Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Security: It’s Everyone’s Business September 16, 2003 Greg Garcia, Vice President, Information Security ITAA.

Published byTiffany Barnett Modified over 9 years ago

Similar presentations

Presentation on theme: "Information Security: It’s Everyone’s Business September 16, 2003 Greg Garcia, Vice President, Information Security ITAA."— Presentation transcript:

1 Information Security: It’s Everyone’s Business September 16, 2003 Greg Garcia, Vice President, Information Security ITAA

2 Information Security: It’s Everyone’s Business  About ITAA  National 450+ Member Company Association  Leading Corporate Names in IT  Established in 1961  Leader in Public Policy Advocacy, Business Development, Networking Programs  Capitol Hill and White House Liaisons  200 Member-Driven InfoSec Committee  DC and West Coast Offices

3 Information Security: It’s Everyone’s Business A Brief History of Time – Cyber Attacks Increase Denial of Service Attacks in 2000…. …Spurred implementation of PDD 63 and establishment of sector coordinators (ITAA) More attacks from Anna Kournikova, ILoveYou virus, Code Red, NIMDA Cyber security makes its way onto the nation’s radar (and computer) screens

4 Information Security: It’s Everyone’s Business A Brief History of Time – Government Focuses 2002-03, White House releases National Strategy to Secure Cyberspace with 5 priorities: National Cyberspace Security Response System Threat and Vulnerability Reduction Program Awareness and Training Program Securing Governments’ Cyberspace National Security and International Cyberspace Security Cooperation Included creation of Cyber Security “Czar”, which ITAA began advocating in 1999 Public/Private Partnership is Overriding Theme as 85% of the network is owned and operated by private enterprise

5 Information Security: It’s Everyone’s Business A Brief History of Time – Government Focuses …After Cyber Security leadership left the White House, the National Strategy was in suspended animation without someone in charge to implement it Physical security wasn’t enough; no physical security without cyber security At urgings of ITAA, and many inside government, Homeland Security Department created the National Cyber Security Division within IAIP New NCSD Director, Amit Yoran, will have large job surmounting bureaucratic obstacles, but ITAA committed to helping make it work

6 Information Security: It’s Everyone’s Business A Brief History of Time – NCSD Mission Defined Identify risks and vulnerabilities, and coordinate with the private sector Oversee a consolidated “war room” Cyber Security Tracking, Analysis, & Response Center (CSTARC) for advance warning and incident response coordination with federal, state, local, private sector and international partners; CSTARC absorbed into new “U.S. CERT” announced September 15, 2003 Help build cyber security awareness and education programs and partnerships with consumers, businesses, governments, academia, and international communities.

7 Information Security: It’s Everyone’s Business Costs of Cyber Security Breaches are Real  CERT reports more than 76,000 incidents in the first half of 2003, almost as many as the 82,000 reported in all of 2002  CSI/FBI 2003 report found 75% of respondents with financial losses  $202 million in losses for those reporting  Proprietary information losses over $70 million  Denial of Service losses pegged at $65 million  But still no good national metrics exist for evaluating our readiness and measuring improvement

8 Information Security: It’s Everyone’s Business What We Do About It Information Sharing is Paramount…  within the company: training and awareness; e.g., ITAA I–ACERT Online Awareness Test  Within the industry: ISAC’s  Across industries: Partnership for Critical Infrastructure Protection – (PCIS)  With government and law enforcement: FOIA exemption helps  Internationally: OECD Guidelines

9 Information Security: It’s Everyone’s Business What We Do About It  Private Sector Response Must Adapt and Mobilize  Without action, government mandates will result  CA – Identity Theft Law is a good example  Government is watching private sector leadership and action  Develop infosec metrics and constantly review our progress

10 Information Security: It’s Everyone’s Business What ITAA is Doing About It www.itaa.org/infosec www.itaa.org/infosec  Established Information Security Committee in 1997  PDD 63 Sector Coordinator  “National Strategy to Secure Cyberspace”  “The Long Campaign: Information Assurance in the Age of Cyber Terror”  Information Assurance in the States and Other National and Regional Events  IT Information Sharing and Analysis co-founder and partner, www.it- isac.org  Founding Sponsor, National Cyber Safety Alliance  CyberCitizen -- www.cybercitizenship.orgwww.cybercitizenship.org  Founder and Board Member, PCIS  Created “I-ACERT”, an online information security awareness test – “for the rest of us”  Building a National Information Security Metrics Survey to Determine a Baseline, Measure Progress, and Inform Public Policy and Investment

11 Information Security: It’s Everyone’s Business  What Government Can Do About It  Strengthen Infosec requirements and accountability  Fund and Spend on Infosec in DHS and Elsewhere  Implement National Plan  Defend FOIA Exemption  Implement Safety Act Regulations

12 Information Security: It’s Everyone’s Business  Going Forward …  The Challenges are Many  Industry and Government are Stepping Up, but…  More Can Be Done  Collaboration is Key  Need to solidify the “culture of security”

13 Thank You! To Follow Up… Greg Garcia Vice President, Information Security ITAA 703-284-5357 Ggarcia@itaa.org

Download ppt "Information Security: It’s Everyone’s Business September 16, 2003 Greg Garcia, Vice President, Information Security ITAA."

Similar presentations

National Cyber Security Division (NCSD): Approved Overview Briefing

National Cyber Security Division (NCSD): Approved Overview Briefing
Philippine Cybercrime Efforts

Philippine Cybercrime Efforts
AFCEA DC Cyber Security Symposium Military Joint Cyber Command Panel Harry Raduege Lieutenant General, USAF (Ret) Chairman, Center for Network Innovation.

AFCEA DC Cyber Security Symposium Military Joint Cyber Command Panel Harry Raduege Lieutenant General, USAF (Ret) Chairman, Center for Network Innovation.
Department of Homeland Security Site Assistance Visit (SAV)

Department of Homeland Security Site Assistance Visit (SAV)
Overview of Priorities and Activities: Shared Services Canada Presentation to the Information Technology Infrastructure Roundtable June 17, 2013 Liseanne.

Overview of Priorities and Activities: Shared Services Canada Presentation to the Information Technology Infrastructure Roundtable June 17, 2013 Liseanne.
Kenneth Watson Partnership for Critical Infrastructure Security Partnership for Critical Infrastructure Security.

Kenneth Watson Partnership for Critical Infrastructure Security Partnership for Critical Infrastructure Security.
1 Pipeline Security Presented to: Pipeline Safety Trust New Orleans, Louisiana November 5, 2010.

1 Pipeline Security Presented to: Pipeline Safety Trust New Orleans, Louisiana November 5, 2010.
Private Sector Perspectives on Federal Financial Systems Modernization and Shared Services.

Private Sector Perspectives on Federal Financial Systems Modernization and Shared Services.
1 NGA Regional Bio-Terrorism Conference Boston, Massachusetts January 12-13, 2004.

1 NGA Regional Bio-Terrorism Conference Boston, Massachusetts January 12-13, 2004.
Prepared for: DISA September 17, 2003 Establishing a Government Information Security System Presented to the IT AND COMMUNICATIONS SYSTEMS SECURITY CONFERENCE.

Prepared for: DISA September 17, 2003 Establishing a Government Information Security System Presented to the IT AND COMMUNICATIONS SYSTEMS SECURITY CONFERENCE.
Cyber Security R&D Challenges: A Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D 202-254-5802.

Cyber Security R&D Challenges: A Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
A Cyber Security Company June 16, 2009 Cyber Security: Current Events and White House Cyberspace Policy Review.

A Cyber Security Company June 16, 2009 Cyber Security: Current Events and White House Cyberspace Policy Review.
National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Cybersecurity Brief [Date of presentation]

National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Cybersecurity Brief [Date of presentation]
CIAO.0209 - July 99 - 1 Critical Infrastructure Assurance Office Protecting America’s Cyberspace: Version 1.0 of the National Plan Jeffrey Hunker National.

CIAO July Critical Infrastructure Assurance Office Protecting America’s Cyberspace: Version 1.0 of the National Plan Jeffrey Hunker National.
Greg Shaw 202-994-6736 How do we turn private sector preparedness into an investment rather than a cost of doing.

Greg Shaw How do we turn private sector preparedness into an investment rather than a cost of doing.
SECR 5140-FL Critical Infrastructure Protection Dr. Barry S. Hess Spring 2 Semester Week 3: 1 April 2006.

SECR 5140-FL Critical Infrastructure Protection Dr. Barry S. Hess Spring 2 Semester Week 3: 1 April 2006.
PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.

PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.
June 9, 2003 Updated July 2004 Slide 1 Critical Infrastructure Assurance: The US Experience.

June 9, 2003 Updated July 2004 Slide 1 Critical Infrastructure Assurance: The US Experience.
PREPARE AMERICA for a Unified Response to Terrorism A NATIONAL HOMELAND SECURITY PREPAREDNESS TRAINING SOLUTION OFFERED BY AMERICA’S COMMUNITY COLLEGES.

PREPARE AMERICA for a Unified Response to Terrorism A NATIONAL HOMELAND SECURITY PREPAREDNESS TRAINING SOLUTION OFFERED BY AMERICA’S COMMUNITY COLLEGES.

Similar presentations

Ads by Google