Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

NCSAM = Cyber Security Awareness Month: Trends and Resources

1,000 views

Published on

My take on the main themes and topic of National Cyber Security Awareness Month, including shared responsibility, the Internet of Things, STEM education and the cyber workforce.

Published in: Internet
  • Be the first to comment

  • Be the first to like this

NCSAM = Cyber Security Awareness Month: Trends and Resources

  1. 1. National Cyber Security Awareness Month 2014: Major trends and resources Stephen Cobb, CISSP Security Researcher, ESET NA
  2. 2. National Cyber Security Awareness Month • Happens in October • This is the 11th year • A coordinated series of events • A useful way to look at cyber security • An official theme each year • Other themes emerge Follow hashtag #NCSAM
  3. 3. Question #1 Is your organization doing anything special for National Cyber Security Awareness Month?  Yes  No  I’m not sure  I don’t work for an organization
  4. 4. www.StaySafeOnline.org/ncsam
  5. 5. #NCSAM in 2014 • Official theme: – Our shared responsibility • Other themes emerge: – The Internet of Things – Security Standards – STEM and the cyber workforce – A wealth of resources
  6. 6. The Internet of Things • Trade and Industry • Health and Healthcare • Infrastructure • Homes and Cars • IoT glossary and acronym soup: – Sensors, GPS, RFID, WNS, LRCD, ICLR, SDR, Wi-Fi, BlueTooth, Zigbee, Z-Wave
  7. 7. IoT: THE INTERNET OF THINGS Trade and Industry Health and Healthcare Homes and cars Infrastructure Track vehicles and goods, enable smart factories, improve supply chain logistics Monitor critical systems, alert, balance loads, enable smart grid efficiency Diagnose remotely, monitor patients, deliver medication What things? smartphones, smart watches, wearables, sensors, smart appliances, smart cars, medical devices, drones, network cameras Protect, monitor, control, entertain What can IoT do? Monitor, warn, alarm, control, inform, communicate, entertain, track, enable, treat, respond, enable
  8. 8. What’s the awareness aspect? • The IoT is happening now • Early indications are that security and privacy are not top of mind with many makers or users • A chance to get security baked in rather than added later • And temper expectations
  9. 9. Security Standards • Looks like we have a winner: – NIST Cybersecurity Framework – www.nist.gov/cyberframework • A voluntary framework for reducing cyber risks to critical infrastructure • And the rest of cyberspace as well • May be a “reasonableness test” • Default standard of due care
  10. 10. STEM and the cyber workforce • Securing all this stuff is going to take a lot more skilled people than we have on hand right now • Steps are being taken to increase the supply of cyber skilled people • Areas of discussion: – Professional certification vs. college – Better human resource management – Vets, women, minorities – Immigration
  11. 11. Question #2 Does your organization have difficulty finding the computer security expertise it needs?  Yes  No  Not sure  I don’t work for an organization
  12. 12. A wealth of resources • National Initiative for Cybersecurity Education (NICE) • Cybersecurity Lesson Plans • Cybersecurity Internship Program • National Initiative for Cybersecurity Careers and Studies (NICCS) – niccs.us-cert.gov • And that’s just on workforce development
  13. 13. Free awareness materials www.StopThinkConnect.org/resources Email: stopthinkconnect@dhs.gov
  14. 14. Official NCSAM Theme: Our shared responsibility Each and every one of us needs to do our part to make sure that our online lives are kept safe and secure. That's what National Cyber Security Awareness Month—observed in October —is all about!
  15. 15. Who is responsible? • Individuals • Companies • Government • Communities
  16. 16. Individuals • Check your cyber hygiene – Password protection, backups, privacy settings, mobiles, laptops, tablets, etc. • Talk cyber with parents, kids, friends… • stopthinkconnect.org/tips-and-advice
  17. 17. Companies • A good time to have everyone read the company security policies and procedures • Awareness and education days • Use free materials, competitions, volunteer
  18. 18. Government • Local – Mayor’s office – City IT • Regional & State – MS-ISAC – State Cyber Task Force • National – NIST, DHS, FBI • International – More resources please! – Cooperation between nation states
  19. 19. Communities • Businesses • College Administrators • Community-Based Organizations • Faith-Based Organizations • Home Users • K-12 Administrators • Libraries • Local governments • Local law enforcement • Teachers
  20. 20. Communities • A community example of “Our Shared Responsibility” • Securing Our eCity • Greater San Diego area • Non-profit organization • Volunteers and donations • Public/private cooperation
  21. 21. And it’s not over yet…
  22. 22. 5 Thursdays in October 2014!
  23. 23. Thank you! • stephen.cobb@eset.com • www.eset.com • www.WeLiveSecurity.com • Twitter @zcobb • www.SecuringOureCity.org

×