Your SlideShare is downloading. ×
Cyber 24 7 slideshare march 2014
Cyber 24 7 slideshare march 2014
Cyber 24 7 slideshare march 2014
Cyber 24 7 slideshare march 2014
Cyber 24 7 slideshare march 2014
Cyber 24 7 slideshare march 2014
Cyber 24 7 slideshare march 2014
Cyber 24 7 slideshare march 2014
Cyber 24 7 slideshare march 2014
Cyber 24 7 slideshare march 2014
Cyber 24 7 slideshare march 2014
Cyber 24 7 slideshare march 2014
Cyber 24 7 slideshare march 2014
Cyber 24 7 slideshare march 2014
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Cyber 24 7 slideshare march 2014

68

Published on

A summary powerpoint describing my new book on cybersecurity. It is written for an organization's leadership team in an easy to read, non-technical format. It covers the wide range of issues that …

A summary powerpoint describing my new book on cybersecurity. It is written for an organization's leadership team in an easy to read, non-technical format. It covers the wide range of issues that are present in cybersecurity planning today.

Published in: Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
68
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Cyber 24-7: Sound advice for board members, the C-Suite and non- technical executives Peter O’Dell peterlodell@gmail.com
  • 2. http://www.amazon.com/dp/B00IHIQWYK
  • 3. Book Summary • Cyber threat is real and unpredictable • Board and C-Suite need to manage • The threat extends far beyond the IT group • Gap between management and IT • Preparation is critical to incident response • Outside partners/services key resource • Incident response must be well executed • Future threats are emerging
  • 4. Who should read Cyber 24-7 • Board of Directors, C-Suite, and non-technical execs: – Understanding impact and risk – Key strategy elements – Preparation and response – Entire organizational view • IT – CSO, CIO, CISO: – Comprehend management perspective/responsibility – Understand entire scope of cyber threat – Narrow communications gap – Improve planning and response planning
  • 5. Table of Contents • Chapter 1 The Cyber Problem – Where are we today? • Chapter 2: Cyber: Not your everyday risk! • Chapter 3: Leadership from the Top – Board and Executive Issues • Chapter 4: Real time Cyber Intelligence – Preparing and Prevention • Chapter 5: Attacked and Breached – Now What? • Chapter 6: Cyber Information Sharing • Chapter 7: Government Activities in Cyber • Chapter 8: Information Resources • Chapter 9: A Standardized Approach can streamline the future • Chapter 10: The Future of Cyber Security • Chapter 11: Final Conclusions • Appendix A: Sample Incident Response Checklist • Appendix B: Executive Order on Cyber and NIST Framework
  • 6. Today’s Situation • Victims of our own success – incredible growth • Opportunity expands the attack surface: – Clouds linked to legacy systems – Internet of Things (IOT) means more entry points – Bring Your Own Devices (BYOD) • We’re not doing all we can: – Boards and C-Suite largely delegating/ignoring – Poor info sharing even at basic levels, not real-time – Eliminating/upgrading legacy systems – “Tone at the Top” by the board and C-Suite – Government – no legislation since 2002, poor grades
  • 7. Cyber is not a Normal Risk! • Cyber defies conventional metrics – Non-quantifiable – Non-predictable – Global, not local – Can put the entire organization at complete risk • Examples of normal risks: – Weather - business interruption – Employee and customer lawsuits – Theft of a trailer full of cell phones
  • 8. Executive Leadership • Set the organizational “Tone at the Top” • Responsible for oversight and priorities • The board sets the risk tolerance level • People should be vetted and monitored • Outside resources should be identified • Cross organization response should be planned and exercised • The threat is much broader than just IT issues
  • 9. What to worry about today • Customer payment information - Target • Intellectual property theft – 20 year impact – Lockheed-Martin • Malicious insiders - Snowden • Critical Infrastructure attack – power, communications • Emerging threats – important to stay current • Device loss or theft – multiple scenarios
  • 10. Board & C-Suite Preparation/Proactive Efforts • Set the “Tone at the Top” • Understand executive vulnerabilities • Consider a technical board member/committee • Hire the right people and partners • Detailed risk, resilience and plan review • Exercise the full plan across the enterprise
  • 11. People – Critical at all Levels • Industry shortage means higher Bozo % at all levels • Validating through outside expertise • Finding, training, retaining and motivating • Standing guard 24/7 very difficult • Great can turn malicious for outside reasons • 360 degree communications for team success • Entire organization – this is not just an IT issue
  • 12. Future Trends • Threat is expanding with new vulnerabilities • Mobile, Cloud, and Internet of Things (IOT) enabling new vulnerabilities • Sharing is still an under-utilized defense • Law enforcement will have to improve cross- jurisdictional investigations and prosecution • Market of services and solutions growing rapidly in response to the threat • Likely will be years before a downturn in risk
  • 13. About the Author – Pete O’Dell • Current: author, board member, consultant • Past: Multiple roles, multiple industries – President of software division – Autodesk – CIO: Microwarehouse, Autodesk, UCA – COO: Online Interactive, Supertracks – Co-founded Swan Island Networks • Contact: – Peterlodell@gmail.com – Skype: Peterlodell
  • 14. http://www.amazon.com/dp/B00IHIQWYK

×