3. What is Information Security?
Information Security ensures protection, confidentiality, integrity & availability of an
organization’s assets against exploitation or attacks to degrade or destroy information
from outside or inside the organization
Ahmet Hamdi ATALAY
11 Nisan 2013’ISTANBUL
4. Information Security Has Many Attack
Vectors
Information security is not only about technology. Many successful attacks require little
or no technical knowledge.
Ahmet Hamdi ATALAY
11 Nisan 2013’ISTANBUL
5. Sophisticated Attackers Focus on
High-Value Targets
Government & Financial Institutions
are by far the most attractive
targets for sophisticated actors such
as nation states or organized
criminal organizations
Source: Booz Allen Hamilton analysis of the top 20 information
security attacks in 2012
Ahmet Hamdi ATALAY
11 Nisan 2013’ISTANBUL
6. Striving for a Better Approach
Ahmet Hamdi ATALAY
11 Nisan 2013’ISTANBUL
7. Where to Start? The Three Tiers of
Information Security
Effective Information Security requires a trained and aware workforce and well-defined
and enforced policy and procedures. With these, any credible information security tools
will be effective. Without this, no set of tools will work.
Ahmet Hamdi ATALAY
11 Nisan 2013’ISTANBUL
8. Components of Effective Information
Security
An effective information security program is built on a foundation of leadership
supported by the three pillars of well-thought-out strategy & governance, organizationwide awareness & training, and advanced technology
Ahmet Hamdi ATALAY
11 Nisan 2013’ISTANBUL
9. Focus on the People
People are the most vital aspect of your Cybersecurity defense and should always be
your first priority for investment
Ahmet Hamdi ATALAY
11 Nisan 2013’ISTANBUL
10. Adopt a Holistic Approach and Tools
There is temptation to buy a “tool” to fix the problem and it rarely, if ever, works. Tools
that are too complex for your team require extensive tuning and integration will rarely
be effective
Ahmet Hamdi ATALAY
11 Nisan 2013’ISTANBUL
13. 2013 Attack vector by Industry
Ahmet Hamdi ATALAY
11 Nisan 2013’ISTANBUL
14. The growing malware threat
From one every MINUTE to one every SECOND
Ahmet Hamdi ATALAY
11 Nisan 2013’ISTANBUL
15. The New Breed of Cyber Attacks
Nature of threats changing / Today’s attacks sophisticated and successful
Ahmet Hamdi ATALAY
11 Nisan 2013’ISTANBUL
16. The total bill for cybercrime...
$388 Billion – The total bill for cybercrime footed by
online adults in 24 countries…
• $114bn – Direct cash costs of cybercrime
• $274bn – Victims valued the time lost to cybercrime
Cybercrime is bigger than…
• The global black market in marijuana, cocaine, and heroin combined ($288bn)
and approaching the value of all global drug trafficking ($411bn)
• At $388bn, cybercrime is more than 100 times the annual expenditures of
UNICEF ($3.65bn)
Ahmet Hamdi ATALAY
11 Nisan 2013’ISTANBUL