This presentation, including any supporting materials, is owned by CIO Council Romania and is for the sole use of the intended CIO Council Romania audience or other authorized recipients. This presentation may contain information that is confidential, proprietary or otherwise legally protected, and it may not be further copied, distributed or publicly displayed without the express written permission of CIO Council Romania.© 2013 CIO Council Romania. All rights reserved.

Security a continuous concern for the CIOs

Yugo Neumorni, EMBA, CISAPresident, CIO Council

IT Director, Vimetco Management

CIO Council

Security = People + Process + Technology

Best practices for security-Assessment / Risk analyze. -Protecting network-Protecting devices-Monitoring

How many of you performed a business impact analyze?

CIO Council

Business impact analyze

Selling cyber security is hard. KPIs and Budgets

The executive should be aware of cyber security.

Policies and Procedures

Security is a culture!

Cyber Security Threats

Why cyber security will remain a key concern

• Widespread use of new platform

• Exploits kits. Increasingly available and easy to use

• Attacks are becoming more sophisticated and have specific targets

Cyber Security History, Threats, & Solutions – 2013 – Scott Wood http://www.youtube.com/watch?v=n25L89E-lfY

Cyber Security Threats – new platform

Why cyber security will remain a key concern

• Mobile devices• Improved functionality of smart phones and tablets• Increased use of BYOD policies in the workplace• Mobile device make for an interesting point of attack• Apps a source of malware

Android Malware Infiltrates Google Play Store, Infects 100K Devices

Cyber Security Threats – new platform

The cloud

A single entry point that can be accessed from almost anywhereThis can be abused in different ways.• Theft and destruction of data• DoS attacks• Hijacking of cloud service traffic and redirecting it to other sources of

malicious content

Cyber Security History, Threats, & Solutions – 2013 – Scott Wood http://www.youtube.com/watch?v=n25L89E-lfY

Cyber Security Threats – new platform

CIO CouncilPhishing sites that obtain your login and password information in order to hijack your account and scam your friends. (FB, TW)

Click-jacking - Concealing hyperlinks beneath legitimate clickable content which, when clicked, causes a user to unknowingly perform actions, such as downloading malware, or sending your ID to a site.

Poison Application

Personal data exposed and passwords loss

Scam

CIO Council

Cyber Security – Targeted attacks

• Higher payoff makes cyber attacks more of an enterprise – Hacktivist : groups of cyber criminals and/or

protestor that target government and corporate websites to bring awareness to their cause

– Cyberwar: US 2003, Letonia 2007, Georgia 2008, Stuxnet Iran 2010

CIO Council

The best practices

• Implement strong Security Policy• Make Sure Network Security and Firewalls Are In Place• Regularly Update Your Network Security Tools• Employee’s Mobile Phone Apps• Establish a Incident Response Crisis Plan• Educate Your Employees

CIO COUNCIL

CIO Council

• Established in 2005 by five members• 80 active members from large organisations• Membership by invitation only • Monthly meetings• “CIO Council National Conference – March 13, • “Cloud Adoption” 2013 study• CIO Government Office initiative• Co-founder of “Alianta Digitala pentru Romania”• Non-profit organization

CIO Council

CIO Council National Conference

• More than 250 participants from 120 companies – 61% CIOs, IT managers, CEOs – 39% CFO, COO, HR managers, IT industry consultants,

vendors, public sector representatives • Sponsor free speeches• 3 panels• 10 hours of elegant experience• Perhaps the most important event in IT Industry in

Romania • www.cioconference.ro

CIO Council

CIO Council National Conference – March 13

www.cioconference.ro

CIO Council

“CIO Council National Conference – March 13CIO Council National Conference – March 13

www.cioconference.ro

CIO Council National Conference - testimonials

“Va felicit pentru organizarea conferintei, subiectele abordate au fost interesante si de actualitate, audienta semnificativa si activa adica intr-un cuvant un frumos succes!” Bogdan Rotunjanu, IT Director, Orange

“Multumesc, in numele echipei Coca-Cola HBC Romania, pentru conferinta excelent organizata si moderata . Subiectele au fost extraordinare si am plecat cu multe lucruri frumoase si interesante invatate aici” Liviu Osman, CIO Council member

“I was really impressed for the organization and the high level of the event, Im really committed to come back in the next conference.” Manel Ballesteros, Director at SII Romania

“Va felicit pentru un eveniment reuşit, plăcut şi extrem de valoros” Bassam Gemayel

"Va felicit pentru evenimentul de ieri. Sincer ! No bla-bla event ! A fost un eveniment de tinuta, un eveniment ‘rotund’, atat in ceea ce va priveste, prezentatori si gazde cat si al celor prezenti in sala. Se vedea si simtea clar ca lumea nu se plictiseste. In drum spre casa ma gandeam de ce mama naibii nu am incercat sa va recrutez la Microsoft pe Yugo, Aurelian, Costi Mares etc.“ Ovidiu Artopolescu

“Nu pot sa nu remarc calitatea si tinuta conferintei de ieri, atat prin alegerea subiectelor cat si calitatea dezbaterilor. Doresc sa felicit atat pe cei care au facut ca acest eveniment sa fie posibil cat si pe toti cei care au participat intr-un numar atat de mare la eveniment. Bravo!” Bogdan Bandila, CIO Council member

“O conferinta excelenta din toate punctele de vedere! Felicitari organizatorilor si colegilor care au sustinut subiectele interesante ale agendei! Sunt onorat de participarea la prima Conferinta Nationala, alaturi de membrii CIO Council Romania!” Dragos Prisacaru, CIO Council member

Cloud Adoption 2013

CIO Council

• Sources:

• Cyber Security History, Threats, & Solutions – 2013 – Scott Wood http://www.youtube.com/watch?v=n25L89E-lfY

• New York Times• http://blogs.cio.com/mobile-security/17227/android-malware-infiltrates-google-play-store-infects-100k-

devices#sthash.1UCQOTn6.dpuf