Upload
claud-fowler
View
219
Download
0
Embed Size (px)
DESCRIPTION
Threat Landscape The costs of cyber crime is rising ($11.5m in 2013, $12.7m in 2014), most costly: Malicious insiders Denial of service Web-based attacks Perimeter defense budget allocation historically highest Now adjusting to threat landscape Complex systems are harder to protect Security intelligence growing People Process Technology
Citation preview
Security: Emerging
Threats & Trends
Danielle Alvarez, CISO
Threat Reality
• Approximately 5 malware events are generated every second
• 60% of attacks compromise organizations within minutes
• 75% of compromises spread externally within 24 hours
• Over 40% of compromises spread externally in less than 1 hour
• Detection is most costly internal activity, followed by recovery
• Detection & Recovery - 53% combined!
Threat Landscape• The costs of cyber crime is rising ($11.5m in 2013, $12.7m in
2014), most costly:• Malicious insiders• Denial of service• Web-based attacks
• Perimeter defense budget allocation historically highest• Now adjusting to threat landscape
• Complex systems are harder to protect• Security intelligence growing
• People • Process • Technology
Top Threat Risks• Health & Safety
• Medical Records• Services Rendered• Breach
• Financial - FRAUD• ACH Transfers• Resource Consumption• Recovery Efforts
• Service Delivery• Health & Human Services• Criminal Justice• Government• Private• Critical Infrastructure
Fina nc ia l I nsura nce Uti liti es Educa ti on
350 575 772
2332
Malware / Week (AVG)
Emerging Threat Concerns• Data Fidelity
• Going Dark
• IoT
• Malvertising
• Security Professional Shortage
Emerging Trends• A strong security posture & governance practices
moderate cyber crime costs• Build it in, don’t bolt it on (SDLC)• Self-Securing Software
• Software App Firewalls• Purpose built code• Code obfuscation (<10% in use)• Be Intelligent• Use intelligence
• Silver thread visibility• Risk-based approach to mitigation• Adaptive & Context-Aware IA&M• People-centric Security• Redefine Endpoint
Questions?
Danielle Alvarez, CISA, MCP, MSA850-412-6050Danielle.Alvarez@ast.myflorida.comAST.MyFlorida.com/CISO.asp@AST_CISO