Blue Lava InfoSec Update
|
|
- Cori Fisher
- 6 years ago
- Views:
Transcription
1 Blue Lava InfoSec Update ISSA Los Angeles Demetrios Lazarikos (Laz) January 21, 2015
2 Agenda Intros Blue Lava InfoSec Survey Research and Findings Evolution How Did We Get Here? What Organizations Are Doing Some Final Thoughts 2
3 About Me First computer at 12 then recruited by the military at 16 Inventor of several InfoSec and Data patents Implemented Security and Fraud DOD / ebookers / Galileo Interna@onal / Orbitz EDS/HP Calyon Financial / NewEdge Financial / Societe General Group Sears Online Mul@ple graduate degrees and security cer@fica@ons former CISO, PCI QSA Gartner refers to work in the area of Big Data for Informa@on Security and Fraud analy@cs 3
4 Sears Online Interview
5 Before Laz Summer of 2009
6
7 InfoSec Research and Strategy 7
8 Approach and Methodology for 2015 Data Anonymous Survey 15 InfoSec to targeted list > 300 Audience Board of Directors and Leadership Teams InfoSec/Fraud Industry and Engineers 8
9 What s Top of Mind? Current architecture in most firms is a hot mess The perimeter is gone Internet of Things (IoT) is here Cybercriminals are bypassing tradi@onal security systems easily InfoSec alignment with the Business is increasing 9
10 Some of the Blue Lava Survey Results 10
11 Is there Board Oversight with your InfoSec program? 80.0% 70.0% 60.0% 50.0% 40.0% Yes No Don't know 30.0% 20.0% 10.0% 0.0% Yes No Don't know 11
12 Is cyber risk part of your current risk management framework? 100.0% 90.0% 80.0% 70.0% 60.0% 50.0% 40.0% Yes No Don't Know Other 30.0% 20.0% 10.0% 0.0% Yes No Don't Know Other 12
13 Do you share incident informa=on with industry groups? 60.0% 50.0% 40.0% 30.0% Yes No Don't Know 20.0% 10.0% 0.0% Yes No Don't Know 13
14 How are you recruiting qualified and trained InfoSec professionals? 70.0% 60.0% 50.0% 40.0% 30.0% 20.0% 10.0% 0.0% Industry trade shows or professional organizations Through universities and colleges Traditional website recruitment Word of mouth Working with external recruiters Working with internal recruiters Working with staff aug or temp agencies Other (please specify) 14
15 My budget over the past year has % 70.0% 60.0% 50.0% 40.0% Increased Decreased Same 30.0% 20.0% 10.0% 0.0% Increased Decreased Same 15
16 My breach predic=ons for 2015 are that InfoSec breaches will % 80.0% 70.0% 60.0% 50.0% 40.0% Increase Decrease Same 30.0% 20.0% 10.0% 0.0% Increase Decrease Same 16
17 Which emerging technologies does your organization work with today? 90.0% 80.0% 70.0% 60.0% 50.0% 40.0% 30.0% 20.0% 10.0% 0.0% 17
18 of Technology and Products Product Smarter Product Smarter Connected Product Product Integrated System 18
19 of the Automobile 19
20 of the Automobile 20
21 of the Automobile 21
22 of the Automobile 22
23 The Automobile Integrated System 23 23
24 System of Systems 24
25 of the Home 25
26 of the Home 26
27 of the Home 27
28 of the Home 28
29 29
30 Interconnected System of Systems 30
31 Interconnected System of Systems 31
32 How Did We Get Here? Third Party Vendor N Web Traffic Apps S DBs 32
33 The Agile Data Center Limited Visibility IoT - Third Par@es - Cloud Web No Visibility to Internal Traffic App DB 33
34 The Agile Data Center Limited Visibility IoT - Third Par@es - Cloud Web No Visibility to Internal Traffic App No Visibility to Internal Traffic DB 34
35 The Agile Data Center Limited Visibility IoT - Third Par@es - Cloud Web No Visibility to Internal Traffic App No Visibility to Internal Traffic DB 35
36 The Agile Data Center Limited Visibility IoT - Third Par@es - Cloud Web No Visibility to Internal Traffic App No Visibility to Internal Traffic DB 36
37 Where Do We Go From Here? Security must be part of the culture driven by the Board of Directors and throughout the Cyber criminals are evolving we must as well Architecture and technical designs must be conducted earlier Include InfoSec exit criteria through all project deliverables It s not if the cyber criminal will access your environment it s when invest in current technologies and have a plan to address the issue - user behavior analy@cs (UBA) is cri@cal Evaluate your InfoSec and IT Audit programs frequently ensure part of the program is to evaluate emerging technology 37
38 Resources How to Measure Anything, Douglas W. Hubbard ISBN- 13: Hoernecke, Andy, Security, Data Expert, and Inventor of D3Dash Iron- Clad Java: Building Secure Web Jim Manico and August Detlefsen ISBN- 13: Litan, Avivah, VP and Analyst, Gartner Market Guide for User Behavior (UBA), G , August 2014 Measuring and Managing Risk: A FAIR Approach, by Jack Freund and Jack Jones ISBN- 13: Perceptual Edge Security Metrics: Replacing Fear, Uncertainty, and Doubt, Andrew Jaquith ISBN- 13: threattransform, Open Source Tool for crea@ng and managing STIX data sets 38
39 Blue Lava InfoSec Update Thank You! Laz Twitter: iamlaz
THE IMPACT OF MOBILE DEVICES ON INFORMATION SECURITY:
June 2013 Sponsored by Introduction Mobile devices cause ongoing concern for IT teams responsible for information security. Sensitive corporate information can be easily transported and lost, while the
More informationEnterprise Risk Management (ERM) and Cybersecurity. Na9onal Science Founda9on March 14, 2018
Enterprise Risk Management (ERM) and Cybersecurity Na9onal Science Founda9on March 14, 2018 Agenda Guiding Principles for Implementing ERM at NSF (Based on COSO) NSF s ERM Framework ERM Cybersecurity Risk
More informationA Data-Centric Approach to Endpoint Security
A Data-Centric Approach to Endpoint Security September 28, 2017 Eric Ogren Senior Analyst, Security 451 Research Bill Bradley Director of Product Marketing Digital Guardian About Eric Ogren Eric Ogren
More informationToday s cyber threat landscape is evolving at a rate that is extremely aggressive,
Preparing for a Bad Day The importance of public-private partnerships in keeping our institutions safe and secure Thomas J. Harrington Today s cyber threat landscape is evolving at a rate that is extremely
More informationInfosec Europe 2009 Business Strategy Theatre. Giving Executives the Security Management Information that they Really Need
Infosec Europe 2009 Business Strategy Theatre Giving Executives the Security Management Information that they Really Need Simon Marvell Managing Director simon.marvell@acuityrm.com Agenda 1. What financial
More informationISO Professional Services Guide to Implementation and Certification AND
ISO 27001 Professional Services Guide to Implementation and Certification AND 1 DEKRA Company Overview Founded in Stuttgart, Germany in 1925 In more than 50 countries around the world GLOBAL PARTNER FOR
More informationDELIVERING MISSION BASED OUTCOMES TO THE INTELLIGENCE COMMUNITY SINCE 2002 MISSION-DRIVEN SOLUTIONS 1
DELIVERING MISSION BASED OUTCOMES TO THE INTELLIGENCE COMMUNITY SINCE 2002 MISSION-DRIVEN SOLUTIONS 1 MISSION-DRIVEN SOLUTIONS 2018 INTEGRATED INTEL SOLUTIONS ALL RIGHTS RESERVED MISSION-DRIVEN SOLUTIONS
More informationModern Database Architectures Demand Modern Data Security Measures
Forrester Opportunity Snapshot: A Custom Study Commissioned By Imperva January 2018 Modern Database Architectures Demand Modern Data Security Measures GET STARTED Introduction The fast-paced, ever-changing
More informationCOMPANY BROCHURE. About Us. Kinnectiv, LLC. Consulting. Security. Innovation. +1(888)
About Us Serving customers nationwide and abroad, we are an experienced IT Services provider helping a variety of clients maximize the value of their IT initiatives, streamline project management, and
More informationIDC FutureScape: Worldwide Security Products and Services 2017 Predictions
IDC FutureScape: Worldwide Security Products and Services 2017 Predictions Sean Pike, Program Vice President, Robert Ayoub, Research Director IDC Web Conference December, 7, 2016 Logistics Submit any questions
More informationRIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015
www.pwc.com RIMS Perk Session 2015 - Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015 Los Angeles RIMS Agenda Introductions What is Cybersecurity? Crown jewels The bad
More informationPONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY
PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY Benchmark research sponsored by Raytheon. Independently conducted by Ponemon Institute LLC. February 2018 2018 Study on
More informationPutting the Pieces Together:
Putting the Pieces Together: Leveraging Current Audits to Solve the HITRUST Puzzle Presenter Gene Geiger, A-LIGN Partner - HITRUST Prac77oner CPA CISSP CCSK QSA PCIP ISO 27K LA performance resourceful
More informationQuali&es of an Effec&ve CISO
Quali&es of an Effec&ve CISO Miguel (Mike) O. Villegas CISA, CISSP, GSEC, CEH, PCI QSA, PA-QSA Vice President- K3DES LLC mike.villegas@k3des.com November 13, 2015 1 Abstract Hiring a Chief Informa?on Security
More informationCyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.
Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK. In today s escalating cyber risk environment, you need to make sure you re focused on the right priorities by
More informationA Disciplined Approach to Cyber Security Transformation
A Disciplined Approach to Cyber Security Transformation Information Protection and Business Resiliency December 2014 Key takeaways from today s cyber security discussion 1. Our colleagues are not waving
More informationCyber Security Capabilities
Cyber Security Capabilities Informa:on Assurance ü Vulnerability Assessment ü Penetra8on Tes8ng ü Informa8on Security Assessment ü Applica8on Security Evalua8on ü Network Traffic Assessment ü Cri8cality
More informationOWASP CISO Survey Report 2015 Tactical Insights for Managers
OWASP CISO Survey Report 2015 Tactical Insights for Managers Disclaimer The views and opinions expressed in this presentation are those of the author and not of any organisation. Everything I say is my
More informationA New Cyber Defense Management Regulation. Ophir Zilbiger, CRISC, CISSP SECOZ CEO
A New Cyber Defense Management Regulation Ophir Zilbiger, CRISC, CISSP SECOZ CEO Personal Background IT and Internet professional (since 1992) PwC (1999-2003) Global SME for Network Director Information
More informationCybersecurity in Higher Ed
Cybersecurity in Higher Ed 1 Overview Universities are a treasure trove of information. With cyber threats constantly changing, there is a need to be vigilant in protecting information related to students,
More informationStrengthening Cybersecurity Workforce Development December 2017
Strengthening Cybersecurity Workforce Development December 2017 Agenda 1. Introduc3ons SANS GIAC Team 2. Goal: 2017 Execu3ve Order 3. SANS GIAC NICE Workforce Framework (NCWF) Mapping Overview 4. Workforce
More informationRSA Advanced Security Operations Richard Nichols, Director EMEA. Copyright 2015 EMC Corporation. All rights reserved. 1
RSA Advanced Security Operations Richard Nichols, Director EMEA 1 What is the problem we need to solve? 2 Attackers Are Outpacing Defenders..and the Gap is Widening Attacker Capabilities The defender-detection
More informationBackground FAST FACTS
Background Terra Verde was founded in 2008 by cybersecurity, risk and compliance executives. The founders believed that the market needed a company that was focused on using security, risk and compliance
More informationbuilding a security culture to counter emerging cybersecurity threats
Academic Medical Center Security and Privacy Conference June 2017 building a security culture to counter emerging cybersecurity threats Chuck Kesler, MBA, CISSP, CISM Chief Information Security Officer
More informationCybersecurity. Securely enabling transformation and change
Cybersecurity Securely enabling transformation and change Contents... Cybersecurity overview Business drivers Cybersecurity strategy and roadmap Cybersecurity in practice CGI s cybersecurity offering Why
More informationBest Practices & Lesson Learned from 100+ ITGRC Implementations
Best Practices & Lesson Learned from 100+ ITGRC Implementations Presenter: Vivek Shivananda CEO of Rsam Dec 3, 2010 ISACA -NY Chapter Copyright 2002 2010 Relational Security Corp. (dba Rsam) Agenda Overview
More informationSteps to Take Now to be Ready if Your Organization is Breached Thursday, February 22 2:30 p.m. 3:30 p.m.
Steps to Take Now to be Ready if Your Organization is Breached Thursday, February 22 2:30 p.m. 3:30 p.m. The cyber threats are no longer a question of if, but when, a breach will occur. It is important
More informationIBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation
IBM X-Force 2012 & CISO Survey Cyber Security Threat Landscape 1 2012 IBM Corporation IBM X-Force 2011 Trend and Risk Report Highlights The mission of the IBM X-Force research and development team is to:
More informationApplica;on Security Guide for CISO & Survey Version 2, 2018 Edi;on Project Updates. Marco M. Morana, OWASP CISO Guide Project Lead
Applica;on Security Guide for CISO & Survey Version 2, 2018 Edi;on Project Updates Marco M. Morana, OWASP CISO Guide Project Lead Agenda 2013 OWASP CISO GUIDE VERSION 1 Why we developed Main Themes Lesson
More informationSOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT
RSA ARCHER IT & SECURITY RISK MANAGEMENT INTRODUCTION Organizations battle growing security challenges by building layer upon layer of defenses: firewalls, antivirus, intrusion prevention systems, intrusion
More information2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management. Follow Along
2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management Today s Speakers Olivia Munro Senior Marketing Specialist Eze Castle Integration Bob Shaw Director, Technical Architecture Eze Castle
More informationISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION
ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION Cathy Bates Senior Consultant, Vantage Technology Consulting Group January 30, 2018 Campus Orientation Initiative and Project Orientation Project
More informationMonitoring & Analy.cs Working Group Ini.a.ve PoC Setup & Guidelines
Monitoring & Analy.cs Working Group Ini.a.ve PoC Setup & Guidelines Copyright 2017 Open Networking User Group. All Rights Reserved Confiden@al Not For Distribu@on Outline ONUG PoC Right Stuff Innova@on
More informationwhitepaper How to Measure, Report On, and Actually Reduce Vulnerability Risk
whitepaper How to Measure, Report On, and Actually Reduce Vulnerability Risk Assure the board your company won t be the next data breach Introduction A solid vulnerability management program is critical
More informationSecuring global enterprise with innovation
IBM Cybersecurity Securing global enterprise with innovation Shamla Naidoo VP, IBM Global CISO August 2018 Topics 01 02 03 Securing Large Complex Enterprise Accelerating With Artificial Intelligence And
More informationOperationalizing Cybersecurity in Healthcare IT Security & Risk Management Study Quantitative and Qualitative Research Program Results
Operationalizing Cybersecurity in Healthcare - - 2017 IT Security & Risk Management Study Quantitative and Qualitative Research Program Results David S. Finn, CISA, CISM, CRISC Health IT Officer, Symantec
More informationChief Compliance Officer s (CCO s) Role in Cybersecurity Thursday, February 22 10:00 a.m. 11:00 a.m.
Chief Compliance Officer s (CCO s) Role in Cybersecurity Thursday, February 22 10:00 a.m. 11:00 a.m. Increased use of technologies such as mobile devices, social media and cloud computing has increased
More informationData Security and Privacy at Handshake
Data Security and Privacy at Handshake Introduction 3 A Culture of Security 3 Employee Background Checks 3 Dedicated Security and Privacy Teams 3 Ongoing Team Training 4 Compliance 4 FERPA 4 GDPR 4 Security
More informationForensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services
Forensic Technology & Discovery Services Forensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services Forensic Technology & Discovery Services EY s Forensic
More informationMoving Beyond the Heat Map: Making Better Decisions with Cyber Risk Quantification
A CLOSER LOOK Moving Beyond the Heat Map: Making Better Decisions with Cyber Risk Quantification A major cybersecurity event can dissolve millions of dollars in assets and tarnish even the strongest company
More informationINTELLIGENCE DRIVEN GRC FOR SECURITY
INTELLIGENCE DRIVEN GRC FOR SECURITY OVERVIEW Organizations today strive to keep their business and technology infrastructure organized, controllable, and understandable, not only to have the ability to
More informationDigital Health Cyber Security Centre
Digital Health Cyber Security Centre Current challenges Ransomware According to the ACSC Threat Report 2017, cybercrime is a prevalent threat for Australia. Distributed Denial of Service (DDoS) Targeting
More informationKeys to a more secure data environment
Keys to a more secure data environment A holistic approach to data infrastructure security The current fraud and regulatory landscape makes it clear that every firm needs a comprehensive strategy for protecting
More informationIT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18
Pierce County Classification Description IT SECURITY OFFICER Department: Information Technology Job Class #: 634900 Pay Range: Professional 18 FLSA: Exempt Represented: No Classification descriptions are
More informationCybersecurity is a Journey and Not a Destination: Developing a risk management culture in your business. Thursday, May 21, 2015
Cybersecurity is a Journey and Not a Destination: Developing a risk management culture in your business. Thursday, May 21, 2015 Cybersecurity is a Journey and Not a Destination: Developing a risk management
More informationCrea%ng a SARNET Alliance by applying the Service Provider Group Framework and by using the Ciena/GENI testbed
Crea%ng a SARNET Alliance by applying the Service Provider Group Framework and by using the Ciena/GENI testbed April 29 th 2015 Leon Gommans: leon.gommans@klm.com Content - Introduc@on - Security Autonomous
More informationPredictive Insight, Automation and Expertise Drive Added Value for Managed Services
Sponsored by: Cisco Services Author: Leslie Rosenberg December 2017 Predictive Insight, Automation and Expertise Drive Added Value for Managed Services IDC OPINION Competitive business leaders are challenging
More informationCAREER PATH FOR THE NEXT GENERATION RECORDS MANAGER
CAREER PATH FOR THE NEXT GENERATION RECORDS MANAGER San Jose State University October 1,2014 Presented by: Jim Merrifield, IGP, CIP, ERMs Jim Merrifield, IGP, CIP, ERMs Director of Informa.on Governance
More informationEvaluating Cybersecurity Coverage A Maturity Model. Presented to: ISACA Charlotte Chapter Vision for IT Audit 2020 Symposium
Discussion on: Evaluating Cybersecurity Coverage A Maturity Model Presented to: ISACA Charlotte Chapter Vision for IT Audit 2020 Symposium By: Eric C. Lovell PricewaterhouseCoopers LLP ( PwC ) March 24,
More informationVice President and Chief Information Security Officer FINRA Technology, Cyber & Information Security
Plenary Session: Cybersecurity the Current Regulatory Environment: Insight from Regulators and Industry Experts Thursday, February 22 3:45 p.m. 4:45 p.m. With recent high-profile data breaches, cybersecurity
More informationTHE LIFE AND TIMES OF CYBERSECURITY PROFESSIONALS
SESSION ID: AST3-R02 THE LIFE AND TIMES OF CYBERSECURITY PROFESSIONALS Jon Oltsik Senior Principal Analyst Enterprise Strategy Group @joltsik Candy Alexander, CISSP CISM International Board Director ISSA
More informationIMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES
IMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES Introductions Agenda Overall data risk and benefit landscape / shifting risk and opportunity landscape and market expectations Looking at data
More informationPULLING OUR SOCS UP VODAFONE GROUP AT RSAC Emma Smith. Andy Talbot. Group Technology Security Director Vodafone Group Plc
#RSAC SESSION ID: AIR-R04 PULLING OUR SOCS UP VODAFONE GROUP AT RSAC 2018 Emma Smith Group Technology Security Director Vodafone Group Plc Andy Talbot Global Head of Cyber Defence Vodafone Group Plc Pulling
More informationVendor Management: SSAE 18. Presented by Joseph Kirkpatrick CISSP, CISA, CGEIT, CRISC, QSA Managing Partner
Vendor Management: SSAE 18 Presented by Joseph Kirkpatrick CISSP, CISA, CGEIT, CRISC, QSA Managing Partner Audio Handouts Questions Welcome Joseph Kirkpatrick is the Managing Partner at KirkpatrickPrice
More informationCYBER SOLUTIONS & THREAT INTELLIGENCE
CYBER SOLUTIONS & THREAT INTELLIGENCE STRENGTHEN YOUR DEFENSE DarkTower is a global advisory firm focused on security for some of the world s leading organizations. Our security services, along with real-world
More informationwith Advanced Protection
with Advanced Email Protection OVERVIEW Today s sophisticated threats are changing. They re multiplying. They re morphing into new variants. And they re targeting people, not just technology. As organizations
More informationManaging Cybersecurity Risk: Internal and External Assurance
Managing Cybersecurity Risk: Internal and External Assurance William Dilla, Ph.D., CPA Union Pacific / Charles B. Handy Professor Chair, Department of Accounting How NOT to manage cybersecurity Source:
More informationCLOUD SERVICES. Cloud Value Assessment.
CLOUD SERVICES Cloud Value Assessment www.cloudcomrade.com Comrade a companion who shares one's ac8vi8es or is a fellow member of an organiza8on 2 Today s Agenda! Why Companies Should Consider Moving Business
More informationBuild Your Zero Trust Security Strategy With Microsegmentation
Why Digital Businesses Need A Granular Network Segmentation Approach GET STARTED Overview The idea of a secure network perimeter is dead. As companies rapidly scale their digital capabilities to deliver
More informationGDPR ESSENTIALS END-USER COMPLIANCE TRAINING. Copyright 2018 Logical Operations, Inc. All rights reserved.
GDPR ESSENTIALS END-USER COMPLIANCE TRAINING 1 POTENTIAL MAXIMUM GDPR PENALTY 2 WHAT IS DATA PRIVACY? MOST NOTABLE US/CA PRIVACY LAWS Federal Trade Commission Act, Sec4on 5 California Online Privacy Protec4on
More informationRun the business. Not the risks.
Run the business. Not the risks. RISK-RESILIENCE FOR THE DIGITAL BUSINESS Cyber-attacks are a known risk to business. Today, with enterprises becoming pervasively digital, these risks have grown multifold.
More informationHow to get the Enterprise to Understand the Value of Security
PART 1 of 2 Insight into Security Leader Success How to get the Enterprise to Understand the Value of Security A SEC Research Finding Intended Audience This presentation is intended for security leaders
More informationBETTER TECH GOVERNANCE IS BETTER FOR BUSINESS
1 Better Tech Governance is Better for Business BETTER TECH GOVERNANCE IS BETTER FOR BUSINESS AN ISACA RESEARCH REPORT 2 Better Tech Governance is Better for Business Non-stop cyber-threats and ongoing
More informationCybersecurity for Service Providers
Cybersecurity for Service Providers Alexandro Fernandez, CISSP, CISA, CISM, CEH, ECSA, ISO 27001LA, ISO 27001 LI, ITILv3, COBIT5 Security Advanced Services February 2018 There are two types of companies:
More informationSECOPS: NAVIGATE THE NEW LANDSCAPE FOR PREVENTION, DETECTION AND RESPONSE
SESSION ID: SBX4W5 SECOPS: NAVIGATE THE NEW LANDSCAPE FOR PREVENTION, DETECTION AND RESPONSE Dara Such VP & Publisher, Security Networking and IoT TechTarget @darasuch What we ll cover today State of SecOps:
More informationCredit Union Cyber Crisis: Gaining Awareness and Combatting Cyber Threats Without Breaking the Bank
Credit Union Cyber Crisis: Gaining Awareness and Combatting Cyber Threats Without Breaking the Bank Introduction The 6,331 credit unions in the United States face a unique challenge when it comes to cybersecurity.
More informationBuilding a Security & Compliance Strategy with the Cloud
Building a Security & Compliance Strategy with the Cloud AGENDA Introductions Definition and Overview Current Threat Landscape Current Compliance Landscape Shared Responsibility Five Steps Final Thoughts
More informationIntelligent Building and Cybersecurity 2016
Intelligent Building and Cybersecurity 2016 Landmark Research Executive Summary 2016, Continental Automated Buildings Association Presentation Contents 1. About CABA, Compass Intelligence & This Research
More informationin Action Delivering the digital enterprise Human Centric Innovation Ralf Salzmann Manager OEM
Delivering the digital enterprise The five stages of infrastructure evolution Ralf Salzmann Human Centric Innovation in Action Manager OEM Sales @Brocade Agenda BRCD Company details What does digital mean
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationA View from Inside: Perspectives of In-House Counsel Responsible for Addressing Cyber and Data Privacy Issues
Cybersecurity and Data Privacy Law Conference January 26, 2017 A View from Inside: Perspectives of In-House Counsel Responsible for Addressing Cyber and Data Privacy Issues Panelists: Altresha Burchett-Williams,
More informationPrescriptive Security Operations Centers. Leveraging big data capabilities to build next generation SOC
Prescriptive Security Operations Centers Leveraging big data capabilities to build next generation SOC Cyber Security Industry in constant renewal in 2016 and 2017 1 Tbps Mirai IoT Botnet broke the Internet
More informationHearing Voices: The Cybersecurity Pro s View of the Profession
SESSION ID: AST2-W02 Hearing Voices: The Cybersecurity Pro s View of the Profession Jon Oltsik Senior Principal Analyst and ESG Fellow Enterprise Strategy Group @joltsik Candy Alexander, CISSP CISM International
More informationBREAKING BARRIERS TO COLLABORATE WITH THE C-SUITE
BREAKING BARRIERS TO COLLABORATE WITH THE C-SUITE 31st Annual SoCal ISSA Security Symposium Wendy T. Wu Vice President Agenda + CISO: Then and Now + Who are the Stakeholders and What Do They Care About?
More informationTHE IMPLICATIONS OF PERFORMANCE, SECURITY, AND RESOURCE CONSTRAINTS IN DIGITAL TRANSFORMATION
THE IMPLICATIONS OF PERFORMANCE, SECURITY, AND RESOURCE CONSTRAINTS IN DIGITAL TRANSFORMATION CONTENTS EXECUTIVE SUMMARY HANDLING CONFLICTING RESPONSIBILITIES WITH CARE DIGITAL TRANSFORMATION CREATES NEW
More informationTurning Risk into Advantage
Turning Risk into Advantage How Enterprise Wide Risk Management is helping customers succeed in turbulent times and increase their competitiveness Glenn Tjon Partner KPMG Advisory Presentation Overview
More informationCybersecurity and Examinations
Tim Segerson, Deputy Director NCUA E&I Cybersecurity and Examinations October 6, 2016 Chicago, IL Connected Devices Declining costs + increased bandwidth + powerful algorithms will spur a new information
More informationTrends in Next Generation Data Center Infrastructure. Summary Results January 2018
Trends in Next Generation Data Center Infrastructure Survey Summary Between October 2017 and January 2018 Gatepoint Research invited selected executives to participate in a survey themed Trends in Next
More informationCloud Connections SEE Partner Summit Janos Strausz Product Sales Specialist, DC
Cloud Connections SEE Partner Summit 2015 Janos Strausz Product Sales Specialist, DC 75% of Businesses To be Digital in 5 years 1 81% 80% 81% 80% Mobile Technologies Mobile for Technologies Customer for
More informationWHITEPAPER HEALTHCARE S KEY TO DEFEATING CYBERATTACKS
July 2018 WHITEPAPER HEALTHCARE S KEY TO DEFEATING CYBERATTACKS JUST WHAT THE DOCTOR ORDERED... PROTECT PATIENT DATA, CLINICAL RESEARCH AND CRITICAL INFRASTRUCTURE HEALTHCARE S KEY TO DEFEATING IOT CYBERATTACKS
More informationRightNow Technologies Best Practices Implementation Guide. RightNow Technologies, Inc.
RightNow Technologies Best Practices Implementation Guide RightNow Technologies, Inc. www.rightnow.com http://rightnow.custhelp.com Welcome Welcome to the RightNow Technologies Best Practice Implementation
More informationNever a dull moment. Media Conference «Clarity on Cyber Security» 24 May 2016
Never a dull moment Media Conference «Clarity on Cyber Security» 24 May 2016 1 Introduction 2 Why this study? 3 Methodology of the survey Online survey with 43 questions 60 participants from C-Level 35
More informationDeMystifying Data Breaches and Information Security Compliance
May 22-25, 2016 Los Angeles Convention Center Los Angeles, California DeMystifying Data Breaches and Information Security Compliance Presented by James Harrison OM32 5/25/2016 3:00 PM - 4:15 PM The handouts
More informationNetWitness Overview. Copyright 2011 EMC Corporation. All rights reserved.
NetWitness Overview 1 The Current Scenario APT Network Security Today Network-layer / perimeter-based Dependent on signatures, statistical methods, foreknowledge of adversary attacks High failure rate
More informationThe Deloitte-NASCIO Cybersecurity Study Insights from
The Deloitte-NASCIO Cybersecurity Study Insights from 2010-2016 August 21, 2018 Srini Subramanian State Government Sector Leader Deloitte Erik Avakian CISO Pennsylvania Michael Roling CISO Missouri Meredith
More informationEvolving the Security Strategy for Growth. Eric Schlesinger Global Director and CISO Polaris Alpha
Evolving the Security Strategy for Growth Eric Schlesinger Global Director and CISO Polaris Alpha Evolving the Security Strategy for Growth Where Do We Start? Our History, Making History In late 2016,
More informationWHITE PAPER. Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale
WHITE PAPER Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale One key number that is generally
More informationIntroducing Cyber Observer
"Organizations are failing at early breach detection, with more than 92% of breaches undetected by the breached organization. The situation can be improved with stronger threat intelligence, the addition
More informationAngela McKay Director, Government Security Policy and Strategy Microsoft
Angela McKay Director, Government Security Policy and Strategy Microsoft Demographic Trends: Internet Users in 2005.ru.ca.is.uk.nl.be.no.de.pl.ua.us.fr.es.ch.it.eg.il.sa.jo.tr.qa.ae.kz.cn.tw.kr.jp.mx.co.br.pk.th.ph.ng.in.sg.my.ar.id.au
More information2015 VORMETRIC INSIDER THREAT REPORT
Research Conducted by Research Analyzed by 2015 VORMETRIC INSIDER THREAT REPORT Trends and Future Directions in Data Security GLOBAL EDITION #2015InsiderThreat EXECUTIVE PERSPECTIVE 1 INSIDER THREATS:
More informationCloud Computing: A European Perspective. Rolf von Roessing CISA, CGEIT, CISM International Vice President, ISACA
Cloud Computing: A European Perspective Rolf von Roessing CISA, CGEIT, CISM International Vice President, ISACA Overview Cloud Universe Definitions Cloud Risks in Europe Governance, Risk and Compliance
More informationThe State of Cybersecurity and Digital Trust 2016
The State of Cybersecurity and Digital Trust 2016 Identifying Cybersecurity Gaps to Rethink State of the Art Executive Summary Executive Summary While the advent of digital technology has fueled new business
More informationBridging the Insurance/InfoSec Gap: The SANS 2016 Cyber Insurance Survey
Bridging the Insurance/InfoSec Gap: The SANS 2016 Cyber Insurance Survey Barbara Filkins, CISSP, GSEC, GLSC Senior SANS Analyst 2016 The SANS InsBtute www.sans.org Why We Are Here.. Problem: 1. Cyber insurance
More informationUniversal Acceptance. ICANN 52 9 February 2015
Universal Acceptance ICANN 52 9 February 2015 Agenda q Introduction to Universal Acceptance q High priority issues q Marketing and communications approach q Call for a global community initiative q Next
More informationData-centric security What is new? from perimeter/infrastructure to data-centric security
Data-centric security What is new? from perimeter/infrastructure to data-centric security Dr. Olaf Riebe, Head Business Unit ECM Bern, 23th of June 2015 Status quo and challenges changing environments
More informationWhat It Takes to be a CISO in 2017
What It Takes to be a CISO in 2017 Doug Copley Deputy CISO Sr. Security & Privacy Strategist February 2017 IMAGINE You re the CISO In Bangladesh Of a bank On a Friday when you re closed You realize 6 huge
More informationState Governments at Risk: State CIOs and Cybersecurity. CSG Cybersecurity and Privacy Policy Academy November 2, 2017
State Governments at Risk: State CIOs and Cybersecurity CSG Cybersecurity and Privacy Policy Academy November 2, 2017 About NASCIO National association representing state chief information officers and
More informationPolicy Session 4 Identifying Risk: An abundance of Potential Shock Waves
Policy Session 4 Identifying Risk: An abundance of Potential Shock Waves Ray Stanton Interim Group CiSO & Director Digital Risk, National Grid &, Group CiSO/CiRO, Redwood Technologies Group 9 th May 2017
More informationSensitive Data Loss is NOT Inevitable
Sensitive Data Loss is NOT Inevitable Dan Geer, CISO In-Q-Tel Featured Speaker Heidi Shey, Security Analyst, Forrester Research Agenda Introduction Time for a Change Dan Geer, In-Q-Tel How to Overcome
More informationGEORGIA CYBERSECURITY WORKFORCE ACADEMY. NASCIO 2018 State IT Recognition Awards
GEORGIA CYBERSECURITY WORKFORCE ACADEMY NASCIO 2018 State IT Recognition Awards Title: Georgia Cybersecurity Workforce Academy Category: Cybersecurity State: Georgia Contact: Stanton Gatewood Stan.Gatewood@gta.ga.gov
More information