cyber Security Evolved Aware Cyber threats are many, varied and always evolving Being aware is knowing what is going on so you can figure out what to do. The challenge is to know which cyber threats are

More information

White Paper. What the ideal cloud-based web security service should provide. the tools and services to look for

White Paper. What the ideal cloud-based web security service should provide. the tools and services to look for White Paper What the ideal cloud-based web security service should provide A White Paper by Bloor Research Author : Fran Howarth Publish date : February 2010 The components required of an effective web

More information

A REPORT ON WORKPLACE SECURITY

A REPORT ON WORKPLACE SECURITY A REPORT ON WORKPLACE SECURITY In Asia Pacific, enterprises were expected to spend US$230 billion in 2014 to deal with cyber breaches, and it wasn t enough. In this age where cyber attacks are growing

More information

Combating a new generation of cybercriminal with in-depth security monitoring

Combating a new generation of cybercriminal with in-depth security monitoring Cybersecurity Services Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored.

More information

(BDT) BDT/POL/CYB/Circular-002. +41 22 730 6057 +41 22 730 5484 cybersecurity@itu.int

(BDT) BDT/POL/CYB/Circular-002. +41 22 730 6057 +41 22 730 5484 cybersecurity@itu.int 2011 15 (BDT) BDT/POL/CYB/Circular-002 +41 22 730 6057 +41 22 730 5484 cybersecurity@itu.int 2008 2010 2010 International Telecommunication Union Place des Nations CH-1211 Geneva 20 Switzerland Tel: +41

More information

Capabilities for Cybersecurity Resilience

Capabilities for Cybersecurity Resilience Capabilities for Cybersecurity Resilience In the Homeland Security Enterprise May 2012 DHS Cybersecurity Strategy A cyberspace that: Is Secure and Resilient Enables Innovation Protects Public Advances

More information

Reliable, Repeatable, Measurable, Affordable

Reliable, Repeatable, Measurable, Affordable Reliable, Repeatable, Measurable, Affordable Defense-in-Depth Across Your Cyber Security Life-Cycle Faced with today s intensifying threat environment, where do you turn for cyber security answers you

More information

PENETRATION TESTING GUIDE. www.tbgsecurity.com 1

PENETRATION TESTING GUIDE. www.tbgsecurity.com 1 PENETRATION TESTING GUIDE www.tbgsecurity.com 1 Table of Contents What is a... 3 What is the difference between Ethical Hacking and other types of hackers and testing I ve heard about?... 3 How does a

More information

Increase insight. Reduce risk. Feel confident.

Increase insight. Reduce risk. Feel confident. Increase insight. Reduce risk. Feel confident. Define critical goals with enhanced visibility then enable security and compliance across your complex IT infrastructure. VIRTUALIZATION + CLOUD NETWORKING

More information

CYBER PANEL MEMBERS. Mr. Hart is a member of the United States Air Force Senior Executive Service with over fifteen years service as an SES.

CYBER PANEL MEMBERS. Mr. Hart is a member of the United States Air Force Senior Executive Service with over fifteen years service as an SES. Mr. Bennett Hart, Senior Consultant in Intelligence, Operations, Technology, Training, Proposal Red Teams, and Key Personnel Selection. Mr. Hart is a member of the United States Air Force Senior Executive

More information

Vulnerability Management

Vulnerability Management Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other

More information

Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape

Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape WHITE PAPER: SYMANTEC GLOBAL INTELLIGENCE NETWORK 2.0.... ARCHITECTURE.................................... Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Who

More information

WEBSENSE TRITON SOLUTIONS

WEBSENSE TRITON SOLUTIONS WEBSENSE TRITON SOLUTIONS INNOVATIVE SECURITY FOR WEB, EMAIL, DATA AND MOBILE TRITON STOPS MORE THREATS. WE CAN PROVE IT. PROTECTION AS ADVANCED AND DYNAMIC AS THE THREATS THEMSELVES The security threats

More information

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global

More information

Security Architecture: From Start to Sustainment. Tim Owen, Chief Engineer SMS DGI Cyber Security Conference June 2013

Security Architecture: From Start to Sustainment. Tim Owen, Chief Engineer SMS DGI Cyber Security Conference June 2013 Security Architecture: From Start to Sustainment Tim Owen, Chief Engineer SMS DGI Cyber Security Conference June 2013 Security Architecture Topics Introduction Reverse Engineering the Threat Operational

More information