Presentation is loading. Please wait.

Presentation is loading. Please wait.

TruSTAR Sensitive & Proprietary Cloud CISC: Cyber incident exchange and collaboration February, 2016 “We cannot solve problems with the same thinking we.

Published byBryan Lewis Modified over 8 years ago

Similar presentations

Presentation on theme: "TruSTAR Sensitive & Proprietary Cloud CISC: Cyber incident exchange and collaboration February, 2016 “We cannot solve problems with the same thinking we."— Presentation transcript:

1 TruSTAR Sensitive & Proprietary Cloud CISC: Cyber incident exchange and collaboration February, 2016 “We cannot solve problems with the same thinking we used when we created them.” -Albert Einstein

2 TruSTAR Sensitive & Proprietary Our adversaries are winning 2

3 TruSTAR Sensitive & Proprietary ‹#› TruSTAR Sensitive & Proprietary Adversaries share vulnerabilities and exploits 75% of enterprise attacks spread from the first company to the next within 24 hours. -2015 Verizon DBIR Median number of days threats are present on a victims network prior to detection is 205 days. -2015 Verizon DBIR Attacks spread from one company to the next in a matter of hours and remain undetected for months. 4 Attacks are increasingly well coordinated

4 TruSTAR Sensitive & Proprietary ‹#› TruSTAR Sensitive & Proprietary..yet defenders largely work on their own The most valuable information in cybersecurity is data about attacks that have already happened or are in progress. But companies rarely exchange it The most valuable information in cybersecurity is data about attacks that have already happened or are in progress. But companies rarely exchange it 5

5 TruSTAR Sensitive & Proprietary Companies do not share information early or often enough because of key market risk Attribution and business risks slow cyber information sharing across companies. Legal Concerns over disclosing Personally Identifiable Information, IP and discovery. Market Concerns over brand reputation and financial implications of disclosing a breach. Government Concerns over anti-trust violations and/or being seen as in bed with government. "Cyber-criminals are 10 steps ahead of us because they share vulnerability data and exploits and collaborate to carry out malicious acts. We must ask ourselves: why aren’t we doing the same when it comes to our defenses?” -- Richard Clarke, former U.S. National Coordinator for Security, Infrastructure Protection and Counter-terrorism 6

6 TruSTAR Sensitive & Proprietary Enter Uncle Sam…. (Is this really a good thing?)

7 TruSTAR Sensitive & Proprietary U.S. Cybersecurity Act of 2015 7 Enables companies to voluntarily share cyber threat indicators and defensive measures with each other without fear of liability or anti-trust complications

8 TruSTAR Sensitive & Proprietary What does the Act do? Definitions 8

9 TruSTAR Sensitive & Proprietary What does the Act do? Liability Relief 9

10 TruSTAR Sensitive & Proprietary What does the Act do? Anti-trust Exemption 10

11 TruSTAR Sensitive & Proprietary Data you can exchange 11

12 TruSTAR Sensitive & Proprietary Data you can’t exchange The law specifically excludes the sharing of the following types of information from its protections. ☒ Personally Identifiable Information (PII) ☒ Names of Corporate Officers ☒ Email Content (in most cases) 12

13 TruSTAR Sensitive & Proprietary So what can you do starting today? Leverage the Act Begin to exchange data and collaborate 13

14 TruSTAR Sensitive & Proprietary Cloud-CISC: Characteristics of Effective Information Sharing… 14

15 TruSTAR Sensitive & Proprietary Cloud-CISC: Characteristics of Effective Information Sharing… 15

16 TruSTAR Sensitive & Proprietary Quick Demo

17 TruSTAR Sensitive & Proprietary Next Steps Rackspace and others are sharing incident data TODAY. We are accepting new members now. Interested in joining? Contact pcoughlin@trustar.copcoughlin@trustar.co 17

18 TruSTAR Sensitive & Proprietary Thank you! “We cannot solve problems with the same thinking we used when we created them.” -Albert Einstein

Download ppt "TruSTAR Sensitive & Proprietary Cloud CISC: Cyber incident exchange and collaboration February, 2016 “We cannot solve problems with the same thinking we."

Similar presentations

FIA Prague Preparation February 6, 2008. Scenario planning approach We cannot predict the future We cannot predict the future We do understand the drivers.

FIA Prague Preparation February 6, Scenario planning approach We cannot predict the future We cannot predict the future We do understand the drivers.
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
Www.encase.com Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,

Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
Study Results Advanced Persistent Threat Awareness.

Study Results Advanced Persistent Threat Awareness.
BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT
ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:

ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:
Data Security: Steps to Improved Information Security September 22, 2015 Presented by: Alex Henderson General Counsel and Chief Administrative Officer.

Data Security: Steps to Improved Information Security September 22, 2015 Presented by: Alex Henderson General Counsel and Chief Administrative Officer.
Security Innovation & Startup. OPEN THREAT EXCHANGE (OTX): THE HISTORY AND FUTURE OF OPEN THREAT INTELLIGENCE COMMUNITY ALIENVAULT OTX.

Security Innovation & Startup. OPEN THREAT EXCHANGE (OTX): THE HISTORY AND FUTURE OF OPEN THREAT INTELLIGENCE COMMUNITY ALIENVAULT OTX.
Where in the world is your data? Data Breach Analysis Angelbeat Seminar Billy Austin, President iScan Online, Inc.

Where in the world is your data? Data Breach Analysis Angelbeat Seminar Billy Austin, President iScan Online, Inc.
Information Security: It’s Everyone’s Business September 16, 2003 Greg Garcia, Vice President, Information Security ITAA.

Information Security: It’s Everyone’s Business September 16, 2003 Greg Garcia, Vice President, Information Security ITAA.
℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.

℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.
‹#› September 2015 Cloud-CISC Cloud Cyber Incident Information Sharing Center.

‹#› September 2015 Cloud-CISC Cloud Cyber Incident Information Sharing Center.
TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-1 Issues Loss or theft of mobile devices Lack of MDM (mobile device management) software Cloud.

TOP 10 TECHNOLOGY INITIATIVES © Robert G. Parker S-1 Issues Loss or theft of mobile devices Lack of MDM (mobile device management) software Cloud.
Randy Beavers CS 585 – Computer Security February 19, 2009.

Randy Beavers CS 585 – Computer Security February 19, 2009.
Grid Security Vulnerability Group Linda Cornwall, GDB, CERN 7 th September 2005

Grid Security Vulnerability Group Linda Cornwall, GDB, CERN 7 th September 2005
© Cloud Security Alliance, 2015 Jim Reavis CEO, Cloud Security Alliance.

© Cloud Security Alliance, 2015 Jim Reavis CEO, Cloud Security Alliance.
DRAFT 1 Belfast 2015 5 th World Cyber Security Technology Research Summit Suren Gupta Allstate Corporation Executive Vice President Allstate Technology.

DRAFT 1 Belfast th World Cyber Security Technology Research Summit Suren Gupta Allstate Corporation Executive Vice President Allstate Technology.
Strong Security for Your Weak Link: Implementing People-Centric Security Jennifer Cheng, Director of Product Marketing.

Strong Security for Your Weak Link: Implementing People-Centric Security Jennifer Cheng, Director of Product Marketing.

Similar presentations

Ads by Google