Presented by the Internet Security Alliance

Transcription

1 Presented by the Internet Security Alliance

2 Who s in Charge Howard Schmidt Problems and Solu9ons True and False Potpourri

3 In 2004, Congress established the Cyber Security Division in this federal department Department of Homeland Security

4 In 2000, the US. Government established this focused on cyber defense, locate at Ft. Meade, MD. Cyber Command

5 63, promulgated in 1998, created these sector- specific private sector to increase about cyber threats and Informa9on Sharing and Analysis Centers (ISACs)

6 At the conclusion of the 111th Congress this was the number of Congressional CommiOees claiming over cyber security

7 In his White House with public and private partners on cyber security in July 2010, President Obama cited this fact as the reason that to achieve cyber security was unlikely to be Lack of Congressional awareness of the problem The interconnected nature of the Internet Lack of Technical

8 Prior to working in the Obama White House, he held a similar posi@on for this 43 rd President. George W. Bush

9 Prior to taking his current at the White House he was CISO and Chief Security Strategist for this major on- line shopping site- - - what s your bid? ebay

10 Contrary to press reports his is Cyber Coordinator. He has never held - - and he doesn t have a daughter named Anastasia. Cyber Czar

11 One of his first acts as President Obama s cyber advisor was to declassify much of the content included in this major cyber program launched at the end of President Bush s second term. Comprehensive Na9onal Cyber Security Ini9a9ve (CNCI)

12 As a member of the Execu@ve branch of government, this cons@tu@onal doctrine prevents Congress from requiring him to appear before it. Separa9on of Powers

13 According to research from PricewaterhouseCoopers, this method of aoack- - - not hacking from the outside- - - is the most frequent form of cyber aoack- - - just like WikiLeaks. Insider Threats

14 According to Symantec, we have now moved into the post era of this Phorm of Phrequent cyber aoacks Phishing

15 According to research by the U.S. Secret Service and Verizon, this percentage of cyber aoacks could be successfully prevented or simply by using standards and

16 According to a 2009 study by CSIS, this is the number one reason companies are not deploying more cyber security solu@ons. Lack of awareness of the problem Lack of effec@ve solu@ons Cost

17 The only the market listed here that was NOT specifically recommended by President Obama s Cyberspace Policy Review for deployment to the private sector to improve cyber security Procurement incen@ves Insurance incen@ves Tax incen@ves Liability incen@ves

18 In 2006 and 2007 the Russian military launched cyber aoacks against the governments of Estonia and Georgia FALSE

19 According to PWC and CSIS, between 2008 and 2010, approximately 50% to 66% of American companies deferred or reduced their investments in security TRUE

20 Virtually every electronic system used by our federal government has, at some point, been manufactured or assembled outside the US TRUE

21 According to Mandiant Secret Services, The most revealing difference when you combat the APT is your efforts will eventually fail. TRUE

22 User- friendly cyber aoack tools can be purchased easily over the Internet for less that the average Congressional staffers bi- monthly paycheck. TRUE

23 According to Symantec, the percentage of new cyber threats increased by this percentage between 2007 and % 500% 1000%

24 According to Carnegie Mellon University, this percentage of private sector enterprises had a cross- organiza@onal privacy security team as of % 65% 95%

25 The DHS approved slogan for their and awareness campaign to increase individual cyber responsibility. Look before you leap into cyber space Stop, think connect Only you can prevent your cyber ID from being stolen

26 The percentage of infrastructure currently covered by private insurance in case of a Katrina- level cyber incident. Less than 1% 25% 50%

27 According to PricewaterhouseCoopers, nearly half of all enterprises are now deploying some form of cloud However, this is the percentage that expresses liole or no confidence in the ability to secure their assets in the cloud. 20% 62% 90%

28 FINAL JEOPARDY Future Federal IT

29 On Feb. 8, 2011, the Chief US IO required each federal agency to evaluate deploying this before making any new investments.

30 CLOUD COMPUTING

31 Presented by the Internet Security Alliance