Internet of Things “IoT” can be defined as physical objects that connect to the internet through embedded systems and sensors, interacting with it to generate meaningful results and convenience to the end-user community. According to industry estimates, machine-to-machine communications
alone will generate approximately US$900 billion in revenues by 2020.
ERAU webinar november 2016 cyber security Bill Gibbs
Embry-Riddle Aeronautical University Professor Dr. Jon Haass presents a webinar on Cyber Security. Called Cyber Security Problems and Solutions. Dr. Haass developed the nation's first cyber security bachelor's degree program, which is offered at the ERAU campus in Prescott, Arizona.
ERAU webinar november 2016 cyber security Bill Gibbs
Embry-Riddle Aeronautical University Professor Dr. Jon Haass presents a webinar on Cyber Security. Called Cyber Security Problems and Solutions. Dr. Haass developed the nation's first cyber security bachelor's degree program, which is offered at the ERAU campus in Prescott, Arizona.
Cyber crime in a Smart Phone & Social Media Obsessed WorldJohn Palfreyman
With so much hype, and shrouded in technical gobbledygook it's hard to get a real handle on Cyber Crime, and how we can best prevent and / or investigate it. This presentation explores Cyber Crime, and it's relationship with Cyber Security. It then considers the vulnerabilities introduced by the pervasive use of smart phones and social media technologies, and how a "smarter" approach can be adopted to make systems secure.
Designated IT security experts in Europe and Asia have been interviewed by RadarServices, the European market leader for managed security services, with regards to future IT security trends and challenges. They shared their views concerning the development of cyber attacks and security technologies until 2025.
Cyber crime in a Smart Phone & Social Media Obsessed WorldJohn Palfreyman
With so much hype, and shrouded in technical gobbledygook it's hard to get a real handle on Cyber Crime, and how we can best prevent and / or investigate it. This presentation explores Cyber Crime, and it's relationship with Cyber Security. It then considers the vulnerabilities introduced by the pervasive use of smart phones and social media technologies, and how a "smarter" approach can be adopted to make systems secure.
Designated IT security experts in Europe and Asia have been interviewed by RadarServices, the European market leader for managed security services, with regards to future IT security trends and challenges. They shared their views concerning the development of cyber attacks and security technologies until 2025.
Danish National Cyber Crime Centre - Kim Aarenstrup - how to fight cyber crimeKevin Duffey
The Danish National Police employ about 100 staff in the Danish National Cyber Crime Centre (NC3). In this presentation, the Head of the Centre shares insights with business executives on how to fight cyber crime.
Danish Centre for Cyber Security - Thomas Kristmar - CEOs leading recovery in...Kevin Duffey
The Danish Defence Intelligence Service has a unit of about 100 people working in the Danish Centre for Cyber Security. In this presentation to business executives, their Head of Policy explains lessons CEOs should take from previous cyber attacks in Denmark.
How the balanced scorecard complements the McKinsey 7-S modelasafeiran
The diagram for the 7-S model looks like a spider-web, with
each of the ‘S’s’ connecting with all the other six. The BSC
strategy map illustrates cause-and-effect linkages across its
four perspectives. Both help managers align their organization
for effective strategy execution
Diagnosing and solving organizational problems means looking
not merely to structural reorganization for answers but to a
framework that includes structure and several related factors.
Do you know what brings cyber security risks to your organization? Are you ready to deal with cyber threats and the consequences of a cyber attack?
Find out what you should watch out for, no matter the size of your company!
Streaming Cyber Security into Graph: Accelerating Data into DataStax Graph an...Keith Kraus
Traditional security tools like security information and event managers (SIEMs) are struggling to keep up with the terabytes of event data (250M to 2B events) being generated each day from an ever-growing number of devices. Cybersecurity has become a data problem, and enterprises need to reply with scalable solutions to enable effective hunting and combat evolving attacks. Rethinking the cybersecurity problem as a data-centric problem led Accenture Labs’s Cybersecurity team to use emerging big data tools along with new approaches such as graph databases and analysis to exploit the connected nature of the data to its advantage. Joshua Patterson, Michael Wendt, and Keith Kraus explain how Accenture Labs’s Cybersecurity team is using Apache Kafka, Spark, and Flink to stream data into Blazegraph and Datastax Graph to accelerate cyber defense.
Leveraging Datastax Graph and Blazegraph allows Accenture Labs to greatly accelerate query and analysis performance compared to traditional security tools like SIEM. Josh, Michael, and Keith share the challenges of fitting cybersecurity data into each of the graph structures, as well as the ways they exploited the connectedness of events to discover new threats that would have been missed in traditional SIEM tools. In addition, they explain how they use GPUs to accelerate graph analysis by using Blazegraph DASL. Josh, Michael, and Keith end by demonstrating how to efficiently and effectively stream data into these graph databases using best-in-breed technologies such as Apache Kafka, Spark, and Flink and touch on why Kudu is becoming an integral part of Accenture’s technology stack. Utilizing these technologies, clients have supercharged their security analysts’ cyber-hunting abilities and are uncovering threats faster.
Mckinsey company - Capturing the next wave of growth in alternative Investmentsasafeiran
Investment trends come and go, so it may be tempting to
think of the current rush to alternatives as a passing fad. On
the one hand, money has continued to pour into the
category—which McKinsey defines to include hedge funds,
funds of funds, private equity, real estate, commodities and
infrastructure—over the past three years, with global assets
hitting an all-time high of $7.2 trillion in 2013. And with their
premium fees, alternatives now account for almost 30
percent of total industry revenues, while comprising only 12
percent of industry assets. Yet returns for many alternatives
products have lagged the sharp gains of broader market
indices in recent years, leading skeptics to contend that
investor patience is wearing thin—and that the alternatives
boom is about to run out of steam.
Part 6 of the series on the politica economy of Pakistan which examines the global and domestic environment at the time of General Zia's take over,the economic policies pursued by his team during the 1977-88 decade and how these policies affected the process of economic development of Pakistan
Connected & Autonomous vehicles: cybersecurity on a grand scale v1Bill Harpley
A presentation which was given at 'How the Internet of Things is Changing Cyber Security - an event organised by Optimise Hub (Portsmouth University) on January 26th 2017 at Havant.
- This talk describes the issues relating to cybersecurity of Connected Cars and Autonomous Vehicles. It begins with an introduction to technology and standards. It then looks at the key security challenges and asks how prepared we are to deal with the future risks.
- It is a perfect case study in the challenge of achieving cybersecurity on a massive scale.
Public policy aspects of Connected and Autonomous VehiclesBill Harpley
This is a presentation which I gave to the Brighton IoT Forum meetup group ( of which I am the founder ).
I outlines the key public policy challenges for Connected and Autonomous Vehicles.
It then considers policy responses from the UK Government and examines selected cases studies from U.S. , China and Germany.
Improving Cyber Security Literacy in Boards & ExecutivesTripwire
In response to the rapidly evolving threat landscape, Boards of Directors (BoDs) and executives are now more aware of today’s cyber threats and how they might adversely affect their business. However, most executives are nonetheless limited in their knowledge of security and do not know what to ask their security teams.
It is therefore up to security professionals to help their executives become more cyber security literate and thereby assist in framing security considerations as an integral part of any risk/opportunity discussion, as well as a wider enterprise risk management strategy.
Acknowledging this responsibility on the part of information security personnel, Tripwire has asked a number of prominent experts in the field how security teams can improve their executives’ cyber security literacy.
The current presentation is based on different Cyber Security Threats for 2017 published in Internet. All threats are explained at a high level but at the end of this presentation all references URL are present if you want to investigate deeply any threat.
Securing the digital economy does not fall on the individual, but instead relies on the ability of leaders to work collectively to forge digital trust.
Biznesa infrastruktūras un datu drošības juridiskie aspektiebuc
Biznesa infrastruktūras un datu drošības juridiskie aspekti. Carlos Trigoso, EY Eiropas, Vidējo Austrumu, Indijas un Āfrikas reģiona vadības konsultāciju centra Informācijas drošības virziena vecākais projektu vadītājs.
Securing the Digital Economy: Reinventing the Internetaccenture
Securing the digital economy does not fall on the individual, but instead relies on the ability of leaders to work collectively to forge digital trust.
Securing the Digital Economy: Reinventing the Internetaccenture
Securing the digital economy does not fall on the individual, but instead relies on the ability of leaders to work collectively to forge digital trust.
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
https://www.brighttalk.com/webcast/14723/234829?utm_source=Compliance+Engineering&utm_medium=brighttalk&utm_campaign=234829 :
With cyber attacks on the rise, securing your data is more imperative than ever. In future, organizations will face severe penalties if their data isn’t robustly secured. This will have a far reaching impact for how businesses deal with security in terms of managing their cyber risk.
Join this presentation to learn the cyber security controls prescribed by regulation, how this impacts compliance, and how cyber risk management helps CISOs understand the degree these controls are in place and where to prioritize their cyber dollars and ensure they are not at risk for fines.
Viewers will learn:
- The latest cybercrime trends and targets
- Trends in board involvement in cybersecurity
- How to effectively manage the full range of enterprise risks
- How to protect against ransomware
- Visibility into third party risk
- Data security metrics
Cybersecurity is difficult. It is a serious endeavor which over time strives to find a balance in managing the security of computing capabilities to protect the technology which connects and enriches the lives of everyone. Characteristics of cyber risk continue to mature and expand on the successes of technology innovation, integration, and adoption. It is no longer a game of tactics, but rather a professional discipline, continuous in nature, where to be effective strategic leadership must establish effective and efficient structures for evolving controls to sustain an optimal level of security.
This presentation will discuss the emerging challenges as it analyzes the cause-and-effect relationships of factors driving the future of cybersecurity.
The Singapore FinTech Consortium - Introduction to InsurTechFinTech Consortium
When you hear of “insurance”, the words “innovation” and “technology” would not come to mind intuitively – but they should now. At this day and age, insurance technology has the potential to affect nearly every essential insurance function, ranging from distribution methods to actuarial number crunching. InsurTech is now being implemented across every stage of the insurance value chain.
InsurTech 2016 Conference is a global gathering of the world's leading thinkers and doers in Insurance innovations and technology. It's a gathering of the planet's businesses, large and small, who are being impacted by new innovations to want to meet the demands of the insurance market.
This year, over 300 attendees will make the trip from all corners of the globe to hear from 80 industry thought leaders who will deliver the knowledge you're looking for to succeed in this arena.
InsurTech 2016 will assure that you meet the top insurance and technology professionals - leading 22 interactive and insightful sessions across all the insurtech spectrum, including:
Digital distribution channel
Blockchain
Data Analytics
Wealth Management
IoT & Telematics
Auto Tech
Health Tech & Wearables
Book your delegate ticket now for additional 15% Discount @ http://bit.ly/2bmXVxG
Cybersecurity: Protecting Local Government Digital Resources ReportSamantha Wagner
While cybersecurity is addressing the need for computer security, most local governments still don't have a solid understanding of what policies and procedures they should follow to protect their computer systems from future attacks. That's why ICMA has partnered with Microsoft to develop a new report on cybersecurity to ensure that local leaders are aware of what it takes to protect their computer systems and what current and future leading practices might look like.
The study provides valuable insight into the change in agency investment, awareness, and support for cybersecurity – as well as the challenges and barriers faced in achieving these goals.
Notable Takeaways:
• Financial Risks: According to a 2016 BetaNews article, “the total average cost of a data breach is now put at $6.53M, which includes $3.72M in lost business. Forensic investigations can cost up to $2,000 an hour, and the average annual salary of a security engineer is $92,000. With these high costs, proper preventative attack measures and cybersecurity insurance are crucial for the financial safety of organizations
• Employee Risks: A sizeable percentage of local agencies responded to never having taken cybersecurity awareness training for citizens (71.4%), contractors (61.9%), and local elected officials (50.1%). Given that human error creates vulnerabilities for breaches through targeted attacks like spear-phishing – employee education, RBAC measures, and RMS are of critical importance for agencies.
• What Agencies Want: The top three actions that were recommended by the respondents of the study were (1) Higher funding for cybersecurity; (2) Better cybersecurity polices; and (3) Greater cybersecurity awareness among employees in their local governments.
While regulatory actions and the move to SaaS has added complexity to keeping enterprise IT secure, new technologies such as AI and DevSecOps offer new forms of relief.
Cyber Immunity Unleashed: Explore the Future with iTech Magazine!DIGITALCONFEX
Dive into the dynamic world of innovation with inaugural edition of iTech Magazine, where cutting-edge technology meets insightful storytelling. Explore the latest trends, uncover groundbreaking advancements, and connect with the forefront of the tech landscape.
Elevate your tech journey with in-depth features, expert perspectives, and a spotlight on the innovations shaping our digital future. Welcome to iTech Magazine – Where Tomorrow's Tech Unfolds Today!
Visit to know more: https://digitalconfex.com/itech-magazine/
The global cybersecurity market is expected to witness high adoption, owing to rapid digitalization, higher spending on information security, and the advent of 5G. Various industrial and commercial sectors are implementing cybersecurity solutions to safeguard their data. The market is anticipated to expand at a compound annual growth rate (CAGR) of 11.6% during the period of 2017 to 2022. Read More: https://www.researchonglobalmarkets.com/global-cybersecurity-market.html
Similar to Get Ahead of Cyber Security by Tiffy Issac, Partner EY India (20)
The dynamicCISO Summit 7th Annual CISO Summit & Excellence Awards 2020 were held in Mumbai during 27-28 Feb 2020 at Hotel Leela. The summit was attended by over 220 senior #CISOs and other #cybersecurity professionals from across the country. In total there were 20 sessions held across two days and there were over 55 eminent experts and speakers who delivered the sessions.
Tweetchat is an excellent way to engage in meaningful conversations with the right set of people and amplify the whole thing beyond boundaries. While Twitter chats evolve around one hashtag, it's still public—which means the followers of the chat participants will see the hashtag and check what's behind it. This means hundreds of new people learning about the technology and brand and services!
Why is Cybersecurity so important today than ever before? Because it is one of the 10 most important risks facing human race. Data thefts and breaches are causing a great deal of damage to businesses both in terms of revenue and reputation losses.
Being a Digital Industrial By Anthony Thomas, Group Chief Information Officer...Rahul Neel Mani
Learn about the story of transformation, both inside and outside of GE. The GE Digital Hubs are a transformation for the company and the Digital Industrial. They are a transformation of the culture of our people.
A fresh research* initiative by dynamicCIO shall aim at creating perspectives around the important areas of Enterprise Digital Platforms and enable CIOs to become more competitively relevant.
Topic of Research: “Platform Thinking– the New Engine of Competitive Strategy”
The Scope of Research:
§ Establishing a definition and scope of Platforms
§ How Platforms are going to be the basis of future
competitive strategy.
§ How does the enterprise digital platform create capabilities and how these capabilities serve as options, which can be leveraged in market contexts?
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
3. Page 3
Introduction
Internet of Things “IoT” can be defined as physical objects that connect to the internet through embedded systems
and sensors, interacting with it to generate meaningful results and convenience to the end-user community.
New
business
opportunit
ies
Improved
decision-
making
Safety
and
security
Improved
citizen
experience
Cost
reductions
Potential for
business
revenue
growth
Opportunities does IoT offer?
What will be future…
The ever-expanding IoT world
Smart life Smart mobility
Smart city Smart manufacturing
4. Page 4
Some facts…
The cloud provides a platform for IoT to flourish, however, there are still many challenges.
With the plethora of data that they will hold, storage servers will have to be updated and secured all
the time.
According to industry estimates,
machine-to-machine communications
alone will generate approximately
US$900 billion in revenues by 2020.
India is planning to invest approximately
US$11 billion for developing 100 smart
cities. A draft policy framework document
of IoT was released in October 2014 by
the Indian government.
The interconnectivity of people, devices and organizations opens up new vulnerabilities.
$
New technologies, regulatory pressure and changing business requirements call for more security
measures.
Per EY’s 17th Global Information Security Survey 2014, which captures the responses of 1,825 C-
suite leaders and information security and IT executives/managers - 56% of respondents say that it
is “unlikely or highly unlikely” that their organization would be able to detect a sophisticated attack.
5. Page 5
IOT will affect different business sectors
Healthcare
Personal information that could tell medics not
only about individuals’ medical history, but also
about potential diseases
Sensors and microcomputers fitted in the
human body that could monitor health
conditions and even alarm emergency
services in case of any distress
.
Education
IoT in the education sector has already
started to make the conventional education
system more automated
Internet-enabled remote classrooms will be a
milestone for developing countries, making
deep penetration in areas where setting up a
traditional school infrastructure is not possible.
.
Financial Services
Financial services are already leveraging the
internet for many of their services.
Improvement in digital infrastructure and IoT-
enabled products could further lead the growth of
the financial sector, with innovations, such as smart
wearable and smart monitoring devices, helping
customers to keep better track of their money.
Telcos
Telcos could face a surge in data usage due
to IoT-enabled devices, thus raising their
ARPU (average revenue per user), while on
the other hand, they will also have to deal with
some concerns, such as privacy and
infrastructure security.
6. Page 6
E.g. Connected car and cyber security
Context
Triggers
Question
Response
How can automotive sector organization keep up with the changing
vulnerability landscape, while many are lagging in establishing
foundational cybersecurity practices?
Traditional IT security
measures are no longer
enough
Research shows that attacks
on vehicles are possible
Today’s attackers are
organized, well funded,
patient and sophisticated
key imperatives need to be followed by the
automotive industry to embrace connectivity, and
at the same time ensure IT security
Automakers launch several connectivity offerings, the
interconnectivity of people, devices and organizations
opens up new vulnerabilities. However, …
7. Page 7
Recent academic research and dummy hacking trials on connected
cars have shaken the confidence of regulators and consumers
Details of hacking Action taken by the
automaker/affected brand
Brand
affected
A team from the Defense Advanced Research Projects
Agency (DARPA), demonstrated how it was able to wirelessly
hack into the computer systems and take over several
functions, including the brakes of a Chevrolet Impala during a
controlled situation
GM is developing a fix for its OnStar
telematics system in light of the
cyberattack
ADAC, a German motoring association, found they could lock
and unlock car doors by mimicking mobile communications
and sending signals to a SIM card installed in affected
vehicles
BMW sent over-the-air out software
patches to the 2.2 million cars
equipped with Connected Drive to
prevent similar breakages in future
Sources: News articles, EY analysis
Recent examples of dummy hacking by researchers
9. Page 9
EY GISS 2014 results: “Who or what do you consider the
most likely source of an attack?”
41%
46%
27%
53%
14%
12%
10%
35%
57%
Lone wolf hacker
Hacktivists
State sponsored attacker
Criminal syndicates
Other business partner
Supplier
Customer
External contractor working on our site
Employee
Respondents were asked to choose all that apply.
10. Page 10
EY GISS 2014 results: “Which threats & vulnerabilities have
increased your risk exposure over the last 12 months?”
Respondents were asked to select any five of these items, with 1 as the highest priority, down to 5 as their lowest priority
11. Page 11
The roadblocks facing today’s organizations
43%
of respondents say that their organization’s total
information security budget will stay approximately the
same in the coming 12 months and a further 5% said
that their budget will actually decrease.
53%
of organizations say that lack of skilled resources
is one of the main obstacles that challenge their
information security.
Roadblock 1 — Lack of agility
Roadblock 2 — Lack of budget
Roadblock 3 — Lack of cybersecurity skills
12. Page 12
It is not easy to get ahead of cybercrime
Getting aheadCybersecurity
function
14. Page 14
What are organizations doing?
► Designing and implementing a cyber threat intelligence strategy to support strategic
business decisions and leverage the value of security
► Defining and encompassing the organizations extended cybersecurity ecosystem,
including partners, suppliers, services and business networks
► Know your Crown Jewels - Taking a cyber economic approach — understanding your
vital assets and their value, and investing specifically in their protection
► Use forensic data analytics and cyber threat intelligence to analyze and anticipate
where the likely threats are coming from and when, increasing your readiness
15. Page 15
How do you get ahead of cybercrime?
… A 3-stage improvement process
To get ahead of cybercrime we suggest that organizations adopt a 3-stage improvement
process:
► Activate (a foundational approach)
► Organizations need to establish and improve the solid foundations of their cybersecurity)
► Adapt (a dynamic approach)
► Because organizations are constantly changing and cyber threats are evolving, cybersecurity needs to
be able to adapt to changing requirements)
► Anticipate (a proactive approach)
► Organizations need to make efforts to predict what is coming so they can be better prepared for the
inevitable cyber attacks)
17. Page 17
Activate: the need to establish foundations
Organizations in this level
can only deal with threats
in a world without change
18. Page 18
Adapt: a dynamic approach
If an organization
doesn’t adapt, its
cybersecurity
foundation will quickly
be obsolete.
19. Page 19
Anticipate: a proactive state of readiness
‘Anticipate’ means embracing cybersecurity as a core aspect of the
business and being in a proactive state of readiness
value
20. Page 20
Vital to foundational cybersecurity –
a Security Operations Center
A Security Operations Center (SOC) centralizes, structures and coordinates the processes and
technology that support the Information Security function. It is therefore concerning that:
► Over 40% of organizations surveyed do not have a SOC.
Of those that do:
► Over half of respondents did not know how well their SOC met business operations’ needs
► Over 50% do not know how their SOC stays up to date with the latest threats
► The technology infrastructure and endpoints of the SOC need to be improved.
If more of the benefits of a SOC were being realized, then the general ability of an organization to protect
itself in even the most basic functions would start to deliver benefits.
37%
say that real time insight on
cyber risk is not available.
42%
of organizations do not have
a SOC.
33%
4%
13%
13%
25%
12%
Unknown
Longer than 1 day
Within 1 day
Within 4 hours
Within 1 hour
Within 10 minutes
EY GISS 2014 results: How long on average does it
take for your SOC to initiate an investigation on
discovered/ alerted incidents?
22. Page 22
Take the initiative to get ahead of cybercrime
Thank you….
23. Page 23
Focus on 3 As…
1. Conduct a cyber threat assessment
and design an implementation
roadmap
2. Get Board-level support for a
security transformation
3. Review and update security policies,
procedures and supporting
standards
► Implement an information
security management system
4. Establish a Security Operations
Center (SOC)
► Develop monitoring and incident
response procedures
5. Design and implement cybersecurity
controls
► Assess the effectiveness of data
loss prevention and identity and
access management processes.
► Harden the security of IT assets.
6. Test business continuity plans and
incident response procedures
1. Design and implement a
transformation program
► Get external help in designing
the program, and providing
program management.
2. Decide what to keep in-house and
what to outsource
3. Define a RACI matrix for
cybersecurity
4. Define the organization’s
ecosystem
► Make moves to eliminate or
lessen potential security gaps
in your interaction with third
parties
5. Introduce cybersecurity awareness
training for employees
1. Design and implement a cyber threat
intelligence strategy
► Use threat intelligence to support
strategic business decisions
2. Define and encompass the
organization’s extended cybersecurity
ecosystem
► Define RACI and trust models
and enact cooperation, sharing
capabilities where advantageous
3. Take a cyber economic approach
► Understand the value of your
most vital cyber assets
4. Use forensics and analytics
► Use the latest technical tools to
analyze where the likely threats
are coming from and when
5. Ensure everyone understands what’s
happening
► Strong governance, user controls
and regular communications
Adapt - take action to improve
and transform
Anticipate: take action -
and get ahead
Activate: the need to establish
foundations