Presentation is loading. Please wait.

Presentation is loading. Please wait.

#StartwithSecurity. Welcome Todd Kossow Acting Regional Director, Midwest Region Federal Trade Commission.

Published byTrevor Bruce Modified over 8 years ago

Similar presentations

Presentation on theme: "#StartwithSecurity. Welcome Todd Kossow Acting Regional Director, Midwest Region Federal Trade Commission."— Presentation transcript:

1 #StartwithSecurity

2 Welcome Todd Kossow Acting Regional Director, Midwest Region Federal Trade Commission

3 #StartwithSecurity Introductory Remarks James B. Speta Senior Associate Dean for Academic Affairs & International Initiatives Northwestern Pritzker School of Law

4 #StartwithSecurity Opening Remarks Maureen Ohlhausen Commissioner, Federal Trade Commission

5 #StartwithSecurity Panel 1 Building a Security Culture

6 #StartwithSecurity Featuring Aaron Bedra, Chief Security Officer, Eligible John Downey, Security Lead, Braintree Arlan McMillan, Chief Information Security Officer, United Airlines Marc Varner, Corporate Vice President & Global Chief Information Security Officer, McDonald’s Corp. Moderator: Cora Han, Division of Privacy & Identity Protection, FTC

7 #StartwithSecurity Building a Security Culture

8 #StartwithSecurity Building a Security Culture Security as Core Value  Founders, executives, and employees Building Security Expertise  It’s not “us” versus “them” Risk Assessments and Threat Modeling  Critical tools for establishing priorities Leveraging the Security Community  Don’t reinvent the wheel

9 #StartwithSecurity

10 Panel 2 Integrating Security into the Development Pipeline

11 #StartwithSecurity Featuring Michael Allen, Chief Information Security Officer, Morningstar Matt Konda, Founder & Chief Executive Officer, Jemurai; Chair, OWASP Global Board of Directors Alex Lock, Senior Software Engineer, Application Security, Groupon Lyle Sudin, Manager, Mandiant Consulting Services Moderator: Jim Trilling, Division of Privacy & Identity Protection, FTC

12 #StartwithSecurity Integrating Security into the Development Pipeline

13 #StartwithSecurity Integrating Security into the Development Pipeline Integrate security into development to achieve efficiencies and cost savings Employ different security-related tools in different phases of development Use tools you already use for other purposes Automate testing and feedback where possible Speak to developers in their language

14 #StartwithSecurity

15 Panel 3 Considering Security When Working with Third Parties

16 #StartwithSecurity Featuring Erin Jacobs, Founding Partner, Urbane Security Jeff Jarmoc, Lead Product Security Engineer, Salesforce Nathan Leong, Corporate Counsel, Microsoft Jon Oberheide, Co-Founder & Chief Technology Officer, Duo Security Moderator: Steve Wernikoff, Office of Technology Research & Investigation, & Midwest Region, FTC

17 #StartwithSecurity Considering Security When Working with Third Parties

18 #StartwithSecurity Considering Security When Working with Third Parties Conduct due diligence on security impact before selecting a 3 rd party service provider or vendor Companies cannot simply rely on a service provider to handle all of their security issues Formulate an authentication strategy that appropriately limits access to cloud services used by your company

19 #StartwithSecurity

20 Panel 4 Recognizing and Addressing Network Security Challenges

21 #StartwithSecurity Featuring Jibran Ilyas, Director, Incident Response, Stroz Friedberg Nick Percoco, Chief Information Security Officer, Uptake Sunil Sekhri, Director, Forensic Technology Solutions, PwC Moderator: Andrea Arias, Division of Privacy & Identity Protection, FTC

22 #StartwithSecurity Recognizing and Addressing Network Security Challenges

23 #StartwithSecurity Recognizing and Addressing Network Security Challenges Require secure passwords and authentication Secure remote access to your network Restrict access to sensitive data and limit administrative access Segment your network and monitor who’s trying to get in and out Put procedures in place to keep your security current and address vulnerabilities that may arise

24 #StartwithSecurity Closing Remarks

25 Subscribe to the FTC Business Blog business.ftc.gov/blog

26 #StartwithSecurity

27 Start with Security videos ftc.gov/videos

28 #StartwithSecurity Learn More Start with Security: A Guide for Business – ftc.gov/startwithsecurity ftc.gov/startwithsecurity Protecting Personal Information – https://www.ftc.gov/tips-advice/business-center/guidance/protecting- personal-information-guide-business https://www.ftc.gov/tips-advice/business-center/guidance/protecting- personal-information-guide-business Slides & Videos from Start with Security events – https://www.ftc.gov/news-events/events-calendar/2016/06/start- security-chicago https://www.ftc.gov/news-events/events-calendar/2016/06/start- security-chicago – ftc.gov/startwithsecurityseattle ftc.gov/startwithsecurityseattle – ftc.gov/startwithsecurityaustin ftc.gov/startwithsecurityaustin – www.ftc.gov/news-events/events-calendar/2015/09/start-security- san-francisco www.ftc.gov/news-events/events-calendar/2015/09/start-security- san-francisco

29

Download ppt "#StartwithSecurity. Welcome Todd Kossow Acting Regional Director, Midwest Region Federal Trade Commission."

Similar presentations

Gramm-Leach-Bliley Act for Financial Aid Val Meyers Associate Director Michigan State University.

Gramm-Leach-Bliley Act for Financial Aid Val Meyers Associate Director Michigan State University.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Security Controls – What Works

Security Controls – What Works
August 9, 2005 UCCSC -- 2005 IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.

August 9, 2005 UCCSC IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Controls for Information Security

Controls for Information Security
Affiliated Information Security Collaborative An Affiliated Enterprise Approach to Information Security Deans and Vice Presidents Meeting April 17, 2014.

Affiliated Information Security Collaborative An Affiliated Enterprise Approach to Information Security Deans and Vice Presidents Meeting April 17, 2014.
Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.

Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.
By: Dr. Mohammed Alojail College of Computer Sciences & Information Technology 1.

By: Dr. Mohammed Alojail College of Computer Sciences & Information Technology 1.
Franca R. Jones Senior Policy Analyst Chemical and Biological Countermeasures National Security and International Affairs Remarks for the Interagency Board.

Franca R. Jones Senior Policy Analyst Chemical and Biological Countermeasures National Security and International Affairs Remarks for the Interagency Board.
Social Media Jeevan Kaur, Michael Mai, Jing Jiang.

Social Media Jeevan Kaur, Michael Mai, Jing Jiang.
Information Security Issues at Casinos and eGaming

Information Security Issues at Casinos and eGaming
How STERIS is using Cloud Technology to Protect Web Access Presented By: Ed Pollock, CISSP-ISSMP, CISM CISO STERIS Corporation “Enabling Business”

How STERIS is using Cloud Technology to Protect Web Access Presented By: Ed Pollock, CISSP-ISSMP, CISM CISO STERIS Corporation “Enabling Business”
Credit unions use social media in a variety of ways, including marketing, providing incentives, facilitating applications for new accounts, inviting feedback.

Credit unions use social media in a variety of ways, including marketing, providing incentives, facilitating applications for new accounts, inviting feedback.
Lecture 6: Cloud Computing By D. Najla Al-Nabhan 1.

Lecture 6: Cloud Computing By D. Najla Al-Nabhan 1.
Self-Assessment and Formulation of a National Cyber security/ciip Strategy: culture of security.

Self-Assessment and Formulation of a National Cyber security/ciip Strategy: culture of security.
Managing the Privacy Function at a Large Company Kimberly S. Gray, Esq., CIPP Chief Privacy Officer Highmark Inc.

Managing the Privacy Function at a Large Company Kimberly S. Gray, Esq., CIPP Chief Privacy Officer Highmark Inc.
Establishing A Compliance Program: It Makes Sense

Establishing A Compliance Program: It Makes Sense
Welcome Frank H. Wu Chancellor and Dean, UC Hastings College of Law.

Welcome Frank H. Wu Chancellor and Dean, UC Hastings College of Law.
Risk Management & Legal Issues in Cloud Practice Christopher Dodorico Director, PricewaterhouseCoopers Wednesday, October 10, 2012.

Risk Management & Legal Issues in Cloud Practice Christopher Dodorico Director, PricewaterhouseCoopers Wednesday, October 10, 2012.

Similar presentations

Ads by Google