Information Security: It’s Everyone’s Business September 16, 2003 Greg Garcia, Vice President, Information Security ITAA.

Slides:



Advertisements
Similar presentations
National Cyber Security Division (NCSD): Approved Overview Briefing
Advertisements

Philippine Cybercrime Efforts
AFCEA DC Cyber Security Symposium Military Joint Cyber Command Panel Harry Raduege Lieutenant General, USAF (Ret) Chairman, Center for Network Innovation.
Department of Homeland Security Site Assistance Visit (SAV)
Overview of Priorities and Activities: Shared Services Canada Presentation to the Information Technology Infrastructure Roundtable June 17, 2013 Liseanne.
Kenneth Watson Partnership for Critical Infrastructure Security Partnership for Critical Infrastructure Security.
1 Pipeline Security Presented to: Pipeline Safety Trust New Orleans, Louisiana November 5, 2010.
Private Sector Perspectives on Federal Financial Systems Modernization and Shared Services.
1 NGA Regional Bio-Terrorism Conference Boston, Massachusetts January 12-13, 2004.
Prepared for: DISA September 17, 2003 Establishing a Government Information Security System Presented to the IT AND COMMUNICATIONS SYSTEMS SECURITY CONFERENCE.
Cyber Security R&D Challenges: A Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D
DHS, National Cyber Security Division Overview
A Cyber Security Company June 16, 2009 Cyber Security: Current Events and White House Cyberspace Policy Review.
National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Cybersecurity Brief [Date of presentation]
CIAO July Critical Infrastructure Assurance Office Protecting America’s Cyberspace: Version 1.0 of the National Plan Jeffrey Hunker National.
Greg Shaw How do we turn private sector preparedness into an investment rather than a cost of doing.
SECR 5140-FL Critical Infrastructure Protection Dr. Barry S. Hess Spring 2 Semester Week 3: 1 April 2006.
PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.
June 9, 2003 Updated July 2004 Slide 1 Critical Infrastructure Assurance: The US Experience.
PREPARE AMERICA for a Unified Response to Terrorism A NATIONAL HOMELAND SECURITY PREPAREDNESS TRAINING SOLUTION OFFERED BY AMERICA’S COMMUNITY COLLEGES.
Citizen Corps Uniting communities. Preparing the Nation. 1.
Bill Newhouse Program Lead National Initiative for Cybersecurity Education Cybersecurity R&D Coordination National Institute of Standards and Technology.
US-CERT National Cyber Security Division/ U.S. Computer Emergency Readiness Team (US-CERT) Overview Lawrence Hale Deputy Director, US-CERT.
BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
Network Security Resources from the Department of Homeland Security National Cyber Security Division.
The Educational system Principles of Teaching Ag Ed.
Homeland Security. Learning Topics Purpose Introduction History Homeland Security Act Homeland Defense Terrorism Advisory System Keeping yourself safe.
1 © 2003 Cisco Systems, Inc. All rights reserved. CIAG-HLS Security For Infrastructure Protection: Public-Private Partnerships KEN WATSON 15 OCT.
SOCIAL DEVELOPMENT CANADA 1 The Government of Canada and the Non-Profit and Voluntary Sector: Moving Forward Together Presentation to Civil Society Excellence:
BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT
Internet Drivers License CSS411/BIS421 Computing Technology & Public Policy Mark Kochanski Spring 2010.
Citizen Corps Mission To have everyone in America participate in making themselves, our communities, and our nation safer We all have a role in hometown.
Critical Infrastructure Protection Overview Building a safer, more secure, more resilient America The National Infrastructure Protection Plan, released.
Critical Infrastructure Protection: Program Overview
Australia Cybercrime Capacity Building Conference April 2010 Brunei Darussalam Ms Marcella Hawkes Director, Cyber Security Policy Australian Government.
EECS 710: Information Security and Assurance Assignment #3 Brent Frye 10/13/
Critical Infrastructure: Commerce/NTIA Lead Agency Role by Shirl Kinney Deputy Assistant Secretary, NTIA October - November, 1998 A Composite of Recent.
Jerry Cochran Principal Security Strategist Trustworthy Computing Group Microsoft Corporation.
INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION
2011 East African Internet Governance Forum (EA – IGF) Rwanda Cyber briefing: Positive steps and challenges Didier Nkurikiyimfura IT Security Division.
Title: U.S. Department of Homeland Security Small Vessel Security Strategy Author: Sean K. Moon Economy: United States of America.
Smart Grid Interoperability Panel & ISO / RTO Council Smart Grid Projects David Forfia SGIP Governing Board Member – Stakeholder Category 21 ISO/RTO Sponsor.
1 The OECD White Paper on Corporate Governance in SEE – Progress in the Region Alexander Karpf Corporate Affairs Division, OECD GCGF-IFC PEP SEE Media.
1 State Homeland Security: Priorities and Funding R. Chris McIlroy Homeland Security and Technology Division National Governors Association.
InfraGard A Government and Private Sector Alliance Information sharing begins with human relationships – people talking with people whom they trust. Information.
International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.
A Global Approach to Protecting the Global Critical Infrastructure Dr. Stephen D. Bryen.
Hurdles in implementation of cyber security in India.
NEACS: CRO Perspective William Feher Vice President, Internal Audit and Chief Risk Officer October 27, 2015.
National Cybersecurity Center of Excellence Increasing the deployment and use of standards-based security technologies Mid-Atlantic Federal Lab Consortium.
Created by: Ashley Spivey For Department of Homeland Security All information from:
What is “national security”?  No longer defined only by threat of arms  It really is the economy  Infrastructure not controlled by the government.
UNCLASSIFIED Homeland Security Introduction to the National Cybersecurity & Communications Integration Center (NCCIC) “A Partnership for Strength” 1.
Cyber Security Architecture of Georgia Giorgi Tielidze 0 Current Challenges and Future Perspectives Tbilisi 2015.
1 Office of Travel & Tourism Industries, International Trade Administration, U.S. Department of Commerce Organization of American States XXI Inter-American.
IOM Committee on DHS Occupational Health & Operational Medicine Infrastructure Federal Occupational Health Services Gene Migliaccio, DrPH, Director Herman.
EUROPEAN SECURITY POLICY A SNAPSHOT ON SURVEILLANCE AND PRIVACY DESSI WORKSHOP, CPH 24 JUNE 2014 Birgitte Kofod Olsen, Chair Danish Council for Digital.
Financial Services Sector Coordinating Council (FSSCC) 2011 KEY FSSCC INITIATIVES 2011 Key FSSCC Initiatives Project Name: Project Description: All-Hazards.
November 19, 2002 – Congress passed the Homeland Security Act of 2002, creating a new cabinet-level agency DHS activated in early 2003 Original Mission.
April 19 th, 2016 Governors Homeland Security and All-Hazards Cyber Security Sub-Committee.
Cybersecurity, competence and preparedness
Ken Watson 9 Sep 2003 Critical Infrastructure Assurance: Business Case for Public-Private Partnership Ken Watson 9 Sep 2003
California Cybersecurity Integration Center (Cal-CSIC)
8 Building Blocks of National Cyber Strategies
Computers and Homeland Security
The National Network of
John Carlson Senior Director, BITS
The U.S. Department of Homeland Security
Presentation transcript:

Information Security: It’s Everyone’s Business September 16, 2003 Greg Garcia, Vice President, Information Security ITAA

Information Security: It’s Everyone’s Business  About ITAA  National 450+ Member Company Association  Leading Corporate Names in IT  Established in 1961  Leader in Public Policy Advocacy, Business Development, Networking Programs  Capitol Hill and White House Liaisons  200 Member-Driven InfoSec Committee  DC and West Coast Offices

Information Security: It’s Everyone’s Business A Brief History of Time – Cyber Attacks Increase Denial of Service Attacks in 2000…. …Spurred implementation of PDD 63 and establishment of sector coordinators (ITAA) More attacks from Anna Kournikova, ILoveYou virus, Code Red, NIMDA Cyber security makes its way onto the nation’s radar (and computer) screens

Information Security: It’s Everyone’s Business A Brief History of Time – Government Focuses , White House releases National Strategy to Secure Cyberspace with 5 priorities: National Cyberspace Security Response System Threat and Vulnerability Reduction Program Awareness and Training Program Securing Governments’ Cyberspace National Security and International Cyberspace Security Cooperation Included creation of Cyber Security “Czar”, which ITAA began advocating in 1999 Public/Private Partnership is Overriding Theme as 85% of the network is owned and operated by private enterprise

Information Security: It’s Everyone’s Business A Brief History of Time – Government Focuses …After Cyber Security leadership left the White House, the National Strategy was in suspended animation without someone in charge to implement it Physical security wasn’t enough; no physical security without cyber security At urgings of ITAA, and many inside government, Homeland Security Department created the National Cyber Security Division within IAIP New NCSD Director, Amit Yoran, will have large job surmounting bureaucratic obstacles, but ITAA committed to helping make it work

Information Security: It’s Everyone’s Business A Brief History of Time – NCSD Mission Defined Identify risks and vulnerabilities, and coordinate with the private sector Oversee a consolidated “war room” Cyber Security Tracking, Analysis, & Response Center (CSTARC) for advance warning and incident response coordination with federal, state, local, private sector and international partners; CSTARC absorbed into new “U.S. CERT” announced September 15, 2003 Help build cyber security awareness and education programs and partnerships with consumers, businesses, governments, academia, and international communities.

Information Security: It’s Everyone’s Business Costs of Cyber Security Breaches are Real  CERT reports more than 76,000 incidents in the first half of 2003, almost as many as the 82,000 reported in all of 2002  CSI/FBI 2003 report found 75% of respondents with financial losses  $202 million in losses for those reporting  Proprietary information losses over $70 million  Denial of Service losses pegged at $65 million  But still no good national metrics exist for evaluating our readiness and measuring improvement

Information Security: It’s Everyone’s Business What We Do About It Information Sharing is Paramount…  within the company: training and awareness; e.g., ITAA I–ACERT Online Awareness Test  Within the industry: ISAC’s  Across industries: Partnership for Critical Infrastructure Protection – (PCIS)  With government and law enforcement: FOIA exemption helps  Internationally: OECD Guidelines

Information Security: It’s Everyone’s Business What We Do About It  Private Sector Response Must Adapt and Mobilize  Without action, government mandates will result  CA – Identity Theft Law is a good example  Government is watching private sector leadership and action  Develop infosec metrics and constantly review our progress

Information Security: It’s Everyone’s Business What ITAA is Doing About It  Established Information Security Committee in 1997  PDD 63 Sector Coordinator  “National Strategy to Secure Cyberspace”  “The Long Campaign: Information Assurance in the Age of Cyber Terror”  Information Assurance in the States and Other National and Regional Events  IT Information Sharing and Analysis co-founder and partner, isac.org  Founding Sponsor, National Cyber Safety Alliance  CyberCitizen --  Founder and Board Member, PCIS  Created “I-ACERT”, an online information security awareness test – “for the rest of us”  Building a National Information Security Metrics Survey to Determine a Baseline, Measure Progress, and Inform Public Policy and Investment

Information Security: It’s Everyone’s Business  What Government Can Do About It  Strengthen Infosec requirements and accountability  Fund and Spend on Infosec in DHS and Elsewhere  Implement National Plan  Defend FOIA Exemption  Implement Safety Act Regulations

Information Security: It’s Everyone’s Business  Going Forward …  The Challenges are Many  Industry and Government are Stepping Up, but…  More Can Be Done  Collaboration is Key  Need to solidify the “culture of security”

Thank You! To Follow Up… Greg Garcia Vice President, Information Security ITAA

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.