© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Cyber Security: Now and.

Slides:



Advertisements
Similar presentations
FIA Prague Preparation February 6, Scenario planning approach We cannot predict the future We cannot predict the future We do understand the drivers.
Advertisements

1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC
Top of Content Box Line Subtitle Line Title Line Right Margin Line Wearables: Panacea or Pandora’s Box – A Security Perspective Gary Davis | Chief Consumer.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Security Services Svetlana.
© 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Panel: Business Impact of Research.
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
Bluehat 2014 Looking back and driving forward Chris Betz Senior Director Microsoft Security Response Center.
Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
SEC835 Database and Web application security Information Security Architecture.
© 2011 IBM Corporation Smarter Software for a Smarter Planet The Capabilities of IBM Software Borislav Borissov SWG Manager, IBM.
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 1 Buying factors – HP.
Information Security Issues at Casinos and eGaming
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Unify and Simplify: Security Management
Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.
© Copyright 2011 Hewlett-Packard Development Company, L.P. 1 Sundara Nagarajan (“SN”) CLOUD SYSTEMS AUTOMATION.
Isdefe ISXXXX XX Your best ally Panel: Future scenarios for European critical infrastructures protection Carlos Martí Sempere. Essen.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
1 Smart Grid Cyber Security Annabelle Lee Senior Cyber Security Strategist Computer Security Division National Institute of Standards and Technology June.
The Changing World of Endpoint Protection
Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.
Marketing Information Technology in Emerging Markets: Hewlett-Packard in Latin America.
Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.
Enterprise Cybersecurity Strategy
Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.
CONFIDENTIAL1 ISO22301 Accreditation Finance and Technology Examples, Ken Clark April 2015.
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 1 Automate your way to.
FFIEC Cyber Security Assessment Tool
PRESENTATION TITLE Presented by: Xxxx Xxxxx. Providence Health & Services Very large Catholic healthcare system 33 hospitals in AK, CA, MT, OR, WA 65,000.
© 2012 IBM Corporation IBM Security Systems 1 © 2012 IBM Corporation Cloud Security: Who do you trust? Martin Borrett Director of the IBM Institute for.
A global nonprofit: Focusing on IP Protection and Anti-Corruption Sharing leading practices based on insights from global companies, academics, organizations.
The cost of Cybercrime 1 Steve Lamb Regional Marketing Manager – EMEA, Enterprise Security Products Twitter: actionlamb.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Company Overview & Strategy Lance McAndrew Product Line Sales Engineer.
IS3220 Information Technology Infrastructure Security
Regional Telecommunications Workshop on FMRANS 2015 Presentation.
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
1 Current Trends in Enterprise IT Network Security Key Takeaways Based on 100 Survey Responses © 2016 Lumeta Corporation.
Program Overview and 2015 Outlook Finance & Administration Committee Meeting February 10, 2015 Sheri Le, Manager of Cybersecurity RTD.
CLOSE THE SECURITY GAP WITH IT SOLUTIONS FROM COMPUTACENTER AND CISCO AUGUST 2014.
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. H2020 Secure ICT Case.
© 2013 TM Forum | 1 V Catalysts and Innovation Projects Rapid Technology Innovation Projects The Hub at Management World 2013.
Cyber Security Phillip Davies Head of Content, Cyber and Investigations.
Security and resilience for Smart Hospitals Key findings
Protect your Digital Enterprise
EAST AFRICAN DATA HANDLERS DATA SECURITY/MOBILITY
CYBERSECURITY INCIDENCE IN THE FINANCIAL SERVICES SECTOR March 28, 2017 Presented by Osato Omogiafo Head IT Audit.
Information Security Program
Information Security – Current Challenges
Cybersecurity - What’s Next? June 2017
Comprehensive Security and Compliance at an Affordable Price.
Team 1 – Incident Response
Information Technology Sector
Impact of IT Consumerisation on Enterprise Security
(1888 PressRelease) Staying Ahead of Today’s Rapidly Evolving Security Landscape
NYBA 2017 Technology, Compliance &
Network Access Control 101 Securing the Critical Edge of Your Network
Transforming IT Management
Company Overview & Strategy
Cyber attacks on Democratic processes
Securing the Threats of Tomorrow, Today.
Moving from “Bolt-on” to “Build-in” Security Controls
Cyber Risk & Cyber Insurance - Overview
IS Risk Management Framework Overview
National Information Assurance (NIA) Policy
Managing IT Risk in a digital Transformation AGE
Cyber Security in a Risk Management Framework
Presentation transcript:

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Cyber Security: Now and in the Future Dr Rhodri Davies / Feb 25, 2015

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 2 Current State HP research with Economist Intelligence unit – Only 33% of CEOs had a single view of information risk across their organization – Only 28% able to attribute monetary value to information assets HP & Ponemon – 70% of senior business leaders said exec level involvement needed in incident response process – Only 44% rater their breach response plan as mature and proactive. Need for Constant monitoring Effective response but shortage of experience and resource

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 3 Still too many one size fits all compliance exercises Compliance requirements and proofs in a cloud/leveraged service world need to be different from those for in-house/dedicated service Understand what data you give to service providers and how important it is. – Is data about your operations the same as information on your customers. – Compliance audit is the wrong stage to introduce data handling requirements

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Future: The digital dam has yet to burst.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 5 Online growth % online 2,270,000,000

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 6 77% online Online population growth = attack surface % online 2,270,000, % online 4,800,000, % = 1,000,000+ Potential new hackers 34% online 7.5% online

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Generation curious

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Generation now

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Digital natives

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 10 Future – Near Term Major mobile exploits Open source vulnerabilities Supply chain as a critical attack route Industry sector attacks and malware Privacy concerns drive legislation

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 11 Major Mobile Exploits Ubiquity of devices – Typically 3-5 devices per person – Wearable Merging of commercial and personal Concentration of data – NFC – Geolocation – health Cloud backed applications Unified development Thousands of applications Dynamic object code defeats analysis Recommendations Understand how users want to use devices Do the basics – Awareness – Authentication Enterprise identity and access gateways

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 12 Open Source Vulnerabilities Last 12 months: Shellshock and Heartbleed – Ghost Nothing magic about open source – Ability to audit code does not mean it was done Widely used, even in commercial software – C.f. common commercial libraries with issues. Recommendations Know what you have – Including as elements of commercial software

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 13 Supply Chain as critical attack route Where is the weakest link? Breadth and interconnectedness of supply chain Target, AutoNation, Lowes & AT&T incidents all linked to 3 rd parties Some 3 rd parties concentrate critical information A breach in one supplier may give access to multiple organizations Expansion of PCI scope Recommendations Supplier assurance programmes Threat intelligence – What are your peers experiencing Joint incident response – Make it easy for suppliers – Test often

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 14 Industry sector attacks and malware Adversary specialization – 2014 Dragonfly compaign against western energy companies Long term specialization in banking Focus on intellectual property from particular industries – Healthcare Recommendations Threat intelligence – understand your peers Adopt from leading sectors (finance etc.) Continuous active monitoring

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 15 Privacy concerns drive legislation Nation state attacks (real or otherwise) are raising government interest Public mood changing? – Generation gap – Public examples of data breaches Contrasting government snoopers charters BBC report showing online privacy as high on political agenda for 1 st time voters 90% if Americans think consumers have lost control of their personal data Balkanisation of Internet Recommendations Asses/understand data you hold – Not just an exercise in current compliance

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 16 Internet of Things Consumer driven product life cycles Large number of devices to manage Kinetic impact Data mining Interconnected world – things outside your control can affect you. Recommendations Start thinking about it now Policy for connecting to your network Network isolation

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 17 Security Technologies to watch Listing known bad will never be complete – Process on the basis of known good – Behavior based Software defined infrastructure Information sharing buses Security intelligence – More an issue of culture and relationships than technology – Cooperation and collaboration La Brea style capabilities

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Thank you

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.