NEW TECHNOLOGIES IN CYBER SECURITY - COMPETITIVE ADVANTAGE OR HIDDEN THREAT: MALAYSIA S EXPERIENCE
|
|
- Alvin Gordon
- 5 years ago
- Views:
Transcription
1 NEW TECHNOLOGIES IN CYBER SECURITY - COMPETITIVE ADVANTAGE OR HIDDEN THREAT: MALAYSIA S EXPERIENCE by DATO DR. HAJI AMIRUDIN ABDUL WAHAB Chief Executive Officer 22 Sep 2017 Copyright CyberSecurity Malaysia
2 DIGITAL ENVIRONMENT - Emerging Technologies
3 DIGITAL DISRUPTION Threat or Opportunity? It's great to be part of the disruptors, but scary when we are the one being disrupted 3
4 CURRENT DIGITAL LANDSCAPE DON T FEEL PREPARED NEED PROTECTION AGAINTS ATTACKS EXPECT RISKS & VULNERABILITIES TO INCREASE While IIoT may bring new challenges and risks, the fundamentals of security still apply. Organizations don t need to find new security controls, rather they need to figure out how to apply best practices in new environments - Tim Erlins, Director, Security & IT Risk Strategist, Tripwire EXPECT SECURITY ATTACKS TO INCREASE EXPECT IIOT DEPLOYMENT TO RISE Source: Dimensional Research for Tripwire (March 2017) ( 4
5 IoT - CAN TURN INTO INTERNET OF THREATS - More Devices With More Vulnerabilities, - James Bone, Cognitive Hack
6 CYBER SECURITY HAS BECOME A MAJOR SECURITY CONCERN & FACTS ABOUT THE FINANCIAL IMPACTS OF CYBER ATTACKS 1. Cyber crime damage costs to hit $6 trillion annually by Cybersecurity spending to exceed $1 trillion from 2017 to Cyber crime will more than triple the number of unfilled cyber security jobs, which is predicted to reach 3.5 million by Human attack surface to reach 4 billion people by Global ransomware damage costs are predicted to exceed $5 billion in Copyright CyberSecurity Malaysia 6
7 Evolution of Cyber Attacks 7
8 UNDERSTANDING CYBER THREAT & POTENTIAL RISKS 8
9 9
10 CYBER SECURITY IS TOP MANAGEMENT ISSUE -Cyber Risks and Impacts of Cyber Attacks Brand impact Regulatory impact Sensitive media scrutiny Customer churn Loss of business due to critical intellectual asset loss Independent audits Regulatory fines Restriction on information sharing Implementation of comprehensive security solutions Financial impact Operational impact Detection and escalation Notification Lost business Response costs Competitive disadvantage Diversion of employees from strategic initiatives to work on damage control 10
11 RISKS OF CYBER ATTACKS - Financial Impacts 11
12 GLOBAL NEWS IN Operational Impacts This growth in DDoS was bad news for UK businesses, which were the second most targeted during Q2 2017, suffering over 32.5 million attacks. The US took the unfortunate top spot, being subjected to over million attacks in just three months. A major ransomware attack has brought businesses to a close throughout Europe, in an infection reminiscent of last month s WannaCry attack. The most severe damage is being reported by Ukrainian businesses, with systems compromised at Ukraine s central bank, state telecom, municipal metro, and Kiev s Boryspil Airport. 12
13 CYBER ATTACKS IN ASIA PACIFIC - Operational Impacts Source : Cyber_Risk_In_Asia-Pacific_The_Case_For_Greater_Transparency by Oliver Wyman 13
14 RISKS OF CYBER ATTACKS - Impacts on Image and Branding
15 RISKS OF CYBER ATTACKS - Impacts on Image 15
16 RISKS OF CYBER ATTACKS - Regulatory and Legal Impacts The cord-blood bank agreed to settle Federal Trade Commission charges it failed to protect customer data due to inadequate security that exposed Social Security and credit-card information on 300,000 people. Source: 16
17 THE IMPACTS OF EMERGING CYBER ATTACKS CAN BE MORE DAMAGING 17 17
18 MALAYSIA S DIGITAL LANDSCAPE 18
19 MALAYSIA IS TRANSFORMING ITSELF TO BECOME A DIGITAL NATION FinTech - technologies that are disrupting traditional financial services i.e. mobile payments, money transfers, loans.investment in Fintech around the world has increased dramatically from $930 million in 2008 to more than $12 billion by early Accenture Source: 19
20 CYBER ATTACKS - RISK OF HIGHEST CONCERN IN MALAYSIA 20
21 Malaysia s Top Security Concerns 2017 Personal safety 65 Financial obligations 68 Natural disasters 69 Online shopping 73 War/terrorism 73 Virus/hacking 77 ID theft 87 Bankcard Fraud Source: 2017 UniSys Security Index 21
22 CYBER INCIDENTS REFERRED TO CYBERSECURITY MALAYSIA ( AUGUST 2017) Type of incidents: (Excluding Spam) 1. Intrusion Intrusion Attempt Denial Intrusion of Service Attempt Attack (DOS) Fraud Denial of Service Attack (DOS) Cyber Fraud Harassment Spam Cyber Harassment Content Spam Related Vulnerabilities Content Related Report Malicious Vulnerabilities Codes Report 9. Malicious Codes As of 31 Aug
23 Cyber Security Incident (1 Jan -31 Aug 2017) Cyber Security Incident Jan Feb Mar Apr May June Jul Aug Total Fraud Intrusion Malicious Code Cyber Harassment Content Related Intrusion Attempt Spam DDoS Vulberabilities Total
24 MALAYSIA S REGIONAL APPROACH & ENGAGEMENT WITH PROFESSIONAL COMMUNITY - Turning the risks into opportunities 24
25 Adoption of HOLISTIC APPROACH that identifies potential threats to CNII organization and impacts to the national security & public well-being AND; to develop the nation to become cyber resilience having the capability to safeguard the interests of its stakeholders, reputation, brand and value creating activities 25
26 RISK MANAGEMENT THROUGH TECHNOLOGY (LEVERAGING NEW TECHNOLOGIES TO STAY AHEAD OF EMERGING THREATS) 26
27 TRADITIONAL CYBER SECURITY APPROACH - Important but not sufficient Leaves significant gaps in cyber defence Most APT malware lies dormant and remains undetected A new approach is required to address APT and new breed of cyber attacks Malware is racing ahead and existing security tools can not keep up...intelligent & automated threat detection and response is absolutely critical moving forward 27
28 A Time of Great Risk: The Time Between Compromise and Mitigation Source: ciosummits.com 28
29 SECURITY INNOVATION NEED TO EVOLVE WITH TECHNOLOGY ADVANCEMENT 29
30 ENSURING CONTINUITY OF BUSINESS OPERATION via ADAPTIVE SECURITY To be more proactive, dynamic and integrated in cyber security approach 30
31 User and Entity Behaviour Analytics (UEBA) Source:sqrrl.com 31
32 NEW TECHNOLOGIES AS NEW CYBER TOOLS SECURITY INTELLIGENT Building Security Descriptive, Predictive and Prescriptive Analytics Capabilities innovative data scientists and architects already realize that semantics is the key to delivering meaning and context to information. Adaptive Learning Algorithms can detect the step-by-step penetration of APT malware (Phishing, Trojans, Adware, Botnets...) 32
33 Way Forward - Key Questions to CISO Source:ibm.com 33
34 RISK MANAGEMENT THROUGH PROCESS (POLICY FRAMEWORK, LEGAL & GOVERNANCE, QUALITY MANAGEMENT & BEST PRACTICES AND DOMESTIC & INTERNATIONAL COOPERATION) 34
35 Cyber Security Eco System in Malaysia POLICY Formulating & Coordinating Policy NATIONAL SECURITY COUNCIL NATIONAL CYBER SECURITY AGENCY (NACSA) NATIONAL CYBER SECURITY POLICY Government Agencies Critical Information Infrastructure Internet Service Providers Industry Academia Cyber Security Professionals Public LAW ENFORCEMENT AGENCIES & REGULATORS Preventing & Combating Terrorism through Law Enforcement ROYAL MALAYSIAN POLICE BANK NEGARA MALAYSIA MALAYSIAN COMMUNICATION & MULTIMEDIA COMMISSION TECHNICAL SUPPORT Providing Technical Supports & Services CYBERSECURITY MALAYSIA
36 NATIONAL CYBER SECURITY POLICY VISION Thrust 1: Effective Governance Thrust 2: Legislative & Regulatory Framework Malaysia s CNII shall be secure, resilient and self-reliant. Infused with a culture of security it will promote stability, social well being and wealth creation Energy Banking & Finance Thrust 5: R&D Towards Self Reliance Thrust 6: Compliance & Enforcement Thrust 3: Cyber Security Technology Framework Government Service Emergency Services Water Health Service s Defense & Security Food & Agriculture Thrust 7: Cyber Security Emergency Readiness Thrust 4: Culture of Security & Capacity Building Transportation Information & Communication Critical National Information Infrastructure (CNII) Thrust 8: International Cooperation
37 MALAYSIA S CYBER SECURITY SERVICES - via Proactive and Responsive Services 37
38 RESPONSIVE AND MITIGATIVE ACTIONS - Minimize Impacts of Cyber Attacks via Cyber Crisis Management X-MAYA - National Cyber Crisis Exercise (Cyber Drill) conducted by CyberSecurity Malaysia in collaboration with the National Security Council. The X-MAYA - to assess and improve the National Cyber Crisis Management Plan together with CNII's readiness against the threat of cyber attacks.
39 CYBER SECURITY EMERGENCY READINESS
40 RESPONSIVE AND RECOVERY ACTIONS - Minimizing and recovering from losses CyberD.E.F Detection Eradication Forensic 40
41 HANDLING OF RANSOMWARE CASES - Post-event Crisis Management [TRANSLATION OF THE NEWS HEADLINES: MYCERT DEFEATED RANSOMWARE] 41
42 RISK-BASED CYBER SECURITY via DOMESTIC & INTERNATIONAL COLLABORATION - ASEAN CERT ITU CSCAP ARF OIC CERT FIRST APCERT SOVEREIGN STATES VIA BILATERAL/MULTIL ATERAL ENGAGEMENT Regional and Global Cyber Security Cooperation INTERNATIONAL SECURITY Protecting Common Interests Confidence Building Measures DOMESTIC SECURITY Protecting National Security, Prosperity and Public Safety Legal and Policy Framework Public Private Partnership
43 INFORMATION SHARING IN COMBATING CYBER CRIME - Minimizing Risks of Cyber Attacks
44 RISK MANAMENT THROUGH PEOPLE (THE WEAKEST LINK HUMAN) 44
45 NATIONAL STRATEGY FOR CYBER SECURITY ACCULTURATION & CAPACITY BUILDING PROGRAM The study was completed in November 2010 The capacity building programs are targeted towards Critical National Information Infrastructure (CNII) Focusing on efforts to increase the knowledge and skill sets on the information security workforce Aimed at creating a quality and well-equipped information security workforce and promoting recognition of the Information Security profession. 45
46 MALAYSIA S APPROACH IN CAPACITY BUILDING THROUGH BILATERAL & MULTI LATERAL PARTNERSHIP As cyber threats become more diverse, persistent and sophisticated; there is a need for bi-lateral & multistakeholders partnership in cyber security capacity building to formulate a framework for the creation of a competent cybersecurity workforce both at national and regional levels 4
47 PARTNERSHIP TO DEVELOP MORE CYBER SECURITY PROFESSIONALS 47 47
48 PARTNERSHIP IN PRODUCING MORE CYBER SECURITY TALENTS WITH THE LOCAL UNIVERSITIES Universities & Higher Learning Institutions The National University of Malaysia Ministry of Education Department of Polytechnic Education Department Of Community College Education International Islamic University Malaysia (IIUM) Universiti Tunku Abdul Rahman (UTAR) University of Kuala Lumpur (UniKL) University Putra Malaysia (UPM) Multimedia University (MMU) University Teknikal Malaysia Melaka (UTeM) etc 48
49 PARTNERSHIP IN CYBERSECURITY R&D ACTIVITIES Staying Ahead Through Innovative & Effective R&D Capacity Building Programs To Identify Technologies That Are Relevant and Desirable by the CNII To Promote Collaboration with International Centres of Excellence To Provide Domain Competency Development 49
50 OUR ACHIEVEMENTS SO FAR The Global Cybersecurity Index (GCI) is a survey that measure the commitment of Member States to cyber security The assessment were weighted based on the five pillars of the GCI below: 1. Legal: Measured based on the existence of legal institutions and frameworks dealing with cybersecurity and cybercrime. 2. Technical: Measured based on the existence of technical institutions and frameworks dealing with cybersecurity. 3. Organizational: Measured based on the existence of policy coordination institutions and strategies for cybersecurity development at the national level. 4. Capacity Building: Measured based on the existence of research and development, education and training programmes; certified professionals and public sector agencies fostering capacity building. 5. Cooperation: Measured based on the existence of partnerships, cooperative frameworks and information sharing networks. 50
51 ITU GLOBAL CYBER SECURITY INDEX Malaysia is 3rd in Global Ranking COUNTRY GCI SCORE LEGAL TECHNICAL ORGANIZATIONAL CAPACITY BUILDING COOPERATION 51
52 The Global Cybersecurity Index (GCI) Top three countries in Asia and the Pacific region 52
53 CONCLUSION AND WAY FORWARD Our approach to cope with emerging new technologies should be equally intelligent by adopting holistic strategy and through the use of new cyber tools To effectively apply cyber security fundamentals with innovative features and techniques Strengthening Public-Private-Partnership and International Collaboration To evolve in parallel with technology by enhancing: Sharing of Information amongst relevant parties Cyber Incidents Response and Coordination Innovative & Collaborative Research Capacity Building Cyber Security Awareness and Education 53
54
MALAYSIA S APPROACH IN CAPACITY BUILDING. Dr Amirudin Abdul Wahab Chief Executive Officer CyberSecurity Malaysia 24 March 2017
MALAYSIA S APPROACH IN CAPACITY BUILDING Dr Amirudin Abdul Wahab Chief Executive Officer CyberSecurity Malaysia 24 March 2017 Copyright 2017 CyberSecurity Malaysia ASEAN s JOURNEY TOWARDS DIGITAL TRANSFORMATION
More informationAre Cyber Security Exercises Useful? The Malaysian Case Study. Adli Wahid Head of Malaysia CERT (MyCERT) Twitter: adliwahid
Are Cyber Security Exercises Useful? The Malaysian Case Study Adli Wahid Head of Malaysia CERT (MyCERT) Email adli@cybersecurity.my Twitter: adliwahid I am HERE 2 Key Points 1. 2. 3. 4. 5. 3 Cyber Security
More informationCritical Information Infrastructure Protection. Role of CIRTs and Cooperation at National Level
Critical Information Infrastructure Protection Role of CIRTs and Cooperation at National Level 1 Global Cybersecurity Agenda (GCA) GCA is designed for cooperation and efficiency, encouraging collaboration
More informationRohana Palliyaguru Director -Operations Sri Lanka CERT CC APCERT AGM and Conference, 24 th October 2018 Shanghai, China MINISTRY OF TELECOMMUNICATION
Rohana Palliyaguru Director -Operations Sri Lanka CERT CC APCERT AGM and Conference, 24 th October 2018 Shanghai, China SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE Agenda o About Sri
More informationThe UK s National Cyber Security Strategy
The UK s National Cyber Security Strategy 2016 2021 Vision for 2021: The UK is secure and resilient to cyber threats, prosperous and confident in the digital world 1 National Cyber Security Strategy 2016
More informationUNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21
National and Cyber Security Branch Presentation for Gridseccon Quebec City, October 18-21 1 Public Safety Canada Departmental Structure 2 National and Cyber Security Branch National and Cyber Security
More informationCybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce
Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce 5-8 September 2017 Yogyakarta, Indonesia Sameer Sharma Senior Advisor ITU Digital Infrastructure for Connectivity SDGs Evolution
More informationKey Findings from the Global State of Information Security Survey 2017 Indonesian Insights
www.pwc.com/id Key Findings from the State of Information Security Survey 2017 n Insights Key Findings from the State of Information Security Survey 2017 n Insights By now, the numbers have become numbing.
More informationAbout Issues in Building the National Strategy for Cybersecurity in Vietnam
Vietnam Computer Emergency Response Team - VNCERT About Issues in Building the National Strategy for Cybersecurity in Vietnam Vu Quoc Khanh Director General Outline Internet abundance Security situation
More informationEmerging Technologies The risks they pose to your organisations
Emerging Technologies The risks they pose to your organisations 10 June 2016 Digital trends are fundamentally changing the way that customers behave and companies operate Mobile Connecting people and things
More informationCanada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?
Canada Highlights Cybersecurity: Do you know which protective measures will make your company cyber resilient? 21 st Global Information Security Survey 2018 2019 1 Canada highlights According to the EY
More informationCOMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN
COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN 24-27 July 2016 1 CONTENT INTRODUCTION POLICY OBJECTIVES POLICY AND LEGISLATIVE PRINCIPLES CYBER SECURITY STRATEGY CHALLENGES AND OPPORTUNITIES CAPACITY BUILDING
More informationAre we breached? Deloitte's Cyber Threat Hunting
Are we breached? Deloitte's Cyber Threat Hunting Brochure / report title goes here Section title goes here Have we been breached? Are we exposed? How do we proactively detect an attack and minimize the
More informationENISA EU Threat Landscape
ENISA EU Threat Landscape 24 th February 2015 Dr Steve Purser ENISA Head of Department European Union Agency for Network and Information Security www.enisa.europa.eu Agenda ENISA Areas of Activity Key
More informationCritical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.
Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach. By Christopher Ganizani Banda ICT Development Manager Malawi Communications Regulatory Authority 24-26th July,2016 Khartoum,
More informationNIGERIAN CYBERCRIME LAW: WHAT NEXT? BY CHINWE NDUBEZE AT THE CYBER SECURE NIGERIA 2016 CONFERENCE ON 7 TH APRIL 2014
NIGERIAN CYBERCRIME LAW: WHAT NEXT? BY CHINWE NDUBEZE AT THE CYBER SECURE NIGERIA 2016 CONFERENCE ON 7 TH APRIL 2014 OUR MANDATE O The EFCC is the agency charged with the responsibility for the enforcement
More informationThe Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless
The Republic of Korea Executive Summary Today, cyberspace is a new horizon with endless possibilities, offering unprecedented economic and social benefits. However, on account of its open, anonymous and
More informationCybersecurity Strategy of the Republic of Cyprus
Cybersecurity Strategy of the Republic of Cyprus George Michaelides Commissioner of Electronic Communications and Postal Regulation http://www.ocecpr.org.cy 12 th February 2016 Cybersecurity Strategy of
More informationPhysical security advisory services Securing your organisation s future
Physical security advisory services Securing your organisation s future August 2018 KPMG.com/in Physical security threats on the rise In a dynamic geo-political, economic and social environment, businesses
More informationProvisional Translation
Provisional Translation Environmental Change Vision to aim as a Goal Merger and Integration of Cyberspace and Real-space [expansion/penetration, progress of the use/application, global] Increasing Serious
More informationEuropean Union Agency for Network and Information Security
Critical Information Infrastructure Protection in the EU Evangelos Ouzounis Head of Secure Infrastructure and Services Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European Union Agency
More informationPROTECTING NATIONAL CRITICAL INFRASTRUCTURE AGAINST CYBER ATTACKS BEST PRACTICES RELATED TO TECHNOLOGY AND STANDARDS FROM EUROPE BANGKOK
PROTECTING NATIONAL CRITICAL INFRASTRUCTURE AGAINST CYBER ATTACKS BEST PRACTICES RELATED TO TECHNOLOGY AND STANDARDS FROM EUROPE BANGKOK 23.11.2015 DEFINITION OF CRITICAL INFRASTRUCTURE US EU The nation's
More informationDETECTION, ERADICATION & FORENSIC: CYBER THREATS INTELLIGENCE MODEL FOR CNII ORGANIZATIONS
DETECTION, ERADICATION & FORENSIC: CYBER THREATS INTELLIGENCE MODEL FOR CNII ORGANIZATIONS PREPARED BY : NURUL HUSNA MOHD NOR HAZALIN ZAHRI YUNOS ABOUT CYBERSECURITY MALAYSIA NATIONAL SECURITY COUNCIL
More informationNATIONAL STRATEGY:- MALAYSIAN EXPERIENCE
NATIONAL STRATEGY:- MALAYSIAN EXPERIENCE Devi Annamalai Security, Trust and Governance MCMC 28th August 2007 Hanoi. Vietnam BACKGROUND MCMC is a statutory body established under the Malaysian Communications
More informationCommonwealth Cyber Declaration
Commonwealth Cyber Declaration Recognising that the development of cyberspace has made a powerful contribution to the economic, social, cultural and political life of the Commonwealth; Underlining that
More informationBradford J. Willke. 19 September 2007
A Critical Information Infrastructure Protection Approach to Multinational Cyber Security Events Bradford J. Willke 19 September 2007 Overview A framework for national Critical Information Infrastructure
More informationGujarat Forensic Sciences University
Gujarat Forensic Sciences University Knowledge Wisdom Fulfilment Cyber Security Consulting Services Secure Software Engineering Infrastructure Security Digital Forensics SDLC Assurance Review & Threat
More informationRisk Advisory Academy Training Brochure
Academy Brochure 2 Academy Brochure Cyber Security Our Cyber Security trainings are focused on building your internal capacity to leverage IT related technologies more confidently and manage risk and uncertainty
More informationPromoting Global Cybersecurity
Promoting Global Cybersecurity Presented to ITU-T Study Group 17 Geneva, Switzerland 6 October 2005 Robert Shaw ITU Internet Strategy and Policy Advisor ITU Strategy and Policy Unit 1 Agenda Critical Infrastructures
More informationBusiness continuity management and cyber resiliency
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Business continuity management and cyber resiliency Introductions Eric Wunderlich,
More informationCYBER CRIME LEGISLATION COURSE MALAYSIAN COMMUNCIATIONS AND MULTIMEDIA COMMISSION MALAYSIA
CYBER CRIME LEGISLATION COURSE MALAYSIAN COMMUNCIATIONS AND MULTIMEDIA COMMISSION MALAYSIA NATIONAL STRATEGY IN MANAGEMENT OF CYBER SECURITY Comprehensive law and policies Effective monitoring tools Awareness
More informationSecurity and resilience in Information Society: the European approach
Security and resilience in Information Society: the European approach Andrea Servida Deputy Head of Unit European Commission DG INFSO-A3 Andrea.servida@ec.europa.eu What s s ahead: mobile ubiquitous environments
More informationIsrael and ICS Cyber Security
Israel and ICS Cyber Security Dr. Tal Steinherz Chief Technology Office Israel (INCB) 1 October 2015 The INCB The Israeli leads efforts and advises the government on: Cyber Ecosystem Establishing techno-scientific
More informationCyber Security Technologies
1 / Cyber Security Technologies International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center Lisbon, 12 th September 2013 23 / Key highlights - Thales Group Thales
More informationNational Cybersecurity preparation to deal with Cyber Attacks
National Cybersecurity preparation to deal with Cyber Attacks Dr. Chaichana Mitrpant Assistant Executive Director, Electronic Transactions Development Agency (ETDA) 1 Over all Internet usage in Thailand
More informationCOUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)
COUNCIL OF THE EUROPEAN UNION Brussels, 24 May 2013 Interinstitutional File: 2013/0027 (COD) 9745/13 TELECOM 125 DATAPROTECT 64 CYBER 10 MI 419 CODEC 1130 NOTE from: Presidency to: Delegations No. Cion
More informationCybersecurity, safety and resilience - Airline perspective
Arab Civil Aviation Commission - ACAC/ICAO MID GNSS Workshop Cybersecurity, safety and resilience - Airline perspective Rabat, November, 2017 Presented by Adlen LOUKIL, Ph.D CEO, Resys-consultants Advisory,
More informationDefending Our Digital Density.
New Jersey Cybersecurity & Communications Integration Cell Defending Our Digital Density. @NJCybersecurity www.cyber.nj.gov NJCCIC@cyber.nj.gov The New Jersey Cybersecurity & Communications Integration
More informationINDEPENDENT COMMUNICATIONS AUTHORITY OF SOUTH AFRICA(ICASA) CYBERSECURITY PRESENTATION AT SAIGF. 28 th November 2018
INDEPENDENT COMMUNICATIONS AUTHORITY OF SOUTH AFRICA(ICASA) CYBERSECURITY PRESENTATION AT SAIGF 28 th November 2018 AGENDA 1. State of Cybersecurity Globally 2. State of Cybersecurity in South Africa 2.1
More informationState Governments at Risk: State CIOs and Cybersecurity. CSG Cybersecurity and Privacy Policy Academy November 2, 2017
State Governments at Risk: State CIOs and Cybersecurity CSG Cybersecurity and Privacy Policy Academy November 2, 2017 About NASCIO National association representing state chief information officers and
More informationSecurity in India: Enabling a New Connected Era
White Paper Security in India: Enabling a New Connected Era India s economy is growing rapidly, and the country is expanding its network infrastructure to support digitization. India s leapfrogging mobile
More informationMANAGING SECURITY THREATS IN THE NEW CONNECTED WORLD THROUGH FORENSIC READINESS
MANAGING SECURITY THREATS IN THE NEW CONNECTED WORLD THROUGH FORENSIC READINESS Mohamad Firham Efendy Bin Md Senan Specialist, Digital Forensics Department CyberSecurity Malaysia firham@cybersecurity.my
More informationUnderstanding Cyber Insurance & Regulatory Drivers for Business Continuity
Understanding Cyber Insurance & Regulatory Drivers for Business Continuity Lily Yeoh, CISSP, CBCP lily@cb1security.com https://www.cb1security.com Agenda BC/DR Business Drivers Recent Regulatory & Cyber
More informationCyber Security in Europe
Cyber Security in Europe ENISA supporting the National Cyber Security Strategies An evaluation framework Liveri Dimitra Security and Resilience of Communication Networks Officer www.enisa.europa.eu Securing
More informationG7 Bar Associations and Councils
COUNTRY PAPER UNITED STATES G7 Bar Associations and Councils SEPTEMBER 14, 2017 ROME, ITALY The American Bar Association P R E F A C E As we have witnessed, cyber terrorism is an extremely serious threat
More informationEU policy on Network and Information Security & Critical Information Infrastructures Protection
EU policy on Network and Information Security & Critical Information Infrastructures Protection Köln, 10 March 2011 Valérie ANDRIANAVALY European Commission Directorate General Information Society and
More informationCritical Infrastructure Analysis and Protection - A Case for Secure Information Exchange. August 16, 2016
Critical Infrastructure Analysis and Protection - A Case for Secure Information Exchange Dennis Denham Ssempereza - CISA, CISM, CRISC August 16, 2016 About me! Involved in Risk Management and Security
More informationTHE POWER OF TECH-SAVVY BOARDS:
THE POWER OF TECH-SAVVY BOARDS: LEADERSHIP S ROLE IN CULTIVATING CYBERSECURITY TALENT SHANNON DONAHUE DIRECTOR, INFORMATION SECURITY PRACTICES 1 IT S A RISK-BASED WORLD: THE 10 MOST CRITICAL UNCERTAINTIES
More informationCybersecurity for ALL
Cybersecurity for ALL An Overview of ITU s Cybersecurity Activities OAS Hemispheric Workshop on the Development of a National Framework for Cyber Security 16 in Rio de Janeiro, Brazil Souheil Marine Head,
More informationCyber Security Roadmap
Cyber Security Roadmap The Hague, 25 May 2011 Security: Developing a Secure Cyberspace Protecting the 5 th Domain As with land, sea, air and space, a safe Cyberspace is crucial for our societies. Different
More informationToday s cyber threat landscape is evolving at a rate that is extremely aggressive,
Preparing for a Bad Day The importance of public-private partnerships in keeping our institutions safe and secure Thomas J. Harrington Today s cyber threat landscape is evolving at a rate that is extremely
More informationISACA West Florida Chapter - Cybersecurity Event
ISACA West Florida Chapter - Cybersecurity Event Presented by Sri Sridharan Managing Director & Chief Operating Officer Florida Center for Cybersecurity CURRENT TRENDS Top Cybersecurity Trends of 2015
More informationCyber fraud and its impact on the NHS: How organisations can manage the risk
Cyber fraud and its impact on the NHS: How organisations can manage the risk Chair: Ann Utley, Preparation Programme Manager, NHS Providers Arno Franken, Cyber Specialist, RSM Sheila Pancholi, Partner,
More informationPreempting Cyber Fraud: SWIFT Threat Indicator Sharing Tool. Cyber Security 3.0 Better Together August 18, 2017
Preempting Cyber Fraud: SWIFT Threat Indicator Sharing Tool Cyber Security 3.0 Better Together August 18, 2017 Research Overview Problem Statement Research Goals & Methodology Defining Insider Cashout
More informationDIGITAL TRUST Making digital work by making digital secure
Making digital work by making digital secure MARKET DRIVERS AND CHALLENGES THE ROLE OF IT SECURITY IN THE DIGITAL AGE 2 In today s digital age we see the impact of poor security controls everywhere. Bots
More informationSafeguarding company from cyber-crimes and other technology scams ASSOCHAM
www.pwc.com Safeguarding company from cyber-crimes and other technology scams ASSOCHAM Rahul Aggarwal - Director The new digital business ecosystem is complex and highly interconnected The new business
More informationBringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016
Bringing cyber to the Board of Directors & C-level and keeping it there Dirk Lybaert, Proximus September 9 th 2016 Dirk Lybaert Chief Group Corporate Affairs We constantly keep people connected to the
More informationThe European Policy on Critical Information Infrastructure Protection (CIIP) Andrea SERVIDA European Commission DG INFSO.A3
The European Policy on Critical Information Infrastructure Protection (CIIP) Andrea SERVIDA European Commission DG INFSO.A3 Andrea.Servida@ec.europa.eu What is at stake with CIIs The World Economic Forum
More informationPROTECTING ARIZONA AGAINST CYBER THREATS THE ARIZONA CYBERSECURITY TEAM
PROTECTING ARIZONA AGAINST CYBER THREATS THE ARIZONA CYBERSECURITY TEAM THE THREAT WE FACE On average, the Department of Administration information officers identify: 200 brute force attempts per day;
More informationBrussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER
COUNCIL OF THE EUROPEAN UNION Brussels, 19 May 2011 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66 NOTE From : COREPER To: COUNCIL No Cion. prop.: 8548/11 TELECOM 40 DATAPROTECT 27 JAI 213 PROCIV38
More informationSecurity by Default: Enabling Transformation Through Cyber Resilience
Security by Default: Enabling Transformation Through Cyber Resilience FIVE Steps TO Better Security Hygiene Solution Guide Introduction Government is undergoing a transformation. The global economic condition,
More informationThe State of Cybersecurity and Digital Trust 2016
The State of Cybersecurity and Digital Trust 2016 Identifying Cybersecurity Gaps to Rethink State of the Art Executive Summary Executive Summary While the advent of digital technology has fueled new business
More informationRun the business. Not the risks.
Run the business. Not the risks. RISK-RESILIENCE FOR THE DIGITAL BUSINESS Cyber-attacks are a known risk to business. Today, with enterprises becoming pervasively digital, these risks have grown multifold.
More informationCONE 2019 Project Proposal on Cybersecurity
CONE 2019 Project Proposal on Cybersecurity Project title: Comprehensive Cybersecurity Platform for Bangladesh and its Corporate Environments Sector or area: Cybersecurity for IT, Communications, Transportation,
More informationCyber Security: Threat and Prevention
Expand Your Horizons Webinar Series Cyber Security: Threat and Prevention February 24, 2015 1:00 1:45pm The Webinar will begin shortly. You can ask a question in the box on the right hand side. We will
More informationGLobal Action on CYbercrime (GLACY) Assessing the Threat of Cybercrime in Mauritius
GLobal Action on CYbercrime (GLACY) Assessing the Threat of Cybercrime in Mauritius Presented By Mrs K.Gunesh-Balaghee,, Assistant Solicitor General Mr M.Armmogum,, Ag Senior State Counsel Mrs B.Kissoon-Luckputtya,
More informationGEORGIA CYBERSECURITY WORKFORCE ACADEMY. NASCIO 2018 State IT Recognition Awards
GEORGIA CYBERSECURITY WORKFORCE ACADEMY NASCIO 2018 State IT Recognition Awards Title: Georgia Cybersecurity Workforce Academy Category: Cybersecurity State: Georgia Contact: Stanton Gatewood Stan.Gatewood@gta.ga.gov
More information2 nd ARF Seminar on Cyber Terrorism PAKISTAN S PERSPECTIVE AND EXPERIENCE WITH REFERENCE TO CERT IN COMBATING CYBER TERRORISM
2 nd ARF Seminar on Cyber Terrorism PAKISTAN S PERSPECTIVE AND EXPERIENCE WITH REFERENCE TO CERT IN COMBATING CYBER TERRORISM Recap of 1 st ARF Jeju (South Korea) Cyber Terrorism recently been brought
More informationCyber Security in Smart Commercial Buildings 2017 to 2021
Smart Buildings Cyber Security in Smart Commercial Buildings 2017 to 2021 Published: Q2 2017 Cyber Security in Smart Buildings Synopsis 2017 This report will help all stakeholders and investors in the
More informationCybersecurity and Hospitals: A Board Perspective
Cybersecurity and Hospitals: A Board Perspective Cybersecurity is an important issue for both the public and private sector. At a time when so many of our activities depend on information systems and technology,
More informationIntegrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise
February 11 14, 2018 Gaylord Opryland Resort and Convention Center, Nashville #DRI2018 Integrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise Tejas Katwala CEO
More informationStanding Together for Financial Industry Resilience Quantum Dawn IV after-action report June 2018
Standing Together for Financial Industry Resilience Quantum Dawn IV after-action report June 2018 Contents Background 3 Exercise objectives 4 Day 1 Cyber-range exercise 5 Day 2 Cyberattack scenario 6-7
More informationEmerging Issues: Cybersecurity. Directors College 2015
Emerging Issues: Cybersecurity Directors College 2015 Agenda/Objectives Define Cybersecurity Cyber Fraud Trends/Incidents FFIEC Cybersecurity awareness initiatives Community Bank expectations FFIEC Cybersecurity
More informationRESOLUTION 130 (REV. BUSAN, 2014)
RESOLUTION 130 (REV. BUSAN, 2014) Strengthening the role of ITU in building confidence and security in the use of information and communication technologies The Plenipotentiary Conference of the International
More informationSecurity in Today s Insecure World for SecureTokyo
Security in Today s Insecure World for SecureTokyo David Shearer (ISC) 2 Chief Executive Officer dshearer@isc2.org www.isc2.org I m Influenced by a Mission Driven Background U.S. Maritime Transportation
More informationITU-ACMA Asia Pacific Regulators Roundtable July 2014
ITU-ACMA Asia Pacific Regulators Roundtable 2014 21-22 July 2014 Session 2: Evolution of the Regulator Addressing International Concerns Content Page Cyber Security Cross-border Data Flow Interoperability
More informationImplementation Strategy for Cybersecurity Workshop ITU 2016
Implementation Strategy for Cybersecurity Workshop ITU 2016 Council for Scientific and Industrial Research Joey Jansen van Vuuren Intricacies and interdependencies cyber policies must address potential
More informationNational Cyber Security Strategy - Qatar. Michael Lewis, Deputy Director
National Cyber Security Strategy - Qatar Michael Lewis, Deputy Director 2 Coordinating a National Approach to Cybersecurity ITU Pillars of Cybersecurity as a Reference Point providing the collected best
More informationCybersecurity for Health Care Providers
Cybersecurity for Health Care Providers Montgomery County Medical Society Provider Meeting February 28, 2017 T h e MARYLAND HEALTH CARE COMMISSION Overview Cybersecurity defined Cyber-Threats Today Impact
More informationGreg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security
1 Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security 2 Government Services 3 Business Education Social CYBERSPACE
More informationCybersecurity in Higher Ed
Cybersecurity in Higher Ed 1 Overview Universities are a treasure trove of information. With cyber threats constantly changing, there is a need to be vigilant in protecting information related to students,
More informationSecuring Digital Transformation
September 4, 2017 Securing Digital Transformation DXC Security Andreas Wuchner, CTO Security Innovation Risk surface is evolving and increasingly complex The adversary is highly innovative and sophisticated
More informationChallenges in Developing National Cyber Security Policy Frameworks
Challenges in Developing National Cyber Security Policy Frameworks Regional Workshop on Frameworks for Cybersecurity and Critical Information Infrastructure Protection William McCrum Deputy Director General
More informationCybersecurity and the Board of Directors
Cybersecurity and the Board of Directors Key Findings from BITS/FSR Meetings OVERVIEW Board directors are increasingly required to engage in cybersecurity risk management yet some may need better education
More informationCYBER SECURITY TAILORED FOR BUSINESS SUCCESS
CYBER SECURITY TAILORED FOR BUSINESS SUCCESS KNOW THE ASIAN CYBER SECURITY LANDSCAPE As your organisation adopts digital transformation initiatives to accelerate your business ahead, understand the cyber
More informationDoug Couto Texas A&M Transportation Technology Conference 2017 College Station, Texas May 4, 2017
Cyber Concerns of Local Government and What Does It Mean to Transportation Doug Couto Texas A&M Transportation Technology Conference 2017 College Station, Texas May 4, 2017 Transportation and Infrastructure
More informationNetherlands Cyber Security Strategy. Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice
Netherlands Cyber Security Strategy Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice 1 Netherlands: small country, big time vulnerable #1 80% online banking 95% youth uses
More informationcybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)
ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update) June 2017 INSERT YEAR HERE Contact Information: Jeremy Dalpiaz AVP, Cyber and Data Security Policy Jeremy.Dalpiaz@icba.org ICBA Summary
More informationSECURING THE UK S DIGITAL PROSPERITY. Enabling the joint delivery of the National Cyber Security Strategy's objectives
SECURING THE UK S DIGITAL PROSPERITY Enabling the joint delivery of the National Cyber Security Strategy's objectives 02 November 2016 2 SECURING THE UK S DIGITAL PROSPERITY SECURING THE UK S DIGITAL PROSPERITY
More informationBalancing Compliance and Operational Security Demands. Nov 2015 Steve Winterfeld
Balancing Compliance and Operational Security Demands Nov 2015 Steve Winterfeld What is more important? Compliance with laws / regulations Following industry best practices Developing a operational practice
More informationThe commission communication "towards a general policy on the fight against cyber crime"
MEMO/07/199 Brussels, 22 May 2007 The commission communication "towards a general policy on the fight against cyber crime" The use of the term cyber crime in this communication There is no agreed definition
More informationResolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]
United Nations A/RES/64/211 General Assembly Distr.: General 17 March 2010 Sixty-fourth session Agenda item 55 (c) Resolution adopted by the General Assembly on 21 December 2009 [on the report of the Second
More informationPONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY
PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY Benchmark research sponsored by Raytheon. Independently conducted by Ponemon Institute LLC. February 2018 2018 Study on
More informationAngela McKay Director, Government Security Policy and Strategy Microsoft
Angela McKay Director, Government Security Policy and Strategy Microsoft Demographic Trends: Internet Users in 2005.ru.ca.is.uk.nl.be.no.de.pl.ua.us.fr.es.ch.it.eg.il.sa.jo.tr.qa.ae.kz.cn.tw.kr.jp.mx.co.br.pk.th.ph.ng.in.sg.my.ar.id.au
More informationSecuring the Internet of Things (IoT) at the U.S. Department of Veterans Affairs
Securing the Internet of Things (IoT) at the U.S. Department of Veterans Affairs Dominic Cussatt Acting Deputy Assistant Secretary / Chief Information Security Officer (CISO) February 20, 2017 The Cyber
More informationSTRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government
ATIONAL STRATEGY National Strategy for Critical Infrastructure Government Her Majesty the Queen in Right of Canada, 2009 Cat. No.: PS4-65/2009E-PDF ISBN: 978-1-100-11248-0 Printed in Canada Table of contents
More information2016 Nationwide Cyber Security Review: Summary Report. Nationwide Cyber Security Review: Summary Report
Nationwide Cyber Security Review: Summary Report Nationwide Cyber Security Review: Summary Report ii Nationwide Cyber Security Review: Summary Report Acknowledgments The Multi-State Information Sharing
More informationSYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security
SYMANTEC: SECURITY ADVISORY SERVICES Symantec Security Advisory Services The World Leader in Information Security Knowledge, as the saying goes, is power. At Symantec we couldn t agree more. And when it
More informationGUIDANCE NOTE ON CYBERSECURITY
GUIDANCE NOTE ON CYBERSECURITY AUGUST 2017 GUIDANCE NOTE ON CYBERSECURITY PART I Preliminary 1.1 Title 1.2 Authorization 1.3 Application 1.4 Definitions PART II Statement of Policy 2.1 Purpose 2.2 Scope
More information