The Rise of the CSO Welcome David Profozich Senior Vice President North America Sales Oracle October 27, 2015
WELCOME THE 5 CSO TH SUMMIT @ OPEN WORLD 3
We re in the Age of Mega Breaches 200M Experian Mar 14 150M + Code Adobe Oct 13 53M Sony Dec 14 56M Home Depot Sep 14 98M Target Dec 13 150M ebay May 14 76M JPMC Oct 14 80M Anthem Feb 15 227M SA Banks OCT 13 20M Credit Bureau 12M Telecom Jan 14 22M Education July 14 Immigration June 14 Credit Cards Personal Records 4
Government Security Focus Increases in 2015 January President proposes national mandate to require 30 day data breach notification January State of the Union urges Congress for legislation to increase computer security June Cybersecurity sprint Federal CIO mandate to protect Federal info & assets October Cybersecurity awareness month; week 5 focus on education and awareness
Typical Attack Vectors SQL Injection Attack Stolen Credentials Brute Force Hacking Malware Social Attacks Command & Control
Global Cybercrime is a $288 Billion Problem Bigger than Stolen Phones, Cars, Credit Cards and the Cocaine Market Combined $56B STOLEN VEHICLE MARKET $85B COCAINE MARKET $30B STOLEN SMART PHONE $288 BILLION GLOBAL CYBERCRIME MARKET $114B STOLEN CREDIT CARD MARKET Source: Forrester, Interpol, Symantec
I often say that the CSO is the corporate rock-star of the future because exceptional ones possess a combination of skills that rarely appear in one person Brian Moynihan, CEO, Bank of America
Technical Curiosity is as Important as Aptitude 9
CSO: Chief Politician, Communicator, and Crisis Manager 10
11
Hacking and Malware Biggest Threats 900 800 700 600 500 400 300 200 100 1600% INCREASE HACKING MALWARE SOCIAL PHYSICAL 0-100 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 Hacking Malware Social Physical Misuse Error Source: 2014 Verizon DBIR
Oracle Can Reduce the Attack Surface Area by 80% 900 800 HACKING 700 600 500 400 300 200 100 80% 50% 19% 13% Privileged User Controls System Configuration Unprotected Databases MALWARE SOCIAL PHYSICAL 0-100 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 Hacking Malware Social Physical Misuse Error Source: 2014 Verizon DBIR
Oracle Can Help Mitigate TARGET 70M Records DEFAULT PASSWORD SOLUTION Regular password reset Strong password policy WEAK PASSWORDS SOLUTION Multi-factor authentication Automated config & patch ADOBE 152M Records ANTHEM 80M Records UNENCRYPTED DATA SOLUTION File system encryption Database encryption UNPATCHED SERVER SOLUTION Multi-factor authentication Automated config & patch JPMC 76M Records HOME DEPOT 56M Records STOLEN CREDENTIALS SOLUTION Multi-factor authentication Web-fraud detection Source: 2014 Verizon DBIR
Oracle Security From the Inside Out Identity Management Governance, Risk and Compliance Infrastructure Databases Applications Database Security Infrastructure Copyright 2015, Oracle and/or its affiliates. All rights reserved.
AGENDA 9:00 9:30 a.m. The Rise of the CSO Dave Profozich, SVP of North America Sales, Oracle 9:30 9:50 a.m. Securing Data in Retail Anantha Srirama, VP of New Technology, Macy s 9:50 10:05 a.m. Securing the Oracle Public Cloud Steve Daheb, SVP Business Groups, Oracle 10:05 10:20 a.m. Connecting the Dots with Identity Gautum Muralidharan, Dir Advisory Services, PwC 10:20 10:35 a.m. Innovations in Data Security Vipin Samar, VP of Database Security, Oracle 10:35 10:50 a.m. Break 16
AGENDA 10:50 11:05 a.m. Innovations in Identity Management Peter Barker, SVP Database Security, Oracle 11:05 11:25 a.m. Preparing for the Big Breach Andy Wells, VP TRO Access Management, Technology Operations, Kaiser Permanente 11:25 11:40 a.m. Securing the Big Data Lifecycle Niel Mendelson, VP, Advanced Analytics & Big Data, Oracle 11:40 12:00 p.m. Experts Panel - The Future of Security Mary Ann Davidson, CSO, Oracle Chris Gavin, VP of Information Security, Oracle Gautum Muralidharan, Dir Advisory Services, PwC 12:00 p.m. Conclusion Dave Profozich, SVP of North America Sales, Oracle