Cyber Security 2012 Carnegie Mellon University



Similar documents
Prepared testimony of W. Joseph Majka Head of Fraud Control and Investigations Visa Inc.

INDICTMENT. The Grand Jury in and for the District of New Jersey, COUNT 1 (Conspiracy) 18 U.S.C At various times relevant to this Indictment:

STATEMENT OF JOSEPH M. DEMAREST, JR. ASSISTANT DIRECTOR CYBER DIVISION FEDERAL BUREAU OF INVESTIGATION

Cyber Security & Cyber Criminality: ~ The Facts ~ - Sgt Phil Cobley

What legal aspects are needed to address specific ICT related issues?

Insider Risk: What You Don t Know can Lead to Serious Consequences

Accenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges

Cyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties

Do not forget the basics!!!!!

Into the cybersecurity breach

Security & privacy in the cloud; an easy road?

STATEMENT OF JOSEPH DEMAREST ASSISTANT DIRECTOR CYBER DIVISION FEDERAL BUREAU OF INVESTIGATION BEFORE THE

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements

Cybersecurity Framework: Current Status and Next Steps

Federal Bureau of Investigation. Los Angeles Field Office Computer Crime Squad

STATEMENT OF BEFORE THE COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS UNITED STATES SENATE ENTITLED

The CERT Top 10 List for Winning the Battle Against Insider Threats

Establishing a State Cyber Crimes Unit White Paper

September 20, 2013 Senior IT Examiner Gene Lilienthal

Basic Techniques to prevent Identity Theft and Cybercrime

Agenda. Introduction to SCADA. Importance of SCADA security. Recommended steps

RETHINKING CYBER SECURITY Changing the Business Conversation

TESTIMONY OF CAROLINE CIRAOLO ACTING ASSISTANT ATTORNEY GENERAL TAX DIVISION U.S. DEPARTMENT OF JUSTICE BEFORE THE

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist

THE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS

Cyber security in an organization-transcending way

TUSKEGEE CYBER SECURITY PATH FORWARD

IN THE UNITED STATES DISTRICT COURT FOR THE NORTHERN DISTRICT OF GEORGIA ATLANTA DIVISION. COUNT ONB Wire Fraud Conspiracy 18 u.s.c.

Christos Douligeris cdoulig at unipi dot gr. Department of Informatics University of Piraeus

1. Ask what your financial institution knows or has personally experienced with regard to internal and external data breaches.

IT Trends and the Cyber Security Agenda

Designing & Building an Information Security Program. To protect our critical assets

WRITTEN TESTIMONY BEFORE THE HEARING ON FEBRUARY 4, 2014 TESTIMONY OF JOHN MULLIGAN TARGET

OFFICE OF THE UNITED STATES ATTORNEY SOUTHERN DISTRICT OF CALIFORNIA San Diego, California. United States Attorney Laura E. Duffy

State of Minnesota. Enterprise Security Strategic Plan. Fiscal Years

Cybersecurity. Are you prepared?

A Small Business Approach to Big Business Cyber Security. Brent Bettis, CISSP 23 September, 2014

Be Prepared. For Anything. Cyber Security - Confronting Current & Future Threats The role of skilled professionals in maintaining cyber resilience

Address C-level Cybersecurity issues to enable and secure Digital transformation

CERT/CC Overview & CSIRT Development Team Activities

National Cybersecurity Awareness Campaign

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA

Security Analytics for Smart Grid

State Agency Cyber Security Survey v October State Agency Cybersecurity Survey v 3.4

Internet Governance and Cybersecurity Patrick Curry MACCSA

EMERGING TRENDS IN FRAUD: CRIMINALS HAVE FOUND THE WEAKEST LINK

Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems

The Future of Data Breach Risk Management Response and Recovery. The Cybersecurity Forum April 14, 2016

Cyber Security Protecting critical health care information

October 24, Mitigating Legal and Business Risks of Cyber Breaches

Internet Gaming: The New Face of Cyber Liability. Presented by John M. Link, CPCU Cottingham & Butler

Network Support. Technical Certificate. Program Outcomes: FOUNDATION COURSES. 1 of 7

Your Network Has Been Compromised. Is It Time To Reevaluate Your Traditional Cybersecurity Paradigms?

A NEW APPROACH TO CYBER SECURITY

FINAL // FOR OFFICIAL USE ONLY. William Noonan

2 Gabi Siboni, 1 Senior Research Fellow and Director,

Microsoft s cybersecurity commitment

Presented By: Corporate Security Information Security Treasury Management

HSS Visiting Speaker Program Frank W. Abagnale: Fraud and Theft in the Information Age. October 28, 2009

aecert Roadmap Eng. Mohammed Gheyath Director, Technical Affairs TRA

THE CHANGING FACE OF IDENTITY THEFT THE CURRENT AND FUTURE LANDSCAPE

Unprecedented Hacking and Trading Scheme Highlights Important Cybersecurity Lessons

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

Combatting the Biggest Cyber Threats to the Financial Services Industry. A White Paper Presented by: Lockheed Martin Corporation

White Paper: Leveraging Web Intelligence to Enhance Cyber Security

Office of Emergency Communications (OEC) Mobile Applications for Public Safety (MAPS)

The National Cybersecurity Workforce Framework Delaware Cyber Security Workshop September 29, 2015

Connected Manufacturing

Cyber-Security Risk in the Global Organization:

Fast Facts About The Cyber Security Job Market

SMALL BUSINESS PRESENTATION

STATE OF NEW HAMPSHIRE STRATEGIC PLAN TO ADDRESS CYBER CRIME

Sound Business Practices for Businesses to Mitigate Corporate Account Takeover

Protecting What Matters Most. Terry Ray Chief Product Strategist Trending Technologies Session 11

RETHINKING ORC: NRF S CYBER SECURITY EFFORTS. OMG Cross Domain Threat & Risk Information Exchange Day, March 23, 2015

CONNECTED HEALTHCARE. Trends, Challenges & Solutions

Crime Location Crime Type Month Year Betting Shop Criminal Damage April 2010 Betting Shop Theft April 2010 Betting Shop Assault April 2010

Reduce Your Breach Risk: File Integrity Monitoring for PCI Compliance and Data Security

Commonwealth IT Threat Management: Keeping Out the Cyber Villains Category: Cyber Security Initiatives. Initiation date: January 2012

Cybersecurity and Privacy Hot Topics 2015

Cybersecurity on a Global Scale

Developing a National Strategy for Cybersecurity FOUNDATIONS FOR SECURITY, GROWTH, AND INNOVATION. Cristin Flynn Goodwin J.

Questions You Should be Asking NOW to Protect Your Business!

Cyber security trends & strategy for business (digital?)

Online security. Defeating cybercriminals. Protecting online banking clients in a rapidly evolving online environment. The threat.

Cyber Security, a theme for the boardroom

How To Understand And Understand The European Priorities In Information Security

Information Security Solutions for a Hack Infested World

Emerging SCADA and Security Solutions Presented by; Michael F. Graves, P.E. Chris Murphy, CISSP

Cybersecurity The role of Internal Audit

Cyber Liability. What School Districts Need to Know

Assuring Application Security: Deploying Code that Keeps Data Safe

Making Sense of Cyber Insurance: A Guide for SMEs

Staying Ahead of the Cyber Security Game. Nigel Tan ASEAN Technical Leader IBM Security

Technological Evolution

Lessons from Defending Cyberspace

Why cybercrime matters to general counsel

The cyber security imperative. Protect your organization from cyber threats

National Initiative for Cybersecurity Education

Remarkable Hacking-Incidents in 2013/2014

Transcription:

Cyber Security SPIN

Overview Introduction The Importance of Software and Cyber Security Cyber Security Lifecycle and Process Summary 2

Software is Everywhere 3

Software is Becoming More Personal 4

We are Always Connected 5

Cyber Security is Crucial 6

Cyber Security Needs Systems, Enterprise, and Workforce Management Secure Software and Systems Development Resiliency Management Insider Threat Models and Controls Accelerated Security Operations, Investigation, and Response at Scale Network Situational Awareness Malware Analytics (reverse engineering, cataloging, tools) Incident Response and Digital Forensics 7

Secure Coding Standards Establish coding guidelines for commonly used programming languages that can be used to improve the security of software systems under development Based on documented standard language versions as defined by official or de facto standards organizations Secure coding standards are completed or under development for: C programming language C++ programming language Java Platform 8

Secure Coding Roadmap 9

Resilience Management Convergence of Security, Business Continuity, and IT Operations Ensure important assets stay productive in supporting business goals Risk Monitoring and Control Risk Planning Risk Identification Identify and address risk before it becomes disruptive Key element of Critical Infrastructure Protection Large-scale Incident Response Risk Response Risk Analysis 10

Insider Threat Protection Theft Sabotage Fraud 11

Network Situational Awareness Large Scale DNS Analysis Data Visualization Network Flow and Mobility Population Modeling Opte Project 12

Malware: Triage, Cataloging, Analysis 13

Cyber Crime Max Butler, 35, of San Francisco (AKA Max Vision, AKA Iceman) was indicted by a federal grand jury in Pittsburgh on three counts of wire fraud and two counts of transferring stolen identify information. www.theregister.co.uk The 27-count indictment charges Maksym Yastremskiy of Kharkov, Ukraine, and Aleksandr Suvorov from Estonia with conspiracy to commit wire fraud, wire fraud, aggravated identity theft, and conspiracy to commit computer fraud. Authorities say the alleged hackers obtained more than 52 million customer credit card numbers. www.newsfeedresearcher.com Albert Gonzalez, 28, and the two still-unnamed Russian citizens are charged with running an international scheme to steal more than 130 million credit and debit card numbers. www.newsfeedresearcher.com 14

Summary Pervasive connectivity of systems requires security measures. Responding to security incidents is critical but an unsustainable solution. Proactively building in security and managing resiliency to protect systems is imperative. Developing a capable cybersecurity workforce is essential to successful protection of our systems and information. 15

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information