Lessons Learned from aGlobal Cybercrime Fighter1Dave Cullinane, CISSPChairmanCloud Security AllianceCSA APAC Congress 2013Singapore
CSA APAC Congress Singapore 20132We Need to Change the WorldWe – meaning us!
CSA APAC Congress Singapore 2013Our World is Changing• Increased External Threat• Malware Volume, Sophistication and APM• Sophistication of Threat and Adversary• Global communications capability• Mature technologies = continued risk• Web apps – of 6 most exploited vulns, 4 are exclusive to Webapps• Total Vuln disclosures increased 19% in 2012• Complexity is killing us – systems, networks, software• Targeted Malware attacks – 42% increase• Cybercrime process - design, build, exploit, sell• Cyber Extortion
CSA APAC Congress Singapore 2013• Mobile Explosion - mobile malware families increased 58%– New threats and old ones (XSS) on new platforms– Mobile app security – building and ensuring– NFC (Near Field Communication) in mobile and chip cards• Consumerization– Key to hiring, retention, and below• Agility & Innovation– Enable the Business to grow rapidly– Need to rethink Security• ROI on Clouds (3-5x)• Transformational timeOur World is Changing
CSA APAC Congress Singapore 2013What to do?• Adversary collaborates, but we try to deal with a global adversaryalone??• SMB’s increasingly victimized• Governments need to secure critical infrastructure – but aretaking a National approach to an international problem• Investigations and attribution problems• Assume you are a target and will be breached.• Due Care, Defense in depth, etc.• Effective Incident Response in a global world of agility,consumerization, smartphones, tablets, and clouds• Need to share attack data and collaborate on investigations.• Intelligence Based Security• New Types of Analysis - Hadoop
CSA APAC Congress Singapore 2013CISO Toolkit• Be more agile and innovative than the business• Risk Management as a key discipline– AUA– KRI’s and KPI’s• Intelligence Based Security– What keeps you awake?– Requires accurate quantification of risk– Identification and Measurement of threat– Allocate resources to mitigate greatest risks• Metrics and Reporting– ROI = Risk Reduction– “Protect to Enable”
CSA APAC Congress Singapore 2013Questions?7Sources:+ Symantec Internet Security Threat Report 2013, Vol 18.+ HP 2012 Cyber Risk Report+ Friends and Colleagues