Lloyds 360 Risk Insight Dec 2010 Malcolm Harkins Malcolm Harkins Chief Information and Security Officer General Manager Intel Information Risk and Security.

Slides:

Advertisements

Similar presentations

Software & Services Group Developer Products Division Copyright© 2011, Intel Corporation. All rights reserved. *Other brands and names are the property.

Advertisements

Ray Ozzie Chief Software Architect. Applications and Solutions Cloud Infrastructure Services Live Platform Services Global Foundation Services Services.

Identity & Security. Today's IT Security challenges Rising Internal Attacks 75% of companies report insiders responsible for breaches Growing headcount.

‘Changing environment – changing security’ - Cyber-threat challenges today – Budapest, September 17-18, Industry and the fight against cybercrime.

Threat Intelligence Use in Information Security: History, Theory and Practice Tim Gallo Cyber Security Field Engineering 1.

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.

Software & Services Group Developer Products Division Copyright© 2013, Intel Corporation. All rights reserved. *Other brands and names are the property.

Security for Today’s Threat Landscape Kat Pelak 1.

1 Getting Beyond Standalone Antivirus to Advanced Threat Protection Eric Schwake Sr. Product Marketing

Recognising the Risks of Cyber Threats Across the Organisation John Thornton Secretary to the Digital Government Security Forum.

The Changing Face of Endpoint Security K Varadarajan Regional Manager, Enterprise Sales, Symantec Security Conference 2010_Bangalore.

Controls for Information Security

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

A Move Toward Agile APM: Application Performance Management Frank Ober, Performance Engineer June 2012.

Yabin Liu Senior Program Manager Business Intelligence and Reporting.

Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.

Scott Tucker Program Manager Customer and Loyalty.

Software & Services Group, Developer Products Division Copyright © 2010, Intel Corporation. All rights reserved. *Other brands and names are the property.

Intel - Public Get Rich or Get Thin: The Secure Client Jeff Moriarty, CISSP Security Program Manager Intel Information Risk and Security.

Mobil e 65% of companies are deploying at least one social software tool. SocialClou d Digital content grew to Over 80% of new apps were distributed or.

1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.

1. Windows Vista Enterprise And Mid-Market User Scenarios 2. Customer Profiling And Segmentation Tools 3. Windows Vista Business Value And Infrastructure.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Cyber Security: Now and.

Change Agent Role: A Successful Transformation into Agile Organization (Intel® MKL Case Study) Intel Agile and Lean Development Conference Presenter:

Symantec Managed Security Services The Power To Protect Duncan Evans Director, Cyber Security Services 1.

Kay-Ulrich Scholl Applying agile SW development methods in a non-agile friendly environment. May 22, Agile and Lean Development Conference 2014.

Symantec Targeted Attack Protection 1 Stopping Tomorrow’s Targeted Attacks Today iPuzzlebiz

Copyright © 2006 Intel Corporation. WiMAX Wireless Broadband Access: The World Goes Wireless Michael Chen Director of Product & Platform Marketing Group.

IBM Mobile Security solutions 1IBM and Business Partner Sellers Only Enterprise Applications and Cloud Services Identity, Fraud, and Data Protection Device.

Results of self-organization in the service oriented team

The current state of Cybersecurity Targeted and In Your Pocket Dale “Dr. Z” Zabriskie CISSP CCSK Symantec Evangelist.

Copyright© 2011, Intel Corporation. All rights reserved. *Other brands and names are the property of their respective owners. 1 How Does The Intel® Parallel.

President’s Forum and WSML 2012 SYMSTRAT 03: Enterprise Sales Conversations for Virtualization Todd Zambrovitz with guest appearance by Kevin Fiedler 1.

Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

Product Owner Evolution Agile and Lean Development Conference Walter Pruchnic May 2014.

Strong Security for Your Weak Link: Implementing People-Centric Security Jennifer Cheng, Director of Product Marketing.

1© Copyright 2014 EMC Corporation. All rights reserved. Applying the Power of Data Analytics to Cyber Security Dr. Robert W. Griffin Chief Security Architect.

© 2015 IBM Corporation Big Data Journey. © 2015 IBM Corporation 2.

Changing Developer Behavior Using Automatic Test Intel Agile and Lean Development Conference Chris Gearing 23 rd May 2014 Version 1.0.

© 2012 IBM Corporation IBM Security Systems 1 © 2012 IBM Corporation Cloud Security: Who do you trust? Martin Borrett Director of the IBM Institute for.

Connect with life Ravi Sankar Technology Evangelist | Microsoft Corporation Ravisankar.spaces.live.com/blog.

Cyber Security in the Post-AV Era Amit Mital Chief Technology Officer General Manager, Emerging Endpoints Business Unit.

Computer Security Mike Asoodeh & Ray Dejean Office of Technology Southeastern Louisiana University.

Keynote 9: Cyber Security in Emerging C4I Systems: Deployment and Implementation Perspectives By Eric J. Eifert, Sr. VP of DarkMatter’s Managed Security.

Cyber Risks: Protecting confidential data against unauthorized access Vik Bansal Deloitte & Touche LLP John Reidhead State of Utah March 17, 2016.

Pro-I Open Source Security Monitoring

Journey to Microsoft Secure Cloud

THR2099 What to do BEFORE all hell breaks loose: Building a modern cybersecurity strategy.

Microsoft Azure: The only consistent Hybrid Cloud

Security Insights: How Microsoft Secures IT

The power of common identity across any cloud

Threat Management Gateway

The utility belt for managing security and compliance in Office 365

11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Modeling Parallelism with Intel® Parallel Advisor

Protecting Against Credential Theft: Today and Tomorrow

12/5/2018 2:50 AM How to secure your front door with real-time risk assessments of your logons Jan Ketil Skanke COO and Principal Cloud Architect CloudWay.

Securing the Threats of Tomorrow, Today.

ე ვ ი ო Ш Е Т И О А С Д Ф К Ж З В Н М W Y U I O S D Z X C V B N M

What’s new in the Fall Creators Update for Windows Defender ATP

The new way of IT – Maturity levels

Alex Kelly | Program Manager

The new IT Roadmap planning tool

Microsoft Data Insights Summit

In the attack index…what number is your Company?

Microsoft Virtual Academy

Presentation transcript:

Lloyds 360 Risk Insight Dec 2010 Malcolm Harkins Malcolm Harkins Chief Information and Security Officer General Manager Intel Information Risk and Security

Legal Notices This presentation is for informational purposes only. INTEL MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. BunnyPeople, Celeron, Celeron Inside, Centrino, Centrino logo, Core Inside, FlashFile, i960, InstantIP, Intel, Intel logo, Intel386, Intel486, Intel740, IntelDX2, IntelDX4, IntelSX2, Intel Core, Intel Inside, Intel Inside logo, Intel. Leap ahead., Intel. Leap ahead. logo, Intel NetBurst, Intel NetMerge, Intel NetStructure, Intel SingleDriver, Intel SpeedStep, Intel StrataFlash, Intel Viiv, Intel vPro, Intel XScale, IPLink, Itanium, Itanium Inside, MCS, MMX, Oplus, OverDrive, PDCharm, Pentium, Pentium Inside, skoool, Sound Mark, The Journey Inside, VTune, Xeon, and Xeon Inside are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. *Other names and brands may be claimed as the property of others. Copyright © 2009, Intel Corporation. All rights reserved.

“The Perfect Storm” Vulnerabilities Threats Controls Assets Business Impacts Confidentiality Integrity Availability which protect against exploit exposing to a loss of causing which are mitigated by increase reduce Assurance Identity Mgmt Which requires That increase the need for causing Legislation causing BusinessRisks

Intrusion Cycle SpywareSpamPhishing People Technology Adversary Hacker Group Organized Crime Cyber Militia Nation State Cyber Terrorism Tradecraft, Tools, Methods – not that different but the motivation and purpose can differ AssetsAssets The Web

Irrefutable Laws of Information Security 1) Information wants to be free –People want to talk, post, and share *Phil Venables 2008, adapted from Scott Culp 2000, Pete Lindstrom 2008, and other sources

Irrefutable Laws of Information Security 1) Information wants to be free –People want to talk, post, and share 2) Code wants to be wrong –We will never have 100% error free s/w *Phil Venables 2008, adapted from Scott Culp 2000, Pete Lindstrom 2008, and other sources

Irrefutable Laws of Information Security 1) Information wants to be free –People want to talk, post, and share 2) Code wants to be wrong –We will never have 100% error free s/w 3) Services want to be on –Some background processes will need to be on *Phil Venables 2008, adapted from Scott Culp 2000, Pete Lindstrom 2008, and other sources

Irrefutable Laws of Information Security 1) Information wants to be free –People want to talk, post, and share 2) Code wants to be wrong –We will never have 100% error free s/w 3) Services want to be on –Some background processes will need to be on 4) Users want to click –If they are connected to the internet, people will click on things *Phil Venables 2008, adapted from Scott Culp 2000, Pete Lindstrom 2008, and other sources

Irrefutable Laws of Information Security 1) Information wants to be free –People want to talk, post, and share 2) Code wants to be wrong –We will never have 100% error free s/w 3) Services want to be on –Some background processes will need to be on 4) Users want to click –If they are connected to the internet, people will click on things 5) Even a security feature can be used for harm –Laws 2, 3, 4 even apply to security capabilities *Phil Venables 2008, adapted from Scott Culp 2000, Pete Lindstrom 2008, and other sources

Irrefutable Laws of Information Security 1) Information wants to be free –People want to talk, post, and share 2) Code wants to be wrong –We will never have 100% error free s/w 3) Services want to be on –Some background processes will need to be on 4) Users want to click –If they are connected to the internet, people will click on things 5) Even a security feature can be used for harm –Laws 2, 3, 4 even apply to security capabilities Compromise is inevitable under any compute model Managing the risk and surviving is the key *Phil Venables 2008, adapted from Scott Culp 2000, Pete Lindstrom 2008, and other sources

So how do you manage the risk and survive? Infrastructure Protection Identity & Access Mgmt Security Business Intelligence Data Protection Predict Detect Respond Prevent Data Enclaving Risk Based Privileges Predictive Analytics Endpoint Protection Central Logging Service Data Correlation/Alerting Browser Security Training & Awareness

Granular Trust Enablement Multi-Level Trust

Key Messages  The world has changed, it’s no longer flat –Mobility and Collaboration is dissolving the internet border –Cloud Computing is dissolving the Data Center border –Consumerization will dissolve the enterprise border  The threat landscape is growing in complexity –Targeted intrusions and attacks leveraging wide-range of vulnerabilities and growing in sophistication –Government focus growing – “Industry can’t self-regulate”  The dynamic nature of the ecosystem requires a more fluid but more granular security model  Security investment needs to keep pace w/changing landscape Protect, Enable, and Manage the Risk