Presentation is loading. Please wait.

Presentation is loading. Please wait.

® ® CLS and the CLS Logo are registered trademarks of CLS UK Intermediate Holdings Ltd © 2014 CLS UK Intermediate Holdings Ltd. www.cls-group.com Growing.

Published byRudolf Rudolph Fleming Modified over 9 years ago

Similar presentations

Presentation on theme: "® ® CLS and the CLS Logo are registered trademarks of CLS UK Intermediate Holdings Ltd © 2014 CLS UK Intermediate Holdings Ltd. www.cls-group.com Growing."— Presentation transcript:

1 ® ® CLS and the CLS Logo are registered trademarks of CLS UK Intermediate Holdings Ltd © 2014 CLS UK Intermediate Holdings Ltd. www.cls-group.com Growing Challenges in Cyber Security AIBA Quarterly Meeting September 9, 2014

2 2 » Technology » Actors & Motivations » Regulatory Challenges » Industry Challenges Topics

3 Challenge 1: Technology » Offensive and Defensive security technologies continue to evolve at a blistering pace. » The hot tools of even just 1 or 2 years ago are as dated as your teenager’s favorite band from a year or two ago » Offensive technologies can have a faster deployment cycle than defensive technologies, especially for larger organizations that have a lot of work required for engineering and deployment » Trenches and Machine-guns » Much more investment going in to offensive technology research due to a change in the main threat actors » No private entity has put a man on the moon… » Examples that would have seemed like Hollywood Sci-Fi not so long ago… » Stuxnet » Major Retailers 3

4 Challenge 2: Actors & Motivations » Financial – Retail bank fraud, Treasury Accounts, ID Theft » Crime syndicates » Complex value chain » Combination of low and high tech techniques » Ideological – Denial of Service, Data Theft, Vandalism » Political: “Anonymous”, Izz ad-Din al-Qassam Cyber Fighters, Wikileaks » Personal: Disgruntled employee » Industrial Espionage – Data Theft » Defense technologies » Manufacturing » Strategies » Nation-State Sponsored – Data Theft, Denial of Service » S. Korean Banking Outages » Stuxnet » NASA? » Fun and Games – Vandalism, Data Theft, Data Manipulation » Lulzsec 4

5 Challenge 3: Regulatory Challenges » Regulations continue to evolve as the threats evolve » This means that regulated entities need to ensure that their security strategies and delivery roadmaps satisfy defensive needs AND regulatory requirements » The only way to do this is to include regulatory considerations while creating/refreshing your strategy » How can we do that if the we don’t know what the future regulatory requirements will be? » Don’t we…? » Look to the sources of guidance » NIST cyber-security framework » Industry standards that have been referenced » Remain agile and flexible! 5

6 Challenge 4: Legal Landscape » Evolving case law » Choice Escrow – found responsible for a $400k ATO loss in 2010 » PATCO Construction – Bank found responsible for $580k ATO loss in 2009 » Jurisdictional differences » Example: Breach notifications standards by state CA SB1386 MASS 201CMR17 » International Differences Privacy laws, e.g. UK Data Protection Act » Liability concerns » Questions over offensive operations 6

7 Challenge 5: Industry Challenges » Information sharing » The airline pricing game…you first! » Liability » Reputational risk » Collaboration mechanism » Law Enforcement » How to collaborate » Laying the groundwork ahead of time » Internal » Socializing the role of security internally in your organization » Awareness amongst management & Board » Response preparedness 7

8 8

Download ppt "® ® CLS and the CLS Logo are registered trademarks of CLS UK Intermediate Holdings Ltd © 2014 CLS UK Intermediate Holdings Ltd. www.cls-group.com Growing."

Similar presentations

Cyber Crime and Technology

Cyber Crime and Technology
Driving change in information risk within the financial services industry Subtitle Date.

Driving change in information risk within the financial services industry Subtitle Date.
Mobile Technology & Cyber Threats Promoting E-Commerce in Ghana Ruby Saakor Tetteh Ministry of Trade & Industry, Ghana Sixth Annual African Dialogue Consumer.

Mobile Technology & Cyber Threats Promoting E-Commerce in Ghana Ruby Saakor Tetteh Ministry of Trade & Industry, Ghana Sixth Annual African Dialogue Consumer.
Financial Institutions – Cyber Risk Managing Cyber Risks In An Interconnected World State Compensation Insurance Fund Audit Committee Meeting – February.

Financial Institutions – Cyber Risk Managing Cyber Risks In An Interconnected World State Compensation Insurance Fund Audit Committee Meeting – February.
Presentation overview

Presentation overview
WHY CHOOSE CEO-PE?  We employ International Association of Privacy Professionals (IAPP) Certified and Health Insurance Portability & Accountability Act.

WHY CHOOSE CEO-PE?  We employ International Association of Privacy Professionals (IAPP) Certified and Health Insurance Portability & Accountability Act.
Geneva, Switzerland, 15-16 September 2014 Overview of Kenya’s Cybersecurity Framework Michael K. Katundu Director, Information Technology Communications.

Geneva, Switzerland, September 2014 Overview of Kenya’s Cybersecurity Framework Michael K. Katundu Director, Information Technology Communications.
Draft of June 9, 2015 Cyber Risks in the Boardroom Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing.

Draft of June 9, 2015 Cyber Risks in the Boardroom Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing.
Www.cls-group.com ® CLS and the CLS Logo are registered trademarks of CLS UK Intermediate Holdings Ltd © 2014 CLS UK Intermediate Holdings Ltd. Corporate.

® CLS and the CLS Logo are registered trademarks of CLS UK Intermediate Holdings Ltd © 2014 CLS UK Intermediate Holdings Ltd. Corporate.
Your cybersecurity breach will happen! Here’s what to do to mitigate your risk Thursday, 25 September 2014.

Your cybersecurity breach will happen! Here’s what to do to mitigate your risk Thursday, 25 September 2014.
SWAMI Threats, vulnerabilities & safeguards in a World of Ambient Intelligence David Wright Trilateral Research & Consulting 21 March 2006.

SWAMI Threats, vulnerabilities & safeguards in a World of Ambient Intelligence David Wright Trilateral Research & Consulting 21 March 2006.
90% of EU exports consist of product and services of IPR-intensive industries. Among 269 senior risk managers, 53% said IP loss or theft had inflicted.

90% of EU exports consist of product and services of IPR-intensive industries. Among 269 senior risk managers, 53% said IP loss or theft had inflicted.
“Mitigating Offshoring Risks in a Global Business Environment“

“Mitigating Offshoring Risks in a Global Business Environment“
BITS Proprietary and Confidential © BITS 2003. Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.

BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
© 2014 WESTERN DIGITAL CORP. ALL RIGHTS RESERVED. Company Confidential Legislative & Regulatory Activities Involving Cyber Security Bob Bowen May 2015.

© 2014 WESTERN DIGITAL CORP. ALL RIGHTS RESERVED. Company Confidential Legislative & Regulatory Activities Involving Cyber Security Bob Bowen May 2015.
Protecting Corporate Assets and the Brand in a Digitized, Global Environment July 29, 2013 Stacy-Ann Golding.

Protecting Corporate Assets and the Brand in a Digitized, Global Environment July 29, 2013 Stacy-Ann Golding.
Information Warfare Playgrounds to Battlegrounds.

Information Warfare Playgrounds to Battlegrounds.
Cyber Security Nevada Businesses Overview June, 2014.

Cyber Security Nevada Businesses Overview June, 2014.
1 Jim Devlin Comptroller of the Currency November 5, 2009 Data Breaches in Payments Systems -- Roles and Best Practices for the Public and Private Sector.

1 Jim Devlin Comptroller of the Currency November 5, 2009 Data Breaches in Payments Systems -- Roles and Best Practices for the Public and Private Sector.
Cyber Warfare Situational Awareness & Best Defense Practices Presented by Hasan Yasar 19.11.2013.

Cyber Warfare Situational Awareness & Best Defense Practices Presented by Hasan Yasar

Similar presentations

Ads by Google