Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

War Against Terrorism - CIO's Role

A presentation at the 2015 East Africa CIO100

  • Login to see the comments

War Against Terrorism - CIO's Role

  1. 1. War Against Terrorism: The Role of Today’s CIO Ayo Rotibi Managing Director Forts & Shields Ltd (US, Kenya, Nigeria)
  2. 2. “The Internet is a prime example of how terrorists can behave in a truly transnational way; in response, States need to think and function in an equally transnational manner.” Ban ki-moon
  3. 3. The Art of War The Art of War is simple enough. Find out where your enemy is. Get at him as soon as you can. Strike him as hard as you can and as often as you can, and keep moving on.(Ulysses S. Grant) 18th US President. Led the Union to victory over the Confederacy in the American Civil War
  4. 4. www.terror.net – The Modern Terrorists Internet-aided terrorism is a dynamic phenomenon and transnational Terrorist websites target three different audiences: current and potential supporters; international public opinion; and enemy publics Ways contemporary terrorists use the Internet: •From conducting psychological warfare to gathering information, from training to fundraising, from propagandizing to recruiting, and from networking to planning and coordinating terrorist acts.
  5. 5. www.terror.net – The Modern Terrorists Workplace has been the primary target of terrorism •WTC Building, Garisa University, Westgate Mall Many workplaces upon which citizens rely to reach work are relatively unprotected •St Pancreas Underground "We use Facebook to schedule the protests, Twitter to co-ordinate and YouTube to tell the world.“ An Egyptian Arab Spring Activist
  6. 6. www.terror.net – The Modern Terrorists Dateline: September 2013 •Al Qaeda opens first official Twitter account •@shomokhalislam, issued 29 tweets, followed one account, and attracted 1,532 followers in 24 hours (including several high-profile digital jihadists) @shomokhalislam
  7. 7. www.terror.net – The Modern Terrorists Breaking News... Amazon Halts sales of ISIS propaganda Magazine
  8. 8. Darknet – The New Terror Frontier Adopted platform for direct communication among global jihadi activists • Over 50,000 sites and 300 forums for terrorist organizations • Used to distribute material for recruitment, training, and coordination of terrorist • Informed the travel warning and closure of some US embassies in August 2013
  9. 9. Darknet – The New Terror Frontier A Course in the Art of Recruiting • https://ia800300.us.archive.org/32/items/ACourseInTheArtOfRecruiting- RevisedJuly2010/A_Course_in_the_Art_of_Recruiting_-_Revised_July2010.pdf ISIS and the Lonely Young American • http://www.nytimes.com/2015/06/28/world/americas/isis-online-recruiting-american.html
  10. 10. Kenya’s Global Terrorism Index (GTI) Year Incidents Fatalities Injuries Properties GTI Rank (out of 162) 2009 1 0 0 0 4.47 27 2010 12 19 159 4 4.81 24 2011 38 37 98 7 5.15 19 2012 73 98 410 34 6.06 14 2013 74 201 442 22 6.58 12 http://www.visionofhumanity.org/#page/indexes/terrorism-index/2013/KEN/FATA
  11. 11. Cyber-threat Barometer: Any Ideas? Leading Cyber Attack Method •Social Engineering Leading Threat •Insider (with Authorized Access) Leading Vulnerability •People
  12. 12. Kenya’s Cyber Goals Enhance the nation’s cybersecurity posture in a manner that facilitates the country’s growth, safety, and prosperity. Build national capability by raising cybersecurity awareness and developing Kenya’s workforce to address cybersecurity needs. Foster information sharing and collaboration among relevant stakeholders to facilitate an information sharing environment focused on achieving the Strategy’s goals and objectives.
  13. 13. Insider threat Have legitimate access to systems Often familiar with the organization's data Abuse privileges to harm the organization Circumvent security controls of which they are aware Have physical proximity to data Harder to defend against than attacks from outsiders
  14. 14. The 58% Theory-The Insider Family The Rogue Employee •AKA: Shadow IT, Rogue IT •Description: They have many aliases, but one definite goal – to take valuable data and leverage it into monetary gain, revenge or even some revolutionary crusade
  15. 15. The 58% Theory-The Insider Family Fired / Disgruntled Worker •AKA: Pinch a Penny from a 1 million Transactions •Description: Think Office Space – where workers on their way out devise a way to rip off the company
  16. 16. The 58% Theory-The Insider Family 3rd Party and Outside Insider •AKA: The Ulterior Motivator •Description: Your temporary contractor or third-party vendor is around so much that your office is almost his second home. He may fraternize with employees and gain the trust of your crew – but who is really watching over
  17. 17. The 58% Theory-The Insider Family Inadvertent Users •AKA: Not the Brightest Crayon in the Box •Description: Believe it not, inadvertent insider threats make up a good portion of data breaches– thanks to the consumerization of IT, the mobility of data and the smartphone trend, it is easier for company data to move beyond traditional firewalls
  18. 18. The 58% Theory-The Insider Family Personalization Guru •AKA: The Guy Who Brings Home to Work •Description: This guy is a disaster waiting to happen. They are the ones who want their workstation to be a basic clone of their personal laptop. They want to have all the applications, tools and software –to bypass admin rights
  19. 19. The 58% Theory-The Insider Family The Night Janitor •AKA: The Unsuspecting Pirate •Description: The support staff is in your office at strange hours with no supervision really at all. Don't let the false characterizations and stereotypes fool you – criminals and social engineers would not lose a sweat getting employed as a janitor just to have your server room to themselves.
  20. 20. Exposure in the Workplace Types of Sensitive Corporate Information Employees Access (http://www.ponemon.org/blog/the-security-impact-of-mobile-device-use-by-employees)
  21. 21. Exposure in the Workplace Types of Personal Tasks Employees Do in the Workplace (http://www.ponemon.org/blog/the-security-impact-of-mobile-device-use-by-employees)
  22. 22. Exposure in the Workplace Content Accessed on Mobile Devices As Permitted By Enterprise (http://www.ponemon.org/blog/the-security-impact-of-mobile-device-use-by-employees)
  23. 23. Food For Thought What Will You Do If You Knew You Were Under Surveillance?
  24. 24. 4 Cyber-Breach Questions What: •Happened? Was Stolen? Was Compromised? How: •Did They Do It? To Prevent Reoccurrence? Who: •Did It? Is Affected? When: •Did They Do It? Can Recovery Begin?
  25. 25. CIOs must leverage this singular advantage and take a stand on the new encryption regime introduced by FB, Google and Apple Nothing is Hidden Under the Hood Every online activity leaves a Digital Footprint
  26. 26. The Role of The CIO Due Care: Conduct a reasonable person would exercise in a particular situation •Security is Good Business •Security is Everybody’s Business Due Diligence: Gathers facts to make an informed decision •Additional Internal Control procedure – Network Forensics Threat awareness, assessment, and perception Efficient information flow within corporations, between corporations, and between corporations and local and federal government agencies
  27. 27. National Domestic Communication Assistance Center Core functions: • Law Enforcement Coordination • Industry Relations • Technology Sharing • CALEA Implementation Government's first ever attempt to develop a centre for electronic surveillance knowledge management, and facilitate the sharing of technical solutions and know- how among law enforcement agencies
  28. 28. What if... ...we all work together for a common purpose? ...we aspire to build a Regional NDCAC to foster stronger collaboration and complement Kenya CIRT/CERT? ...we foster stronger collective relationship with LEA and Government ...we leave this conference with a resolution to make SOMETING happen? ...we...?
  29. 29. Proposed Initiatives Initiate targeted knowledge dissemination programs Provide real time knowledge dissemination to corporate members Develop lessons learned from corporate incidences Modify existing Users and Internet Usage Policies to include Internal Surveillance Establish a Regional NDCAC
  30. 30. A Little Story Breaking News Eiffel Tower for Sale! Moral Lesson: Share Information
  31. 31. Conclusion CIOs have been dragged into the War Against Terrorism The Enterprise landscape has changed forever – FACT The Internet offers us opportunity to prevent, detect and deter acts of terrorism CIOs have a responsibility to secure their enterprise CIOs need to know about human psychology and behavioural attitude Real-time Digital Forensics will become a major tool in identifying these threat agents CIO must determine that their enterprise network does not become a recruitment ground or a conduit for fund- raising and propaganda
  32. 32. For Further Information and Demo: •Email: arotibi@isecureconsulting.com •Phone: +254-786-834-158, +254-772-299-802 •Skype: arotibi •Forts & Shields, 63 Mandera Rd, Kileleshwa, Nairobi, Kenya •www.fortsandshields.com •www.isecureconsulting.com Questions

×