Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
CYBERSECURITY –The next frontier
Robert E Stroud CGEIT CRISC
VP, Strategy and Innovation CA Technologies
International President, ISACA
@RobertEStroud
August 2014
www.isaca.org/cyber
© 2014 CA. ALL RIGHTS RESERVED.
Robert E Stroud CGEIT CRISCInternational President ISACA
Vice President Strategy & Innovation CA Technologies
Futurist, Author, Public Speaker & Industry GeeK
15 years Banking
Contributor to numerous industry frameworks, standards
and good practices
Former Director itSMF International &
itSMF USA
@RobertEStroud
© 2014 CA. ALL RIGHTS RESERVED.
Please do keep mobile devices on during this session!
@RobertEStroud #LeadIT
Source: http://www.securedgenetworks.com/secure-edge-networks-blog/bid/84023/10-Ways-Mobile-Device-Management-Can-Help-Your-School
© 2014 CA. ALL RIGHTS RESERVED.
ISACA
“Trust in, and value from,
information systems”
– Global association serving 115,000 IT security, assurance, governance and risk professionals
– Established in 1969
– Members in 180 countries
– 200+ chapters
© 2014 CA. ALL RIGHTS RESERVED.
January 12th, 2010 The world changedThe Advanced Persistent Threat
http://www.eweek.com/c/a/Security/Google-China-and-the-Anatomy-of-the-Aurora-
Attack-255807/
http://www.theguardian.com/technology/blog/2010/jan/20/google-china
© 2014 CA. ALL RIGHTS RESERVED.
APT’s are impacting us in many ways
© 2014 CA. ALL RIGHTS RESERVED.
APT’s are accelerating
© 2014 CA. ALL RIGHTS RESERVED.Scource: http://heartbleed.com
Watch the video here on Heartbleed: https://www.youtube.com/watch?v=8oI_laHhGjE
© 2014 CA. ALL RIGHTS RESERVED.
Advanced Persistent Threats?
© 2014 CA. ALL RIGHTS RESERVED.
Evolution of Attacks
© 2014 CA. ALL RIGHTS RESERVED.
The APT Lifecycle
© 2014 CA. ALL RIGHTS RESERVED.
Stages of an APT
© 2014 CA. ALL RIGHTS RESERVED.
How well do security
professionals
understand APTs?
How are they
affecting different
industries and
organizations
throughout the
world?
What is being done
to prevent them?
In Q4 of 2012, ISACA
launched the APT
Awareness Survey
19%
Asia
32%
8%
3%38%Europe / Africa
North America
Latin America
Oceania
© 2014 CA. ALL RIGHTS RESERVED.
42.5% of respondents
were familiar…
28.6%, somewhat
familiar…
And only 25.1% very
familiar about APTs.
Overall, 96.2% were
somewhat familiar with
APTs…
But most importantly:
AWARENESS
of respondents
understood APTs as a
very credible, serious
threat to national security
and economic stability
93.6%
25%
42%
29%
4%
Very Familiar
Familiar
Somewhat Familiar
Not at All Familiar
© 2014 CA. ALL RIGHTS RESERVED.
Although just 21.6%
of respondents
reported having been
victims of an APT
attack
63% – three times
that amount –
believe it’s only a
matter of time before
their business is
targeted.
Suffering with an APT
63%BELIEVE IT’S
ONLY A MATTER
OF TIME BEFORE
THEIR BUSINESS IS TARGETED.
© 2014 CA. ALL RIGHTS RESERVED.
How are
people handling
the threats? Most respondents are
using technology in a
risk based layered
approach to prevent
and combat APTs.
94.9% Anti-Virus / Anti-Malware
92.8% Network Tech (Firewalls, etc.)
71.2% IPS
© 2014 ISACA. All rights reserved
© 2014 CA. ALL RIGHTS RESERVED.
There aren’t enough
precautions being
taken against the threat
of an APT.
Up to 81.8% of survey
takers have not
updated their
agreements with
vendors who provide
protection against APT.
And 67.3% reported
that they haven’t held
any APT awareness
training programs for
their employees.
A Troubling
Lack of
Initiative
Has your enterprise increased
security training as a result of
APTs?
Very Likely
Likely
Not Very likely
Not at All Likely
0% 20% 40% 60% 80%
Yes
No
© 2014 CA. ALL RIGHTS RESERVED.
APTs are serious threats.
We need more consideration
to their consequences.Enterprises must adopt more technology awareness
training, vendor management, incident management
and increased attention from executives.
© 2014 ISACA. All rights reserved
© 2014 CA. ALL RIGHTS RESERVED.
Cybersecurity – more than defense you need “offence”!
Safe harbours will continue to exist
Traditional prevention and detection is not enough you need to move from defensive to offensive
Governments cannot prevent intrusions
Data loss is inevitable
Attacks will continue
Companies often breached for years
New approaches required
Castle Image: http://www.castles.org/Kids_Section/Castle_Story/parts.htm
Image: http://hot1047.com/adrian-peterson-buys-snowmobiles-for-offensive-line/
© 2014 CA. ALL RIGHTS RESERVED.
© 2014 CA. ALL RIGHTS RESERVED.
If you have IP you are a target!
Assume you are breached
Prepare for the inevitable
Start planning
Define your “Win” Delay the ‘Threat’ from reaching its goal
Minimize the loss
Improvise as you go along
Are your approaches outdated? If so
review and revise!
© 2014 CA. ALL RIGHTS RESERVED.
Transitioning to the “new normal”
Build a team
Establish key relationships
Determine Authorities within and
outside organisation
Inventory Existing Technologies
Standardize the Investigation
Process
Training and Governance
Establish & Develop Critical
Capabilities
© 2014 CA. ALL RIGHTS RESERVED.
CYBERSECURITY –The next frontier
Robert E Stroud CGEIT CRISC
VP, Strategy and Innovation CA Technologies
International President, ISACA
@RobertEStroud
August 2014
www.isaca.org/cyber
© 2014 CA. ALL RIGHTS RESERVED.