Presented by: Mike Gerdes Director, Information Security Center of Expertise Cybersecurity State of the Union.

Slides:



Advertisements
Similar presentations
David A. Brown Chief Information Security Officer State of Ohio
Advertisements

Today’s Strategic Imperative: E-Business Jeremy Malley BSAD – 145 Ch February 2002.
External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.
SWAMI Threats, vulnerabilities & safeguards in a World of Ambient Intelligence David Wright Trilateral Research & Consulting 21 March 2006.
Marine Industry Day 2015 Sector Command Center (24 hours): (504) National Response Center: Website:
90% of EU exports consist of product and services of IPR-intensive industries. Among 269 senior risk managers, 53% said IP loss or theft had inflicted.
GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.
The State of Computer & Data Security in Corporations Independent Survey.
Information Security: It’s Everyone’s Business September 16, 2003 Greg Garcia, Vice President, Information Security ITAA.
TOP 10 TECHNOLOGY INITIATIVES © Robert G. Parker S-1 Issues Loss or theft of mobile devices Lack of MDM (mobile device management) software Cloud.
Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.
Strong Security for Your Weak Link: Implementing People-Centric Security Jennifer Cheng, Director of Product Marketing.
Legal Jeopardy: Whose Risk Is It?. SPEAKERS Jason Straight Chief Privacy Officer and Senior Vice President Cyber Risk Solutions at UnitedLex Patrick Manzo.
CYBERSECURITY: RISK AND LIABILITY March 2, 2016 Joshua A. Mooney Co-chair-Cyber Law and Data Protection White and Williams LLP (215)
Protection of Transportation Infrastructure from Cyber Attacks EXECUTIVE BRIEFING.
WHEN, NOT IF THE CYBER SECURITY CHALLENGES AMONG LOCAL GOVERNMENT UMBC Public Policy Forum Baltimore Maryland April 15, 2016 Gayle B. Guilford CISO Baltimore.
Cyber Security – Client View Peter Gibbons | Head of Cyber Security, Group Business Services Suppliers’ Summer Conference 15/07/2015.
Tuesday March 15, 2016 Session 19-D Technology Forum David Finkelstein, CIO RiverSpring Health.
Cyber Insurance Risk Transfer Alternatives Heather Soronen - Operations Director Rocky Mountain Insurance Information Association.
Threats & Challenges in the Digital World EY 2015 Global Information Security Survey.
Disruptive Security Trends for 2016
Cyber Insurance Risk Transfer Alternatives
Cybersecurity as a Business Differentiator
Law Firm Data Security: What In-house Counsel Need to Know
Increasing Information and Data Security in Today’s Cybersecurity World 2017 Conference Review 6/6/2017.
Earth’s Mightiest Heroes: Combating the Evils Lurking in Cyberspace
Horizon 2020 Secure Societies European Info Day and Brokerage Event
The time to address enterprise mobility is now
Information Security Program
Cybersecurity - What’s Next? June 2017
Healthcare Cybersecurity: State of Industry
Team 1 – Incident Response
Team 2 – understand vulnerabilities
Public Facilities and Cyber Security
Business At the Speed of Cyber
Cyber Security: State of the Nation
Board Concerns About Cyber Security
F5 PRO ASSETS We’ve created these Pro Assets to help you communicate to your team the importance of app security and performance. Feel free to remove.
Joe, Larry, Josh, Susan, Mary, & Ken
Cyber defense management
Information Security: Risk Management or Business Enablement?
CYBER SECURITY MARKET Global Cyber Security Market, Size, Share, Market Intelligence, Company Profiles, Market Trends, Strategy, Analysis, Forecast
I have many checklists: how do I get started with cyber security?
The Fallacy of the “Secure Perimeter” Strategy
Company Overview & Strategy
Data Privacy and Breaches
Cyber Security in the Mortgage Industry
How to build a defense-in-depth
Advanced Services Cyber Security 101 © ABB February, | Slide 1.
Strong Security for Your Weak Link:
cyberopsalliance.com |
Curating an Effective Security Culture
We want to hear from you! chime16.org/evals
National Cyber Security
CRITICAL INFRASTRUCTURE CYBERSECURITY
Ransomware and Data breaches in public libraries
Protecting Your Company’s Most Valuable Asset
The State of Cybersecurity in State Government NAST March 26, 2019
Strategic threat assessment
Managing IT Risk in a digital Transformation AGE
Tom Murphy Chief Information Security Officer
Who am I?. Information Security and You: Identity Theft and Credit Card Encryption.
Anthem Data Breach Group 2: Jing Jiang, Dongjie Wang, Haitao Huang, Binju Gaire, Parneet Toor.
MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further
Texas Assisted Living Association 2019 Conference
Modernizing Risk Management to Support Evolution of IT
SECURITY IN THE DIGITAL AGE
Anatomy of a Common Cyber Attack
Protecting Knowledge Assets – Case & Method for New CISO Portfolio
Presentation transcript:

Presented by: Mike Gerdes Director, Information Security Center of Expertise Cybersecurity State of the Union

What are Media Saying? 80 Million Potentially Impacted By Anthem Security Breach February 5, 2015

Million records (so far) in 2015 Targets include all industries and geographies Healthcare shows a recent spike in breach activity Social engineering has replaced brute force hacking Victims include industry leaders with huge budgets What are Tracking Sites Saying?

What are Others Saying? ISACA/RSA Study Non-malicious insiders are #2 threat actors behind hackers Phishing, malware, hacking and social engineering are top attack types Loss of mobile devices is next most common “attack type” (44%) Over 82% provide mobile devices and 91% report loss of mobile devices Almost 80% report Board is concerned with security, but only 40% practice good security Source: of-Cybersecurity_Res_Eng_0415.pdf

What are Others Saying? (continued) PwC Global State Survey 91% or organizations have adopted risk-based security frameworks 91% use some form of advanced authentication Top issues are malware, provisioning, PII protection and end-user vulnerabilities Only half have a CISO and less than half have Board participation in security strategy Sources of compromise are current/former employees, followed by service providers Source: security/information-security-survey/download.html

What are Others Saying? (continued) Ponemon Global Megatrends Only 60% reported their cyber security would improve in the next 3 years 66% report senior leaders do not view cyber security as a strategic priority today 78% report their security leader does not brief the Board on cyber security strategy Only 14% of security leaders report to CEO 45% say a key issue is they will be unable to hire/retain experts Source:

What are Others Saying? (continued) Raytheon BoD Briefing Paper Key Tenets of Cyber Security Oversight Security is a risk management issue, not a technological one. Provide meaning behind the metrics – make cybersecurity real to the board. Board members must understand the legal aspects of cybersecurity regulations. Board members must identify acceptable cyber risk levels in business operations. Board of Directors must adopt a well- defined cyber risk management framework Source:

What are Others Saying? (continued) Target “Kill Chain” Analysis Target did not appear to follow broadly accepted information security practices. Target appears to have failed to respond to multiple automated warnings Target failed to properly isolate its most sensitive network assets. Attackers were able to update their malware multiple times prior to the actual event Report did not clearly identify inadequate management involvement as root cause Source: a3a67f183883/23E30AA955B5C00FE57CFD C target-kill-chain-analysis.pdf

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.