Cybersecurity MORE THAN A GOOD HEADLINE. Protect more

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Cybersecurity MORE THAN A GOOD HEADLINE. Protect more"

Transcription

1 Cybersecurity MORE THAN A GOOD HEADLINE Protect more

2 Contents 2 Introduction 3 What is Cybersecurity? 4 Thought model 5 Social, Economic, Political, and IT Alignment 8 ICT Infrastructure 10 National Projects and Solutions 10 Engagement 12 Conclusion 6 Strategies and Policies Introduction Hardly a week goes by without news of cyber-related attacks on both governments and private companies. As a result, most governments today are looking to establish some form of Cybersecurity strategy. However, talking to different stakeholders reveals that the definition of Cybersecurity (or Cyberdefense) varies broadly and so do the approaches from policy, process, people, and technology perspectives. This is understandable since the Cybersecurity Agenda (or program) must be embedded in a country s existing legal framework, find cultural and social acceptance, and be technically and economically feasible. Many governments take an approach driven by the most recent incidents or news that captured public attention; that is, they are looking for ways to implement short-term, publicly visible actions that are often executed by a single government agency, such as National Defense. This leads to different definitions of Cybersecurity and different approaches to addressing it all of which raises complexity within governments and creates additional challenges regarding international cooperation. Moreover, when governments change the initiative is often realigned, or worse, restarted without taking experience into consideration. It may be moved from the civil side of the organization to the military/defense side or vice-versa. This situation satisfies neither the government nor the private sector which plays a critical role in any Cybersecurity initiative and harms the prospects for a clear and focused approach. On the other hand, examples exist wherein governments successfully focus on the long-term success of a Cybersecurity strategy based on a sound risk-management policy at a national level. 2

3 So what is the critical success factor that governments taking a long-term approach have in common? Often they work toward a commonly defined cyber framework that is accepted across all government agencies. Successful governments also see Cybersecurity as an enabler of a well-run Cybersecurity program this being characterized by a close collaboration between the private and the public sectors as well as within the governmental organizations. Such an approach can enable new scenarios, attract investors, and provide the basis for economic growth. An efficient Cybersecurity Agenda can act as an accelerator on existing or planned IT investments or even industry investments and help to achieve faster returns. This paper offers food for thought regarding a model that could be used to structure Cybersecurity initiatives and build a maturity model to ensure a long-term, sustainable approach to a government s Cybersecurity Agenda. What is Cybersecurity? There are plenty of definitions in the market trying to build the context for such initiatives and none of them are right or wrong. However, it is important to understand what the concept of Cybersecurity means in this paper. Often it is seen in the realm of classic security: Ensure the confidentiality, integrity, and availability of critical government data and systems. This paper adopts a broader definition and includes the providers of the critical national infrastructure as well. The 2009 Cyber Security Strategy of the United Kingdom 1 provides a very good description of Cybersecurity: Citizens, business, and government can enjoy the full benefits of a safe, secure, and resilient cyber space: working together, at home and overseas, to understand and address the risks, to reduce the benefits to criminals and terrorists, and to seize opportunities in cyber space to enhance the UK s overall security and resilience. This expansive vision includes areas such as Cybercrime as well

4 Thought model The model shown here offers a structure for considering a Cybersecurity initiative within a government. It consists of five areas: Alignment: The social and legal environment into which the agenda is embedded. The Cybersecurity principles must be closely aligned with these fundamentals. Strategies/Policies: Based on the governance environment, there should be strategies and policies guiding the Cybersecurity agenda. ICT Infrastructure: Protecting the critical national infrastructure (both government owned and non-government owned) must be a key priority of every Cybersecurity agenda. National Projects and Solutions: On the foundation laid in the Alignment, Strategies/Policies, and ICT Infrastructure levels, tangible solutions can be securely delivered and operated. Engagement: In addition to the more technical and process focus in infrastructure and solutions, engagement targets the people and the various stakeholders. So this area is mainly about collaboration and awareness. Graphically it could be represented like this: The following sections briefly touch on these different areas. 4

5 Social, Economic, Political, and IT Alignment Any government activity must be based upon and fit the country s current social, legal, and political environment. The legal system plays a key role when it comes to leveraging Cybersecurity to help to grow the economy. To become a trusted partner of both investors and other governments, a country needs the capability to fight Cybercrime and pursue criminals not only within the country but on an international level. This also implies a commonly accepted understanding of what Cybercrime entails as well as multi-national assistance treaties. Social norms and cultural trends must be included when building the behavioral norms. A typical example is the balance between privacy and security; what is the socially accepted level of individual privacy that will still allow law enforcement and intelligence to fight crime and terrorism? What is the limit beyond which a society is no longer willing to accept invasion into its privacy? There is no globally agreed-upon standard of what is right or wrong, but a standard does exist within each social context. Finally, the decisions a government makes must make economic sense and help create a level economic playing field regarding national and international competition. The private sector cost to help drive Cybersecurity in a national context should not inhibit a company s financial well-being; otherwise international competitiveness could be negatively affected, which might lead to lengthy policy debates and resistance from the private sector in the implementation of a coherent Cybersecurity Agenda. Therefore, a well-targeted Cybersecurity Agenda must lay the foundation for a country s economic growth. The Cybersecurity principles of a country should reflect and embrace these influencing factors. 5

6 Strategies and Policies Within the governance environment, a government must decide on its risk-based strategy and policy structures. Supply Chain Security Understanding and analyzing the supply chain is an important step. After all, essential services, processes, and functions are not monolithic entities but rather a composition of integrated sub-components, services, processes, and functions. Each of these subcomponents, in turn, is comprised of a supply chain. Understanding these complex and interdependent chains not only assists in the analysis of threats, vulnerability, and consequences, but also helps identify stakeholders and key providers that might otherwise be overlooked. The current government approach to securing the supply chain is to certify products rather than the processes used to build the components that go into the products. But the security of products must be built in from the beginning and a vendor must ensure that its supply chain meets a certain minimum security standard. This is true for any kind of development model on-premises as well as in the cloud. It is critical for vendors to follow stringent and repeatable processes to manage the risks in engineering and development. Further, these processes should be transparent, up to a given point, for customers. For certain applications self-attestation may be good enough product certification alone might not help to achieve the necessary goals. However, it is likely that, where sensitive data is stored, a formal certification will be required. Government Training Addressing Cybersecurity topics and fighting Cybercrime requires governments to acquire a new skill set. The training of government employees within their areas of responsibility must be part of a joint effort between government and the private sector. The relevant technical and threat knowledge is often within the private sector; on the other hand, people in the private sector may require training similar to government employees. Collaboration that helps grow the network in both sectors is worth considering. However, training entails a certain risk; people could become highly skilled in Cybersecurity but then fail to gain appropriate employment. Their potential for securing a good job in government or industry and the danger of them applying their skills for criminal activities should be carefully managed when selecting candidates for training. 6

7 In any case, a training strategy must address the constant need to keep training material and know-how current and aligned to the latest developments in technology and crime. Within the same context falls the need to recruit talented people, train them, and retain them. Often, governments tend to build their capacity, and then lose trained individuals to the private sector because they are unclear on how to grow these highly specialized people within their organization. Internal Government Collaboration Many initiatives start with an effort to improve collaboration between the private and public sectors. However, collaboration within the government and among its different agencies can be as large a problem as collaboration with other organizations if not larger. Therefore, governments must define a clear strategy and clear policies to address and improve this situation; these should be supported and implemented from the top level of any governmental organization. Good practices in this area include streamlining the various Cybersecurity efforts in one government agency with sufficient funding and oversight. To be clear here, the bureaucratic problems far outweigh the technical. Existing organizations with existing authorities must make adjustments that are complex and hardly understood by politicians or societies. Innovation Cybersecurity is often seen as a measure to defend the country from Cyberattacks. However, if a government is able to drive a sound and targeted Cybersecurity Agenda, this can and will lay the foundation for growth of the country s businesses and, therefore, economic growth. A comprehensive Cybersecurity agenda should include a perspective on economic growth and how to leverage the investments to accelerate this. 7

8 ICT Infrastructure Government Infrastructure Building a trusted and well-managed infrastructure is probably the best known and yet most-neglected discipline in the entire model. Securing an infrastructure has long been a challenge before the IT industry. However, few infrastructure operators run their systems based on mature risk models which are based not only on a gut feeling but on sound statistical models. Most Cyberattacks target well-known vulnerabilities on older and unpatched operating systems and browser versions or systems that rely on weak administrator passwords rather than using advanced techniques. Basic security precautions are missing; these systems are typical low-hanging fruit for government implementation and adversary exploitation. It is surprising that many successful attacks are not really sophisticated but rather straightforward, exploiting well-known, unpatched vulnerabilities. Critical National Infrastructure Protecting the critical national infrastructure is a key government goal both in the physical and the cyber worlds. In IT, this should be done in close collaboration with the operators of the critical infrastructure as well as with key technology providers. These protection measures must be based on a nation-wide risk-management process. Experience shows that the private sector and the government often hold differing views on risks. Private sector companies normally concern themselves with risks around their business operations; governments consider risks to the well-being of the country (even though governments must manage risks in their own infrastructure as well). These are fundamentally different angles and often private sector companies have a challenge making the transition. Therefore, governments and the operators of critical national infrastructure (including key technology vendors and service operators) must collaborate to establish a national risk management program; this will help them gain a joint understanding of the risks faced by the economy and the nation state and drive risk-mitigating activities. This collaboration is necessary because the critical infrastructure providers likely have a deep understanding of their operational risks since they run the infrastructure on a daily basis. 8

9 Identity In today s connected world, an individual might have different electronic identities with varying levels of trust (e.g., self-subscription and anonymous accounts vs. verified, trustworthy identities for business-related transactions). Any measures taken in the interest of security must be based on a trustworthy identity. There are multiple and varied aspects to addressing the identity challenge for government employees, citizens, and the supply chain: There must be trusted identity providers in an ecosystem; this might be the government, the postal services, the banks, or an Internet service provider, depending on the culture of any given country. If the government tends to change frequently, there might be limited trust, and a provider outside of government could be the better choice. There will likely be more than one provider depending on the trust level and the usage of an identity. Identities should be able to federate. The term identity federation refers to a concept whereby identities can be shared across multiple platforms and organizations. Identities must be interoperable based on claims and standards; it is critical to follow industry standards when implementing an identity management system. Governments must be able to work with citizens, suppliers, and other governments (often other government ministries within the same country) in a trusted way and this should enable ad hoc collaboration. No lengthy process and/or technology should be required to make this happen. Often there must be a fine balance between authentication and privacy. Do citizens really want to use the same identity everywhere, which would make it much easier to correlate different activities? The ability to use attribute claims (e.g., someone is an employee of the government organization X) without revealing the true identity should be built in to any identity strategy of a government. Finally, trusted identities must be based on a process that can deliver enough certainty to the electronic identity; an in-person proving process, or something equally as stringent, is key. 9

10 National Projects and Solutions With these measures in place, national projects and solutions can be operated within a trusted and trustworthy environment. Because the solutions now provide real value for the whole agenda/initiative, these will leverage the investments made in Cybersecurity. This is true for solutions and projects in the government space, such as public safety, defense, education, and health, and within basic government applications as well. However, this approach is not limited to the government as such. It can and should be extended to the private sector companies, as well as the sectors themselves finance, utilities, telecommunications, and others which are part of the critical infrastructure. Engagement In addition to all of the technology and processes, there should be intense engagement both internationally and with different communities within a country. International Collaboration A government must decide on a strategy for international collaboration on different levels, such as within the various ministries defense, intelligence, law enforcement, and so forth. This might drive new approaches for collaboration since time is critical in Cyberspace. Additionally, there must be a strategy on how to work with different international organizations, such as the UN, Interpol, and others, and which international frameworks to drive or to adopt (where they already exist). Security Community Many countries have a more or less active community of security researchers. Engaging in smart collaboration with these researchers, based on mutual trust rather than legislation and regulation, might help governments understand current and future threats and would help align the defensive strategy for the public as well as the private sector as long as the security researchers are working within locally and internationally acceptable boundaries. People Awareness and Education Whatever measures are taken within a government and the private sector, the end user will always play a key role in any Cybersecurity initiative. This is true for the average citizen, for the government employee, and for the operators of the critical infrastructure as well as suppliers. 10

11 However, security considerations often stand between the end user and the most efficient way of doing business or achieving a goal. Security personnel sometimes forget that the cost/benefit equation of security for an end user tends to reach an improper balance: the relatively high cost (of not being able to do something) and low value. Many of the security measures implemented are for the protection of the ecosystem much more than the protection of an individual user. Implementing a Cybersecurity Agenda should be done from the viewpoint of the end user as well. What is the benefit? If there is none, there must be a regulatory consequence (e.g., a PC is taken off the network and put in quarantine until brought into compliance) or some other means of increasing an end user s value in return for being compliant and behaving in a secure way. Situational Awareness Situational awareness can be defined as what you need to know not to be surprised. (Source: Jeannot, Kelly, & Thompson, 2003) Situational awareness probably cannot be done by the government itself since so much of the information, data, and intelligence is hosted in the private sector. The government can act as a broker, turning information into intelligence and acting as a central point of trust in a network, but often the private sector be it the critical infrastructure or the vendors has detailed knowledge about what is happening on the Internet. Therefore, the government plays a vital role bringing all of the information together, and then redistributing the intelligence to the critical infrastructure. These channels must be established early on and may even enable a government to take a more proactive role in defending the network. However, all of this intelligence is only useful insofar as the infrastructure can actively protect itself once a threat is detected. Incident Response The incidents that most concern governments are those attacking the critical infrastructure and, by extension, attacking the well-being of society. Therefore, it is important to engage with the operators of the critical infrastructure, as stated in the fundamentals on critical infrastructure protection. There should be a constant engagement between governments and the critical infrastructure stakeholders to foster mutual trust since this is the basis for any efficient situational awareness and incident response. This also holds true for engaging with any type of security community such as security researchers. 11

12 Conclusion Cybersecurity is included in many governments agendas and is on the minds of numerous politicians and bureaucrats. To run a successful Cybersecurity Agenda or program, a well-structured framework is critical even if only certain parts of it will be addressed in the near term; it should provide for oversight to ensure the right priorities are established. This model can help any given country take the right approach to creating a Cybersecurity Agenda since the approach itself must be adapted to the relevant social, cultural, and economic priorities. Further, governments should never run such an initiative themselves. Close collaboration with the private sector and the international community as well as within the government itself is absolutely necessary to achieve success in the cyberworld Microsoft Corporation. All rights reserved. 12

Partnership for Cyber Resilience

Partnership for Cyber Resilience Partnership for Cyber Resilience Principles for Cyber Resilience 1. Recognition of interdependence: All parties have a role in fostering a resilient shared digital space 2. Role of leadership: Encourage

More information

Germany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28),

Germany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28), Germany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28), General appreciation of the issues of information security Information

More information

2 Gabi Siboni, 1 Senior Research Fellow and Director,

2 Gabi Siboni, 1 Senior Research Fellow and Director, Cyber Security Build-up of India s National Force 2 Gabi Siboni, 1 Senior Research Fellow and Director, Military and Strategic Affairs and Cyber Security Programs, Institute for National Security Studies,

More information

Cyber Security Trends 2016. Market trends from leading security analysts and consultants at TÜV Rheinland, OpenSky, and OpenSky UK

Cyber Security Trends 2016. Market trends from leading security analysts and consultants at TÜV Rheinland, OpenSky, and OpenSky UK Cyber Security Trends 2016 Market trends from leading security analysts and consultants at TÜV Rheinland, OpenSky, and OpenSky UK December, 2015 Cyber security Trends 2016 What do new technologies and

More information

Cyber Security Strategy

Cyber Security Strategy NEW ZEALAND S Cyber Security Strategy 2015 A secure, resilient and prosperous online New Zealand Ministerial Foreword The internet and technology have become a fundamental element in our lives. We use

More information

(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework

(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework (U) Appendix E: Case for Developing an International Cybersecurity Policy Framework (U//FOUO) The United States lacks a comprehensive strategic international policy framework and coordinated engagement

More information

Microsoft s cybersecurity commitment

Microsoft s cybersecurity commitment Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade

More information

Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis

Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis An analogue approach to a digital world What foundations is CDCAT built on?

More information

Testimony of Matthew Rhoades Director Cyberspace & Security Program Truman National Security Project & Center for National Policy

Testimony of Matthew Rhoades Director Cyberspace & Security Program Truman National Security Project & Center for National Policy Testimony of Matthew Rhoades Director Cyberspace & Security Program Truman National Security Project & Center for National Policy House Committee on Homeland Security Subcommittee on Cybersecurity, Infrastructure

More information

Generally Accepted Recordkeeping Principles

Generally Accepted Recordkeeping Principles Generally Accepted Recordkeeping Principles Information Governance Maturity Model Information is one of the most vital strategic assets any organization possesses. Organizations depend on information to

More information

NIST Cybersecurity Framework & A Tale of Two Criticalities

NIST Cybersecurity Framework & A Tale of Two Criticalities NIST Cybersecurity Framework & A Tale of Two Criticalities Vendor Management & Incident Response Presented by: John H Rogers, CISSP Advisory Services Practice Manager john.rogers@sagedatasecurity.com Presented

More information

Data Protection and the Proper Response to the Cyber Crime : The Two Common Goals

Data Protection and the Proper Response to the Cyber Crime : The Two Common Goals Data Protection and the Proper Response to the Cyber Crime : The Two Common Goals Jaeyoung LEE Prosecutor, National Security Department Seoul Central District Prosecutors Office ROK 1. Introduction : July

More information

CONNECTING WITH CONFIDENCE: OPTIMISING AUSTRALIA S DIGITAL FUTURE. AIIA Response

CONNECTING WITH CONFIDENCE: OPTIMISING AUSTRALIA S DIGITAL FUTURE. AIIA Response CONNECTING WITH CONFIDENCE: OPTIMISING AUSTRALIA S DIGITAL FUTURE AIIA Response 14 November 2011 INTRODUCTION The Australian Information Industry Association (AIIA) is the peak national body representing

More information

Security & privacy in the cloud; an easy road?

Security & privacy in the cloud; an easy road? Security & privacy in the cloud; an easy road? A journey to the trusted cloud Martin Vliem CISSP, CISA National Security Officer Microsoft The Netherlands mvliem@microsoft.com THE SHIFT O L D W O R L D

More information

Key Cyber Risks at the ERP Level

Key Cyber Risks at the ERP Level Key Cyber Risks at the ERP Level Process & Industrial Products (P&IP) Sector December, 2014 Today s presenters Bhavin Barot, Sr. Manager Deloitte & Touche LLP Goran Ristovski, Manager Deloitte & Touche

More information

How do you give cybersecurity the highest priority in your organization? Cyber Protection & Resilience Solutions from CGI

How do you give cybersecurity the highest priority in your organization? Cyber Protection & Resilience Solutions from CGI How do you give cybersecurity the highest priority in your organization? Cyber Protection & Resilience Solutions from CGI CGI Cyber Protection & Resilience Solutions Optimized risk management and protection

More information

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA JOÃO MANUEL ASSIS BARBAS Coronel de Artilharia. Assessor de Estudos do IDN INTRODUCTION Globalization and information and communication technologies

More information

Why you should adopt the NIST Cybersecurity Framework

Why you should adopt the NIST Cybersecurity Framework www.pwc.com/cybersecurity Why you should adopt the NIST Cybersecurity Framework May 2014 The National Institute of Standards and Technology Cybersecurity Framework may be voluntary, but it offers potential

More information

Cyber Security Strategy for Germany

Cyber Security Strategy for Germany Cyber Security Strategy for Germany Contents Introduction 2 IT threat assessment 3 Framework conditions 4 Basic principles of the Cyber Security Strategy 4 Strategic objectives and measures 6 Sustainable

More information

COUNTERINTELLIGENCE. Protecting Key Assets: A Corporate Counterintelligence Guide

COUNTERINTELLIGENCE. Protecting Key Assets: A Corporate Counterintelligence Guide COUNTERINTELLIGENCE O F F I C E O F T H E N A T I O N A L C O U N T E R I N T E L L I G E N C E Protecting Key Assets: A Corporate Counterintelligence Guide E X E C U T I V E Counterintelligence for the

More information

Cybersecurity: Mission integration to protect your assets

Cybersecurity: Mission integration to protect your assets Cybersecurity: Mission integration to protect your assets C Y B E R S O L U T I O N S P O L I C Y O P E R AT I O N S P E O P L E T E C H N O L O G Y M A N A G E M E N T Ready for what s next Cyber solutions

More information

National Cyber Security Policy -2013

National Cyber Security Policy -2013 National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information

More information

Developing National Frameworks & Engaging the Private Sector

Developing National Frameworks & Engaging the Private Sector www.pwc.com Developing National Frameworks & Engaging the Private Sector Focus on Information/Cyber Security Risk Management American Red Cross Disaster Preparedness Summit Chicago, IL September 19, 2012

More information

RE: ITI Comments on Korea s Proposed Bill for the Development of Cloud Computing and Protection of Users

RE: ITI Comments on Korea s Proposed Bill for the Development of Cloud Computing and Protection of Users August 19, 2012 Korean Communications Commission Via e-mail to: ycs@kcc.go.kr RE: ITI Comments on Korea s Proposed Bill for the Development of Cloud Computing and Protection of Users Dear Director Yang:

More information

TUSKEGEE CYBER SECURITY PATH FORWARD

TUSKEGEE CYBER SECURITY PATH FORWARD TUSKEGEE CYBER SECURITY PATH FORWARD Preface Tuskegee University is very aware of the ever-escalating cybersecurity threat, which consumes continually more of our societies resources to counter these threats,

More information

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 The following consists of the joint explanatory statement to accompany the Cybersecurity Act of 2015. This joint explanatory statement

More information

Cybersecurity thoughts and issues from a political perspective

Cybersecurity thoughts and issues from a political perspective Cybersecurity thoughts and issues from a political perspective Abstract Area: COMBINED INTERNET GOVERNANCE PRINCIPLES AND ROADMAP Entitled by: Gonzalo A Romero B Region: Colombia Organization:.CO Internet

More information

Developing a National Strategy for Cybersecurity FOUNDATIONS FOR SECURITY, GROWTH, AND INNOVATION. Cristin Flynn Goodwin J.

Developing a National Strategy for Cybersecurity FOUNDATIONS FOR SECURITY, GROWTH, AND INNOVATION. Cristin Flynn Goodwin J. Developing a National Strategy for Cybersecurity FOUNDATIONS FOR SECURITY, GROWTH, AND INNOVATION Cristin Flynn Goodwin J. Paul Nicholas October 2013 Contents Executive Summary... 3 What Is a National

More information

Keynote. Professor Russ Davis Chairperson IC4MF & Work Shop Coordinator for Coordinator for Technology, Innovation and Exploitation.

Keynote. Professor Russ Davis Chairperson IC4MF & Work Shop Coordinator for Coordinator for Technology, Innovation and Exploitation. Keynote Professor Russ Davis Chairperson IC4MF & Work Shop Coordinator for Coordinator for Technology, Innovation and Exploitation 6 & 7 Nov 2013 So many of us now don t just work online but live part

More information

September 10, 2015. Dear Administrator Scott:

September 10, 2015. Dear Administrator Scott: September 10, 2015 Tony Scott United States Chief Information Officer Administrator, Office of Electronic Government and Information Technology Office of Management and Budget 725 17th Street, NW Washington,

More information

Strengthen security with intelligent identity and access management

Strengthen security with intelligent identity and access management Strengthen security with intelligent identity and access management IBM Security solutions help safeguard user access, boost compliance and mitigate insider threats Highlights Enable business managers

More information

National Security & Homeland Security Councils Review of National Cyber Security Policy. Submission of the Business Software Alliance March 19, 2009

National Security & Homeland Security Councils Review of National Cyber Security Policy. Submission of the Business Software Alliance March 19, 2009 National Security & Homeland Security Councils Review of National Cyber Security Policy Submission of the Business Software Alliance March 19, 2009 Question # 1: What is the federal government s role in

More information

W H I T E P A P E R I m p a c t o f C y b e r s e c u r i t y A t t a c k s a n d N e w - A g e S e c u r i t y S t r a t e g i e s

W H I T E P A P E R I m p a c t o f C y b e r s e c u r i t y A t t a c k s a n d N e w - A g e S e c u r i t y S t r a t e g i e s W H I T E P A P E R I m p a c t o f C y b e r s e c u r i t y A t t a c k s a n d N e w - A g e S e c u r i t y S t r a t e g i e s IDC Middle East, Africa, and Turkey, Al Thuraya Tower 1, Level 15, Dubai

More information

Under control 2015 Hot topics for IT internal audit in financial services. An Internal Audit viewpoint

Under control 2015 Hot topics for IT internal audit in financial services. An Internal Audit viewpoint Under control 2015 Hot topics for IT internal audit in financial services An Internal Audit viewpoint Introduction Welcome to our fourth annual review of the IT hot topics for IT internal audit in financial

More information

Towards closer EU-ASEAN collaboration in cybersecurity

Towards closer EU-ASEAN collaboration in cybersecurity Supporting European Union and Southeast Asia ICT strategic partnership and policy dialogue: Connecting ICT EU-SEA Research, Development and Innovation Knowledge Networks Towards closer EU-ASEAN collaboration

More information

ITU National Cybersecurity/CIIP Self-Assessment Tool

ITU National Cybersecurity/CIIP Self-Assessment Tool ITU National Cybersecurity/CIIP Self-Assessment Tool ICT Applications and Cybersecurity Division Policies and Strategies Department ITU Telecommunication Development Sector April 2009 Revised Draft For

More information

WRITTEN TESTIMONY OF

WRITTEN TESTIMONY OF WRITTEN TESTIMONY OF KEVIN MANDIA CHIEF EXECUTIVE OFFICER MANDIANT CORPORATION BEFORE THE SUBCOMMITTEE ON CRIME AND TERRORISM JUDICIARY COMMITTEE UNITED STATES SENATE May 8, 2013 Introduction Thank you

More information

4/21/2015. Jim Reavis CEO, Cloud Security Alliance. Cloud Security Alliance, 2015. Agenda

4/21/2015. Jim Reavis CEO, Cloud Security Alliance. Cloud Security Alliance, 2015. Agenda Jim Reavis CEO, Cloud Security Alliance Agenda CSA History CloudCERT White House Legislative Announcements How is CSA addressing the issue of information sharing? Cloud CISC Pilot Demo Next Steps Questions?

More information

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available

More information

McAfee Security Architectures for the Public Sector

McAfee Security Architectures for the Public Sector White Paper McAfee Security Architectures for the Public Sector End-User Device Security Framework Table of Contents Business Value 3 Agility 3 Assurance 3 Cost reduction 4 Trust 4 Technology Value 4 Speed

More information

Office of Emergency Communications (OEC) Mobile Applications for Public Safety (MAPS)

Office of Emergency Communications (OEC) Mobile Applications for Public Safety (MAPS) Office of Emergency Communications (OEC) Mobile Applications for Public Safety (MAPS) PSCR Public Safety Broadband Stakeholder Conference June 4 th, 2014 Alex Kreilein Technology Policy Strategist Office

More information

Certified Identity and Access Manager (CIAM) Overview & Curriculum

Certified Identity and Access Manager (CIAM) Overview & Curriculum Identity and access management (IAM) is the most important discipline of the information security field. It is the foundation of any information security program and one of the information security management

More information

CONSULTING IMAGE PLACEHOLDER

CONSULTING IMAGE PLACEHOLDER CONSULTING IMAGE PLACEHOLDER KUDELSKI SECURITY CONSULTING SERVICES CYBERCRIME MACHINE LEARNING ECOSYSTEM & INTRUSION DETECTION: CYBERCRIME OR REALITY? ECOSYSTEM COSTS BENEFITS BIG BOSS Criminal Organization

More information

ROCKEFELLER SNOWE CYBERSECURITY ACT SUBSTITUTE AMENDMENT FOR S.773

ROCKEFELLER SNOWE CYBERSECURITY ACT SUBSTITUTE AMENDMENT FOR S.773 ROCKEFELLER SNOWE CYBERSECURITY ACT SUBSTITUTE AMENDMENT FOR S.773 March 17, 2010 BACKGROUND & WHY THIS LEGISLATION IS IMPORTANT: Our nation is at risk. The networks that American families and businesses

More information

CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY

CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY CLOSING THE DOOR TO CYBER ATTACKS Cybersecurity and information security have become key challenges for

More information

Address C-level Cybersecurity issues to enable and secure Digital transformation

Address C-level Cybersecurity issues to enable and secure Digital transformation Home Overview Challenges Global Resource Growth Impacting Industries Address C-level Cybersecurity issues to enable and secure Digital transformation We support cybersecurity transformations with assessments,

More information

National Cyber Security Strategy of Afghanistan (NCSA)

National Cyber Security Strategy of Afghanistan (NCSA) Islamic Republic of Afghanistan Ministry of Communications and IT National Cyber Security Strategy of Afghanistan (NCSA) Prevention Protection Safety Resiliency AUTHOR VERSION CONTROL DATE ZMARIALAI WAFA

More information

Cyber Security - What Would a Breach Really Mean for your Business?

Cyber Security - What Would a Breach Really Mean for your Business? Cyber Security - What Would a Breach Really Mean for your Business? August 2014 v1.0 As the internet has become increasingly important across every aspect of business, the risks posed by breaches to cyber

More information

Gold study sponsor: Is cyber security now too hard for enterprises? Cyber security trends in the UK. Executive Summary

Gold study sponsor: Is cyber security now too hard for enterprises? Cyber security trends in the UK. Executive Summary Gold study sponsor: Is cyber security now too hard for enterprises? Cyber security trends in the UK Executive Summary Core statements I. Cyber security is now too hard for enterprises The threat is increasing

More information

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Stéphane Hurtaud Partner Governance Risk & Compliance Deloitte Laurent De La Vaissière Director Governance Risk & Compliance

More information

Cyber Security and the Board of Directors

Cyber Security and the Board of Directors Helping clients build operational capability in cyber security. A DELTA RISK VIEWPOINT Cyber Security and the Board of Directors An essential responsibility in financial services About Delta Risk is a

More information

Commonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation

Commonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation Commonwealth Approach to Cybergovernance and Cybersecurity By the Commonwealth Telecommunications Organisation Trends in Cyberspace Cyberspace provides access to ICT Bridging the digital divide and influencing

More information

The internet and digital technologies play an integral part

The internet and digital technologies play an integral part The Cyber challenge Adjacent Digital Politics Ltd gives an overview of the EU Commission s Cyber Security Strategy and Commissioner Ashton s priorities to increase cyber security in Europe The internet

More information

Council of Europe Project on Cybercrime in Georgia Report by Virgil Spiridon and Nigel Jones. Tbilisi 28-29, September 2009

Council of Europe Project on Cybercrime in Georgia Report by Virgil Spiridon and Nigel Jones. Tbilisi 28-29, September 2009 Council of Europe Project on Cybercrime in Georgia Report by Virgil Spiridon and Nigel Jones Tbilisi 28-29, September 2009 Presentation Contents An assessment of the Georgian view of cybercrime and current

More information

S. ll IN THE SENATE OF THE UNITED STATES

S. ll IN THE SENATE OF THE UNITED STATES OLL0 TH CONGRESS ST SESSION S. ll To secure the United States against cyber attack, to improve communication and collaboration between the private sector and the Federal Government, to enhance American

More information

ISO/IEC 27002:2013 WHITEPAPER. When Recognition Matters

ISO/IEC 27002:2013 WHITEPAPER. When Recognition Matters When Recognition Matters WHITEPAPER ISO/IEC 27002:2013 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS www.pecb.com CONTENT 3 4 5 6 6 7 7 7 7 8 8 8 9 9 9

More information

Cyber Security Recommendations October 29, 2002

Cyber Security Recommendations October 29, 2002 Cyber Security Recommendations October 29, 2002 Leading Co-Chair (Asia/Oceania) Co-Chair (Americas) Co-Chair (Europe/Africa) Dr. Hiroki Arakawa Executive Vice President NTT Data Corporation Richard Brown

More information

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES POINT OF VIEW CYBERSECURITY IN FINANCIAL SERVICES Financial services institutions are globally challenged to keep pace with changing and covert cybersecurity threats while relying on traditional response

More information

Cyber Security Strategy

Cyber Security Strategy 2014 2017 Cyber Security Strategy Ministry of Economic Affairs and Communication 2014 TABLE OF CONTENTS Introduction... 2 1. Analysis of current situation... 2 1.1. Sectoral progress... 2 1.2. Trends...

More information

Cybersecurity: What CFO s Need to Know

Cybersecurity: What CFO s Need to Know Cybersecurity: What CFO s Need to Know William J. Nowik, CISA, CISSP, QSA PCIP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2014 Wolf & Company, P.C. Today s Agenda Introduction

More information

Memorandum Cybersecurity - how should the legislation meet the new challenges?

Memorandum Cybersecurity - how should the legislation meet the new challenges? ! Moderator: Carlo Schüpp! Non-Executive Director and cofounder of LSEC! In his opening comments, the moderator Mr Schüpp suggested that many of the issues surrounding cybersecurity are linked to the fact

More information

TESTIMONY OF TIM PAWLENTY. Chief Executive Officer, The Financial Services Roundtable. Committee on Homeland Security and Government Affairs

TESTIMONY OF TIM PAWLENTY. Chief Executive Officer, The Financial Services Roundtable. Committee on Homeland Security and Government Affairs TESTIMONY OF TIM PAWLENTY Chief Executive Officer, The Financial Services Roundtable Committee on Homeland Security and Government Affairs Hearing entitled Data Breach on the Rise: Protecting Personal

More information

PACB One-Day Cybersecurity Workshop

PACB One-Day Cybersecurity Workshop PACB One-Day Cybersecurity Workshop WHAT IS CYBERSECURITY? PRESENTED BY: JON WALDMAN, SBS CISA, CRISC 1 Contact Information Jon Waldman Partner, Senior IS Consultant CISA, CRISC Masters of Info Assurance

More information

BREACHES HAPPEN. BE PREPARED. F-SECURE RAPID DETECTION SERVICE

BREACHES HAPPEN. BE PREPARED. F-SECURE RAPID DETECTION SERVICE BREACHES HAPPEN. BE PREPARED. F-SECURE RAPID DETECTION SERVICE TAKE A HOLISTIC APPROACH TO CYBER SECURITY. Sophisticated corporate cyber attacks have become commonplace. They circumvent even the best-defended

More information

Towards defining priorities for cybersecurity research in Horizon 2020's work programme 2016-2017 Contributions from the Working Group on Secure ICT

Towards defining priorities for cybersecurity research in Horizon 2020's work programme 2016-2017 Contributions from the Working Group on Secure ICT Towards defining priorities for cybersecurity research in Horizon 2020's work programme 2016-2017 Contributions from the Working Group on Secure ICT - Research and Innovation of the NIS Platform 8 April

More information

Cloud Computing Security Considerations

Cloud Computing Security Considerations Cloud Computing Security Considerations Roger Halbheer, Chief Security Advisor, Public Sector, EMEA Doug Cavit, Principal Security Strategist Lead, Trustworthy Computing, USA January 2010 1 Introduction

More information

National Information Assurance and Cyber Security Strategy (NIACSS) Jordan s Approach to National CS&IA

National Information Assurance and Cyber Security Strategy (NIACSS) Jordan s Approach to National CS&IA National Information Technology Center (NITC) National Information Assurance and Cyber Security Strategy (NIACSS) Jordan s Approach to National CS&IA Ahmed Otoom, Ph.D. Disclaimer This presentation does

More information

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015 Community Bank Auditors Group Cybersecurity What you need to do now June 9, 2015 By: Gerald Gagne MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C. Cybersecurity

More information

Honourable members of the National Parliaments of the EU member states and candidate countries,

Honourable members of the National Parliaments of the EU member states and candidate countries, Speech by Mr Rudolf Peter ROY, Head of division for Security Policy and Sanctions of the European External Action Service, at the L COSAC Meeting 29 October 2013, Vilnius Honourable members of the National

More information

Sempra Energy Utilities response Department of Commerce Inquiry on Cyber Security Incentives APR 29 2013

Sempra Energy Utilities response Department of Commerce Inquiry on Cyber Security Incentives APR 29 2013 Sempra Energy Utilities response Department of Commerce Inquiry on Cyber Security Incentives APR 29 2013 Sempra Energy s gas and electric utilities collaborate with industry leaders and a wide range of

More information

Internet Safety and Security: Strategies for Building an Internet Safety Wall

Internet Safety and Security: Strategies for Building an Internet Safety Wall Internet Safety and Security: Strategies for Building an Internet Safety Wall Sylvanus A. EHIKIOYA, PhD Director, New Media & Information Security Nigerian Communications Commission Abuja, NIGERIA Internet

More information

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte Cyber security Time for a new paradigm Stéphane Hurtaud Partner Information & Technology Risk Deloitte 90 More than ever, cyberspace is a land of opportunity but also a dangerous world. As public and private

More information

POLICIES TO MITIGATE CYBER RISK

POLICIES TO MITIGATE CYBER RISK POLICIES TO MITIGATE CYBER RISK http://www.tutorialspoint.com/information_security_cyber_law/policies_to_mitigate_cyber_risk.htm Copyright tutorialspoint.com This chapter takes you through the various

More information

Risk and responsibility in a hyperconnected world: Implications for enterprises

Risk and responsibility in a hyperconnected world: Implications for enterprises JANUARY 2014 Risk and responsibility in a hyperconnected world: Implications for enterprises David Chinn, James Kaplan, and Allen Weinberg For the world s economy to get full value from technological innovation,

More information

Internet threats: steps to security for your small business

Internet threats: steps to security for your small business Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential

More information

Digital Customer Experience

Digital Customer Experience Digital Customer Experience Digital. Two steps ahead Digital. Two steps ahead Organizations are challenged to deliver a digital promise to their customers. The move to digital is led by customers who are

More information

January 30, 2015. Dear Dr. De Salvo:

January 30, 2015. Dear Dr. De Salvo: January 30, 2015 Karen DeSalvo, MD, MPH, MSc National Coordinator Office of National Coordinator for Health IT Department of Health and Human Services 200 Independence Ave, SW Washington, DC 20201 Dear

More information

Lessons from Defending Cyberspace

Lessons from Defending Cyberspace Lessons from Defending Cyberspace The Challenge of Addressing National Cyber Risk Andy Purdy Workshop on Cyber Security Center for American Studies, Christopher Newport College 10 28-2009 Cyber Threat

More information

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA White Paper Achieving GLBA Compliance through Security Information Management White Paper / GLBA Contents Executive Summary... 1 Introduction: Brief Overview of GLBA... 1 The GLBA Challenge: Securing Financial

More information

Cybersecurity in the States 2012: Priorities, Issues and Trends

Cybersecurity in the States 2012: Priorities, Issues and Trends Cybersecurity in the States 2012: Priorities, Issues and Trends Commission on Maryland Cyber Security and Innovation June 8, 2012 Pam Walker, Director of Government Affairs National Association of State

More information

OUTCOME OF PROCEEDINGS

OUTCOME OF PROCEEDINGS Council of the European Union Brussels, 18 November 2014 15585/14 COPS 303 POLMIL 103 CYBER 61 RELEX 934 JAI 880 TELECOM 210 CSC 249 CIS 13 COSI 114 OUTCOME OF PROCEEDINGS From: Council On: 17 18 November

More information

White Paper on Financial Industry Regulatory Climate

White Paper on Financial Industry Regulatory Climate White Paper on Financial Industry Regulatory Climate According to a 2014 report on threats to the financial services sector, 45% of financial services organizations polled had suffered economic crime during

More information

OCIE Technology Controls Program

OCIE Technology Controls Program OCIE Technology Controls Program Cybersecurity Update Chris Hetner Cybersecurity Lead, OCIE/TCP 212-336-5546 Introduction (Role, Disclaimer, Background and Speech Topics) SEC Cybersecurity Program Overview

More information

Legal Issues / Estonia Cyber Incident

Legal Issues / Estonia Cyber Incident Control System Cyber Security Conference 22 October 2009 Legal Issues / Estonia Cyber Incident Maeve Dion Center for Infrastructure Protection George Mason University School of Law Legal Issues / Estonia

More information

Is cyber security now too hard for enterprises? Cyber security trends in the UK. Executive Summary

Is cyber security now too hard for enterprises? Cyber security trends in the UK. Executive Summary Is cyber security now too hard for enterprises? Executive Summary Sponsors The creation and distribution of this study was supported by CGI, cybx and Fujitsu/Symantec. Premium sponsors: Gold sponsor: 2

More information

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT Presenter: C. MASIGA Event: ICT PITSO 2015 Date: 25/08/15 PRESENTATION OUTLINE Current Situational Analysis Remedial Actions for CSA Expected Benefits

More information

SECURE AND TRUSTWORTHY CYBERSPACE (SaTC)

SECURE AND TRUSTWORTHY CYBERSPACE (SaTC) SECURE AND TRUSTWORTHY CYBERSPACE (SaTC) Overview The Secure and Trustworthy Cyberspace (SaTC) investment is aimed at building a cybersecure society and providing a strong competitive edge in the Nation

More information

EU Cybersecurity Policy & Legislation ENISA s Contribution

EU Cybersecurity Policy & Legislation ENISA s Contribution EU Cybersecurity Policy & Legislation ENISA s Contribution Steve Purser Head of Core Operations Oslo 26 May 2015 European Union Agency for Network and Information Security Agenda 01 Introduction to ENISA

More information

Cyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things

Cyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things Cyber security Digital Customer Experience Digital Employee Experience Digital Insight Internet of Things Payments IP Solutions Cyber Security Cloud 2015 CGI IT UK Ltd Contents... Securing organisations

More information

Security Intelligence

Security Intelligence IBM Security Security Intelligence Security for a New Era of Computing Erno Doorenspleet Consulting Security Executive 1 PARADIGM SHIFT in crime Sophistication is INCREASING Attacks are More Targeted Attackers

More information

Cyber-Rights & Cyber-Liberties (UK) Report on the Intel 1 Pentium 1 III Processor Serial Number Feature

Cyber-Rights & Cyber-Liberties (UK) Report on the Intel 1 Pentium 1 III Processor Serial Number Feature Introduction Cyber-Rights & Cyber-Liberties (UK) Report on the Intel 1 Pentium 1 III Processor Serial Number Feature Recently Intel have announced that the new Pentium III processor, due for release in

More information

European Union / Council of Europe Project on Cybercrime in Georgia. Tbilisi-2 March 2010

European Union / Council of Europe Project on Cybercrime in Georgia. Tbilisi-2 March 2010 European Union / Council of Europe Project on Cybercrime in Georgia Tbilisi-2 March 2010 How to create a specialized cyber crime unit Recommendations Priorities How to create a specialized cyber crime

More information

DIGITALEUROPE and European Services Forum (ESF) response to the Draft Supervision Rules on Insurance Institutions Adopting Digitalised Operations

DIGITALEUROPE and European Services Forum (ESF) response to the Draft Supervision Rules on Insurance Institutions Adopting Digitalised Operations DIGITALEUROPE and European Services Forum (ESF) response to the Draft Supervision Rules on Insurance Institutions Adopting Digitalised Operations Brussels, October 2015 INTRODUCTION On behalf of the European

More information

Nine Cyber Security Trends for 2016

Nine Cyber Security Trends for 2016 Nine Cyber Security Trends for 2016 12-17-15 Boxborough, MA 2016 will see an increasing number of attacks and the emergence of new targets; the complexity and sophistication of attacks, initiated by increasingly

More information

Evolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance

Evolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance Evolving Threats and Attacks: A Cloud Service Provider s viewpoint John Howie Senior Director Online Services Security and Compliance Introduction Microsoft s Cloud Infrastructure Evolution of Threats

More information

CYBERSECURITY STRATEGY. The Government of Japan

CYBERSECURITY STRATEGY. The Government of Japan CYBERSECURITY STRATEGY The Government of Japan September 2015 OVERVIEW 1 Understanding on Cyberspace Cyberspace is an artificial domain as a "frontier generating infinite values" and an essential foundation

More information

Vijay Mauree Manager Planning, Research & Development and CERT-MU National Computer Board

Vijay Mauree Manager Planning, Research & Development and CERT-MU National Computer Board www.cert-mu.org.mu Vijay Mauree Manager Planning, Research & Development and CERT-MU National Computer Board Presentation Outline Introduction Enforcement National Co-ordination for Cyber Security Information

More information

Cybersecurity in the Commonwealth: Setting the Stage

Cybersecurity in the Commonwealth: Setting the Stage Cybersecurity in the Commonwealth: Setting the Stage Tim Unwin Secretary General Commonwealth Telecommunications Organisation CTO Cybersecurity Forum, Yaoundé 24 th April 2013 For governments Imagine if

More information

The Path Ahead for Security Leaders

The Path Ahead for Security Leaders The Path Ahead for Security Leaders Executive Summary What You Will Learn If you asked security leaders five years ago what their primary focus was, you would likely get a resounding: securing our operations.

More information