CA Technology Forum 2016 presentation - The Future of Cybersecurity_Scott Spiker
-
Upload
government-technology -
Category
Government & Nonprofit
-
view
159 -
download
0
Transcript of CA Technology Forum 2016 presentation - The Future of Cybersecurity_Scott Spiker
© 2016 Unisys Corporation. All rights reserved. 2
NO LOCALE, INDUSTRY, OR ORGANIZATION IS BULLETPROOF WHEN IT COMES TO COMPROMISE OF DATA
~VERIZON DATA BREACH INVESTICATIONS REPORT
© 2016 Unisys Corporation. All rights reserved. 3
Consider Hetch Hetchy
© 2016 Unisys Corporation. All rights reserved. 4
Drinking water for 2.6 million commercial, residential, and industrial customers per day
Provides 1.7 billion KwH per year
© 2016 Unisys Corporation. All rights reserved. 5
The outline prepared by the creative team of an advertising agency
for the launching of an advertising campaign or message.
The creative strategy generally explains how the advertising
campaign will meet the advertising objectives of the business.
Title here
But not without controversy…
© 2016 Unisys Corporation. All rights reserved. 6
From Harmless…
© 2016 Unisys Corporation. All rights reserved. 7
The outline prepared by the creative team of an advertising agency
for the launching of an advertising campaign or message.
The creative strategy generally explains how the advertising
campaign will meet the advertising objectives of the business.
Title here
…to Potentially Catastrophic.
© 2016 Unisys Corporation. All rights reserved. 8
The outline prepared by the creative team of an advertising agency
for the launching of an advertising campaign or message.
The creative strategy generally explains how the advertising
campaign will meet the advertising objectives of the business.
Title here
Precedent has been set
© 2016 Unisys Corporation. All rights reserved. 9
The outline prepared by the creative team of an advertising agency
for the launching of an advertising campaign or message.
The creative strategy generally explains how the advertising
campaign will meet the advertising objectives of the business.
Title here
Hacker used “Google-dorking”
© 2016 Unisys Corporation. All rights reserved. 10
THE FACE OF HACKING HAS CHANGED
• Meet Commander X• Responsible for 2010
disruption of Santa Cruz County website
• Also aided in Arab Spring, Occupy Wall Street and Orlando city website disruption
© 2016 Unisys Corporation. All rights reserved. 11
• Emotionally Charged
• Aging Infrastructure
• Elevated Profile
• Technology Enabled Attacker
Anatomy of a Hacktivist Target
© 2016 Unisys Corporation. All rights reserved. 12
~VERIZON DATA BREACH INVESTICATIONS REPORT
5 Seismic Shifts In Cybersecurity
© 2016 Unisys Corporation. All rights reserved. 13
1Killing the Password: Access Shifts
This option has a triangle on the upper left. Throughout the design, we use subtle color shifts to add visual interest and convey forward momentum.
TITLE HERE
© 2016 Unisys Corporation. All rights reserved. 14
25%USERS WHO WOULD SELL THEIR ENTERPRISE USERNAME AND PASSWORD
~SAILPOINT MARKETPULSE SURVEY
© 2016 Unisys Corporation. All rights reserved. 15
Biometrics help but are not foolproof
© 2016 Unisys Corporation. All rights reserved. 16
2Big Data, Analytics, and AI, Oh My!
This option has a triangle on the upper left. Throughout the design, we use subtle color shifts to add visual interest and convey forward momentum.
TITLE HERE
© 2016 Unisys Corporation. All rights reserved. 17
84%FASTER DETECTION & RESPONSE
Less than 24 hours to compromise a network
But is detected less than 24 hours only 25%
~VERIZON DATA BREACH INVESTICATIONS REPORT
© 2016 Unisys Corporation. All rights reserved. 18
Entrepreneurial activities
differ substantially
depending on the type of
T I T L E H E R E
Entrepreneurial activities
differ substantially
depending on the type of
T I T L E H E R E
3Reaching Across The Table: The Importance of Partnerships
© 2016 Unisys Corporation. All rights reserved. 19
ATTACKERS EXPLOIT INCONSISTENT SECURITY POLICIES...THAT HAVE RESULTED IN SYSTEMS THAT ARE DIFFICULT TO ADMINISTER AND DEFEND
~MICROSOFT CYBERSPACE 2025
© 2016 Unisys Corporation. All rights reserved. 20
4House to Hotel: Rethinking Perimeter Security
© 2016 Unisys Corporation. All rights reserved. 21
30%PHISHING/”WHALING”
Phishing messages were opened by the target
Those that went on to click the link 12%
~VERIZON DATA BREACH INVESTICATIONS REPORT
© 2016 Unisys Corporation. All rights reserved. 22
IN AN OPEN, INTERNAL NETWORK ALL IT TAKES IS ONE
~VERIZON DATA BREACH INVESTIGATIONS REPORT
© 2016 Unisys Corporation. All rights reserved. 23
5Cyber Workforce Development
© 2016 Unisys Corporation. All rights reserved. 24
28% OF ORGANIZATIONS CLAIMED TO HAVE A PROBLEMATIC SHORTAGE OF CYBERSECURITY SKILLS
~ESG BRIEF - CYBERSECURITY SKILLS SHORTAGE
© 2016 Unisys Corporation. All rights reserved. 25
Resource List
www.unisyssecurity.com
Blogs/Websites:www.Krebsonsecurity.com
www.darkreading.com
www.threatpost.com
http://drericcole.blogspot.com/
https://cloudsecurityalliance.org/
https://twofactorauth.org/
Deeper Learning:
Verizon Data Breach Investigation Report -
http://www.verizonenterprise.com/verizon-insights-lab/dbir/2016/
AT&T Decoding the Adversary -
https://www.business.att.com/content/src/csi/decodingtheadversary.pdf
Symantec Internet Security Threat Report -
https://www.symantec.com/security-center/threat-report
Cisco Security Report -
http://www.cisco.com/c/en/us/products/security/annual_security_report.html
HP IoT Security Report -
http://www8.hp.com/h20195/V2/GetPDF.aspx/4AA5-4759ENW.pdf
Books
Documentaries
© 2016 Unisys Corporation. All rights reserved. 26
Remember Hetch Hetchy
© 2016 Unisys Corporation. All rights reserved. 27
THANK YOU
Scott Spiker
Email: [email protected]
@scottspiker
/scottspiker