Information Technology Sector

Slides:

Advertisements

Similar presentations

Critical Infrastructure Protection Policy Priorities Sara Pinheiro European Commission DG Home Affairs.

Advertisements

Classification The Threat Environment Joyce Corell, NCSC Assistant Director for Supply Chain National Defense Industrial Association Global Supply Chain.

Cyber and Maritime Infrastructure

TRANSPORTATION AND CARGO SECURITY Presented by : Aysar Naserallah.

Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce

PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.

Stephen S. Yau CSE , Fall Security Strategies.

Physical and Cyber Attacks1. 2 Inspirational Quote Country in which there are precipitous cliffs with torrents running between, deep natural hollows,

3rd Party Risk Categorization Process

Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Social Media Jeevan Kaur, Michael Mai, Jing Jiang.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Cyber Security: Now and.

Isdefe ISXXXX XX Your best ally Panel: Future scenarios for European critical infrastructures protection Carlos Martí Sempere. Essen.

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT

Association of Defense Communities June 23, 2015

Australia Cybercrime Capacity Building Conference April 2010 Brunei Darussalam Ms Marcella Hawkes Director, Cyber Security Policy Australian Government.

Secure Connections for a Smarter World Dr. Shuyuan Mary Ho Assistant Professor School of Information Florida State University.

NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion.

1 Smart Grid Cyber Security Annabelle Lee Senior Cyber Security Strategist Computer Security Division National Institute of Standards and Technology June.

Jerry Cochran Principal Security Strategist Trustworthy Computing Group Microsoft Corporation.

Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

5/18/2006 Department of Technology Services Security Architecture.

Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

IS3220 Information Technology Infrastructure Security

OFFICE OF VA ENTERPRISE ARCHITECTURE VA EA Cybersecurity Content Line of Sight Report April 29, 2016.

Cyber Security and how to safeguard data in the ‘Cloud’ Claire Jacques 21 April 2016.

Digital Security Focus Area & Critical Infrastructure Protection in H2020 SC7 WP Aristotelis Tzafalias Trust and Security Unit DG Communications.

Cyber Insurance Risk Transfer Alternatives Heather Soronen - Operations Director Rocky Mountain Insurance Information Association.

Risks and Hazards to Consider Unit 3. Visual 3.1 Unit 3 Overview This unit describes:  The importance of identifying and analyzing possible hazards that.

Cyber Liability Insurance for an unsecure world

Cyber Insurance Risk Transfer Alternatives

A policy framework for an open and trusted Internet

Cyber Security – An Existential Threat? (IIC, Singapore)

Information Security Program

Information Security – Current Challenges

Cybersecurity - What’s Next? June 2017

Team 1 – Incident Response

4th SG13 Regional Workshop for Africa on “Future Networks for a better Africa: IMT-2020, Trust, Cloud Computing and Big Data” (Accra, Ghana, March.

and Security Management: ISO 28000

5 OCTOBER 2015 MANILA, PHILIPPINES

California Cybersecurity Integration Center (Cal-CSIC)

Cybersecurity Policies & Procedures ICA

Maturity by Type of Interoperability

Critical Infrastructure Protection Policy Priorities

Cyber Attacks on Businesses 43% of cyber attacks target small business Only 14% of small business rate their ability to mitigate cyber risk highly.

Instantiation of the Concept in GAMMA Prototypes

8 Building Blocks of National Cyber Strategies

Andy Hall – Cyber & Tech INSURANCE Specialist

Cybersecurity compliance for attorneys

INFORMATION SYSTEMS SECURITY and CONTROL

Cyber security Policy development and implementation

Cybersecurity Issues Impacting Public Sector Financial Management OASIS e-Gov Washington Workshop, April John Sabo Director.

The State of Cybersecurity in State Government NAST March 26, 2019

The Impact of Digitization on Global Alignment of Product Safety Regulations ICPHSO International Symposium November 12, 2018.

Cybersecurity Threat Assessment

National Information Assurance (NIA) Policy

Web Information Systems Engineering (WISE)

Managing IT Risk in a digital Transformation AGE

Cyber Security in a Risk Management Framework

IT Management Services Infrastructure Services

In the attack index…what number is your Company?

THE USA’S NEW POLICY DIRECTIVE ON NATIONAL PREPAREDNESS

Cloud Computing for Wireless Networks

Presentation transcript:

Information Technology Sector Risks and Future Resiliency Deborah Frost, IMT 556, Winter 2015, University of Washington iSchool

Information Technology Sector Functions Provide: IT products and services Domain name resolution services Identity management and associated trust support services Internet-based content, information, and communication services Incident management capabilities Routing, access, and connection services

Mitigation Activities Operational Risks and Mitigation Activities IT Products & Services Production or distribution of untrustworthy critical product through a manmade deliberate attack on a supply chain vulnerability Supply chain resilience and process controls Supply chain security and integrity DNS Breakdown of single interoperable Internet through manmade attack and failure of governance Operations diversity and redundancy Operations quality assurance and continuous monitoring Content, info, communication Manmade unintentional incident causes significant loss of e-commerce capabilities Policy and access controls Security training for users and small businesses Enhance rerouting capabilities of the Communications and IT Sectors

Mitigation Activities Operational Risks and Mitigation Activities Routing, access, connection services Partial or complete loss of routing capabilities through a manmade deliberate attack on the Internet routing infrastructure Enhanced routers Ability to mitigate disruptions to Internet access Physical security of Network Access Points and Internet Exchange Points Improved incident response Incident management Impact to detection capabilities because of a lack of data availability resulting from a natural threat National-level incident response and coordination capabilities Distributed infrastructure and workforce Information sharing enhancements creating common situational awareness

Private Sector Risks Similar Single source for parts and materials/Third-party reliance to make product whole Natural disasters impact on key company locations System security and cyber attacks Reliability of infrastructure to support product and services Privacy and security of customer’s information Errors or defects within own product Data breaches Unique Speed of technology changes and interoperability Intellectual property rights protection and infringement claims Attract and retain key personnel Volume of demand for services Systems and process changes related to acquisitions

Future Resiliency Focus on employees, STEM education Clarify regulation and oversight responsibilities Complete identity management risk assessment Continue multi-stakeholder, diverse and transparent collaborations in developing future governance roles