Use by permission DAN LOHRMANN, CHIEF STRATEGIST & CSO SECURITY MENTOR, INC. SEPTEMBER 6, 2017
|
|
- Clarissa Boone
- 5 years ago
- Views:
Transcription
1 DAN LOHRMANN, CHIEF STRATEGIST & CSO SECURITY MENTOR, INC. SEPTEMBER 6, 2017
2 WHAT S ON THE AGENDA... INTRO ON CULTURE CYBER THREAT TRENDS GLOBAL CHALLENGE IOT + OTHER REGULATIONS COMING THREE STORIES HOW CAN WE PREPARE FOR FUTURE CYBER CHALLENGES? THE JOURNEY TO A CULTURE THAT ANTICIPATES CYBER RISK FINAL THOUGHTS 2
3 The Power of Culture Peter Drucker: Culture eats strategy for breakfast. Culture isn't the enemy of strategy and performance, but an equal player in the game, not to be underestimated or overlooked. David Novak, co-founder and former CEO of YUM Brands, on how he built YUM brands: Success is all about culture. and Build your team with a set of core values and staff recognition. Say thank you. 3
4 MIT Sloan: Achieving Digital Maturity Based on a 2017 global survey of more than 3,500 managers and executives and 15 interviews with executives and thought leaders, MIT Sloan Management Review third annual study of digital business reveals five key practices of companies that are developing into more mature digital organizations. 1) Implementing systemic changes in how they organize and develop workforces, spur workplace innovation, and cultivate digitally minded cultures and experiences. Reference: 4
5 Future of Work: Alternative Workforce 5
6 Deloitte s Future of Work: Culture Still Key 6
7 Small group: Break into groups of 3-5 Where Were you on 9/11/01? 1) 2) 3) What was security like before the event (offline + online)? What was security like after the 9/11 event (offline + online)? Do you have a culture of security now? Yes or No and why? 7
8 CYBERTHREAT RECAP
9 CYBER THREATS
10 CYBER THREATS CHANGE & GROW Symantec: Ransomware will attack the cloud McAfee: IoT malware opens a backdoor into the home Kaspersky: Commodification of financial attacks LogRhythm: Entire Internet will go down for a day Everyone: More DDoS attacks via IoT Everyone: Lack of trust More Fake News White Hat Security: Nothing will change. Forcepoint: Rise of the Corporate Incentivized Insider Threat FireEye: Security integration and orchestration considered the benchmarks of new technology investment You Ain t Seen Nothing Yet IDC: 2017 will be worse in every aspect of information security 10
11 Global Cyber Emergency Ransomware Epidemic 11 11
12 INTERNET OF THINGS AT RSA17 & GARTNER RISK SUMMIT A NEW BUZZWORD FOR ALL TECH? HUNDREDS OF IOT HEADLINES - NEW PRODUCT ANNOUNCEMENTS - INTERNET OF THINGS (IOT) THEMES RELATED TO ATTACKING DEVICES - CONSUMER - CRITICAL INFRASTRUCTURE COMPONENTS - GOVERNMENT SMART (EVERYTHING) - PANELS - MENTIONED IN MOST PRESENTATIONS ACCEPTED - HANDS-ON IOT DISPLAYS IN BASEMENT OF MARRIOTT MARQUIS BOTTOM LINE: IOT WAS THE #1 TOPIC AT THE RSAC 2017 IN SAN FRANCISCO 12
13 Homework: Regulating the Internet of Things By: Bruce Schneier 13
14 How Can We Build A Culture That Anticipates Cyber Risk Three Stories to Help 14
15 #1 LEARN FROM HISTORY SECURITY REPEATS ITSELF, WITH A TWIST MICHIGAN S WIRELESS ADVENTURE. FROM WIRELESS TO CLOUD TO MOBILE TO INTERNET OF THINGS - INITIAL DEPLOYMENTS LACK SECURITY. TWO OPPOSING CAMPS EMERGE: LEADING-EDGE ADOPTERS AND SECURITY NAYSAYERS. 15
16 SECURITY LEADER BALANCING ACT ONE EXTREME TO THE OTHER SECURITY IS A DISABLER. THE ANSWER IS: NO! (WHAT WAS THE QUESTION?) ALL NEW IDEAS ARE BAD, NOT SECURE. COOL FEATURES NOW GO FOR VIRAL. FIRST TO MARKET, WE LL ADD SECURITY LATER. WHAT SECURITY? Find the middle road. Make security an ENABLER! 16
17 SECOND STORY FROM CYBER STORM ONE Cyber Storm I 2006 Global, multi-national exercise Michigan one of three states participating in both How much would you pay for a new mainframe in a crisis? 17
18 SECURITY LESSON #2: FUTURE ENEMIES ARE NOT ALWAYS OBVIOUS CYBER THREATS (AND ACTORS) ARE EVOLVING QUESTIONS TO ASK: 1. WHAT NEFARIOUS PURPOSE COULD BE APPLIED TO WHATEVER I M INVENTING IN IOT? 2. WHAT PROTECTIONS ARE IN PLACE? 3. WE VE BRAINSTORMED TO SOLVE THE PROBLEMS, BUT WHAT NEW PROBLEMS ARE WE CREATING? 18
19 THIRD LESSON WE MUST CONSTANTLY LEARN & ADAPT TO NEW CULTURES 19
20 KEY QUESTIONS: WHAT NEW NORMAL IS BEING CREATED WITH TECHNOLOGY INFRASTRUCTURE PLATFORMS? WHAT ASSUMPTIONS ARE BEING BUILT INTO YOUR CULTURE? WE ALL HAVE BLIND SPOTS? ASK: WHAT IF? CULTURE CHANGE: WILL THERE BE A CYBER 911 CHALLENGING ASSUMPTIONS? ONE EXAMPLE: IDENTITY MANAGEMENT SMARTPHONE BECOMES A UNIVERSAL REMOTE 20
21 The Pragmatic Journey: 7 Keys to Strengthen Your Cybersecurity Culture 1)Genuine Executive Priority and Support 2)Honest Risk Assessment to Measure Security Culture Now 3)A Clear Vision of Where You Want Your Security Culture to Be 4)A Cyber Plan (Roadmap) to Arrive at Your Destination 5)Clear Cybersecurity communication to the Masses 6) End User Security Awareness Training for Everyone 7) Celebrate Success with Food and Fun. Say thank you! Reference: 21
22 The Journey: In Other Terms 22
23 MISTAKES: MAKING TRAINING A PUNISHMENT 23
24 How about you? Is this another ipad-like craze? 24
25 MY (FITBIT) WATCH: 1) 2) 3) 4) RESULTING IN: 1) 2) 3) 4) 5) 25
26 Final Thought - Phone a Friend - We need partnerships to succeed 26
27 PARTNER: YOU CAN T DO IT ALONE OUR VALUED ECOSYSTEM INCLUDES (OPS AND PLANNING): DEPARTMENT OF HOMELAND SECURITY (DHS) MICHIGAN INFRAGARD MULTI-STATE INFORMATION SHARING & ANALYSIS CENTER (MS-ISAC) FBI, OTHER STATES, LOCAL GOVERNMENTS, PRIVATE SECTOR CONTRACTS MICHIGAN INTELLIGENCE OPERATIONS CENTER (MIOC) RESOURCES: Stay Safe Online: THE NO MORE RANSOM PROJECT: HTTPS The Department of Homeland Security (DHS) Critical Infrastructure Cyber Community or C³ (pronounced C Cubed ): The Federal Trade Commission s Start with Security: 27
28 THANK YOU! Contact Information: Dan Lohrmann, Chief Strategist & CSO Security Mentor, Inc., Blog: Lohrmann on Cybersecurity & Infrastructure: Connect on LinkedIn or 28
What It Takes to be a CISO in 2017
What It Takes to be a CISO in 2017 Doug Copley Deputy CISO Sr. Security & Privacy Strategist February 2017 IMAGINE You re the CISO In Bangladesh Of a bank On a Friday when you re closed You realize 6 huge
More informationToday s cyber threat landscape is evolving at a rate that is extremely aggressive,
Preparing for a Bad Day The importance of public-private partnerships in keeping our institutions safe and secure Thomas J. Harrington Today s cyber threat landscape is evolving at a rate that is extremely
More informationBoston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018
Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security BRANDEIS UNIVERSITY PROFESSOR ERICH SCHUMANN MAY 2018 1 Chinese military strategist Sun Tzu: Benchmark If you know your
More informationPA TechCon. Cyber Wargaming: You ve been breached: Now what? April 26, 2016
PA TechCon Cyber Wargaming: You ve been breached: Now what? April 26, 2016 Cyber attacks are on the rise $3.79M The average cost of a cyber incident [1] o f i n c i d e n t s 15% s t i l l t a k e d a
More information2018 MANAGED SECURITY SERVICE PROVIDER (MSSP): BENCHMARK SURVEY Insights That Inform Decision-Making for Retail Industry Outsourcing
2018 MANAGED SECURITY SERVICE PROVIDER (MSSP): BENCHMARK SURVEY Insights That Inform Decision-Making for Retail Industry Outsourcing Powered by the Retail ISAC, A Division of the R-CISC Overview Last October,
More informationWhite Paper. Why IDS Can t Adequately Protect Your IoT Devices
White Paper Why IDS Can t Adequately Protect Your IoT Devices Introduction As a key component in information technology security, Intrusion Detection Systems (IDS) monitor networks for suspicious activity
More informationPresented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0
Cyber Security and Inside Threats: Turning Policies into Practices Presented by Ingrid Fredeen and Pamela Passman Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0 Presented By Ingrid Fredeen, J.D.
More informationCybersecurity is a Journey and Not a Destination: Developing a risk management culture in your business. Thursday, May 21, 2015
Cybersecurity is a Journey and Not a Destination: Developing a risk management culture in your business. Thursday, May 21, 2015 Cybersecurity is a Journey and Not a Destination: Developing a risk management
More informationState Governments at Risk: State CIOs and Cybersecurity. CSG Cybersecurity and Privacy Policy Academy November 2, 2017
State Governments at Risk: State CIOs and Cybersecurity CSG Cybersecurity and Privacy Policy Academy November 2, 2017 About NASCIO National association representing state chief information officers and
More informationThe Cyber Threat. Bob Gourley, Partner, Cognitio June 22, How we think. 1
The Cyber Threat Bob Gourley, Partner, Cognitio June 22, 2016 How we think. 1 About This Presentation Based on decades of experience in cyber conflict Including cyber defense, cyber intelligence, cyber
More informationCYBER SOLUTIONS & THREAT INTELLIGENCE
CYBER SOLUTIONS & THREAT INTELLIGENCE STRENGTHEN YOUR DEFENSE DarkTower is a global advisory firm focused on security for some of the world s leading organizations. Our security services, along with real-world
More informationDoug Couto Texas A&M Transportation Technology Conference 2017 College Station, Texas May 4, 2017
Cyber Concerns of Local Government and What Does It Mean to Transportation Doug Couto Texas A&M Transportation Technology Conference 2017 College Station, Texas May 4, 2017 Transportation and Infrastructure
More informationCyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.
Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK. In today s escalating cyber risk environment, you need to make sure you re focused on the right priorities by
More informationCybersecurity Overview
Cybersecurity Overview DLA Energy Worldwide Energy Conference April 12, 2017 1 Enterprise Risk Management Risk Based: o Use of a risk-based approach for cyber threats with a focus on critical systems where
More informationImplementing Executive Order and Presidential Policy Directive 21
March 26, 2013 Implementing Executive Order 13636 and Presidential Policy Directive 21 Mike Smith, Senior Cyber Policy Advisor, Office of Electricity Delivery and Energy Reliability, Department of Energy
More informationRSA Advanced Cyber Defence Summit
Lee Edge Head Archer Business UK&I RSA Advanced Cyber Defence Summit London 30-April-2015 1 64% 8% 2014 Gartner CEO and Senior Executive Survey: 'Risk-On' Attitudes Will Accelerate Digital Business. 2
More informationTHE POWER OF TECH-SAVVY BOARDS:
THE POWER OF TECH-SAVVY BOARDS: LEADERSHIP S ROLE IN CULTIVATING CYBERSECURITY TALENT SHANNON DONAHUE DIRECTOR, INFORMATION SECURITY PRACTICES 1 IT S A RISK-BASED WORLD: THE 10 MOST CRITICAL UNCERTAINTIES
More informationGEORGIA CYBERSECURITY WORKFORCE ACADEMY. NASCIO 2018 State IT Recognition Awards
GEORGIA CYBERSECURITY WORKFORCE ACADEMY NASCIO 2018 State IT Recognition Awards Title: Georgia Cybersecurity Workforce Academy Category: Cybersecurity State: Georgia Contact: Stanton Gatewood Stan.Gatewood@gta.ga.gov
More informationCybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City
1 Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City The opinions expressed are those of the presenters and are not those of the Federal Reserve Banks, the
More informationCybersafety Culture Assessment
Kaspersky Enterprise Cybersecurity Cybersafety Culture Assessment Target-based learning program: culture & attitudes kaspersky.com/awareness #truecybersecurity Cybersafety Culture Assessment Focus Assessment
More informationBradford J. Willke. 19 September 2007
A Critical Information Infrastructure Protection Approach to Multinational Cyber Security Events Bradford J. Willke 19 September 2007 Overview A framework for national Critical Information Infrastructure
More informationImplementing the Administration's Critical Infrastructure and Cybersecurity Policy
Implementing the Administration's Critical Infrastructure and Cybersecurity Policy Cybersecurity Executive Order and Critical Infrastructure Security & Resilience Presidential Policy Directive Integrated
More informationAchieving Cyber-Readiness through Information Sharing Analysis Organizations (ISAOs)
Achieving Cyber-Readiness through Information Sharing Analysis Organizations (ISAOs) Florida Hospital Association Welcome! John Wilgis Director, Emergency Management Services Florida Hospital Association
More informationStanding Together for Financial Industry Resilience Quantum Dawn 3 After-Action Report. November 19, 2015
Standing Together for Financial Industry Resilience Quantum Dawn 3 After-Action Report November 19, 2015 Table of contents Background Exercise objectives Quantum Dawn 3 (QD3) cyberattack scenario QD3 results
More informationA Government Health Agency Trusts Tenable to Protect Patient Data and Manage Expanding Attack Surface
A Government Health Agency Trusts Tenable to Protect Patient Data and Manage Expanding Attack Surface ORGANIZATION SNAPSHOT The level of visibility Tenable.io provides is phenomenal, something we just
More informationCYBERTECH 2019 FIGURES:
2019 Supporters: Conference Chairman // DR. YOSSI VARDI CYBERTECH 2019 FIGURES: 18,000 attendees at the Cybertech 2019 conference and exhibition 180+ local and international speakers discussed the latest
More informationDefensible and Beyond
TELUS Defensible and Beyond Mike Vamvakaris Director and Head of Cyber Security Consulting November 2017 Digital transformation brings many benefits Communication and Collaboration Autonomous and Artificial
More informationEVENT BROCHURE SECURITY WORLD APRIL 2017 MELIA HANOI HOTEL HOSTED BY ORGANIZED BY SUPPORTED BY.
EVENT BROCHURE www.security.org.vn SECURITY WORLD 2017 4 APRIL 2017 MELIA HANOI HOTEL HOSTED BY ORGANIZED BY SUPPORTED BY Ministry of Public Security Authority of Cyber Security - MPS Authority of Information
More informationCybersecurity. Securely enabling transformation and change
Cybersecurity Securely enabling transformation and change Contents... Cybersecurity overview Business drivers Cybersecurity strategy and roadmap Cybersecurity in practice CGI s cybersecurity offering Why
More informationIncentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO
White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating
More informationSafeguarding company from cyber-crimes and other technology scams ASSOCHAM
www.pwc.com Safeguarding company from cyber-crimes and other technology scams ASSOCHAM Rahul Aggarwal - Director The new digital business ecosystem is complex and highly interconnected The new business
More informationWhy you should adopt the NIST Cybersecurity Framework
Why you should adopt the NIST Cybersecurity Framework It s important to note that the Framework casts the discussion of cybersecurity in the vocabulary of risk management Stating it in terms Executive
More informationGreg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security
1 Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security 2 Government Services 3 Business Education Social CYBERSPACE
More informationDHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017
DHS Cybersecurity Election Infrastructure as Critical Infrastructure June 2017 Department of Homeland Security Safeguard the American People, Our Homeland, and Our Values Homeland Security Missions 1.
More informationMALAYSIA S APPROACH IN CAPACITY BUILDING. Dr Amirudin Abdul Wahab Chief Executive Officer CyberSecurity Malaysia 24 March 2017
MALAYSIA S APPROACH IN CAPACITY BUILDING Dr Amirudin Abdul Wahab Chief Executive Officer CyberSecurity Malaysia 24 March 2017 Copyright 2017 CyberSecurity Malaysia ASEAN s JOURNEY TOWARDS DIGITAL TRANSFORMATION
More informationDisaster Management and Security Solutions to Usher in the IoT Era
Disaster Management and Solutions for a Safe and Secure Way of Life Overview Disaster Management and Solutions to Usher in the IoT Era Takeshi Miyao Toshihiko Nakano, Ph.D. 1. The Bright and Dark Sides
More informationSecurity & Phishing
Email Security & Phishing Best Practices In Cybersecurity Presenters Bill Shieh Guest Speaker Staff Engineer Information Security Ellie Mae Supervisory Special Agent Cyber Crime FBI 2 What Is Phishing?
More informationHorizon 2020 Security
Horizon 2020 Security Best Practices for Security Proposal Writing Armand Nachef Coordinator of the French Security NCP Consortium, CEA armand.nachef@cea.fr KEY MESSAGES FOR PUTTING TOGETHER A HORIZON
More informationSales Presentation Case 2018 Dell EMC
Sales Presentation Case 2018 Dell EMC Introduction: As a member of the Dell Technologies unique family of businesses, Dell EMC serves a key role in providing the essential infrastructure for organizations
More informationInformation Technology Information Sharing and Analysis Center. First Symposium Barcelona, Spain Feb. 2, 2011
Information Technology Information Sharing and Analysis Center First Symposium Barcelona, Spain Feb. 2, 2011 About Us Non Profit, US Corporation established in 2000 and operational in 2001 Fully funded
More informationHow NSFOCUS Protected the G20 Summit. Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity
How NSFOCUS Protected the G20 Summit Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity SPONSORED BY Rosefelt is responsible for developing NSFOCUS threat intelligence and web
More informationDom Nessi Burns Engineering March 29, 2017 CYBERSECURITY TRENDS 2017 REPORT
Dom Nessi Burns Engineering March 29, 2017 CYBERSECURITY TRENDS 2017 REPORT TOPICS Recent Cybersecurity News Past Cybersecurity News Role of Cybersecurity Major Trends Featured Speakers Matthew Dahl, Manager-Global
More informationBuilding a Resilient Security Posture for Effective Breach Prevention
SESSION ID: GPS-F03B Building a Resilient Security Posture for Effective Breach Prevention Avinash Prasad Head Managed Security Services, Tata Communications Agenda for discussion 1. Security Posture 2.
More informationCyber Security: Threat and Prevention
Expand Your Horizons Webinar Series Cyber Security: Threat and Prevention February 24, 2015 1:00 1:45pm The Webinar will begin shortly. You can ask a question in the box on the right hand side. We will
More informationCybersecurity in Higher Ed
Cybersecurity in Higher Ed 1 Overview Universities are a treasure trove of information. With cyber threats constantly changing, there is a need to be vigilant in protecting information related to students,
More informationBuilding digital competences in national and regional clusters
Building digital competences in national and regional clusters FIIF event on "Digital Trust and Security 14.2.2019 Jarno Salonen 14.2.2019 VTT beyond the obvious 1 Agenda Background Building competences
More informationYOU VE GOT 99 PROBLEMS AND A BUDGET S ONE
YOU VE GOT 99 PROBLEMS AND A BUDGET S ONE Rebekah Brown @PDXBek Threat Intelligence Lead at Rapid7 But before that Gunnery Sergeant United State Marine Corps Chinese Crypto linguist and Network Warfare
More informationConnected & Automated Vehicle Activities
MDOT State Highway Administration Connected & Automated Vehicle Activities National Rural ITS Conference October 2018 MDOT s CAV Working Group MDOT s CAV Working Group Open discussions on CAV with TBUs,
More informationQ Information Security Market Landscape Study Learn how your peers plan for and purchase Information Security Technologies
Q1 2016 Information Security Market Landscape Study Learn how your peers plan for and purchase Information Security Technologies March 2016 About Ken Male Ken Male SVP and GM TechTarget Research Ken is
More informationOur Comments. February 12, VIA
February 12, 2018 VIA EMAIL: Counter_Botnet@list.commerce.gov Evelyn L. Remaley Deputy Associate Administrator National Telecommunications and Information Administration U.S. Department of Commerce 1401
More informationSecuring the User: Winning Hearts & Minds to Drive Secure Behavior
Securing the User: Winning Hearts & Minds to Drive Secure Behavior Thomas Skill, CIO University of Dayto Spencer Mott, CIO-CISO Amg Dawn Sherizad, product manager of security, Macy Eleanor Dallaway, Editor
More informationTransforming the utilities industry. How our insight and infrastructure can help you thrive in a changing world
Transforming the utilities industry How our insight and infrastructure can help you thrive in a changing world The utilities industry is changing You need to be leaner, greener and smarter. And we re here
More informationSELLING YOUR ORGANIZATION ON APPLICATION SECURITY. Navigating a new era of cyberthreats
SELLING YOUR ORGANIZATION ON APPLICATION SECURITY Navigating a new era of cyberthreats Selling Your Organization on Application Security 01 It's no secret that cyberattacks place organizations large and
More informationExpand Your Cyber Expertise. Secure Your Future.
Expand Your Cyber Expertise. Secure Your Future. CSX 2018 Europe will help you stay on top of the latest cybersecurity trends, further your cyber career, and make new connections with professionals around
More informationCalifornia Cybersecurity Integration Center (Cal-CSIC)
California Cybersecurity Integration Center (Cal-CSIC) Agenda Mission and Scope Whole of State Government Approach Where is the Cal-CSIC? Cal-CSIC Partners Attaining Cyber Maturity in Parallel Machine
More informationHOSTED SECURITY SERVICES
HOSTED SECURITY SERVICES A PROVEN STRATEGY FOR PROTECTING CRITICAL IT INFRASTRUCTURE AND DEVICES Being always-on, always-connected might be good for business, but it creates an ideal climate for cybercriminal
More informationISACA West Florida Chapter - Cybersecurity Event
ISACA West Florida Chapter - Cybersecurity Event Presented by Sri Sridharan Managing Director & Chief Operating Officer Florida Center for Cybersecurity CURRENT TRENDS Top Cybersecurity Trends of 2015
More informationSecurity-as-a-Service: The Future of Security Management
Security-as-a-Service: The Future of Security Management EVERY SINGLE ATTACK THAT AN ORGANISATION EXPERIENCES IS EITHER ON AN ENDPOINT OR HEADING THERE 65% of CEOs say their risk management approach is
More informationCreating Value from Technology. September 2015
Creating Value from Technology September 2015 Disclaimer 1 Vision Tern acts as a transformational catalyst which applies its expertise and network to create above average returns for its shareholders through
More informationMETHODOLOGY AND CRITERIA FOR THE CYBERSECURITY REPORTS
METHODOLOGY AND CRITERIA FOR THE CYBERSECURITY REPORTS The cybersecurity maturity has been assessed against 25 criteria across five themes. Each of the criteria are given a Yes, No, Partial, or Not Applicable
More informationDecoding security frameworks for effective cyber defense. David Allott McAfee
Decoding security frameworks for effective cyber defense David Allott McAfee $171B Cost of cybercrime Frameworks useful or just another distracting trend? What are the analysts saying? What is the industry
More informationItu regional workshop
Itu regional workshop "Key Aspects of Cybersecurity in the Context of Internet of Things (IoT) Natalia SPINU 18 September, 2017 Tashkent, Uzbekistan AGENDA 1. INTRODUCTI ON 2. Moldovan public policy on
More informationDriving Global Resilience
Driving Global Resilience Steve Mellish FBCI Chairman, The Business Continuity Institute Monday December 2nd, 2013 Business & IT Resilience Summit New Delhi, India Chairman of the Business Continuity Institute
More informationCybersecurity & Digital Privacy in the Energy sector
ENERGY INFO DAYS Brussels, 25 October 2017 Cybersecurity & Digital Privacy in the Energy sector CNECT.H1 Cybersecurity & Digital Privacy, DG CNECT ENER.B3 - Retail markets; coal & oil, DG ENER European
More informationCybersecurity Session IIA Conference 2018
www.pwc.com/me Cybersecurity Session IIA Conference 2018 Wael Fattouh Partner PwC Cybersecurity and Technology Risk PwC 2 There are only two types of companies: Those that have been hacked, and those that
More informationUAE National Space Policy Agenda Item 11; LSC April By: Space Policy and Regulations Directory
UAE National Space Policy Agenda Item 11; LSC 2017 06 April 2017 By: Space Policy and Regulations Directory 1 Federal Decree Law No.1 of 2014 establishes the UAE Space Agency UAE Space Agency Objectives
More informationInformation Governance, the Next Evolution of Privacy and Security
Information Governance, the Next Evolution of Privacy and Security Katherine Downing, MA, RHIA, CHPS, PMP Sr. Director AHIMA IG Advisors Follow me @HIPAAQueen 2017 2017 Objectives Part Part I IG Topic
More informationCybersecurity for the SMB. CrowdStrike s Murphy on Steps to Improve Defenses on a Smaller Scale
Cybersecurity for the SMB CrowdStrike s Murphy on Steps to Improve Defenses on a Smaller Scale The high-profile breaches of Fortune 100 companies are the ones that get the headlines, but small and midsized
More informationTrack 1 // Collaboration & Partnerships
Track 1 // Collaboration & Partnerships 1.1 Designate Single Point of Contact to serve as an consistent entry point for companies seeking to deploy in San Francisco. There is often a lack of trust and
More informationSecurity in India: Enabling a New Connected Era
White Paper Security in India: Enabling a New Connected Era India s economy is growing rapidly, and the country is expanding its network infrastructure to support digitization. India s leapfrogging mobile
More informationASSEMBLY, No STATE OF NEW JERSEY. 217th LEGISLATURE INTRODUCED FEBRUARY 4, 2016
ASSEMBLY, No. STATE OF NEW JERSEY th LEGISLATURE INTRODUCED FEBRUARY, 0 Sponsored by: Assemblywoman VALERIE VAINIERI HUTTLE District (Bergen) Assemblyman DANIEL R. BENSON District (Mercer and Middlesex)
More informationCritical Infrastructure Analysis and Protection - A Case for Secure Information Exchange. August 16, 2016
Critical Infrastructure Analysis and Protection - A Case for Secure Information Exchange Dennis Denham Ssempereza - CISA, CISM, CRISC August 16, 2016 About me! Involved in Risk Management and Security
More informationNATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium
NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium Securing Cyber Space & America s Cyber Assets: Threats, Strategies & Opportunities September 10, 2009, Crystal Gateway Marriott, Arlington,
More informationIDC FutureScape: Worldwide Security Products and Services 2017 Predictions
IDC FutureScape: Worldwide Security Products and Services 2017 Predictions Sean Pike, Program Vice President, Robert Ayoub, Research Director IDC Web Conference December, 7, 2016 Logistics Submit any questions
More informationThe Office of Infrastructure Protection
The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Native American Risk Management Conference 20 July, 2018 Bridging the Gap: Delivering
More informationBetter skilled workforce
Better skilled workforce for the New Style of Business HPE Education Services November 20, 2015 Education is the most powerful weapon which you can use to change the world Nelson Mandela The New Style
More informationISAO SO Product Outline
Draft Document Request For Comment ISAO SO 2016 v0.2 ISAO Standards Organization Dr. Greg White, Executive Director Rick Lipsey, Deputy Director May 2, 2016 Copyright 2016, ISAO SO (Information Sharing
More informationBOARD DIRECTOR CONCERNS ABOUT CYBER AND TECHNOLOGY RISK
BOARD DIRECTOR CONCERNS ABOUT CYBER AND TECHNOLOGY RISK 5 September 2017 Rob Clyde, CISM, NACD Board Leadership Fellow Managing Director, Clyde Consulting LLC Vice-Chair, ISACA Executive Chair White Cloud
More informationBad Idea: Creating a U.S. Department of Cybersecurity
December 2018 Bad Idea: Creating a U.S. Department of Cybersecurity Suzanne Spaulding and Mieke Eoyang A lack of cybersecurity can have serious consequences the theft of money or data, an interruption
More informationICS Security Rapid Digital Risk Assessment
ICS Security Rapid Digital Risk Assessment Identifying, Measuring, Understanding Dieter Sarrazyn dieter.sarrazyn@toreon.com @dietersar SANS EUROPEAN ICS SECURITY SUMMIT Stephen Smith Stephen@ONRIX.eu Agenda
More informationInternet of Things Toolkit for Small and Medium Businesses
Your Guide #IoTatWork to IoT Security #IoTatWork Internet of Things Toolkit for Small and Medium Businesses Table of Contents Introduction 1 The Internet of Things (IoT) 2 Presence of IoT in Business Sectors
More informationHow Your Organization Can Drive Success in the Age of Digital Disruption
How Your Organization Can Drive Success in the Age of Digital Disruption Produced by How Your Organization Can Drive Success in the Age of Digital Disruption Digital success isn t just about technology,
More informationWHY MOBILE SECURITY SHOULD BE IN YOUR TOP PRIORITIES
WHY MOBILE SECURITY SHOULD BE IN YOUR TOP PRIORITIES Icons used in this book Throughout this book, you ll find special call-outs to direct your attention to important information. Here s a key that explains
More informationTechnical Conference on Critical Infrastructure Protection Supply Chain Risk Management
Technical Conference on Critical Infrastructure Protection Supply Chain Risk Management Remarks of Marcus Sachs, Senior Vice President and the Chief Security Officer North American Electric Reliability
More informationEffective Partnerships: Security and Privacy in Smart Cities
SESSION ID: SEC-R03 Effective Partnerships: Security and Privacy in Smart Cities Mr. Robert (Bob) Butler Chief Security Advisor IO Data Centers LLC Dr. Irv Lachow Principal Cyber Researcher The MITRE Corporation
More informationHelping the C-Suite Define Cyber Risk Appetite. The executive Imperative
Helping the C-Suite Define Cyber Risk Appetite The executive Imperative Welcome Steve Schlarman GRC Strategist CISSP, CISM @steveschlarman Executive Priorities Growth is the highest priority. 54 % 25 %
More informationAsset Management conference 2016
Asset Management conference 2016 The changing face of Asset Management 27 September 2016 2016 Grant Thornton Ireland. All rights reserved Cyber security 27 September 2016 Mike Harris Partner Grant Thornton
More informationAbout Issues in Building the National Strategy for Cybersecurity in Vietnam
Vietnam Computer Emergency Response Team - VNCERT About Issues in Building the National Strategy for Cybersecurity in Vietnam Vu Quoc Khanh Director General Outline Internet abundance Security situation
More informationBuilding a Strong Cybersecurity Program During IT Transformation
Building a Strong Cybersecurity Program During IT Transformation Introduction Many organizations are in the midst of dramatic changes throughout their data center as they prepare to transform technology,
More informationCHIEF INFORMATION OFFICER
OFFICE OF THE CHIEF INFORMATION OFFICER DEPARTMENT OF HEALTH AND HUMAN SERVICES U. S. D E P A R T M E N T O F H E A L T H A N D H U M A N S E R V I C E S Public-Private Collaboration - Bridging the Gap
More informationHow Cybersecurity Initiatives May Impact Operators. Ross A. Buntrock, Partner
How Cybersecurity Initiatives May Impact Operators Ross A. Buntrock, Partner ross.buntrock@agg.com 202.669.0495 Agenda Rise in Data Breaches Effects of Increase in Cybersecurity Threats Cybersecurity Framework
More informationSecuring the Internet of Things (IoT) at the U.S. Department of Veterans Affairs
Securing the Internet of Things (IoT) at the U.S. Department of Veterans Affairs Dominic Cussatt Acting Deputy Assistant Secretary / Chief Information Security Officer (CISO) February 20, 2017 The Cyber
More informationCisco s Security Dojo: Raising the Application Security Awareness of 20,000+ Chris Romeo, Security Journey; formerly of Cisco Systems
Cisco s Security Dojo: Raising the Application Security Awareness of 20,000+ Chris Romeo, Security Journey; formerly of Cisco Systems Chris Romeo @edgeroute Chris Romeo, CEO / Principal Consultant 20 years
More informationLookout's cybersecurity predictions
LOOKING FORWARD AND LOOKING BACK: Lookout's cybersecurity predictions by Kevin Mahaffey Every year, cybersecurity pundits cast predictions for which issues will make headlines in the year to come. We ve
More informationCybersecurity: Federalism as Defense-in-Depth
SESSION ID: Law-W08 Cybersecurity: Federalism as Defense-in-Depth MODERATOR: Gregory von Lehmen Special Assistant to the President, Cybersecurity University of Maryland University College (UMUC) PANELISTS:
More informationPreparing your network for the next wave of innovation
Preparing your network for the next wave of innovation The future is exciting. Ready? 2 Executive brief For modern businesses, every day brings fresh challenges and opportunities. You must be able to adapt
More informationTAN Jenny Partner PwC Singapore
1 Topic: Cybersecurity Risks An Essential Audit Consideration TAN Jenny Partner PwC Singapore PwC Singapore is honoured to be invited to contribute to the development of this guideline. Cybersecurity Risks
More informationCybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com
Cybersecurity Presidential Policy Directive Frequently Asked Questions kpmg.com Introduction On February 12, 2013, the White House released the official version of the Presidential Policy Directive regarding
More informationEMPOWER PEOPLE IMPROVE LIVES INSPIRE SUCCESS
Information Technology Shared Service Team North Dakota Cyber Security Across North Dakota Threats and Opportunities 15 September 2018 EMPOWER PEOPLE IMPROVE LIVES INSPIRE SUCCESS AGENDA SIRN / FirstNet
More informationOUR VISION To be a global leader of computing research in identified areas that will bring positive impact to the lives of citizens and society.
Join the Innovation Qatar Computing Research Institute (QCRI) is a national research institute established in 2010 by Qatar Foundation for Education, Science and Community Development. As a primary constituent
More information