“INTELLECTUAL PROPERTY PROTECTION IN THE DIGITAL

1 Broadcom Proprietary and Confidential. © 2015 Broadcom Corporation. All rights reserved.

“INTELLECTUAL PROPERTY PROTECTION IN THE DIGITAL COLLABORATIVE ERA” BROADCOM CORPORATION OCTOBER 27, 2015

Geoff Aranoff Chief Information Security Officer


§  Broadcom Background

§  The Nature of Broadcom’s Assets

§  Security Threat Vectors

§  Our Approach to Investing in IP Protection

§  The Surrounding Ecosystem

§  CIO’s Summary Perspective

AGENDA


TECHNOLOGY LEADERSHIP FUELING CUSTOMER EXPANSION TECHNOLOGY LEADERSHIP

Infrastructure & Networking

Group

Broadband & Connectivity

Group

© 2015 Broadcom Corporation. All rights reserved.


COMPETITIVE ADVANTAGES COMPETITIVE ADVANTAGES

Unparalleled Chip Integration

~$2.4B annual investment; ranked #2 by Fortune in R&D intensity

R&D Innovation

~75% of employees in engineering; two employees on the “World’s Most Prolific Inventors” list

World-class Engineering Talent

#2 among fabless semiconductor companies; portfolio breadth

IP Portfolio Strength

Source: IEEE November 2014

StrataXGS® Tomahawk™ SoC; 7B transistors equals one for every person on earth

Source: Google Census 2014 Source: Fortune 2014

Source: Wikipedia 2015


SUSTAINED RECORD OF INTELLECTUAL PROPERTY INNOVATION

70 260 460 820

1,630 2,630

3,490 4,500

5,350 6,800

8,600

10,900

12,900 14,000

2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014

Patent Issued

Total patents issued and pending

~20,650

Issued Patents

Note: patent issued numbers are rounded


THE NATURE OF BROADCOM’S ASSETS


BROADCOM’S ASSET BASE

•  People & Skills •  Chip/Hardware Designs •  Software Functionality

Our assets primarily take the form of: •  Customer Confidence •  Limited Inventory

We are only as successful as our next design win …

Intellectual property in the form of hardware designs and accompanying software

Minimal traditional bricks and mortar

No production facilities and minimal warehousing/distribution

Engineering laboratories and data center compute capacity


GLOBAL COLLABORATION ENABLES WORLD-CLASS PRODUCTS

World’s Most Advanced Ultra-HD STB SoC

Team A §  3D Graphics – Cambridge

Team G

§  Video Processing §  Transport §  Video Encoder §  Video Decoder §  DDR Controller §  SATA3

Team D

§  Component E – Irvine §  Component F – Irvine §  Component G – Irvine §  Component H – Tempe §  Component I – Singapore

Team B §  Gb Ethernet – Irvine

Team E

§  Memory Control §  Audio DSP §  Video Encoder §  Audio I/O

Team F

§  Component J – Irvine

Team C §  Component A - Israel §  Component B - San Jose §  Component C - Vancouver §  Component D - Irvine

28nm, >One Billion Transistors


LEVERAGING IP SHARING TO ENHANCE DESIGN EFFICIENCY LEVERAGING IP SHARING TO ENHANCE DESIGN EFFICIENCY

Collaboration Is Part of the Broadcom Cultural Fabric

PRODUCT LINE 3

PRODUCT LINE 2

PRODUCT LINE 1

EXTERNAL PARTNERS

CENTRAL ENGINEERING

100

80

130

100+

4000+

200 70

35

500+

3000+ 35 130

200+

1500+ 75

3000+

500+

500+

5 OVER 15,000 INSTANCES OF IP SHARING LAST YEAR!!

Broadcom’s IP Exchange Database Tracks all IP Check-Ins and Check-Outs


BROADCOM SECURITY THREAT VECTORS


SECURITY CONCERNS AT BROADCOM Electronic Design Images – Product

Build Files are Rendered 100% in

Software Sensitive Customer

Information and Specifications

Software Development Kits

(SDK’s)

Loss of Proprietary Data

Through Personnel Exits

Contracts and Financial

Information

Physical Access and Property

Security (Prototypes)

Sensitive Employee Data

International Workforce and

Privacy Standards

Security must be “designed-in” to Broadcom products for

marketplace success and brand protection


EVALUATING BROADCOM’S RISK

Over 20,000 Patents and Patents Pending

§  Multiple design teams to build a single IP stack §  No single design flow standard to create intellectual property §  Hardware and software design tools

Engineers Comprise Over 75% of the Global Workforce

§  Wider usage of cloud applications to enable better tools §  Social media is pervasive §  Intellectual property and privacy laws in 25 countries

High Profile Customers in Many Markets

§  Unique security requirements in many cases §  3rd party intellectual property protection §  Sophisticated external and internal adversaries

Market Risk Level

L H M

L H M

L H M

Cloud Security Mobile Devices

Data Governance

Cyber and Insider Threats

010 110 100 001 0101 1011

101011011011

31 Design Centers – Global Engineering §  Custom design for some customers §  Security cannot impact the performance of the engineering design tools §  High risk regions

L H M

Collaboration


THE FACTS ABOUT CYBER

§  Loss of company proprietary and client data through cyber attacks §  Damage to company brand §  Loss of ability to function (Shipping, receiving, financials…) §  Costs of remediation

The number of Cyber incidents increases year over year

§  Most attacks are utilizing variants of known hacking techniques

§  Spear phishing and web links

§  M&A and Partners §  Compromised credential not the

end goal External Cyber incidents account for 92% of all data compromises

§  Almost 80% of reported incidents are traced back to security weaknesses §  Most attacks are not highly complex §  Proper security practices strengthen a company’s defensive position

Most Cyber incidents are opportunistic in nature

§  Financial gain §  Competitive and economic advantage §  Ideology (Hacktivists) §  State sponsored sabotage

Motivations behind attacks vary


ACTIVE THREAT STATISTICS – 2015 YEAR TO DATE

Cyber Attacks: Broadcom is

Attacked Daily

~287 malicious phishing attacks that bypassed

technology phishing controls

~190,000

malicious attempts to communicate

outside of Broadcom’s

network were blocked

Insider Threat: Approximately

8,200 Engineers

Over 71,000 user data transactions

reviewed

Over 437 deep dive reviews

Multiple investigations

conducted

M&A and Partner

Activities

Acquisitions: Ensuring

Broadcom is not compromised by

the acquired company

Divestitures: Protecting valuable IP while separating

divested data

Partners : Do our partners

protect our data as we do?

Control of User IDs

Over 800 roles for all applications

Centralized management and

control


OUR APPROACH TO IP PROTECTION


OK, SO WHAT DO WE DO?

§  Fostering executive awareness and agreement is half the battle –  Transparency is imperative – risks vs. active threats vs. cost of mitigation –  Continue to monitor the environment

§  Develop a strategic plan to address the risks –  Lack of a market solution is not an indication that there is no solution,

consider all possibilities –  Prioritize risks with active threats in the wild –  Tie the progress of the plan to business objectives –  Be mindful that this is a long term, ongoing strategy

§  Participate in industry groups whenever possible

§  Ensure you have a team of security practitioners –  Technologists wear different goggles –  Practitioners are passionate about security


CONSIDER MULTIPLE CYBER INVESTMENT AVENUES

Partnerships •  Advanced

threat intelligence

•  Adversarial tactics

•  Validation of strategies

Team Building •  Experienced

practitioners •  Table top

exercises •  Practice the

plan •  Formal training

Infrastructure •  Internet

access •  Network

segmentation •  Endpoint

management

Tools •  Advanced

detection •  Endpoint

controls •  Blocking •  Cyber

forensics •  Data Loss

Prevention (DLP)

Analysis •  Security

Operations Center (SOC)

•  Log consolidation

•  Baseline normal traffic

•  Data parsers and correlation


INVEST IN CYBER CAPABILITY VERTICALS

Program Pillars

Incident Response

Standard Security

Tools and Processes

Monitoring and Audit

Situational Awareness

Architecture and

Infrastructure

Identity Management

Objective: Establish a comprehensive and sustainable enterprise wide Cyber Security strategy through:

•  Multi-year program

•  Optimizing the interplay of people, processes and technologies

•  Real time threat protection

ü Formal Plans ü Forensics ü Cyber Tools ü Outside Partnerships

ü Patch Management ü Penetration Testing ü Vulnerability Testing ü DMZ Policies

ü Security Operations Center (SOC)

ü Data Correlation ü SOC Processing ü Metrics and Tracking

ü Cross Functional Training ü Phishing Notifications ü Phishing Mailbox ü Executive Support

ü Network Segmentation ü Network Access Control ü Internal Data

Transactions ü IP Identifications ü Asset Identification

ü Centralized Account Management

ü Automated Account Management

ü Identity Controls ü Access Controls


0

1,500,000

3,000,000

4,500,000

6,000,000

7,500,000

9,000,000

10,500,000

12,000,000

13,500,000

15,000,000

2012 2013 2014 2015 2016 2017 2018

DEFINE A REALISTIC CYBER INVESTMENT TIMELINE

Analysis and

Planning

Practice, Mature,

Plan Implement

Phase I

Execute Next Phase

CYBER SOPHISTICATION

LEVELS

$$$$$

$$$$

$$$

$$

$

INVESTMENT DOLLARS


SECURITY VENDOR SOLICITATIONS: JULY 8, 2015

Is One of Your Employees Actually a Spy? Technology Brief: HP(NYSE: HPQ) – Intrusion Prevention Systems 5 Steps to Prepare Your Cyber Attack Communications & Response Plan You're Invited | Investigate Attacks Like Never Before A next-gen firewall can deliver more protection with less effort Video: The True Cost of a Data Breach The Cloud Security Knowledge Center Protect Against a Security Breach with Simple, Smarter Authentication (eGuide)


Example of Phishing Awareness Memo

EMPLOYEE AWARENESS IS VITAL AND ESSENTIALLY FREE


§  Geoff Aranoff, CISO - Veteran of the US Marine Corps, BRCM CISO for 10 years, Chief Privacy Officer for 2 Years, State Department MRPT Certified. Experience working with the US Government

§  Cyber Director - US Naval Reserve Officer with Federal Clearances, MS in Information Security, BS in Computer Science, CISSP, CEH, CISA, and GCIH

§  Cyber Manager - Veteran of the US Army, BS in Computer Information Systems, DOD Clearances. Certified Reverse Engineer (CREA), CEH

§  InfoSec Expert - 20 Years Information Security experience, expertise in Cryptography, BS in Computer Science, BA in Business, CCNP+ Security, CCDA, CEH, and the Cisco-ARCH

§  Forensics Investigator – Orange County Sheriff’s Office Veteran in Homicide, SVU, and Computer Forensics. Managed FBI’s OC Chapter of the Regional Forensics Computer Lab, CFCE, IACIS, EnCE, ACE

§  Forensics Investigator - Orange County Sheriff’s Office Veteran, SVU, and Computer Forensics. FBI’s OC Chapter of the Regional Forensics Computer Lab, CFCE, IACIS, EnCE, ACE, CART

THERE IS NO SUBSTITUTE FOR TALENT


Measuring Success – increased capability should translate to decreased times to detect and contain. A mature program will significantly decrease the systems exposed to attack.

Trends to Track ü  Time to detect ü  Time to contain ü  Types of attacks ü  Numbers of compromised systems ü  Time to remediate ü  Phishing numbers ü  Call backs (C2) blocked ü  Penetration Testing Statistics

HOW DO YOU KNOW IF THE INVESTMENT WORKED?


THE SURROUNDING ECOSYSTEM


INDUSTRY ACTIONS CAN TRIGGER INCREASED CYBER ACTIVITY

Intel (INTC) said it will buy fellow chip maker Altera(ALTR) for $54 a share in an all-cash transaction valued at approximately $16.7 billion that will allow it to expand behind chips for personal computers into chips for smart cars and other newfangled technologies.

- USA TODAY, June 1, 2015

Industry Acquisition Announcements

Press Releases Pertaining to New Technology

A breakthrough in the real-time observation of fuel cell catalyst degradation could lead to a new generation of more efficient and durable fuel cell stacks.

- Autoblog.com, Toyota City, Japan, May 18, 2015

Publication of Contracts and Industry Awards

The export version of General Atomics' Predator drone conducted a 40-hour test flight this week, according to Defense News, marking a record for the company's aircraft.

- Washington Business Journal, February 13, 2015


INDUSTRY ACTIONS CAN TRIGGER INCREASED CYBER ACTIVITY (CON’T)

“T-Mobile USA claims Chinese telecom giant Huawei Technologies stole its software, specifications and other secrets for a cellphone-testing robot nicknamed “Tappy” — and it’s not happy. In a lawsuit filed Sept. 2 in federal court in Seattle, T-Mobile says …”

- The Seattle Times, September 5, 2014

“A month after hackers launched an attack on Sony Pictures, the fallout initially led the Hollywood studio to cancel the release of satirical comedy “The Interview,” which involves a plot to assassinate North Korean leader Kim Jong-un.”

- BBC NEWS, December 29, 2014

Very Visible Legal Actions

High Profile Events and Activities


CAN WE COUNT ON THE GOVERNMENT TO HELP?

The U.S. Government is helpful once you’ve been targeted. The FBI is often a good source of support

Other agencies have specific agendas that primarily focus on Government contractors and their own organizational needs

The U.S. Government is challenged in working with multinational or overseas firms for obvious reasons

Lots of discussion today about facilitating sharing of information, but antitrust laws are complex and tend to work against all of us in most instances

You are still better off working with technically competent firms such as FireEye, Crowdstrike, PwC, Accenture and others to obtain timely support


GOVERNMENT IS SOMETIMES PART OF THE CHALLENGE

The Office of Personnel Management included the findings in a statement Thursday on the investigation into a pair of major hacks believed carried out by China.

"The team has now concluded with high confidence that sensitive information, including the Social Security Numbers (SSNs) of 21.5 million individuals, was stolen from the background investigation databases," the agency said of the second breach, which affected background investigation files.”

- Fox News, July 9, 2015


SUMMARY PERSPECTIVE


ASK YOURSELF: HOW SECURE IS YOUR PERIMETER?


WHAT SHOULD A CIO LOOK FOR AS INDICATORS OF ORGANIZATIONAL SECURITY AWARENESS?

When was the last comprehensive penetration test completed?

Are high quality passwords utilized by the workforce with mandatory password changes?

Are routine and thorough server and network gear software patching cycles pursued?

Complete instrumentation of Internet egress points?

Comprehensive firewall architecture employed?

Intelligent web application design, sans basic vulnerabilities?

Anti-phishing reminders and user awareness campaign?

How thoroughly have company acquisitions been integrated?


ADVANCED CONSIDERATIONS: CYBER AND INSIDER THREAT

There are more advanced markers of organizational success

§  Respected industry partners utilized

§  Well-defined security event escalation process engaged

§  SIEM tools and advanced Cyber detection capabilities employed

§  Proactive SOC operational

§  Mapped business process flows with identified vulnerabilities (ex. supply chain)

§  Thorough understanding of expected traffic patterns versus anomalies

§  Forensic and investigative capabilities available

§  Previous or current security clearances held by some team members


Is Cyber expertise represented on most Boards today?

§  Audit Committee stewardship is generally expected

§  Shareholder activist lawsuits have become common

§  ERM processes expose a full range of possible threat vectors

§  Many historical precedents exist across government and industry

§  A regular, open exchange with company leadership is warranted

§  Company managers can lose their jobs over Cyber events

The CIO / CISO has an obligation to promote Corporate Cyber Governance

BOARD LEVEL EXPOSURE AND EXPECTATIONS


THANK YOU!

Documents

“INTELLECTUAL PROPERTY PROTECTION IN THE DIGITAL