It's a MAD, MAD, MAD Cyber World
|
|
- Stewart Mosley
- 8 years ago
- Views:
Transcription
1 It's a MAD, MAD, MAD Cyber World Remarks by Rod Beckstrom at the Personal Democracy Forum New York City June 6, 2013 As prepared for delivery EMBARGOED FOR RELEASE AT EST, 06 JUNE 2013 Let s start this discussion with a brief cybersecurity risk assessment: 1. Anything attached to a network can be hacked. 2. Everything is being attached to networks. 3. Everything is vulnerable. This is Beckstrom s Law of Cybersecurity and it shouldn t come as a surprise to anyone. The Internet is history s biggest and most complex system but it wasn t designed for security. It was intended to be open and engaging - a platform for sharing and collaboration that was accessible to everyone everywhere. But the door we ve opened to innovation and sharing comes with unintended consequences, and living with a serious cyber threat is our new global reality. Factor in the dramatic increase in transparency in modern life, whether from so much information being posted online or from the involuntary transparency of being watched without your consent, and you have a major vulnerability to cyber attack. Add in our growing dependence on Internet- based transportation, food, power, water, military and government systems and we have the potential for major cyber disasters. A few years ago, my colleague Ori Brafman and I wrote a book called The Starfish and the Spider: the Unstoppable Power of Leaderless Organizations. It s based on the idea that decentralized networks organizations like al Qaeda that have an amorphous leadership structure are regenerating: when you cut off an arm or eliminate a senior leader they simply grow another one and move on. The book proved popular among U.S. government leaders and that led to a request for me to help them better understand the evolving terror and cyber threats as the 1
2 founding Director of the U.S. National Cybersecurity Center. This incredible job afforded me unique insight into the realities of the growing cyber threat. The center was a coordination point for protecting civilian, military and intelligence networks. And it eventually led me to a leadership role in global Internet governance as CEO of ICANN, helping to keep the global Internet open, resilient and decentralized for the benefit of the world. The Starfish and The Spider introduced a model for thinking about decentralized networks, organizational leadership, strategy, competition and evolution. And it is helpful to consider the growing cyber threat in a comparable framework. So today I would like to present a new cybersecurity model. It relates to what is really going on in our new, more vulnerable world - from a systems perspective, and from a realpolitik perspective. And it starts with a basic fact. Through the impact and reach of the Internet, the world of power and politics has changed forever. We now live in a MAD, MAD, MAD cyber world. What do I mean by this? First, let s look at the classic MAD: nuclear Mutually Assured Destruction. Nuclear MAD evolved from the development and proliferation of nuclear weapons after World War II. It changed the nature of war and geopolitics and helped secure the precarious peace among superpowers that has held for almost seventy years while countless small regional wars have been fought. The second MAD is cyber MAD, or Mutually Assured Disruption. It echoes the underlying concept of nuclear MAD: nation states and others have the ability to cripple each other s power systems, industries and economies through broad- scale cyber attacks. And like nuclear MAD, cyber MAD leads to some level of deterrence among nation states. If one government launches a full- scale cyber attack on another, they or the people in their country are likely to receive the same back. And they know it. But cyber MAD is fundamentally different from nuclear MAD. Nuclear weapons have not been used in war since But cyber weapons are used millions of times every second. Nuclear weapons are discrete, identifiable and easy to detect if detonated. Cyber weapons are pervasive, unidentified and often difficult or impossible to detect and attribute. So some of the lessons the Cold War taught to many of our current government policymakers are radically inapplicable to cyber MAD. The third MAD is Mutually Assured Dependence on the Internet, or simply Internet MAD, reflecting our shared reliance on the Internet, and upon each other through 2
3 the Internet, for communications, commerce, power, travel, shipping, infrastructure in fact, for almost everything we do. That makes Internet MAD a positive force that delivers incredible benefits to mankind. Most individuals and countries could not function very well without it, and our reliance is growing. A recent survey showed that 57 percent of American women would give up sex for a week before they would give up their smartphones. If that s not a sign of Internet addiction, I don t know what is. The Internet benefits all nations, no matter their political orientation, and though they may disagree on some aspects of its use, most of them recognize the importance of keeping it working. Internet MAD helps hold our world together. There are significant implications for nation states and for citizens of the world in this MAD, MAD, MAD cyber world. Governments and societies must evolve to cope with a new reality, just as the world learned to cope with nuclear MAD after World War II. To understand these MAD concepts better, let s consider a scenario using publicly available information to analyze the dynamics of Stuxnet - perhaps the most important malware ever developed. Stuxnet was a by- product of nuclear MAD - an extremely complex computer worm that was unleashed upon Iran in It was the first malware crafted to disrupt nuclear production facilities. It was intended to prevent Iran from refining nuclear fuels that could be used to make a bomb. Nuclear non- proliferation is a great success story and many governments around the world understandably do not wish to see new nations with nuclear weapons enter into this delicate balance of power. The U.S. government decided to interrupt Iran s uranium enrichment program - not with bombs but with a cyber weapon. Stuxnet corrupted the software in the centrifuges industrial controllers so they would spin faster than they were designed for and fail. The operators were fed false data on the spin rates so they would be unable to understand or fix the problem. Stuxnet is a tool of the second MAD: mutually assured disruption. It disrupted and destroyed about 1,000 out of 9,000 centrifuges, and may have provided a temporary setback to Iran s nuclear ambitions. But the Iranians eventually discovered it and so did hackers, who reverse- engineered much of the code and put it on the web for other hackers to use. Iran did not take this lightly. According to reports, they have responded on multiple fronts. Iran has been credited with heavy and escalating denial- of- service attacks on U.S. and European banks, occasionally interrupting operations. 3
4 Then, on August 15, 2012, tens of thousands of computers at Saudi Aramco, the world s largest oil company, went dark. Employees tried to switch their machines back on but couldn t. Some point to Iran as the perpetrator, while others suspect a circle of dissident hackers. In the last month, according to the May 24 Wall Street Journal, U.S. officials believe that Iran has hacked into many U.S. energy companies and collected sufficient information to create concerns about future possible attacks. From a systems standpoint, the cyber offensive against Iran via Stuxnet has now led to a series of Iranian countermoves. A game of tit- for- tat is playing out that could bring us closer to the edge of mutually assured disruption. This is the very definition of cyber MAD: reciprocally escalating cyber attacks at the nation state level. While it can take decades to develop a nuclear weapons capability, cyber weapons can often be copied immediately or reverse- engineered and deployed by nation states or hackers in just days or weeks. Even highly skilled lone hackers can launch major cyber attacks. This completely changes the dynamic from the precarious but peaceful détente of the nuclear era to a rapidly escalating, often invisible cyber hacking and conflict threat. If it s so easy to launch a serious attack, why haven t there been more? We can t be sure - and they could still come - but one reason is clear. Remember that positive Internet MAD our mutual dependence and shared reliance on the Internet? Most of us need this global system to work to keep our lives running smoothly. There are many motivations for attacking systems: obtaining state secrets, accessing commercially sensitive information, stealing assets, political activism. But even those who hack and attack want the Internet to work. They know that without it, they couldn t achieve their broader goals, whatever they may be. Nonetheless, about 70,000 new strains of malware appear every day. The growth of nuclear weapons was contained first by non- proliferation - limiting the number of nations with weapons - and then by arms negotiations to limit the number of weapons. In cyber space, there are no effective containment policies and the scale, diversity, and growth rate of the Internet mean that none are likely to emerge in the near future. And the current rapid pace of tech development is far beyond that of nuclear development when nuclear MAD was in full play. According to reports, more than 100 nations are investing in offensive cyber capabilities. Relationships among cyber attackers where they even exist - lack trust, engagement and cohesion, and an atmosphere of retaliation prevails. It s like the Wild West - except that it engulfs the planet. 4
5 This produces a very different set of challenges for those who seek to contain the growing cyber threat. As we learn to live in this MAD cyber world, we must work together to create a more stable and secure Internet, because the downside of Internet MAD s positive mutual dependence is that the capacity for destruction at the hands of cyber attackers is immense. Cyber attacks can seriously undermine the security of the Internet and place entire economies at risk. The theoretical loss of life through a significant disruption of infrastructure or through militarization is huge. Militarization may also lead countries to oppose the current multi- stakeholder governance of the Internet, where global non- profit bodies like ICANN, the Internet Engineering Task Force and others work to keep the Internet unified and to prioritize the needs of its three billion users. Some might propose breaking up the Internet to protect their national interests, creating separate and self- contained national networks. But as we move steadily closer to connecting every person in the world, our economic future will depend even more on maintaining a unified global Internet. It is the foundation for continued innovation and economic growth and a platform for communication across cultural borders and political boundaries. Its unity is essential to our collective future. So how do we defend ourselves against cyber attack? It s not easy. And no one has all the answers - we have to work through this new challenge together. I have developed this MAD, MAD, MAD model to provide a meaningful framework for understanding the new cyber reality and to contribute to a more informed discussion about solutions, because you have to understand a problem before you can solve it. And in the spirit of collaboration, I have some ideas to contribute. First, we must develop global definitions, norms and standards for cybersecurity. Right now we are about where nuclear MAD was in the 1950s. We need a common understanding of the threat to begin moving into real diplomatic dialogue. This won t be easy, but it must be done and it needs to start now. Governments are part of the problem and must be part of the solution, but nation state solutions alone won t work. The private sector has a key role in its own right and must also work with governments, including through multi- stakeholder bodies. Second, we must build global trust. That means finding areas where positive steps can be taken together to build some level of confidence. Fighting global terrorism and coordinating law enforcement efforts against global cyber- bank robbers, human traffickers and drug traffickers, for example, are two areas with particular potential for effective collaboration. 5
6 Third, we need to use transparency and economic incentives to drive to a higher level of security. Regulation and strict reporting requirements alone do not work. Penetration testing and other methods of positive security assurance should be the norm in every important system. One of the best ways to determine if a network is secure is to authorize highly skilled parties to try to breach it. This has clear benefits. It identifies actual vulnerabilities - information that can then be used to improve security. It exposes the real- time state of a system, a key tool in assessing risk for potential business partners, contractors or investors. And having the right to test a system provides the evidence to establish trust or not. Lastly, we must build better security into the Internet itself. Greater research and investment are needed to strengthen its technical underpinnings. That includes investment to spread the deployment of more secure technologies like DNSSEC (Domain Name System Security Extensions) and PGP (Pretty Good Privacy), which help stop man- in- the- middle attacks. We also need new research into more secure Internet standards and protocols like DANE (DNS- based Authentication of Named Entities). These ideas are just a beginning, a means of starting this crucial global discussion. I hope many others will contribute, and that Beckstrom s Law of Cybersecurity and the MAD, MAD, MAD model will be a useful framework in considering the way forward. The Internet is one of mankind s greatest collective achievements and protecting it is fundamental to our future. The moment has come to bring sanity back to our MAD, MAD, MAD cyber world. Thank you. Contact information Rod Beckstrom Media inquiries contact@beckstrom.com Phone: Find this speech online at 6
(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework
(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework (U//FOUO) The United States lacks a comprehensive strategic international policy framework and coordinated engagement
More informationwww.pwc.co.uk Cyber security Building confidence in your digital future
www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in
More informationCyber Security Related Excerpts from the Global Risk Forum Berlin September 25-26, 2013 Draft 10/24/13
Cyber Security Related Excerpts from the Global Risk Forum Berlin September 25-26, 2013 Draft 10/24/13 Forwarding an International Public-Private Framework for Cyber Security & Resilience: With Increasing
More informationResearch Note Engaging in Cyber Warfare
Research Note Engaging in Cyber Warfare By: Devin Luco Copyright 2013, ASA Institute for Risk & Innovation Keywords: Cyber War, Cyber Warfare, Cyber Attacks, Cyber Threats Abstract This research note defines
More informationRecognize Nefarious Cyber Activity and Catch Those Responsible with IBM InfoSphere Entity Analytic Solutions
Building a Smarter Planet with Advanced Cyber Security Solutions Recognize Nefarious Cyber Activity and Catch Those Responsible with Highlights g Cyber Security Solutions from IBM InfoSphere Entity Analytic
More informationInto the cybersecurity breach
Into the cybersecurity breach Tim Sanouvong State Sector Cyber Risk Services Deloitte & Touche LLP April 3, 2015 Agenda Setting the stage Cyber risks in state governments Cyber attack vectors Preparing
More informationThe Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco.
The Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco. 1 Calling All CEOs Are You Ready to Defend the Battlefield of the 21st Century? It is not the norm for corporations to be
More informationGLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000. CEO EDS Corporation
GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000 Issue Chair: Issue Sherpa: Dick Brown CEO EDS Corporation Bill Poulos EDS Corporation Tel: (202) 637-6708
More informationApplication Security in the Software Development Lifecycle
Application Security in the Software Development Lifecycle Issues, Challenges and Solutions www.quotium.com 1/15 Table of Contents EXECUTIVE SUMMARY... 3 INTRODUCTION... 4 IMPACT OF SECURITY BREACHES TO
More informationHow To Protect Your Computer From Attack
FREQUENTLY ASKED QUESTIONS on C Y B E R S E C U R I T Y By IEEE USA s Committee on Communications Policy December 2011 This Frequently Asked Questions (FAQs) was prepared by IEEE-USA s Committee on Communications
More informationEvolution of Cyber Security and Cyber Threats with focus on Cloud Computing
Evolution of Cyber Security and Cyber Threats with focus on Cloud Computing Igor Nai Fovino-Head of Research GCSEC The last two years will surely enter in the history of IT Security. 2010 was the year
More informationCybercrime: risks, penalties and prevention
Cybercrime: risks, penalties and prevention Cyber attacks have been appearing in the news with increased frequency and recent victims of cybercrime have included well-known companies such as Sony, LinkedIn,
More informationthe Council of Councils initiative
Author: Andrea Renda, Senior Research Fellow, Centre for European Policy Studies May 3, 2013 Editor's note: This brief is a feature of the Council of Councils initiative, gathering opinions from global
More informationToday s Global Cyber Security Status and Trustworthy Systems That Leverage Distrust Amongst Sovereigns
Today s Global Cyber Security Status and Trustworthy Systems That Leverage Distrust Amongst Sovereigns Benjamin GITTINS Ronald KELSON What is cyberspace and why is it so important? US Government Cyberspace
More informationVulnerability Risk Management 2.0. Best Practices for Managing Risk in the New Digital War
Vulnerability Risk Management 2.0 Best Practices for Managing Risk in the New Digital War In 2015, 17 new security vulnerabilities are identified every day. One nearly every 90 minutes. This consistent
More informationHonourable members of the National Parliaments of the EU member states and candidate countries,
Speech by Mr Rudolf Peter ROY, Head of division for Security Policy and Sanctions of the European External Action Service, at the L COSAC Meeting 29 October 2013, Vilnius Honourable members of the National
More informationToward a Deeper and Broader U.S.-Japan Alliance: Building on 50 Years of Partnership
Joint Statement of the Security Consultative Committee Toward a Deeper and Broader U.S.-Japan Alliance: Building on 50 Years of Partnership June 21, 2011 by Secretary of State Clinton Secretary of Defense
More informationworking group on foreign policy and grand strategy
A GRAND STRATEGY ESSAY Managing the Cyber Security Threat by Abraham Sofaer Working Group on Foreign Policy and Grand Strategy www.hoover.org/taskforces/foreign-policy Cyber insecurity is now well established
More informationWhite Paper: Cyber Hawk or Digital Dove
White Paper: Cyber Hawk or Digital Dove Published By: SkillBridge, LLC September 18, 2013 Today s Modern Warfare With the recent debate over whether or not the United States should take military action
More informationBusiness Continuity for Cyber Threat
Business Continuity for Cyber Threat April 1, 2014 Workshop Session #3 3:00 5:30 PM Susan Rogers, MBCP, MBCI Cyberwise CP S2 What happens when a computer program can activate physical machinery? Between
More informationwww.pwc.nl/cybersecurity Cyber security Building confidence in your digital future
www.pwc.nl/cybersecurity Cyber security Building confidence in your digital future 2015 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence
More informationSecurity & SMEs. An Introduction by Jan Gessin. Introduction to the problem
Security & SMEs An Introduction by Jan Gessin Introduction to the problem SMEs convinced it will never happen to them. In many ways SMEs are more of a target than big business. Harsh realities of the online
More informationTrends in Malware DRAFT OUTLINE. Wednesday, October 10, 12
Trends in Malware DRAFT OUTLINE Presentation Synopsis Security is often a game of cat and mouse as security professionals and attackers each vie to stay one step ahead of the other. In this race for dominance,
More informationCORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT
CORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT How advancements in automated security testing software empower organizations to continuously measure information
More informationWhat is Really Needed to Secure the Internet of Things?
What is Really Needed to Secure the Internet of Things? By Alan Grau, Icon Labs alan.grau@iconlabs.com The Internet of Things (IoT) has become a ubiquitous term to describe the tens of billions of devices
More informationExamining the Evolving Cyber Insurance Marketplace
Prepared Testimony and Statement for the Record of Ola Sage Founder and CEO e-management Hearing on Examining the Evolving Cyber Insurance Marketplace Before the Senate Committee on Commerce, Science,
More informationHow Do IT Security Professionals Prioritize
WHITE PAPER How Do IT Security Professionals Prioritize Headlines versus Reality: Survey Report Table of Contents Executive Summary 3 Recommendations 3 Survey Statistics 4 Methodology 6 About BeyondTrust
More informationAddressing the Full Attack Continuum: Before, During, and After an Attack. It s Time for a New Security Model
White Paper Addressing the Full Attack Continuum: Before, During, and After an Attack It s Time for a New Security Model Today s threat landscape is nothing like that of just 10 years ago. Simple attacks
More informationCYBERSECURITY RISK RESEARCH CENTRE. http://www.riskgroupllc.com. http://www.riskgroupllc.com info@riskgroupllc.com + (832) 971 8322
CYBERSECURITY RISK RESEARCH CENTRE http://www.riskgroupllc.com http://www.riskgroupllc.com info@riskgroupllc.com + (832) 971 8322 Cyber-Security Risk Research Centre In this era of interconnected and interdependent
More informationCyber Threats Insights from history and current operations. Prepared by Cognitio May 5, 2015
Cyber Threats Insights from history and current operations Prepared by Cognitio May 5, 2015 About Cognitio Cognitio is a strategic consulting and engineering firm led by a team of former senior technology
More informationCybersecurity: Learn Critical Strategies to Protecting Your Enterprise November 6, 2013 1:00PM EST
Cybersecurity: Learn Critical Strategies to Protecting Your Enterprise November 6, 2013 1:00PM EST November 6, 2013 Copyright 2013 Trusted Computing Group 1 November 6, 2013 Copyright 2013 Trusted Computing
More informationManaging Cyber Attacks
Managing Cyber Attacks Regulators and Industry Participants Discuss Ways to Strengthen Defenses By Joanne Morrison June 25, 2015 Cybersecurity risks and testing are a major concern of regulators and market
More informationManaging IT Security with Penetration Testing
Managing IT Security with Penetration Testing Introduction Adequately protecting an organization s information assets is a business imperative one that requires a comprehensive, structured approach to
More informationCyberterror. Cyberspace computer-mediated communication systems has become a battleground between states and terrorists, and among nation states.
Cyberterror Cyberspace computer-mediated communication systems has become a battleground between states and terrorists, and among nation states. What are terrorists main uses of cyberspace? How does cyberterror
More informationCybersecurity. Canisius College
Cybersecurity Introduction In the year 2013, cybersecurity is a relevant issue on both the most personal level and the global level. Never has humanity had access to such a vast array of information. Never
More informationTestimony of. Before the United States House of Representatives Committee on Oversight and Government Reform And the Committee on Homeland Security
Testimony of Dr. Phyllis Schneck Deputy Under Secretary for Cybersecurity and Communications National Protection and Programs Directorate United States Department of Homeland Security Before the United
More informationTuomioja commenced the event by welcoming Mogherini and presenting the theme of the day: Europe and the construction of peace.
EU as a peacebuilder? 5.3.2015 Eurooppasali, Helsinki Tuomioja commenced the event by welcoming Mogherini and presenting the theme of the day: Europe and the construction of peace. Scepticism about the
More informationThe UK cyber security strategy: Landscape review. Cross-government
REPORT BY THE COMPTROLLER AND AUDITOR GENERAL HC 890 SESSION 2012-13 12 FEBRUARY 2013 Cross-government The UK cyber security strategy: Landscape review 4 Key facts The UK cyber security strategy: Landscape
More informationSTRATEGIC OBJECTIVE 2.4 OVERCOME GLOBAL SECURITY CHALLENGES THROUGH DIPLOMATIC ENGAGEMENT AND DEVELOPMENT COOPERATION
Performance Goal 2.4.1 By September 30, 2017, achieve key milestones to promote arms control and nonproliferation by implementing the President s Prague Agenda of steps toward a world without nuclear weapons;
More informationCONTROLLING THE GENIE OF EMERGING TECHNOLOGIES SIX STEPS TO MITIGATE RISKS CREATED BY INNOVATION JOHN DRZIK
CONTROLLING THE GENIE OF EMERGING TECHNOLOGIES SIX STEPS TO MITIGATE RISKS CREATED BY INNOVATION JOHN DRZIK Innovation is vital to progress. Advances in science, and the new technologies flowing from them,
More informationBeyond the Hype: Advanced Persistent Threats
Advanced Persistent Threats and Real-Time Threat Management The Essentials Series Beyond the Hype: Advanced Persistent Threats sponsored by Dan Sullivan Introduction to Realtime Publishers by Don Jones,
More informationAustralian Government Cyber Security Review
Australian Government Cyber Security Review The Cisco Response Today, governments are almost universally pursuing a development and modernisation agenda to nurture their society into the digital age, and
More informationWHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY?
WHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY? Contents Introduction.... 3 What Types of Network Security Services are Available?... 4 Penetration Testing and Vulnerability Assessment... 4 Cyber
More informationCYBERSECURITY RISK RESEARCH CENTER. http://www.riskgroupllc.com. http://www.riskgroupllc.com info@riskgroupllc.com + (832) 971 8322
CYBERSECURITY RISK RESEARCH CENTER http://www.riskgroupllc.com http://www.riskgroupllc.com info@riskgroupllc.com + (832) 971 8322 Cyber-Security Risk Research Centre In this era of interconnected and interdependent
More informationThe Comprehensive National Cybersecurity Initiative
The Comprehensive National Cybersecurity Initiative President Obama has identified cybersecurity as one of the most serious economic and national security challenges we face as a nation, but one that we
More informationHow To Write A National Cybersecurity Act
ROCKEFELLER SNOWE CYBERSECURITY ACT SUBSTITUTE AMENDMENT FOR S.773 March 17, 2010 BACKGROUND & WHY THIS LEGISLATION IS IMPORTANT: Our nation is at risk. The networks that American families and businesses
More informationTestimony of PETER J. BESHAR. Executive Vice President and General Counsel. Marsh & McLennan Companies
Marsh & McLennan Companies, Inc. 1166 Avenue of the Americas New York, NY 10036 +1 212 345 5000 Fax +1 212 345 4808 Testimony of PETER J. BESHAR Executive Vice President and General Counsel Marsh & McLennan
More informationThe European Security Strategy Austrian Perspective
Erich Reiter and Johann Frank The European Security Strategy Austrian Perspective The following essay gives the Austrian view on the ESS from a security political perspective and analyses the needs and
More informationThe Path Ahead for Security Leaders
The Path Ahead for Security Leaders Executive Summary What You Will Learn If you asked security leaders five years ago what their primary focus was, you would likely get a resounding: securing our operations.
More informationEmail Security - A Holistic Approach to SMBs
Implementing the latest anti-virus software and security protection systems can prevent many internal and external threats. But these security solutions have to be updated regularly to keep up with new
More informationEuropean Commission Per email: CNECT-H4@ec.europa.eu
Post Bits of Freedom Bank 55 47 06 512 M +31(0)646282693 Postbus 10746 KvK 34 12 12 86 E simone.halink@bof.nl 1001 ES Amsterdam W https://www.bof.nl European Commission Per email: CNECT-H4@ec.europa.eu
More informationCyber Security Operations Centre Reveal Their Secrets - Protect Our Own Defence Signals Directorate
Cyber Security Operations Centre Reveal Their Secrets - Protect Our Own Defence Signals Directorate Contents Message from the Director 3 Cyber Security Operations Centre 5 Cyber Security Strategy 7 Conversation
More informationCybersecurity: Mission integration to protect your assets
Cybersecurity: Mission integration to protect your assets C Y B E R S O L U T I O N S P O L I C Y O P E R AT I O N S P E O P L E T E C H N O L O G Y M A N A G E M E N T Ready for what s next Cyber solutions
More informationWorm Was Perfect for Sabotaging Centrifuges By WILLIAM J. BROAD and DAVID E. SANGER
Page 1 of 5 Reprints This copy is for your personal, noncommercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers here or use the "Reprints"
More informationOPC & Security Agenda
OPC & Security Agenda Cyber Security Today Cyber Security for SCADA/IS OPC Security Overview OPC Security Products Questions & Answers 1 Introduction CYBER SECURITY TODAY The Need for Reliable Information
More informationCyber Warfare. Global Economic Crime Survey. Causes of Cyber Attacks. David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP. Why Cybercrime?
Cyber Warfare David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP Global Economic Crime Survey Cyber crime is the fastest growing economic crime up more than 2300% since 2009 1 in 10 companies
More informationEnergy Cybersecurity Regulatory Brief
Energy Understand the regulations that impact the energy industry and accelerate information security initiatives. Contents Overview 3 A Highly Vulnerable Energy Industry 4 Key Regulations to Consider
More informationThe Five Most Common Cyber-Attack Myths Debunked
cybereason The Five Most Common Cyber-Attack Myths Debunked 2016 Cybereason. All rights reserved. 1 Cyber attacks show no sign of decreasing any time soon. If anything, hackers have expanded the type of
More informationThreat Intelligence Pty Ltd info@threatintelligence.com 1300 809 437. Specialist Security Training Catalogue
Threat Intelligence Pty Ltd info@threatintelligence.com 1300 809 437 Specialist Security Training Catalogue Did you know that the faster you detect a security breach, the lesser the impact to the organisation?
More informationAssessing the strength of your security operating model
www.pwc.com Assessing the strength of your security operating model May 2014 Assessing the strength of your security operating model Retail stores, software companies, the U.S. Federal Reserve it seems
More informationCounterterrorism and Cybersecurity
Newton Lee Counterterrorism and Cybersecurity Total Information Awareness Spri Part I Counterterrorism in Retrospect: Then and Now 1 September 11 Attacks 3 1.1 September 3 Disney's Responses to the Attacks
More informationU.S. POLICY IN THE BLACK SEA REGION
U.S. POLICY IN THE BLACK SEA REGION From the U.S. point of view, NATO is and will remain the premier provider of security for the Euro-Atlantic region, which includes the Black Sea. Far from seeking to
More informationREMARKS BY US PRESIDENT BARACK OBAMA ON SECURING THE NATION'S CYBER INFRASTRUCTURE
REMARKS BY US PRESIDENT BARACK OBAMA ON SECURING THE NATION'S CYBER INFRASTRUCTURE 29 May 2009 THE PRESIDENT: Everybody, please be seated. We meet today at a transformational moment -- a moment in history
More informationBRUNEI DARUSSALAM'S SECURITY CONCEPTS AND PERCEPTIONS
ARF WORKSHOP 21-22 JUNE 2005 ULAANBAATAR, MONGOLIA BRUNEI DARUSSALAM'S SECURITY CONCEPTS AND PERCEPTIONS Overall, Brunei Darussalam security assessment remains peaceful and stable. However, the range of
More informationThe main object of my research is :
The main object of my research is : «War» I try to analyse the mutual impacts between «new wars» and the evolution of the international system More especially my research is about what we call»cyber-war«or»cyber-conflicts«is
More informationManaging cyber risk the global banking perspective
1 Managing cyber risk the global banking perspective Speech given by Andrew Gracie, Executive Director, Resolution, Bank of England British Bankers Association Cyber Conference, London 10 June 2014 2 I
More informationTHE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS
THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS Download the entire guide and follow the conversation at SecurityRoundtable.org Collaboration and communication between technical
More informationCyber Security Strategy
NEW ZEALAND S Cyber Security Strategy 2015 A secure, resilient and prosperous online New Zealand Ministerial Foreword The internet and technology have become a fundamental element in our lives. We use
More informationFFIEC Cybersecurity Assessment Tool
Overview In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed the Cybersecurity Tool (), on behalf of its members,
More informationCybercrime Bedrohung, Intervention, Abwehr. Cybersecurity strategic-political aspects of this global challenge
Cybercrime Bedrohung, Intervention, Abwehr BKA-Herbsttagung vom 12. - 13. November 2013 Cybersecurity strategic-political aspects of this global challenge Full version Michael Daniel Special Assistant
More informationInformation Governance Software that allows Organizations to Track, Monitor and Classify Data in Real Time
ceocfointerviews.com All rights reserved! Issue: September 7, 2015 The Most Powerful Name in Corporate News Information Governance Software that allows Organizations to Track, Monitor and Classify Data
More informationCyber Diplomacy A New Component of Foreign Policy 6
Cyber Diplomacy A New Component of Foreign Policy 6 Assistant Lecturer Dana DANCĂ, PhD. candidate Titu Maiorescu University, Bucharest dana.danca@yahoo.com Abstract Nowadays, the boundary between virtual
More informationWHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security
WHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security A World of Constant Threat We live in a world on constant threat. Every hour of every day in every country around the globe hackers
More informationSCADA/ICS Security in an. RobertMichael.Lee@Gmail.com Twitter: @RobertMLee
SCADA/ICS Security in an Insecure Domain RobertMichael.Lee@Gmail.com Twitter: @RobertMLee Introduction CYA The opinions held and expressed by Robert M. Lee do not constitute or represent an opinion or
More informationExperience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC.
Experience the commitment WHITE PAPER Information Security Continuous Monitoring Charting the Right Course May 2014 cgi.com 2014 CGI GROUP INC. During the last few months of 2013, six federal agencies
More informationWhite Paper on Financial Industry Regulatory Climate
White Paper on Financial Industry Regulatory Climate According to a 2014 report on threats to the financial services sector, 45% of financial services organizations polled had suffered economic crime during
More information5 DEADLY MISTAKES THAT BUSINESS OWNERS MAKE WITH THEIR COMPUTER NETWORKS AND HOW TO PROTECT YOUR BUSINESS
5 DEADLY MISTAKES THAT BUSINESS OWNERS MAKE WITH THEIR COMPUTER NETWORKS AND HOW TO PROTECT YOUR BUSINESS 1 Introduction As small and mid-sized companies rely more heavily on their computer networks to
More informationRecent cyber-security studies in the U.S. David D. Clark MIT CFP May, 2009
Recent cyber-security studies in the U.S. David D. Clark MIT CFP May, 2009 Two recent studies National Academies Study: Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack
More informationData-Centric Security. New imperatives for a new age of data
Data-Centric Security New imperatives for a new age of data Out-maneuvered, outnumbered, outgunned Things are not going well. The phones have gotten smarter, the data s gotten bigger, and your teams and
More informationUnderstanding Cyber Defense A Systems Architecture Approach
NDIA 12th Annual Systems Engineering Conference, San Diego, CA, 26-29 Oct 2009 Understanding Cyber Defense A Systems Architecture Approach Tom McDermott Director of Research Georgia Tech Research Institute
More informationStatement for the Record. Richard Bejtlich. Chief Security Strategist. FireEye, Inc. Before the. U.S. House of Representatives
Statement for the Record Richard Bejtlich Chief Security Strategist FireEye, Inc. Before the U.S. House of Representatives Committee on Energy and Commerce Subcommittee on Oversight and Investigations
More informationInformation Security in Business: Issues and Solutions
Covenant University Town & Gown Seminar 2015 Information Security in Business: Issues and Solutions A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information
More informationFIVE WAYS TO MAKE YOUR SUPPLY CHAIN MORE DYNAMIC
SUPPLY CHAIN WHITE PAPER FIVE WAYS TO MAKE YOUR SUPPLY CHAIN MORE DYNAMIC Keeping tabs on your company s supply chain is no small task when you ve got hundreds, if not thousands, of bits of data whirling
More informationGovernment + Enterprise + Innovation + Strategy
Government + Enterprise + Innovation + Strategy Australia as Lead Regional Player in Cyber War Greg Rudd CEO Crest Australia Digital Disruption What does this mean for cyber security? Digital Changes Everything
More information2 Gabi Siboni, 1 Senior Research Fellow and Director,
Cyber Security Build-up of India s National Force 2 Gabi Siboni, 1 Senior Research Fellow and Director, Military and Strategic Affairs and Cyber Security Programs, Institute for National Security Studies,
More informationRisk Nexus: Overcome by cyber risks? Tom Bossert CDS Risk Management
Risk Nexus: Overcome by cyber risks? Tom Bossert CDS Risk Management 1 The Cyber Risk Trend Each year sees: More data breaches More disclosures of critical vulnerabilities More nations building and employing
More informationActive Engagement, Modern Defence
Strategic Concept For the Defence and Security of The Members of the North Atlantic Treaty Organisation Adopted by Heads of State and Government in Lisbon Active Engagement, Modern Defence Preface We,
More informationNational Cyber Security Policy -2013
National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information
More informationWHITE PAPER. Running. Windows Server 2003. in a Post-Support World. By Nick Cavalancia
Running Windows Server 2003 in a Post-Support World By Nick Cavalancia TABLE OF CONTENTS Introduction 1 The Challenge of Staying on Windows Server 2003 2 Building a Vulnerability Mitigation Strategy 4
More informationCapabilities for Cybersecurity Resilience
Capabilities for Cybersecurity Resilience In the Homeland Security Enterprise May 2012 DHS Cybersecurity Strategy A cyberspace that: Is Secure and Resilient Enables Innovation Protects Public Advances
More informationProtecting against cyber threats and security breaches
Protecting against cyber threats and security breaches IBM APT Survival Kit Alberto Benavente Martínez abenaventem@es.ibm.com IBM Security Services Jun 11, 2015 (Madrid, Spain) 12015 IBM Corporation So
More informationCYBER SECURITY: NAVIGATING THE THREAT LANDSCAPE
CYBER SECURITY: NAVIGATING THE THREAT LANDSCAPE WHITE PAPER www.cibecs.com 2 Table of ontents 01 02 03 04 05 EXECUTIVE SUMMARY: CYBER SECURITY MANAGING YOUR ATTACK SURFACE DATA VULNERABILITY 1 THE ENDPOINT
More informationITU National Cybersecurity/CIIP Self-Assessment Tool
ITU National Cybersecurity/CIIP Self-Assessment Tool ICT Applications and Cybersecurity Division Policies and Strategies Department ITU Telecommunication Development Sector April 2009 Revised Draft For
More informationToday s Cybersecurity Technology: Is Your Business Getting Full Protection?
A WHITE PAPER SDX Technologies Today s Cybersecurity Technology: Is Your Business Getting Full Protection? 1 Today s Cybersecurity Technology EXECUTIVE SUMMARY Information technology has benefited virtually
More informationNCS 330. Information Assurance Policies, Ethics and Disaster Recovery. NYC University Polices and Standards 4/15/15.
NCS 330 Information Assurance Policies, Ethics and Disaster Recovery NYC University Polices and Standards 4/15/15 Jess Yanarella Table of Contents: Introduction: Part One: Risk Analysis Threats Vulnerabilities
More informationEY Cyber Security Hacktics Center of Excellence
EY Cyber Security Hacktics Center of Excellence The Cyber Crime Underground Page 2 The Darknet Page 3 What can we find there? Hit men Page 4 What can we find there? Drug dealers Page 5 What can we find
More informationCONSULTING IMAGE PLACEHOLDER
CONSULTING IMAGE PLACEHOLDER KUDELSKI SECURITY CONSULTING SERVICES CYBERCRIME MACHINE LEARNING ECOSYSTEM & INTRUSION DETECTION: CYBERCRIME OR REALITY? ECOSYSTEM COSTS BENEFITS BIG BOSS Criminal Organization
More informationCSIS Security Research and Intelligence Research paper: Threats when using Online Social Networks Date: 16/05-2007
CSIS Security Research and Intelligence Research paper: Threats when using Online Social Networks Date: 16/05-2007 Written by Dennis Rand rand@csis.dk http://www.csis.dk Table of contents Table of contents...
More informationAn Introduction to Cyber Liability Insurance. Catherine Berry Senior Underwriter
An Introduction to Cyber Liability Insurance Catherine Berry Senior Underwriter What is cyber risk? Exposures emanating from computer networks and the internet The Cyber Risk Phenomenon The incredible
More informationCOMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY,
COMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY, 28-29 JUNE 2011 The Seoul Declaration on the Future of the Internet Economy adopted at the 2008 OECD
More information