Presentation is loading. Please wait.

Presentation is loading. Please wait.

Class 8 The State of Cybercrime Today- Threads & Solutions.

Published byKerry Jefferson Modified over 8 years ago

Similar presentations

Presentation on theme: "Class 8 The State of Cybercrime Today- Threads & Solutions."— Presentation transcript:

1 Class 8 The State of Cybercrime Today- Threads & Solutions

2 Webinars on State of Cybercrime Today The top trends in Cybercrime today & how they are manifesting themselves in different market sectors Where cybercrime is coming from The business impact of cybercrime and the primary concerns Why these criminals are so successful What is wrong with various aspects of security today (people, process, technology, etc.) Effective solutions to combat cybercrime

3 Cybercrime continues to grow in scope and scale, with losses to consumers and businesses across numerous sectors in many countries. Speakers: Brent Conran, CISA, CISM, CCSE, CISSP, CSO, McAfee Lisa O’Connor, Senior Executive, Accenture Security Practice Eddie Schwartz, CISA, CISM, PMP, CISSP, ISSEP, VP and CISO, RSA http://www.isaca.org/Education/Online-Learning/Pages/Webcast-The-State-of- Cybercrime-Today-Threats-and-Solutions.aspx

4 Discussion Q & A New cyber security trend in mobility. How does mobility affect cyber security? What is the projected # of malware application on android & IOS models? What is Hacktivism? What is Ransomware- Account takeover of high value accounts (blitzkrieg, Citadel ) – Criminals are leveraging big data to increase effectiveness of attacks & sophistication of analytics in data minding Why does Cybercrime pays today? – There is no justice system in place today to prosecute. No threat to prosecution What is weaponization? – Stuknet, Saudi Arabia Ramco (80% sys down). What industry are more of a target? – Critical infrastructure, intellectual property, banking, healthcare, manufacturing, etc. What is the business impact? – Risk to brand, reputation, intellectual property loss, nationalize infrastructure due to cyber security issue The questions is not WHO but WHEN will you going to be attack

5 What are the biggest obstacles to security? – Privacy and education, need M2M communication as appose to P2P communication. P2P is too slow to react to crime. Enterprise do security & not enough compliance How do Security folks get Executive’s attention to give resources to prevent Cyber crime? – Communication skills, put a valuation on program effectiveness, have a plan ready to get the $, deconstruct bits/bite to understandable business language, use of visualizations to show the impact (tableau tool) Should Security be outside of IT? No! What are some of the technology failures today? Why are the criminals winning? – Over focus on compliance vs security – Security on-clays- identify intellectual property moving it deeper in the infrastructure (defense-in-depth) – You Can’t security everything. There needs to be degrees of risks & security applied to inventoried assets ( classifications) – Current environment don’t have an identity broker across the internet-De- facto way to authenticate across the network. – Security basics are not prevalent everywhere

6 What are End user concerns such as spear fishing attracts? – End user don’t care or may care but there is Persistent Advance Threats (PAT)to try to put bad stuff on the devices to then taking info off the devices. – Adaptive authentication ( where U coming from, bio metric) “People are the new perimeter” – Training users to be more sensitive to security. Feedback to end-users real-time – (context sensitive training) – Use tools to check-in your device for the right security posture What is the Holy Grail of Security? – Internal Controls Who has this responsibility – Everybody is responsible. Business leaders needs to partner with Security to make it work-collaborative approach – Integrate security control into the key business process. – Seek help from the expert on security when you are a small firm

7 What can you do to be secure? – Training – Get the experts to help set the right security posture – Have a strategy for mobility & cloud – Subnet the architecture (defense-in-depth) – Data classifications (protect high-value assets) What is the approach for the Cloud? – Define the type of cloud you use (IAS, ASS, etc.) – Have an internal cloud. Migration of virtualization to internal cloud to hybrid cloud. Sm org. will go all cloud – Have an EXIT strategy for when you need to bring intellectual property back in-house – Understand the services you are getting- have an SLA. – Carefully select what you want to put on cloud – Understand risks and what is covered & not in the cloud

8

9

10

11

12

13

14

15

16

17

18

19

Download ppt "Class 8 The State of Cybercrime Today- Threads & Solutions."

Similar presentations

UNCLASSIFIED Cybercrime: The Australian Experience Australian Cybercrime Online Reporting Network (ACORN) Conference Assistant Commissioner Tim Morris.

UNCLASSIFIED Cybercrime: The Australian Experience Australian Cybercrime Online Reporting Network (ACORN) Conference Assistant Commissioner Tim Morris.
A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information Security) Certified COBIT 5 Assessor /Certified.

A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information Security) Certified COBIT 5 Assessor /Certified.
Planning and Managing Information Security Randall Sutton, President Elytra Enterprises Inc. April 4, 2006.

Planning and Managing Information Security Randall Sutton, President Elytra Enterprises Inc. April 4, 2006.
Rethinking Security to Enable Business LJ Johnson Nike’s Global Information Security Officer August 16, 2005.

Rethinking Security to Enable Business LJ Johnson Nike’s Global Information Security Officer August 16, 2005.
© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Rapid Mobile Development Enterprises are having a tough time keeping up with the demand for mobile apps. With these growing demands, businesses are expecting.

Rapid Mobile Development Enterprises are having a tough time keeping up with the demand for mobile apps. With these growing demands, businesses are expecting.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.

Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.
Telenet for Business Mobile & Security? Brice Mees Security Services Operations Manager.

Telenet for Business Mobile & Security? Brice Mees Security Services Operations Manager.
Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:

Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:
Lessons Learned in Smart Grid Cyber Security

Lessons Learned in Smart Grid Cyber Security
Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.

Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.
1. 2 IT innovations in specialized areas where competitors will have difficulty copying Excellence in design of processes and activities and how they.

1. 2 IT innovations in specialized areas where competitors will have difficulty copying Excellence in design of processes and activities and how they.
Multi-faceted Cyber Security Research Group edited strategy.

Multi-faceted Cyber Security Research Group edited strategy.
FIVE STEPS TO REDUCE THE RISK OF CYBERCRIME TO YOUR BUSINESS.

FIVE STEPS TO REDUCE THE RISK OF CYBERCRIME TO YOUR BUSINESS.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Cyber Security: Now and.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Cyber Security: Now and.
Robbie Upcroft Sales Manager - SMB & Distribution, Asia-Pacific

Robbie Upcroft Sales Manager - SMB & Distribution, Asia-Pacific
EEye Digital Security  1.866.339.3732   On the Frontline of the Threat Landscape: Simple configuration goes a long way.

EEye Digital Security    On the Frontline of the Threat Landscape: Simple configuration goes a long way.
1 The New Security Blueprint : Challenges & Opportunities Ajay Goel, Managing Director, Symantec India & SAARC Sept 1, 2011.

1 The New Security Blueprint : Challenges & Opportunities Ajay Goel, Managing Director, Symantec India & SAARC Sept 1, 2011.
Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.

Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.

Similar presentations

Ads by Google