Survey of Cyber Security Frameworks

Size: px
Start display at page:

Download "Survey of Cyber Security Frameworks"

Transcription

1 Survey of Cyber Security Frameworks Alice Nambiro Wechuli (Department of Computer Science, Masinde Muliro University of Science and Technology, Kenya Geoffrey Muchiri Muketha (Department of Information Technology, Meru University of Science and Technology, Kenya Nahason Matoke (Department of Computer Science, Masinde Muliro University of Science and Technology, Kenya Abstract: In a digital world, the national economy and welfare have grown critically dependent on the cyber infrastructure due to the capabilities and opportunities the Internet provides. This leaves organizations open to various forms of malicious attack by cybercriminals which has overwhelmed some current methodologies used for tracking cyber attacks and vulnerabilities. This paper presents a review of literature on cyber security status, challenges to cyber security, and existing cyber security frameworks. Findings indicate that though efforts are in place to bring about effective assessment of cyber security, there is no single accepted framework to offer a lasting solution to the cyber security assessment challenge. Key Words: Cyber Security, Internet, Vulnerability, Threat, Cyber Attack, Cyber crime 1. Introduction The way of carrying out business in the world today is changing rapidly with new technologies taking the center stage. Both government and the private sector are increasingly adopting the emerging technologies to modernize their service delivery. According to the US President s Information Technology Advisory Committee [1], innovations in ICT have created a whole new industry through the ubiquitous interconnectedness first exhibited by the Internet. This revolution of interconnectivity has brought with it an increased potential of opportunities, including risk and uncertainties, especially for those cyber criminals who can now cause harm with catastrophic impact from remote locations, while equipped with only a computer and the knowledge needed to identify and exploit vulnerabilities [1]. As a result of increasing interconnectivity, information systems and networks are now exposed to a growing number and a wider variety of threats and vulnerabilities which raise new security issues for all. Throughout the world, governments, defense industries, and companies in finance, power, and telecommunications are increasingly targeted by overlapping surges of cyber attacks from criminals and nation-states seeking economic or military advantage [2]. The number of attacks is now so large and their sophistication so great, that many organizations are having trouble determining which new threats and

2 vulnerabilities pose the greatest risk and how resources should be allocated to ensure that the most probable and damaging attacks are dealt with first. The Australian government has made effort to address the cyber security issues in industry although further development is needed in terms of the rights of an individual company to take action against a threat source [3]. United States, General Accounting Office [4] states that long-term efforts are needed, such as the development of standards, research into cyber security vulnerabilities and technological solutions for the cyber security problems, and the transition of research results into commercially available products. 2. Defining Cyber Security There isn t a single definition of the term cyber security in existence but the different existing definitions encompass a set of concepts which include availability, confidentiality and secure sharing of information. Cyber security refers to three things: measures to protect information technology; the information it contains, processes, and transmits, and associated physical and virtual elements; the degree of protection resulting from application of those measures; and the associated field of professional endeavor [5]. Cyber security is Measures relating to the confidentiality, availability and integrity of information that is processed, stored and communicated by electronic or similar means [3], [6]. Cyber security refers to a measure for protecting computer systems, networks, and information from disruption or unauthorized access, use, disclosure, modification or destruction [7]. In the context of this paper, cyber security is to be understood as the collection of policies, security safeguards, security concepts, risk management approaches, guidelines, technologies, actions and training that can be used to protect the organization and cyber environment together with the user s assets. 3. Current Status of Cyber Security According to Cole et al. [8], only a few countries had additional security measures apart from legislation. The researchers indicate in their study that Malawi had hardly any cyber security initiatives taking place at national level. A study by the World Economic Forum found Malawi to be amongst the bottom 15 of 133 countries surveyed for ICT networked readiness [9]. Malaysia is one of Asia s most alluring countries for cyber criminals [10]. According to Lt Col Prof Datuk Husin Jazri, the Cyber Security Malaysia chief executive officer, until August 2011, there were 10,000 cases reported every month in Malaysia [11]. The researcher also indicated that the Cyber Early Warning System that had been set up by Cyber security Malaysia detected over 5,000,000 security threats. This is hard evidence that shows cyber crimes are increasing at an alarming rate. As Kenya s internet connectivity blossoms, so are the cyber security threats which are becoming more dynamic and sophisticated [12]. The researcher indicates that most organizations in Kenya don t know enough about the threats or their own security posture to defend themselves adequately. Stating an example that they can t see signs of an attack because they haven t sufficiently analyzed data on the latest attack techniques. The researcher further quotes the Kenya s Information Permanent Secretary, Dr Bitange Ndemo, who stated that with high speed internet comes increased security risks therefore there is need to develop policies both to ensure wider access and the safety of internet users. 4. Cyber Security Challenges

3 Security of cyberspace is complicated because it involves the increasing dependence on information networks that, in turn, introduce vulnerabilities and create opportunities to be exploited by criminals, adversaries and others Organized Criminal Activities New challenges to data and communications networks are evolving as rapidly as the spread of high-speed Internet infrastructure. It has been argued that the more significant the volume of revenues that flow over ICT based networks, the greater will be the incentive for organized criminals to corrupt or economically exploit high-value data resources [13]. A global black economy has been found to be found to be capable of generating finances for terrorism, as well as off-budget funding for military, police, or national security agencies of nation states [14] Weak Links in the Global Information Infrastructure A poorly secured network is potentially the weakest link in the cyber security chain [15], [16]. For example, malware in an out of date network can become a botnet through which other systems could be attacked. Internet Service Providers are usually not proactive in identifying and removing botnets in view of the cost implications [17]. Significant weaknesses within the industry need to be addressed, including the lack of effective governance, poor understanding of the cyber threat, and the sharing of data. However, many boards fail to understand and, therefore, address the business risks in the cyber environment [3] Constant Evolution of the Nature of Cyber Threats In [18], the ability of governments to gauge threats to critical infrastructures has traditionally been contingent upon their ability to evaluate a malicious actor s intent and that actor s ability to carry out a deliberate action. She further states that due to the global nature of information networks, attacks can be launched from anywhere in the world, and discovering the origin of attacks remains a major difficulty, if, indeed, they are detected at all. Compared to traditional security threat analysis, which consists of analyses of actors, their intentions, and their capabilities, cyber-threats have various features that make such attacks difficult to monitor, analyze, and counteract [19] Insufficient Funding A secondary but nonetheless significant issue is the funding of cyber security research and development. Researchers have established that departments and agencies outside of defense do not have dedicated research funds to apply to cyber security [3]. The security threats faced in the cyber domain need to be addressed with a coherent integrated and funded research program in advance of the threat and not just in reaction to it. 5. Cyber Security Frameworks Cyber security is important for competitiveness of organizations now that most of them have gone digital. In order to remain undisrupted, a deeper research on cyber security assessment was necessary. The paper identified some cyber security frameworks which are discussed in the subsequent sections.

4 5.1. Cyber Security Workforce Framework The National Initiative for Cyber security Education (NICE) is an interagency effort coordinated by the National Institute of Standards and Technology and focused on cyber security awareness, education, training and professional development [20]. NICE came up with the cyber security workforce framework. The framework organizes cyber security into seven categories, each comprising several specialty areas as follows: i. Securely Provision which is concerned with conceptualizing, designing, and building Information Technology systems. ii. Operate and Maintain which is responsible for providing the support, administration, and maintenance necessary to ensure effective and efficient Information Technology system performance and security. iii. Protect and Defend which is responsible for the identification, analysis, and mitigation of threats to internal Information Technology systems or networks. iv. Investigate which is responsible for the investigation of cyber events and/or crimes of Information Technology systems, networks, and digital evidence. v. Operate and Collect which is responsible for the highly specialized collection of cyber security information that may be used to develop intelligence. vi. Analyze which is responsible for highly specialized review and evaluation of incoming cyber security information to determine its usefulness for intelligence. vii. Support that provides support so that others may effectively conduct their cyber security work. This framework has limitations although it might have worked to satisfaction during the time it was developed. First, the cyber security workforce framework has put its emphasis on awareness which basically is through training. This ensures secure cyber infrastructure as explained in the framework. The framework has not considered the fact that the technologies are ever emerging rapidly which brings about the challenge of increased cyber security threats. For this reason, there must be adequate cyber security policies and standards which should be reviewed frequently. Also the framework has not considered the fact that threats do exploit vulnerabilities thus risk management strategy should be put into place. Furthermore the framework has not considered the fact that some cyber criminals like hawkers who have malicious intentions have a broad range of knowledge in the cyber security area. Thus cyber crime legislation was not put in place to bring the criminals to book. Then, for any cyber security initiative to be a success, there be a driving force which is sufficient funding. This framework has not presented any budget for the training U.S. GAO Cyber Security Framework The United States, General Accounting Office [21] puts it forth that the use of an overall cyber security framework that can assist in the selection of technologies to protect critical infrastructure against cyber attacks. It further proposes that an overall cyber security framework includes determining the business requirements for security and performing risk assessments. Also, establishing a security policy, implementing a cyber security solution and continuously monitoring and managing security are part of the framework [21]. Risk assessments, which are central to this framework, help organizations to determine which assets are most at risk and to identify countermeasures to mitigate those risks. Risk assessment is based on a consideration of threats and vulnerabilities that could be exploited to inflict damage.

5 The U.S GAO cyber security framework has considered the issue of security policies and standards. It has also presented the necessity for risk management because technologies are rapidly evolving for example the use of mobile computing and the cyber threats are on the rise. However, the framework stresses on putting risk management on the fore front but no end user education is considered which may lead to commitment of some cyber crimes due to lack of knowledge. The framework has too not presented review of the management structure that is whether it is centralized or decentralized because a centralized management structure brings about challenges like lack of team work thus no effective implementation of any initiative. Also, the framework does not consider assessment of the services provided by third party service providers like the internet service providers. This is because the services provided might create vulnerabilities which are exploited by cyber criminals. Also, cyber crime legislation to deal with cyber criminals is not presented and finally, funding, be it from insurance agencies or self for any cyber security initiative is not presented Framework for Assessing Cyber Security Initiatives in Africa A study on cyber security in Africa has established the need for measures which include standards and policies regarding the technical security measures, accreditation for said systems, legislation to criminalize cybercrime, international cybercrime legislation harmonization, and a national computer emergency and response team to provide these national security systems with analysis of potential vulnerabilities and quick incident response [8]. The security perspectives of these measures depend on their target organizations and systems. There should also be higher education cyber security programs provide increased opportunities for technical jobs and industry. They also serve as the necessary workforce for all cyber security initiatives across all of the security concerns. Also cyber security education for the end user helps individuals to protect their private information. The framework has well presented the need for awareness, cyber security policies and standards together with the cyber legislation. It has also considered the need for a computer emergency response team. However, it has not presented a review of the management structure because this contributes to implementation of effective cyber security assessment framework. Also, the paper has not presented whether there is assessment of services provide by third party service providers. Finally, no budget is reviewed to ensure sufficient funding available to initiate the cyber security assessment program. 6. Discussion Ensuring cyber security is a very important aspect both globally and to an organization in particular. Thus several researches have been going on to act as guides to cyber security assessment. Based on the review of the literature concerning the cyber security frameworks, several cyber security issues have been raised. This implies that there is much to be done in order to come up with an overall acceptable cyber security framework. In the cyber security workforce framework, the framework needs an inclusion of the cyber security policies that are to be reviewed frequently. Also a risk management plan should be put in place and implemented. The cyber crime legislation should be put in place to deal with the cyber criminals. Finally, a budget must be presented stating how much each cyber security initiative should be allocated. The U.S. GAO cyber security framework has stressed on the need for risk management without any consideration of the end user education. This proves cyber security measures to be unsuccessful because for success to be achieved, all levels of management must participate. Since there is no assessment of

6 services provided by third party service providers, then it is certain that some of the services provided are unsecure. Also cyber criminals can go unpunished because there is no cyber crime legislation. Finally, there is need to include the budget with sufficient funds. In the framework for assessing cyber security initiatives in Africa, it implies that effective cyber security is achievable without involving all the levels of management which can t be because the management structure is not presented. Also, services provided by the third party service providers need to be assessed for security. Finally, for any cyber security initiative to be successful, adequate funds must be available to support it. 7. Conclusions We have looked at the status of cyber security and the challenges encountered during implementation of cyber security programs. We have also looked at the existing cyber security frameworks after which we discussed the implications of these limitations in the previous section. Since all the frameworks had some limitations, this provides a basis on the need of further research on the cyber security assessment framework that will provide a lasting solution to the ever arising cyber security assessment challenge. 8. References [1] President's Information Technology Advisory Committee (PITAC). Cyber-Security: A Crisis of Prioritization. 2005, National Coordination Office for Information Technology Research and Development, Arlington, VA. [2] Billo, C. and Chang, W. "Cyber Warfare: An Analysis of the Means and Motivations of Selected Nation States". 2004, Institute for Security Technology Studies, Dartmouth College. [3] Blackburn, J.and Waters, G. Optimizing Australia's Response to the Cyber Challenge.Kokoda Foundation [4] United States, General Accounting Office. Technology assessment cybersecurity for critical infrastructure protection. 2004, Washington, D.C. U.S. General Accounting Office. [5] Fischer, E. A. Creating a National Framework for Cybersecurity: An Analysis of Issues and Options. 2005, Congress Research Service (CRS). [6] Australian Government. Cyber Security Strategy. 2009, Canberra:Attoney-General's Department; retrieved from Security+Strategy+-+for+ website.pdf/$file/ag+cyber+security+strategy+-+for+website.pdf, accessed 14 May [7] Gallaher, M. P., Link, N. A. and Rowe, R. B. Cyber Security. 2008, Cheltenham: Edward Elgar Publishing Limited. [8] Cole, K., Chetty, M., LaRosa, C., Rietta, F., Schmitt, D. and Goodman, S.E. Cybersecurity in Africa: An Assessment. 2008, Sam Nunn School of International Affairs, Georgia Institute of Technology Atlanta, GA US. [9] World Economic Forum. The Global Information Technology Report Available at Technology%20Report/index.htm [Accessed 7 March 2011]. [10] Muniandy, L. and Muniandy, B. State of Cyber Security and the Factors Governing its Protection in Malaysia. International Journal of Applied Science and Technology, (4). [11] Timbuong, J. Cybercrimes continue to rise Retrieved November 3, 2011, from continue-to-rise. [12] Itosno, S. Kenya: Cyber criminals becoming untamable. BiztechAfrica, 2012.

7 [13] Krebs, B. "Three Worked the Web to Help Terrorists". The Washington Post, [14] Sipress, A. 'An Indonesian's Prison Memoier Takes Holy War Into Cyberspace'. Washington Post 2004, 14 December, from [15] Allison, I. and Strangwick, C. Computer Security, Privacy and Politics: Current Issues, Challenges and Solutions. IRM Press, [16] Anderson, R. and Moore, T. "The Economics of Information Security." Science 314, 2006: [17] Bauer, M.J. and vaneeten, G.J. Cyber-Security: Stakeholders incentives, externalities and policy options.telecommunication Policy. 2009, 33 (10). [18] Dunn, M. A Comparative Analysis of Cybersecurity Initiatives Worldwide. WSIS ThematicMeeting on Cybersecurity (Geneva: International Telecommunications Union) [19] Dunn, M. Threat Frames in the US Cyber-Terror Discourse. British International Studies Association (BISA) conference. Warwick, [20] National Institute of Standards and Technology (NIST). Cybersecurity workforce framework issued for public comment. ScienceDaily, Retrieved July 26, 2012, from /releases/2011/11/ htm [21] United States, General Accounting Office. Technology assessment cybersecurity for critical infrastructure protection. Washington, D.C. U.S. General Accounting Office, 2004.

Cyber Security Assessment Framework: Case of Government Ministries in Kenya

Cyber Security Assessment Framework: Case of Government Ministries in Kenya Cyber Security Assessment Framework: Case of Government Ministries in Kenya Alice Nambiro Wechuli (Department of Computer Science, Masinde Muliro University of Science and Technology, Kenya alicenambiro@yahoo.com)

More information

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA JOÃO MANUEL ASSIS BARBAS Coronel de Artilharia. Assessor de Estudos do IDN INTRODUCTION Globalization and information and communication technologies

More information

Germany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28),

Germany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28), Germany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28), General appreciation of the issues of information security Information

More information

Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record

Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record Roberta Stempfley Acting Assistant Secretary for Cybersecurity and Communications

More information

Lessons from Defending Cyberspace

Lessons from Defending Cyberspace Lessons from Defending Cyberspace The Challenge of Addressing National Cyber Risk Andy Purdy Workshop on Cyber Security Center for American Studies, Christopher Newport College 10 28-2009 Cyber Threat

More information

ITU National Cybersecurity/CIIP Self-Assessment Tool

ITU National Cybersecurity/CIIP Self-Assessment Tool ITU National Cybersecurity/CIIP Self-Assessment Tool ICT Applications and Cybersecurity Division Policies and Strategies Department ITU Telecommunication Development Sector April 2009 Revised Draft For

More information

CyberSecurity Solutions. Delivering

CyberSecurity Solutions. Delivering CyberSecurity Solutions Delivering Confidence Staying One Step Ahead Cyber attacks pose a real and growing threat to nations, corporations and individuals globally. As a trusted leader in cyber solutions

More information

The Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco.

The Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco. The Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco. 1 Calling All CEOs Are You Ready to Defend the Battlefield of the 21st Century? It is not the norm for corporations to be

More information

ITU Global Cybersecurity Agenda (GCA)

ITU Global Cybersecurity Agenda (GCA) International Telecommunication Union ITU Global Cybersecurity Agenda (GCA) Framework for International Cooperation in Cybersecurity ITU 2007 All rights reserved. No part of this publication may be reproduced,

More information

CYBER SECURITY, A GROWING CIO PRIORITY

CYBER SECURITY, A GROWING CIO PRIORITY www.wipro.com CYBER SECURITY, A GROWING CIO PRIORITY Bivin John Verghese, Practitioner - Managed Security Services, Wipro Ltd. Contents 03 ------------------------------------- Abstract 03 -------------------------------------

More information

No. 33 February 19, 2013. The President

No. 33 February 19, 2013. The President Vol. 78 Tuesday, No. 33 February 19, 2013 Part III The President Executive Order 13636 Improving Critical Infrastructure Cybersecurity VerDate Mar2010 17:57 Feb 15, 2013 Jkt 229001 PO 00000 Frm 00001

More information

Internet Safety and Security: Strategies for Building an Internet Safety Wall

Internet Safety and Security: Strategies for Building an Internet Safety Wall Internet Safety and Security: Strategies for Building an Internet Safety Wall Sylvanus A. EHIKIOYA, PhD Director, New Media & Information Security Nigerian Communications Commission Abuja, NIGERIA Internet

More information

S. ll IN THE SENATE OF THE UNITED STATES

S. ll IN THE SENATE OF THE UNITED STATES OLL0 TH CONGRESS ST SESSION S. ll To secure the United States against cyber attack, to improve communication and collaboration between the private sector and the Federal Government, to enhance American

More information

National Cyber Security Policy -2013

National Cyber Security Policy -2013 National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information

More information

Remarks by. Thomas J. Curry Comptroller of the Currency. Before a Meeting of CES Government. Washington, DC April 16, 2014

Remarks by. Thomas J. Curry Comptroller of the Currency. Before a Meeting of CES Government. Washington, DC April 16, 2014 Remarks by Thomas J. Curry Comptroller of the Currency Before a Meeting of CES Government Washington, DC April 16, 2014 Good afternoon. It s a pleasure to finally be here with you. I had very much hoped

More information

NIST Cybersecurity Framework Impacting Your Company? April 24, 2014 Presented By Sheila FitzPatrick, NetApp Jeff Greene, Symantec Andy Serwin, MoFo

NIST Cybersecurity Framework Impacting Your Company? April 24, 2014 Presented By Sheila FitzPatrick, NetApp Jeff Greene, Symantec Andy Serwin, MoFo 2014 Morrison & Foerster LLP All Rights Reserved mofo.com NIST Cybersecurity Framework Impacting Your Company? April 24, 2014 Presented By Sheila FitzPatrick, NetApp Jeff Greene, Symantec Andy Serwin,

More information

Cyber Threat Intelligence and Incident Coordination Center (C 3 ) Protecting the Healthcare Industry from Cyber Attacks

Cyber Threat Intelligence and Incident Coordination Center (C 3 ) Protecting the Healthcare Industry from Cyber Attacks Cyber Threat Intelligence and Incident Coordination Center (C 3 ) Protecting the Healthcare Industry from Cyber Attacks July 2014 Cyber Threat Intelligence and Incident Coordination Center: Protecting

More information

Cyber Security Operations Centre Reveal Their Secrets - Protect Our Own Defence Signals Directorate

Cyber Security Operations Centre Reveal Their Secrets - Protect Our Own Defence Signals Directorate Cyber Security Operations Centre Reveal Their Secrets - Protect Our Own Defence Signals Directorate Contents Message from the Director 3 Cyber Security Operations Centre 5 Cyber Security Strategy 7 Conversation

More information

WRITTEN TESTIMONY OF

WRITTEN TESTIMONY OF WRITTEN TESTIMONY OF KEVIN MANDIA CHIEF EXECUTIVE OFFICER MANDIANT CORPORATION BEFORE THE SUBCOMMITTEE ON CRIME AND TERRORISM JUDICIARY COMMITTEE UNITED STATES SENATE May 8, 2013 Introduction Thank you

More information

CLIENT UPDATE CRITICAL INFRASTRUCTURE CYBERSECURITY: U.S. GOVERNMENT RESPONSE AND IMPLICATIONS

CLIENT UPDATE CRITICAL INFRASTRUCTURE CYBERSECURITY: U.S. GOVERNMENT RESPONSE AND IMPLICATIONS CLIENT UPDATE CRITICAL INFRASTRUCTURE CYBERSECURITY: U.S. GOVERNMENT RESPONSE AND IMPLICATIONS NEW YORK Jeremy Feigelson jfeigelson@debevoise.com WASHINGTON, D.C. Satish M. Kini smkini@debevoise.com Renee

More information

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES POINT OF VIEW CYBERSECURITY IN FINANCIAL SERVICES Financial services institutions are globally challenged to keep pace with changing and covert cybersecurity threats while relying on traditional response

More information

(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework

(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework (U) Appendix E: Case for Developing an International Cybersecurity Policy Framework (U//FOUO) The United States lacks a comprehensive strategic international policy framework and coordinated engagement

More information

Legislative Language

Legislative Language Legislative Language SECTION 1. DEPARTMENT OF HOMELAND SECURITY CYBERSECURITY AUTHORITY. Title II of the Homeland Security Act of 2002 (6 U.S.C. 121 et seq.) is amended (a) in section 201(c) by striking

More information

CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY

CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY CLOSING THE DOOR TO CYBER ATTACKS Cybersecurity and information security have become key challenges for

More information

Cyber Security Strategy of Georgia

Cyber Security Strategy of Georgia Cyber Security Strategy of Georgia 1 1. Introduction The Government of Georgia publishes its Cyber Security Strategy for the first time. Large-scale cyber attacks launched by Russia against Georgia in

More information

Developing a National Strategy for Cybersecurity FOUNDATIONS FOR SECURITY, GROWTH, AND INNOVATION. Cristin Flynn Goodwin J.

Developing a National Strategy for Cybersecurity FOUNDATIONS FOR SECURITY, GROWTH, AND INNOVATION. Cristin Flynn Goodwin J. Developing a National Strategy for Cybersecurity FOUNDATIONS FOR SECURITY, GROWTH, AND INNOVATION Cristin Flynn Goodwin J. Paul Nicholas October 2013 Contents Executive Summary... 3 What Is a National

More information

Cyber Terrorism and Australia s Terrorism Insurance Scheme. Physically Destructive Cyber Terrorism as a Gap in Current Insurance Coverage

Cyber Terrorism and Australia s Terrorism Insurance Scheme. Physically Destructive Cyber Terrorism as a Gap in Current Insurance Coverage Cyber Terrorism and Australia s Terrorism Insurance Scheme Physically Destructive Cyber Terrorism as a Gap in Current Insurance Coverage Cyber Terrorism? 2013 cyber attacks on the websites of media companies

More information

Hearing before the House Permanent Select Committee on Intelligence. Homeland Security and Intelligence: Next Steps in Evolving the Mission

Hearing before the House Permanent Select Committee on Intelligence. Homeland Security and Intelligence: Next Steps in Evolving the Mission Hearing before the House Permanent Select Committee on Intelligence Homeland Security and Intelligence: Next Steps in Evolving the Mission 18 January 2012 American expectations of how their government

More information

Introduction. Jason Lawrence, MSISA, CISSP, CISA Manager, EY Advanced Security Center Atlanta, Georgia jason.lawrence@ey.com Twitter: @ethical_infosec

Introduction. Jason Lawrence, MSISA, CISSP, CISA Manager, EY Advanced Security Center Atlanta, Georgia jason.lawrence@ey.com Twitter: @ethical_infosec Introduction Jason Lawrence, MSISA, CISSP, CISA Manager, EY Advanced Security Center Atlanta, Georgia jason.lawrence@ey.com Twitter: @ethical_infosec More than 20 years of experience in cybersecurity specializing

More information

Update on U.S. Critical Infrastructure and Cybersecurity Initiatives

Update on U.S. Critical Infrastructure and Cybersecurity Initiatives Update on U.S. Critical Infrastructure and Cybersecurity Initiatives Presented to Information Security Now! Seminar Helsinki, Finland May 8, 2013 MARK E. SMITH Assistant Director International Security

More information

Middle Class Economics: Cybersecurity Updated August 7, 2015

Middle Class Economics: Cybersecurity Updated August 7, 2015 Middle Class Economics: Cybersecurity Updated August 7, 2015 The President's 2016 Budget is designed to bring middle class economics into the 21st Century. This Budget shows what we can do if we invest

More information

THE WHITE HOUSE Office of the Press Secretary

THE WHITE HOUSE Office of the Press Secretary FOR IMMEDIATE RELEASE February 13, 2015 THE WHITE HOUSE Office of the Press Secretary FACT SHEET: White House Summit on Cybersecurity and Consumer Protection As a nation, the United States has become highly

More information

Microsoft s cybersecurity commitment

Microsoft s cybersecurity commitment Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade

More information

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available

More information

Risk Management for Industrial Control Systems (ICS) And Supervisory Control Systems (SCADA) Information For Senior Executives

Risk Management for Industrial Control Systems (ICS) And Supervisory Control Systems (SCADA) Information For Senior Executives Risk Management for Industrial Control Systems (ICS) And Supervisory Control Systems (SCADA) Information For Senior Executives (Revised March 2012) Disclaimer: To the extent permitted by law, this document

More information

FINAL // FOR OFFICIAL USE ONLY. William Noonan

FINAL // FOR OFFICIAL USE ONLY. William Noonan FINAL // FOR OFFICIAL USE ONLY William Noonan Deputy Special Agent in Charge United States Secret Service Criminal Investigative Division Cyber Operations Branch Prepared Testimony Before the United States

More information

Cybersecurity Global status update. Dr. Hamadoun I. Touré Secretary-General, ITU

Cybersecurity Global status update. Dr. Hamadoun I. Touré Secretary-General, ITU Cybersecurity Global status update Dr. Hamadoun I. Touré Secretary-General, ITU Cybercrime takes a toll on the global economy - Online fraud, identity theft, and lost intellectual property; - On governments,

More information

Cyber-Security. FAS Annual Conference September 12, 2014

Cyber-Security. FAS Annual Conference September 12, 2014 Cyber-Security FAS Annual Conference September 12, 2014 Maysar Al-Samadi Vice President, Professional Standards IIROC Cyber-Security IIROC Rule 17.16 BCP The regulatory landscape Canadian Government policy

More information

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 The following consists of the joint explanatory statement to accompany the Cybersecurity Act of 2015. This joint explanatory statement

More information

Information Security in Business: Issues and Solutions

Information Security in Business: Issues and Solutions Covenant University Town & Gown Seminar 2015 Information Security in Business: Issues and Solutions A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information

More information

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave

More information

Testimony of. Before the United States House of Representatives Committee on Oversight and Government Reform And the Committee on Homeland Security

Testimony of. Before the United States House of Representatives Committee on Oversight and Government Reform And the Committee on Homeland Security Testimony of Dr. Phyllis Schneck Deputy Under Secretary for Cybersecurity and Communications National Protection and Programs Directorate United States Department of Homeland Security Before the United

More information

Section by Section DEPARTMENT OF HOMELAND SECURITY CYBERSECURITY AUTHORITY AND INFORMATION SHARING

Section by Section DEPARTMENT OF HOMELAND SECURITY CYBERSECURITY AUTHORITY AND INFORMATION SHARING Section by Section DEPARTMENT OF HOMELAND SECURITY CYBERSECURITY AUTHORITY AND INFORMATION SHARING Sec. 1. Department of Homeland Security Cybersecurity Authority Section 1(a) amends Title II of the Homeland

More information

A Detailed Strategy for Managing Corporation Cyber War Security

A Detailed Strategy for Managing Corporation Cyber War Security A Detailed Strategy for Managing Corporation Cyber War Security Walid Al-Ahmad Department of Computer Science, Gulf University for Science & Technology Kuwait alahmed.w@gust.edu.kw ABSTRACT Modern corporations

More information

CYBER SECURITY STRATEGY OF THE CZECH REPUBLIC FOR THE 2011 2015 PERIOD

CYBER SECURITY STRATEGY OF THE CZECH REPUBLIC FOR THE 2011 2015 PERIOD CYBER SECURITY STRATEGY OF THE CZECH REPUBLIC FOR THE 2011 2015 PERIOD The 2011 2015 Cyber Security Strategy of the Czech Republic is linked to the Security Strategy of the Czech Republic and reflects

More information

THE CRITICAL ROLE OF EDUCATION IN EVERY CYBER DEFENSE STRATEGY

THE CRITICAL ROLE OF EDUCATION IN EVERY CYBER DEFENSE STRATEGY THE CRITICAL ROLE OF EDUCATION IN EVERY CYBER DEFENSE STRATEGY Juan Cayón Peña, PhD. & Luis Armando García Abstract: The implementation, maintenance, and improvement of a national Cyber defense strategy

More information

TUSKEGEE CYBER SECURITY PATH FORWARD

TUSKEGEE CYBER SECURITY PATH FORWARD TUSKEGEE CYBER SECURITY PATH FORWARD Preface Tuskegee University is very aware of the ever-escalating cybersecurity threat, which consumes continually more of our societies resources to counter these threats,

More information

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte Cyber security Time for a new paradigm Stéphane Hurtaud Partner Information & Technology Risk Deloitte 90 More than ever, cyberspace is a land of opportunity but also a dangerous world. As public and private

More information

GAO. INFORMATION SECURITY Persistent Weaknesses Highlight Need for Further Improvement

GAO. INFORMATION SECURITY Persistent Weaknesses Highlight Need for Further Improvement GAO For Release on Delivery Expected at time 1:00 p.m. EDT Thursday, April 19, 2007 United States Government Accountability Office Testimony Before the Subcommittee on Emerging Threats, Cybersecurity,

More information

INFORMATION SECURITY STRATEGIC PLAN

INFORMATION SECURITY STRATEGIC PLAN INFORMATION SECURITY STRATEGIC PLAN UNIVERSITY OF CONNECTICUT INFORMATION SECURITY OFFICE 4/20/10 University of Connecticut / Jason Pufahl, CISSP, CISM 1 1 MISSION STATEMENT The mission of the Information

More information

U.S. Department of Energy Office of Inspector General Office of Audits and Inspections

U.S. Department of Energy Office of Inspector General Office of Audits and Inspections U.S. Department of Energy Office of Inspector General Office of Audits and Inspections Audit Report The Department's Configuration Management of Non-Financial Systems OAS-M-12-02 February 2012 Department

More information

Evolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance

Evolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance Evolving Threats and Attacks: A Cloud Service Provider s viewpoint John Howie Senior Director Online Services Security and Compliance Introduction Microsoft s Cloud Infrastructure Evolution of Threats

More information

Impact of Cybersecurity Innovations in Key Sectors (Technical Insights)

Impact of Cybersecurity Innovations in Key Sectors (Technical Insights) Impact of Cybersecurity Innovations in Key Sectors (Technical Insights) Customized cybersecurity measures help overcome Industry specific challenges September 2014 Table of Contents Section Slide Number

More information

ENSURING SECURITY IN AND FACILITATING INTERNATIONAL TRADE. Measures toward enhancing maritime cybersecurity. Submitted by Canada SUMMARY

ENSURING SECURITY IN AND FACILITATING INTERNATIONAL TRADE. Measures toward enhancing maritime cybersecurity. Submitted by Canada SUMMARY E FACILITATION COMMITTEE 39th session Agenda item 7 FAL 39/7 10 July 2014 Original: ENGLISH ENSURING SECURITY IN AND FACILITATING INTERNATIONAL TRADE Measures toward enhancing maritime cybersecurity Submitted

More information

Cyber security standard

Cyber security standard Cyber security standard Brief description This *Standard specifies security standards that protect *ICT systems and data from unintended or unauthorized access, damage or destruction. Related policies

More information

Actions and Recommendations (A/R) Summary

Actions and Recommendations (A/R) Summary Actions and Recommendations (A/R) Summary Priority I: A National Cyberspace Security Response System A/R 1-1: DHS will create a single point-ofcontact for the federal government s interaction with industry

More information

SOMEBODY'S WATCHING YOU! Maritime Cyber Security White Paper. Safeguarding data through increased awareness

SOMEBODY'S WATCHING YOU! Maritime Cyber Security White Paper. Safeguarding data through increased awareness SOMEBODY'S WATCHING YOU! Maritime Cyber Security White Paper Safeguarding data through increased awareness November 2015 1 Contents Executive Summary 3 Introduction 4 Martime Security 5 Perimeters Breached

More information

Harmful Interference into Satellite Telecommunications by Cyber Attack

Harmful Interference into Satellite Telecommunications by Cyber Attack Kobe and QM Symposium on International Law "Diversity of Transnational Criminal Justice" Harmful Interference into Satellite Telecommunications by Cyber Attack 10 April 2015 Yuri Takaya Research Fellow/Lecturer,

More information

Perspectives on Cybersecurity in Healthcare June 2015

Perspectives on Cybersecurity in Healthcare June 2015 SPONSORED BY Perspectives on Cybersecurity in Healthcare June 2015 Workgroup for Electronic Data Interchange 1984 Isaac Newton Square, Suite 304, Reston, VA. 20190 T: 202-618-8792/F: 202-684-7794 Copyright

More information

CYBER SECURITY THREATS AND RESPONSES

CYBER SECURITY THREATS AND RESPONSES CYBER SECURITY THREATS AND RESPONSES AT GLOBAL, NATION-STATE, INDUSTRY AND INDIVIDUAL LEVELS Heli Tiirmaa-Klaar* Although cyber security has accompanied the ICT sector since the first computer systems

More information

ROCKEFELLER SNOWE CYBERSECURITY ACT SUBSTITUTE AMENDMENT FOR S.773

ROCKEFELLER SNOWE CYBERSECURITY ACT SUBSTITUTE AMENDMENT FOR S.773 ROCKEFELLER SNOWE CYBERSECURITY ACT SUBSTITUTE AMENDMENT FOR S.773 March 17, 2010 BACKGROUND & WHY THIS LEGISLATION IS IMPORTANT: Our nation is at risk. The networks that American families and businesses

More information

C ETS C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CSCSS / ENTERPRISE TECHNOLOGY + SECURITY

C ETS C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CSCSS / ENTERPRISE TECHNOLOGY + SECURITY CSCSS / ENTERPRISE TECHNOLOGY + SECURITY C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CENTRE FOR STRATEGIC CSCSS CYBERSPACE + SECURITY SCIENCE CSCSS / ENTERPRISE TECHNOLOGY + SECURITY GROUP Information

More information

Cybersecurity for ALL

Cybersecurity for ALL Cybersecurity for ALL An Overview of ITU s Cybersecurity Activities UNECE International Conference on Technological Readiness for Innovationbased Competitiveness 30 in Geneva, Switzerland Christine Sund

More information

Qatar Computer Emergency Team

Qatar Computer Emergency Team Cyber Security Division Qatar Computer Emergency Team An initiative Introduction Qatar aims to fully exploit information and communications technology to become one of the most successful knowledge-based

More information

Keynote Speech. Beth Dugan Deputy Comptroller for Operational Risk. The Clearing House s First Operational Risk Colloquium

Keynote Speech. Beth Dugan Deputy Comptroller for Operational Risk. The Clearing House s First Operational Risk Colloquium Keynote Speech by Beth Dugan Deputy Comptroller for Operational Risk at The Clearing House s First Operational Risk Colloquium February 11, 2015 Washington, D.C. Thank you. It s an honor to be invited

More information

Promoting a cyber security culture and demand compliance with minimum security standards;

Promoting a cyber security culture and demand compliance with minimum security standards; Input by Dr. S.C. Cwele Minister of State Security, Republic of South Africa Cyber Security Meeting, Johannesburg 27 March 2014 I would like to thank the Wits School of Governance for inviting us to contribute

More information

Cyber-Security: Private-Sector Efforts Addressing Cyber Threats

Cyber-Security: Private-Sector Efforts Addressing Cyber Threats Cyber-Security: Private-Sector Efforts Addressing Cyber Threats Testimony of Dave McCurdy President, Electronic Industries Alliance Executive Director, Internet Security Alliance Before the Subcommittee

More information

C DIG COMMITTED TO EXCELLENCE IN CYBER DEFENCE. ONE MISSION. ONE GROUP. CSCSS / DEFENCE INTELLIGENCE GROUP

C DIG COMMITTED TO EXCELLENCE IN CYBER DEFENCE. ONE MISSION. ONE GROUP. CSCSS / DEFENCE INTELLIGENCE GROUP C DIG CSCSS / DEFENCE INTELLIGENCE GROUP COMMITTED TO EXCELLENCE IN CYBER DEFENCE. ONE MISSION. ONE GROUP. CENTRE FOR STRATEGIC CSCSS CYBERSPACE + SECURITY SCIENCE C DIG CSCSS / DEFENCE INTELLIGENCE GROUP

More information

Keynote: FBI Wednesday, February 4 noon 1:10 p.m.

Keynote: FBI Wednesday, February 4 noon 1:10 p.m. Keynote: FBI Wednesday, February 4 noon 1:10 p.m. Speaker: Leo Taddeo Special Agent in Change, Cyber/Special Operations Division Federal Bureau of Investigation Biography: Leo Taddeo Leo Taddeo is the

More information

The Dow Chemical Company. statement for the record. David E. Kepler. before

The Dow Chemical Company. statement for the record. David E. Kepler. before The Dow Chemical Company statement for the record of David E. Kepler Chief Sustainability Officer, Chief Information Officer, Business Services and Executive Vice President before The Senate Committee

More information

FEDERAL INFORMATION SECURITY. Mixed Progress in Implementing Program Components; Improved Metrics Needed to Measure Effectiveness

FEDERAL INFORMATION SECURITY. Mixed Progress in Implementing Program Components; Improved Metrics Needed to Measure Effectiveness United States Government Accountability Office Report to Congressional Committees September 2013 FEDERAL INFORMATION SECURITY Mixed Progress in Implementing Program Components; Improved Metrics Needed

More information

FACT SHEET: Ransomware and HIPAA

FACT SHEET: Ransomware and HIPAA FACT SHEET: Ransomware and HIPAA A recent U.S. Government interagency report indicates that, on average, there have been 4,000 daily ransomware attacks since early 2016 (a 300% increase over the 1,000

More information

GOVERNMENT OF THE REPUBLIC OF LITHUANIA

GOVERNMENT OF THE REPUBLIC OF LITHUANIA GOVERNMENT OF THE REPUBLIC OF LITHUANIA RESOLUTION NO 796 of 29 June 2011 ON THE APPROVAL OF THE PROGRAMME FOR THE DEVELOPMENT OF ELECTRONIC INFORMATION SECURITY (CYBER-SECURITY) FOR 20112019 Vilnius For

More information

Cybersecurity: What CFO s Need to Know

Cybersecurity: What CFO s Need to Know Cybersecurity: What CFO s Need to Know William J. Nowik, CISA, CISSP, QSA PCIP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2014 Wolf & Company, P.C. Today s Agenda Introduction

More information

Secure Data Centers For America A SOLUTION TO

Secure Data Centers For America A SOLUTION TO Secure Data Centers For America A SOLUTION TO A HOMELAND & NATIONAL SECURITY THREAT AGAINST CRITICAL INFRASTRUCTURE AND KEY RESOURCES IN STATE AND LOCAL GOVERNMENTS By Ralph R. Zerbonia and Universe Central

More information

Introduction to Cybersecurity Overview. October 2014

Introduction to Cybersecurity Overview. October 2014 Introduction to Cybersecurity Overview October 2014 Introduces the importance of cybersecurity and current trends Eight modules with presentations and panel discussions that feature industry experts Activities,

More information

Subject: Critical Infrastructure Identification, Prioritization, and Protection

Subject: Critical Infrastructure Identification, Prioritization, and Protection For Immediate Release Office of the Press Secretary The White House December 17, 2003 Homeland Security Presidential Directive / HSPD-7 Subject: Critical Infrastructure Identification, Prioritization,

More information

U.S. Department of Energy Office of Inspector General Office of Audits & Inspections. Evaluation Report

U.S. Department of Energy Office of Inspector General Office of Audits & Inspections. Evaluation Report U.S. Department of Energy Office of Inspector General Office of Audits & Inspections Evaluation Report The Department's Unclassified Cyber Security Program - 2012 DOE/IG-0877 November 2012 MEMORANDUM FOR

More information

Top 5 Global Bank Selects Resolution1 for Cyber Incident Response.

Top 5 Global Bank Selects Resolution1 for Cyber Incident Response. MAJOR FINANCIAL SERVICES LEADER Top 5 Global Bank Selects Resolution1 for Cyber Incident Response. Automation and remote endpoint remediation reduce incident response (IR) times from 10 days to 5 hours.

More information

Emerging risks for internet users

Emerging risks for internet users Sabeena Oberoi Assistant Secretary, Cyber Security and Asia Pacific Branch Department of Broadband, Communications and the Digital Economy Government s role - DBCDE The new Australian Government Cyber

More information

CSIS/DOJ Active Cyber Defense Experts Roundtable March 10, 2015

CSIS/DOJ Active Cyber Defense Experts Roundtable March 10, 2015 CSIS/DOJ Active Cyber Defense Experts Roundtable March 10, 2015 On March 10, 2015 the Center for Strategic and International Studies, in conjunction with the Cybersecurity Unit of the U.S. Department of

More information

NATIONAL STRATEGY FOR GLOBAL SUPPLY CHAIN SECURITY

NATIONAL STRATEGY FOR GLOBAL SUPPLY CHAIN SECURITY NATIONAL STRATEGY FOR GLOBAL SUPPLY CHAIN SECURITY JANUARY 2012 Table of Contents Executive Summary 1 Introduction 2 Our Strategic Goals 2 Our Strategic Approach 3 The Path Forward 5 Conclusion 6 Executive

More information

STATE OF CYBER SECURITY IN ETHIOPIA

STATE OF CYBER SECURITY IN ETHIOPIA ETIOPIAN TELECOMMUNICATIONS AGENCY STATE OF CYBER SECURITY IN ETHIOPIA By Mr. Balcha Reba Ethiopian Telecommunications Agency Standards and Inspection Department Head, Standards Division email: tele.agency@ethionet.et

More information

Cyber Security Strategy

Cyber Security Strategy NEW ZEALAND S Cyber Security Strategy 2015 A secure, resilient and prosperous online New Zealand Ministerial Foreword The internet and technology have become a fundamental element in our lives. We use

More information

December 17, 2003 Homeland Security Presidential Directive/Hspd-7

December 17, 2003 Homeland Security Presidential Directive/Hspd-7 For Immediate Release Office of the Press Secretary December 17, 2003 December 17, 2003 Homeland Security Presidential Directive/Hspd-7 Subject: Critical Infrastructure Identification, Prioritization,

More information

The virtual battle. by Mark Smith. Special to INSCOM 4 INSCOM JOURNAL

The virtual battle. by Mark Smith. Special to INSCOM 4 INSCOM JOURNAL The virtual battle by Mark Smith Special to INSCOM 4 INSCOM JOURNAL For many, the term cyberspace conjures up images of science fiction, the stuff of novels and movies. In fact, in 1994 this was the term

More information

ASEAN Regional Forum Cyber Incident Response Workshop Republic of Singapore 6-7 September 2012. Co-Chair s Summary Report

ASEAN Regional Forum Cyber Incident Response Workshop Republic of Singapore 6-7 September 2012. Co-Chair s Summary Report ASEAN Regional Forum Cyber Incident Response Workshop Republic of Singapore 6-7 September 2012 Co-Chair s Summary Report 1. Pursuant to the 18 th ASEAN Regional Forum (ARF) Ministerial meeting in Bali,

More information

El Camino College Homeland Security Spring 2016 Courses

El Camino College Homeland Security Spring 2016 Courses El Camino College Homeland Security Spring 2016 Courses With over 250,000 federal positions in Homeland Security and associated divisions, students may find good career opportunities in this field. Explore

More information

Cybersecurity Awareness. Part 1

Cybersecurity Awareness. Part 1 Part 1 Objectives Discuss the Evolution of Data Security Define and Discuss Cybersecurity Review Threat Environment Part 1 Discuss Information Security Programs s Enhancements for Cybersecurity Risks Threat

More information

Legislative Language

Legislative Language Legislative Language SEC. 1. COORDINATION OF FEDERAL INFORMATION SECURITY POLICY. (a) IN GENERAL. Chapter 35 of title 44, United States Code, is amended by striking subchapters II and III and inserting

More information

TYPES, PREVALENCE, AND PREVENTION OF CYBERCRIME. Haya Fetais & Mohammed Shabana. Saint Leo University COM- 510

TYPES, PREVALENCE, AND PREVENTION OF CYBERCRIME. Haya Fetais & Mohammed Shabana. Saint Leo University COM- 510 TYPES, PREVALENCE, AND PREVENTION OF CYBERCRIME Haya Fetais & Mohammed Shabana Saint Leo University COM- 510 November 23, 2014 Introduction Globalization and technological developments have infiltrated

More information

Trends Concerning Cyberspace

Trends Concerning Cyberspace Section 2 Trends Concerning Cyberspace 1 Cyberspace and Security Owing to the information technology (IT) revolution in recent years, information and communication networks such as the Internet are becoming

More information

Government of Kenya Ministry of Information Communications and Technology Telposta Towers, 10th Floor, Kenyatta Ave Nairobi, Kenya

Government of Kenya Ministry of Information Communications and Technology Telposta Towers, 10th Floor, Kenyatta Ave Nairobi, Kenya i Government of Kenya Ministry of Information Communications and Technology Telposta Towers, 10th Floor, Kenyatta Ave Nairobi, Kenya ii Executive Summary Global information and communication technology

More information

Keynote. Professor Russ Davis Chairperson IC4MF & Work Shop Coordinator for Coordinator for Technology, Innovation and Exploitation.

Keynote. Professor Russ Davis Chairperson IC4MF & Work Shop Coordinator for Coordinator for Technology, Innovation and Exploitation. Keynote Professor Russ Davis Chairperson IC4MF & Work Shop Coordinator for Coordinator for Technology, Innovation and Exploitation 6 & 7 Nov 2013 So many of us now don t just work online but live part

More information

FISMA Implementation Project

FISMA Implementation Project FISMA Implementation Project The Associated Security Standards and Guidelines Dr. Ron Ross Computer Security Division Information Technology Laboratory 1 Today s Climate Highly interactive environment

More information

EEI Business Continuity. Threat Scenario Project (TSP) April 4, 2012. EEI Threat Scenario Project

EEI Business Continuity. Threat Scenario Project (TSP) April 4, 2012. EEI Threat Scenario Project EEI Business Continuity Conference Threat Scenario (TSP) April 4, 2012 EEI Threat Scenario 1 Background EEI, working with a group of CIOs and Subject Matter Experts, conducted a survey with member companies

More information

The European Response to the rising Cyber Threat

The European Response to the rising Cyber Threat SPEECH/12/315 Cecilia Malmström European Commissioner responsible for Home Affairs The European Response to the rising Cyber Threat Transatlantic Cyber Conference organised by the Center for Strategic

More information

Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary

Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary 1. The Government hereby approves the National Cyber Security Strategy of Hungary laid down in Annex No.

More information

Cyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties

Cyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties Cyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties Pamela Passman President and CEO Center for Responsible Enterprise And Trade (CREATe.org)

More information