SlideShare a Scribd company logo

2010 Sc World Congress Nyc

Bob Maley
Bob Maley

This document discusses strategies for data protection and cybersecurity. It advocates taking a strategic rather than tactical approach that is driven by business needs rather than vendors. It emphasizes the importance of understanding threats, vulnerabilities, and risks; developing comprehensive protection strategies; operationalizing security; and continuously evaluating and improving security measures. The overall message is that effective cybersecurity requires understanding the environment, threats, and business needs in order to develop and execute holistic, risk-based strategies.

1 of 31
Download to read offline
Data Protection Strategy  Bob Maley, CEO, Strategic CISO & former CISO, State of Pennsylvania
Cyber Protection Strategy StrategicCISO.com  Tactical or Strategic?  Vendor Driven  or business driven  Reactive  or proactive
The trouble is that criminals seem to be able to stay one step ahead, and the law- abiding have to spend to much time trying to catch up – Nigel Phair, Cybercrime, The Reality of the Threat, page 178 StrategicCISO.com
Securing Endpoints? StrategicCISO.com  Data wants to be free  What are your endpoints  Data classification It’s what you don’t know you don’t know that gets you  Email  Business Processes  Data transfers
It’s in the cloud already StrategicCISO.com  Google  Amazon  Web Services
Security Trends – Current View StrategicCISO.com- CONFIDENTIAL - Endpoint Suites Network UTM Application Security Vulnerability Management [Other Point Products] Security Information and Event Management • Alerts • Log Mgt • Event Correlation • Compliance Certification Governance Risk and Compliance • User Policy Compliance • Compliance Workflow and Reporting • Remediation Workflow and Reporting
 Scanning (web and/or network) products identify potential weaknesses – Data overload including false positives/negatives – not most critical threats – Does not prove exploitability, limited-view point solution, single vector  IT-GRC gathers information to aggregate and report – Mostly used for higher-level policy and governance with little “R”  SIEM aggregates real data, dash-boarding, drill-down, etc. – SIM/SEM correlates and presents what has happened (via alert), but doesn’t tell you if your defenses are working – Operational data, not situational. Just incidents or log data from past events  Security Risk Mgmt is simulator/model – Correlates scanned, imported and entered data to infer highest risk vulnerabilities, doesn’t do actual testing – Network only and works on models vs. a real test of the security  DLP detects and prevents transmission of confidential information To date, the critical challenge of how to provide insight into actual risks across multiple layers of infrastructure still remains!StrategicCISO.com
Security – Future View StrategicCISO.com- CONFIDENTIAL - Endpoint Suites Network UTM Application Security Vulnerability Management IT Security Management Vendors: IBM, HP, Cisco, Computer Associates, Symantec, McAfee [Other Point Products] Comprehensive Security Test and Measurement •Verify and Validate Security Controls •Measure Real-world Threat Readiness •Measure Security Effectiveness Security Information and Event Management • Alerts • Log Mgt • Event Correlation • Compliance Certification Governance Risk and Compliance • User Policy Compliance • Compliance Workflow and Reporting • Remediation Workflow and Reporting
Cyber Strategy Musings (WordPress)  The Key of Knowledge – Book 2  The second area of knowledge in this key is “Knowing your environment”.  By Extension – Know Your Strategy Know your Strategy StrategicCISO.com
Your Guide StrategicCISO.com
What are your critical business assets? Data / Asset Classification You can’t protect everything Focus on the most important assets Key of Knowledge StrategicCISO.com
 Anti-Virus and Firewalls are not enough Evaluate your existing controls StrategicCISO.com
Compliance Checklists are not enough  Network Solutions was PCI compliant before breach Angela Moscaritolo, July 27, 2009  Web hosting firm Network Solutions on Friday announced that, despite its being PCI compliant, a breach had compromised approximately 573,928 individuals' credit card information.  http://www.scmagazineus.com/network-solutions- was-pci-compliant-before-breach/article/140642/ Evaluate your existing controls StrategicCISO.com
 Layered Security – The Castle Model Evaluate your existing controls StrategicCISO.com
 The Symantec Global Internet Threat Report, which covers trends in 2009, says attackers are aggressively targeting employees' social networking profiles to help target key personnel inside targeted companies. Meanwhile, Web-based attacks targeting PDF views accounted for half of all Web-based attacks last year, up from 11 percent in 2008.  And malware creation increased thanks to more automated tools, according to Symantec, which says it identified more than 240 million new malware programs last year, a 100 percent increase over 2008 Understand the threat Report: Targeted Attacks Evolve, New Malware Variants Spike By 100 Percent New Symantec Global Internet Threat Report shows evolution of targeted attacks, prevalence of Web-borne attacks, increase in malware variants in 2009 Apr 20, 2010 By Kelly Jackson Higgins DarkReading http://www.darkreading.com/vulnerability_management/security/antivirus/showArticle.jhtml?articleID=224500064
 Insider Threats Understand the threat StrategicCISO.com
U.S. government agencies have been bracing for a deluge of thousands more classified documents since the leak of helicopter cockpit video of a 2007 firefight in Baghdad. That was blamed on a U.S. Army intelligence analyst, Spc. Bradley Manning, 22, of Potomac, Md. He was charged with releasing classified information this month. Manning had bragged online that he downloaded 260,000 classified U.S. cables and transmitted them to Wikileaks.org. Officials Scramble to Review Emerging Afghan War Documents for 'Damage' Published July 26, 2010 | FoxNews.com http://www.foxnews.com/politics/2010/07/26/damage-control-leak-afghan-war-docs/ Understand the Threat StrategicCISO.com
 Know your threat matrix Understand the threat StrategicCISO.com
 Determine your organizations risk tolerance  Know your vulnerabilities  Understand how the threats apply Develop your Risk Strategy StrategicCISO.com
Compliance requirements Protect your valuable data Put systems in place that protect your data as it moves Proactive intelligence on your environment Discover your real vulnerabilities Break the malware cycle Develop your protection Strategy
The barbarians will get in StrategicCISO.com
 Operationalize Security  Use Managed Services / Cloud Services where practicable  Use automated systems Understand the overhead StrategicCISO.com
Complexity can break security StrategicCISO.com
 Be an enabler of business  Connect to your Enterprise Risk Management  Show how it affects the bottom line Understand your organization’s business need StrategicCISO.com
 Response and remediation  Robust Incident Response Plan  Response not react  Don’t merely remediate Execute StrategicCISO.com
 Real time Protection  Find the barbarians that get past the gate  New Technologies Execute StrategicCISO.com
Execute - Test StrategicCISO.com
 Col. John Boyd’s OODA Loop Evaluate StrategicCISO.com
Metrics  INCREASING CYBER-SITUATIONAL AWARENESS VIA ENTERPRISE METRICS  Core Security Technologies Blog  Today’s ferocious cybersecurity environment is dynamic. One of the challenges that organizations, both public and private sector, have encountered in attempting to mature their IT security and risk management plans has been a lack of methods to calculate truly relevant metrics that would allow for them to better understand and benchmark their security standing over time. http://blog.coresecurity.com/2010/04/29/increasing- cyber-situational-awareness-via-enterprise-level-metrics/ Evaluate StrategicCISO.com
The Future of Data Protection StrategicCISO.com
 Contact Information Bob.Maley@StrategicCISO.com Questions

Recommended

Guide to high volume data sources for SIEM
Guide to high volume data sources for SIEMGuide to high volume data sources for SIEM
Guide to high volume data sources for SIEM
Joseph DeFever
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber Security
Karyl Scott
 
Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity
Dawn Yankeelov
 
10 Critical Corporate Cyber Security Risks
10 Critical Corporate Cyber Security Risks10 Critical Corporate Cyber Security Risks
10 Critical Corporate Cyber Security Risks
Heimdal Security
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber Resilience
Donald Tabone
 
PCI Breach Scenarios and the Cyber Threat Landscape with Brian Honan
PCI Breach Scenarios and the Cyber Threat Landscape with Brian HonanPCI Breach Scenarios and the Cyber Threat Landscape with Brian Honan
PCI Breach Scenarios and the Cyber Threat Landscape with Brian Honan
Tripwire
 
Bit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_printBit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_print
james morris
 
Cybersecurity After WannaCry: How to Resist Future Attacks
Cybersecurity After WannaCry: How to Resist Future AttacksCybersecurity After WannaCry: How to Resist Future Attacks
Cybersecurity After WannaCry: How to Resist Future Attacks
Strategy&, a member of the PwC network
 

Recommended

Guide to high volume data sources for SIEM
Guide to high volume data sources for SIEMGuide to high volume data sources for SIEM
Guide to high volume data sources for SIEM
Joseph DeFever
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber Security
Karyl Scott
 
Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity
Dawn Yankeelov
 
10 Critical Corporate Cyber Security Risks
10 Critical Corporate Cyber Security Risks10 Critical Corporate Cyber Security Risks
10 Critical Corporate Cyber Security Risks
Heimdal Security
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber Resilience
Donald Tabone
 
PCI Breach Scenarios and the Cyber Threat Landscape with Brian Honan
PCI Breach Scenarios and the Cyber Threat Landscape with Brian HonanPCI Breach Scenarios and the Cyber Threat Landscape with Brian Honan
PCI Breach Scenarios and the Cyber Threat Landscape with Brian Honan
Tripwire
 
Bit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_printBit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_print
james morris
 
Cybersecurity After WannaCry: How to Resist Future Attacks
Cybersecurity After WannaCry: How to Resist Future AttacksCybersecurity After WannaCry: How to Resist Future Attacks
Cybersecurity After WannaCry: How to Resist Future Attacks
Strategy&, a member of the PwC network
 
CISO-Fundamentals
CISO-FundamentalsCISO-Fundamentals
CISO-FundamentalsGary Hayslip CISSP, CISA, CRISC, CCSK
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligence
wbesse
 
So you want to be a CISO - 5 steps to Success
So you want to be a CISO - 5 steps to SuccessSo you want to be a CISO - 5 steps to Success
So you want to be a CISO - 5 steps to SuccessGary Hayslip CISSP, CISA, CRISC, CCSK
 
Managing Enterprise Risk: Why U No Haz Metrics?
Managing Enterprise Risk: Why U No Haz Metrics?Managing Enterprise Risk: Why U No Haz Metrics?
Managing Enterprise Risk: Why U No Haz Metrics?
John D. Johnson
 
Information Security Management System in the Banking Sector
Information Security Management System in the Banking SectorInformation Security Management System in the Banking Sector
Information Security Management System in the Banking Sector
Samvel Gevorgyan
 
Role of The Board In IT Governance & Cyber Security-Steve Howse
Role of The Board In IT Governance & Cyber Security-Steve HowseRole of The Board In IT Governance & Cyber Security-Steve Howse
Role of The Board In IT Governance & Cyber Security-Steve Howse
CGTI
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
DMIMarketing
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Shawn Tuma
 
The Benefits of Security From a Managed Services Provider
The Benefits of Security From a Managed Services ProviderThe Benefits of Security From a Managed Services Provider
The Benefits of Security From a Managed Services Provider
CSI Solutions
 
Security Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurity Framework for Digital Risk Managment
Security Framework for Digital Risk Managment
Securestorm
 
Protecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthProtecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in Depth
PECB
 
10 Steps to Better Security Incident Detection
10 Steps to Better Security Incident Detection10 Steps to Better Security Incident Detection
10 Steps to Better Security Incident Detection
Tripwire
 
Security Best Practices for Small Business
Security Best Practices for Small BusinessSecurity Best Practices for Small Business
Security Best Practices for Small Business
Valiant Technology
 
Securing the Cloud by Matthew Rosenquist 2016
Securing the Cloud by Matthew Rosenquist 2016Securing the Cloud by Matthew Rosenquist 2016
Securing the Cloud by Matthew Rosenquist 2016
Matthew Rosenquist
 
Vendor Landscape: Email Security Gateway
Vendor Landscape: Email Security GatewayVendor Landscape: Email Security Gateway
Vendor Landscape: Email Security Gateway
Info-Tech Research Group
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security Roadmap
Elliott Franklin
 
Journey to cyber resilience
Journey to cyber resilienceJourney to cyber resilience
Journey to cyber resilience
Andrew Bycroft
 
Avoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of ITAvoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of ITEnvision Technology Advisors
 
AP_Cybersecurity_and_Risk_Management_Lead_from_the_C-suite_Mar_2016
AP_Cybersecurity_and_Risk_Management_Lead_from_the_C-suite_Mar_2016AP_Cybersecurity_and_Risk_Management_Lead_from_the_C-suite_Mar_2016
AP_Cybersecurity_and_Risk_Management_Lead_from_the_C-suite_Mar_2016Ben Browning
 
Cyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsCyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teams
Wynyard Group
 
Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10
Core Security Technologies
 
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 sucesuminas
 

More Related Content

What's hot

Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligence
wbesse
 
Managing Enterprise Risk: Why U No Haz Metrics?
Managing Enterprise Risk: Why U No Haz Metrics?Managing Enterprise Risk: Why U No Haz Metrics?
Managing Enterprise Risk: Why U No Haz Metrics?
John D. Johnson
 
Information Security Management System in the Banking Sector
Information Security Management System in the Banking SectorInformation Security Management System in the Banking Sector
Information Security Management System in the Banking Sector
Samvel Gevorgyan
 
Role of The Board In IT Governance & Cyber Security-Steve Howse
Role of The Board In IT Governance & Cyber Security-Steve HowseRole of The Board In IT Governance & Cyber Security-Steve Howse
Role of The Board In IT Governance & Cyber Security-Steve Howse
CGTI
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
DMIMarketing
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Shawn Tuma
 
The Benefits of Security From a Managed Services Provider
The Benefits of Security From a Managed Services ProviderThe Benefits of Security From a Managed Services Provider
The Benefits of Security From a Managed Services Provider
CSI Solutions
 
Security Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurity Framework for Digital Risk Managment
Security Framework for Digital Risk Managment
Securestorm
 
Protecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthProtecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in Depth
PECB
 
10 Steps to Better Security Incident Detection
10 Steps to Better Security Incident Detection10 Steps to Better Security Incident Detection
10 Steps to Better Security Incident Detection
Tripwire
 
Security Best Practices for Small Business
Security Best Practices for Small BusinessSecurity Best Practices for Small Business
Security Best Practices for Small Business
Valiant Technology
 
Securing the Cloud by Matthew Rosenquist 2016
Securing the Cloud by Matthew Rosenquist 2016Securing the Cloud by Matthew Rosenquist 2016
Securing the Cloud by Matthew Rosenquist 2016
Matthew Rosenquist
 
Vendor Landscape: Email Security Gateway
Vendor Landscape: Email Security GatewayVendor Landscape: Email Security Gateway
Vendor Landscape: Email Security Gateway
Info-Tech Research Group
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security Roadmap
Elliott Franklin
 
Journey to cyber resilience
Journey to cyber resilienceJourney to cyber resilience
Journey to cyber resilience
Andrew Bycroft
 
AP_Cybersecurity_and_Risk_Management_Lead_from_the_C-suite_Mar_2016
AP_Cybersecurity_and_Risk_Management_Lead_from_the_C-suite_Mar_2016AP_Cybersecurity_and_Risk_Management_Lead_from_the_C-suite_Mar_2016
AP_Cybersecurity_and_Risk_Management_Lead_from_the_C-suite_Mar_2016Ben Browning
 
Cyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsCyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teams
Wynyard Group
 

What's hot (20)

CISO-Fundamentals
CISO-FundamentalsCISO-Fundamentals
CISO-Fundamentals
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligence
 
So you want to be a CISO - 5 steps to Success
So you want to be a CISO - 5 steps to SuccessSo you want to be a CISO - 5 steps to Success
So you want to be a CISO - 5 steps to Success
 
Managing Enterprise Risk: Why U No Haz Metrics?
Managing Enterprise Risk: Why U No Haz Metrics?Managing Enterprise Risk: Why U No Haz Metrics?
Managing Enterprise Risk: Why U No Haz Metrics?
 
Information Security Management System in the Banking Sector
Information Security Management System in the Banking SectorInformation Security Management System in the Banking Sector
Information Security Management System in the Banking Sector
 
Role of The Board In IT Governance & Cyber Security-Steve Howse
Role of The Board In IT Governance & Cyber Security-Steve HowseRole of The Board In IT Governance & Cyber Security-Steve Howse
Role of The Board In IT Governance & Cyber Security-Steve Howse
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
 
The Benefits of Security From a Managed Services Provider
The Benefits of Security From a Managed Services ProviderThe Benefits of Security From a Managed Services Provider
The Benefits of Security From a Managed Services Provider
 
Security Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurity Framework for Digital Risk Managment
Security Framework for Digital Risk Managment
 
Protecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthProtecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in Depth
 
10 Steps to Better Security Incident Detection
10 Steps to Better Security Incident Detection10 Steps to Better Security Incident Detection
10 Steps to Better Security Incident Detection
 
Security Best Practices for Small Business
Security Best Practices for Small BusinessSecurity Best Practices for Small Business
Security Best Practices for Small Business
 
Securing the Cloud by Matthew Rosenquist 2016
Securing the Cloud by Matthew Rosenquist 2016Securing the Cloud by Matthew Rosenquist 2016
Securing the Cloud by Matthew Rosenquist 2016
 
Vendor Landscape: Email Security Gateway
Vendor Landscape: Email Security GatewayVendor Landscape: Email Security Gateway
Vendor Landscape: Email Security Gateway
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security Roadmap
 
Journey to cyber resilience
Journey to cyber resilienceJourney to cyber resilience
Journey to cyber resilience
 
Avoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of ITAvoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of IT
 
AP_Cybersecurity_and_Risk_Management_Lead_from_the_C-suite_Mar_2016
AP_Cybersecurity_and_Risk_Management_Lead_from_the_C-suite_Mar_2016AP_Cybersecurity_and_Risk_Management_Lead_from_the_C-suite_Mar_2016
AP_Cybersecurity_and_Risk_Management_Lead_from_the_C-suite_Mar_2016
 
Cyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsCyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teams
 

Similar to 2010 Sc World Congress Nyc

Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10
Core Security Technologies
 
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 sucesuminas
 
5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management
DMIMarketing
 
Big Data Analytics Solutions
Big Data Analytics SolutionsBig Data Analytics Solutions
Big Data Analytics Solutions
harman041
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago Cavanna
Santiago Cavanna
 
Application Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsApplication Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting Reputations
Cognizant
 
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
DMI
 
Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of securityciso_insights
 
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive securityCisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
NetworkCollaborators
 
Cyber Security Solutions in Europe
Cyber Security Solutions in Europe Cyber Security Solutions in Europe
Cyber Security Solutions in Europe
Securityium
 
security-team-guide-reducing-operational-risk.pdf
security-team-guide-reducing-operational-risk.pdfsecurity-team-guide-reducing-operational-risk.pdf
security-team-guide-reducing-operational-risk.pdf
gokuforhelp
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
JustinBrown267905
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
Anil
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
Anil
 
Complicate, detect, respond: stopping cyber attacks with identity analytics
Complicate, detect, respond: stopping cyber attacks with identity analyticsComplicate, detect, respond: stopping cyber attacks with identity analytics
Complicate, detect, respond: stopping cyber attacks with identity analytics
CA Technologies
 
Cyber threat forecast 2018..
Cyber threat forecast 2018..Cyber threat forecast 2018..
Cyber threat forecast 2018..
Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 
Top Solutions and Tools to Prevent Devastating Malware White Paper
Top Solutions and Tools to Prevent Devastating Malware White PaperTop Solutions and Tools to Prevent Devastating Malware White Paper
Top Solutions and Tools to Prevent Devastating Malware White Paper
NetIQ
 
Threat Lifecycle Management_Whitepaper
Threat Lifecycle Management_WhitepaperThreat Lifecycle Management_Whitepaper
Threat Lifecycle Management_WhitepaperDuncan Hart
 
threat-lifecycle-management-whitepaper
threat-lifecycle-management-whitepaperthreat-lifecycle-management-whitepaper
threat-lifecycle-management-whitepaperRudy Piekarski
 

Similar to 2010 Sc World Congress Nyc (20)

Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10
 
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
 
5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management
 
Big Data Analytics Solutions
Big Data Analytics SolutionsBig Data Analytics Solutions
Big Data Analytics Solutions
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago Cavanna
 
Application Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsApplication Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting Reputations
 
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
 
Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of security
 
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive securityCisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
 
Cyber Security Solutions in Europe
Cyber Security Solutions in Europe Cyber Security Solutions in Europe
Cyber Security Solutions in Europe
 
security-team-guide-reducing-operational-risk.pdf
security-team-guide-reducing-operational-risk.pdfsecurity-team-guide-reducing-operational-risk.pdf
security-team-guide-reducing-operational-risk.pdf
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
Complicate, detect, respond: stopping cyber attacks with identity analytics
Complicate, detect, respond: stopping cyber attacks with identity analyticsComplicate, detect, respond: stopping cyber attacks with identity analytics
Complicate, detect, respond: stopping cyber attacks with identity analytics
 
Presentación AMIB Los Cabos
Presentación AMIB Los CabosPresentación AMIB Los Cabos
Presentación AMIB Los Cabos
 
Cyber threat forecast 2018..
Cyber threat forecast 2018..Cyber threat forecast 2018..
Cyber threat forecast 2018..
 
Top Solutions and Tools to Prevent Devastating Malware White Paper
Top Solutions and Tools to Prevent Devastating Malware White PaperTop Solutions and Tools to Prevent Devastating Malware White Paper
Top Solutions and Tools to Prevent Devastating Malware White Paper
 
Threat Lifecycle Management_Whitepaper
Threat Lifecycle Management_WhitepaperThreat Lifecycle Management_Whitepaper
Threat Lifecycle Management_Whitepaper
 
threat-lifecycle-management-whitepaper
threat-lifecycle-management-whitepaperthreat-lifecycle-management-whitepaper
threat-lifecycle-management-whitepaper
 

2010 Sc World Congress Nyc

  • 1. Data Protection Strategy  Bob Maley, CEO, Strategic CISO & former CISO, State of Pennsylvania
  • 2. Cyber Protection Strategy StrategicCISO.com  Tactical or Strategic?  Vendor Driven  or business driven  Reactive  or proactive
  • 3. The trouble is that criminals seem to be able to stay one step ahead, and the law- abiding have to spend to much time trying to catch up – Nigel Phair, Cybercrime, The Reality of the Threat, page 178 StrategicCISO.com
  • 4. Securing Endpoints? StrategicCISO.com  Data wants to be free  What are your endpoints  Data classification It’s what you don’t know you don’t know that gets you  Email  Business Processes  Data transfers
  • 5. It’s in the cloud already StrategicCISO.com  Google  Amazon  Web Services
  • 6. Security Trends – Current View StrategicCISO.com- CONFIDENTIAL - Endpoint Suites Network UTM Application Security Vulnerability Management [Other Point Products] Security Information and Event Management • Alerts • Log Mgt • Event Correlation • Compliance Certification Governance Risk and Compliance • User Policy Compliance • Compliance Workflow and Reporting • Remediation Workflow and Reporting
  • 7.  Scanning (web and/or network) products identify potential weaknesses – Data overload including false positives/negatives – not most critical threats – Does not prove exploitability, limited-view point solution, single vector  IT-GRC gathers information to aggregate and report – Mostly used for higher-level policy and governance with little “R”  SIEM aggregates real data, dash-boarding, drill-down, etc. – SIM/SEM correlates and presents what has happened (via alert), but doesn’t tell you if your defenses are working – Operational data, not situational. Just incidents or log data from past events  Security Risk Mgmt is simulator/model – Correlates scanned, imported and entered data to infer highest risk vulnerabilities, doesn’t do actual testing – Network only and works on models vs. a real test of the security  DLP detects and prevents transmission of confidential information To date, the critical challenge of how to provide insight into actual risks across multiple layers of infrastructure still remains!StrategicCISO.com
  • 8. Security – Future View StrategicCISO.com- CONFIDENTIAL - Endpoint Suites Network UTM Application Security Vulnerability Management IT Security Management Vendors: IBM, HP, Cisco, Computer Associates, Symantec, McAfee [Other Point Products] Comprehensive Security Test and Measurement •Verify and Validate Security Controls •Measure Real-world Threat Readiness •Measure Security Effectiveness Security Information and Event Management • Alerts • Log Mgt • Event Correlation • Compliance Certification Governance Risk and Compliance • User Policy Compliance • Compliance Workflow and Reporting • Remediation Workflow and Reporting
  • 9. Cyber Strategy Musings (WordPress)  The Key of Knowledge – Book 2  The second area of knowledge in this key is “Knowing your environment”.  By Extension – Know Your Strategy Know your Strategy StrategicCISO.com
  • 11. What are your critical business assets? Data / Asset Classification You can’t protect everything Focus on the most important assets Key of Knowledge StrategicCISO.com
  • 12.  Anti-Virus and Firewalls are not enough Evaluate your existing controls StrategicCISO.com
  • 13. Compliance Checklists are not enough  Network Solutions was PCI compliant before breach Angela Moscaritolo, July 27, 2009  Web hosting firm Network Solutions on Friday announced that, despite its being PCI compliant, a breach had compromised approximately 573,928 individuals' credit card information.  http://www.scmagazineus.com/network-solutions- was-pci-compliant-before-breach/article/140642/ Evaluate your existing controls StrategicCISO.com
  • 14.  Layered Security – The Castle Model Evaluate your existing controls StrategicCISO.com
  • 15.  The Symantec Global Internet Threat Report, which covers trends in 2009, says attackers are aggressively targeting employees' social networking profiles to help target key personnel inside targeted companies. Meanwhile, Web-based attacks targeting PDF views accounted for half of all Web-based attacks last year, up from 11 percent in 2008.  And malware creation increased thanks to more automated tools, according to Symantec, which says it identified more than 240 million new malware programs last year, a 100 percent increase over 2008 Understand the threat Report: Targeted Attacks Evolve, New Malware Variants Spike By 100 Percent New Symantec Global Internet Threat Report shows evolution of targeted attacks, prevalence of Web-borne attacks, increase in malware variants in 2009 Apr 20, 2010 By Kelly Jackson Higgins DarkReading http://www.darkreading.com/vulnerability_management/security/antivirus/showArticle.jhtml?articleID=224500064
  • 16.  Insider Threats Understand the threat StrategicCISO.com
  • 17. U.S. government agencies have been bracing for a deluge of thousands more classified documents since the leak of helicopter cockpit video of a 2007 firefight in Baghdad. That was blamed on a U.S. Army intelligence analyst, Spc. Bradley Manning, 22, of Potomac, Md. He was charged with releasing classified information this month. Manning had bragged online that he downloaded 260,000 classified U.S. cables and transmitted them to Wikileaks.org. Officials Scramble to Review Emerging Afghan War Documents for 'Damage' Published July 26, 2010 | FoxNews.com http://www.foxnews.com/politics/2010/07/26/damage-control-leak-afghan-war-docs/ Understand the Threat StrategicCISO.com
  • 18.  Know your threat matrix Understand the threat StrategicCISO.com
  • 19.  Determine your organizations risk tolerance  Know your vulnerabilities  Understand how the threats apply Develop your Risk Strategy StrategicCISO.com
  • 20. Compliance requirements Protect your valuable data Put systems in place that protect your data as it moves Proactive intelligence on your environment Discover your real vulnerabilities Break the malware cycle Develop your protection Strategy
  • 21. The barbarians will get in StrategicCISO.com
  • 22.  Operationalize Security  Use Managed Services / Cloud Services where practicable  Use automated systems Understand the overhead StrategicCISO.com
  • 23. Complexity can break security StrategicCISO.com
  • 24.  Be an enabler of business  Connect to your Enterprise Risk Management  Show how it affects the bottom line Understand your organization’s business need StrategicCISO.com
  • 25.  Response and remediation  Robust Incident Response Plan  Response not react  Don’t merely remediate Execute StrategicCISO.com
  • 26.  Real time Protection  Find the barbarians that get past the gate  New Technologies Execute StrategicCISO.com
  • 28.  Col. John Boyd’s OODA Loop Evaluate StrategicCISO.com
  • 29. Metrics  INCREASING CYBER-SITUATIONAL AWARENESS VIA ENTERPRISE METRICS  Core Security Technologies Blog  Today’s ferocious cybersecurity environment is dynamic. One of the challenges that organizations, both public and private sector, have encountered in attempting to mature their IT security and risk management plans has been a lack of methods to calculate truly relevant metrics that would allow for them to better understand and benchmark their security standing over time. http://blog.coresecurity.com/2010/04/29/increasing- cyber-situational-awareness-via-enterprise-level-metrics/ Evaluate StrategicCISO.com
  • 30. The Future of Data Protection StrategicCISO.com